admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-02T16:00:24.186432+00:00

Browse Source
This commit is contained in:
René Helmke 2023-05-02 18:00:27 +02:00
parent 35ea0652b6
commit a238d9cc32
49 changed files with 3275 additions and 235 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
CVE-2022/CVE-2022-338xx/CVE-2022-33891.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-33891",
"sourceIdentifier": "security@apache.org",
"published": "2022-07-18T07:15:07.600",
"lastModified": "2022-10-27T20:46:17.310",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-02T15:15:23.457",
"vulnStatus": "Modified",
"cisaExploitAdd": "2023-03-07",
"cisaActionDue": "2023-03-28",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -44,7 +44,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "security@apache.org",
"type": "Primary",
"description": [
{
@ -54,7 +54,7 @@
]
},
{
"source": "security@apache.org",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
@ -106,6 +106,10 @@
"VDB Entry"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/05/02/1",
"source": "security@apache.org"
},
{
"url": "https://lists.apache.org/thread/p847l3kopoo5bjtmxrcwk21xp6tjxqlc",
"source": "security@apache.org",

59
CVE-2022/CVE-2022-367xx/CVE-2022-36788.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-36788",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-04-20T16:15:07.457",
"lastModified": "2023-04-20T17:18:19.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T15:05:37.250",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:slic3r:libslic3r:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "188C5C50-5D37-4F11-A4C1-541552348BF9"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1593",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

59
CVE-2022/CVE-2022-450xx/CVE-2022-45084.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-45084",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-04-24T15:15:07.627",
"lastModified": "2023-04-24T15:35:56.667",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T15:27:53.933",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +64,43 @@
"value": "CWE-79"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:loginizer:loginizer:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.7.6",
"matchCriteriaId": "3E34699F-0893-43FF-9114-82A3B2F190A9"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/loginizer/wordpress-loginizer-plugin-1-7-5-unauth-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2022/CVE-2022-471xx/CVE-2022-47158.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47158",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-04-24T15:15:07.700",
"lastModified": "2023-04-24T15:35:56.667",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T15:24:50.217",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:alfred24_click_\\&_collect_project:alfred24_click_\\&_collect:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.7",
"matchCriteriaId": "8BF729B8-4725-4B2C-826A-5BD220B09B07"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/alfred-click-collect/wordpress-alfred24-click-collect-plugin-1-1-7-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2022/CVE-2022-475xx/CVE-2022-47598.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47598",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-04-24T15:15:07.773",
"lastModified": "2023-04-24T15:35:56.667",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T15:26:41.773",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp_super_popup_project:wp_super_popup:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.2",
"matchCriteriaId": "11173BD1-1AE2-4872-8A77-3DA137251588"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-super-popup/wordpress-wp-super-popup-plugin-1-1-2-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

282
CVE-2023/CVE-2023-01xx/CVE-2023-0184.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0184",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-04-22T03:15:08.817",
"lastModified": "2023-04-24T13:02:13.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:24:17.237",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +76,256 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "470",
"versionEndExcluding": "470.182.03",
"matchCriteriaId": "9D77307A-16B0-4C98-A8AC-ECBFB2EC434C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "515",
"versionEndExcluding": "515.105.01",
"matchCriteriaId": "2684008A-1AAD-445D-BBC1-7073FDD5442A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "525",
"versionEndExcluding": "525.105.17",
"matchCriteriaId": "D6836303-BA7D-4E65-948B-2BC67CA635F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "530",
"versionEndExcluding": "530.41.03",
"matchCriteriaId": "9C654F1D-85AD-4838-AA0B-D1FAEAC6FF71"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24DE5CC2-3787-4605-8EFA-77590E36E960"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "333646B0-AAD5-4DD7-8940-6334D0A8E77C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "450",
"versionEndExcluding": "450.236.01",
"matchCriteriaId": "7906887A-3589-422F-BCC0-0547DEA150A6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D135086F-CA5E-4242-ACBA-C3AC82F4BE03"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "450",
"versionEndExcluding": "454.14",
"matchCriteriaId": "2E2902D2-633E-4065-ABD5-A7A2CBD9965E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D135086F-CA5E-4242-ACBA-C3AC82F4BE03"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "470",
"versionEndExcluding": "474.30",
"matchCriteriaId": "122A3080-A6A7-4F69-8A11-2247C56E3512"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "515",
"versionEndExcluding": "518.03",
"matchCriteriaId": "ABFB6AEB-975B-488F-B490-7535D1F04075"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "333646B0-AAD5-4DD7-8940-6334D0A8E77C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "525",
"versionEndExcluding": "528.89",
"matchCriteriaId": "0C4C06DD-AF93-4497-8712-D8115842DE59"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "530",
"versionEndExcluding": "531.41",
"matchCriteriaId": "6D446FAB-5082-43E7-A4E0-D35B3E2E3BB2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "470",
"versionEndExcluding": "474.30",
"matchCriteriaId": "122A3080-A6A7-4F69-8A11-2247C56E3512"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "530",
"versionEndExcluding": "531.41",
"matchCriteriaId": "6D446FAB-5082-43E7-A4E0-D35B3E2E3BB2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24DE5CC2-3787-4605-8EFA-77590E36E960"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5452",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

135
CVE-2023/CVE-2023-01xx/CVE-2023-0190.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0190",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-04-22T03:15:08.897",
"lastModified": "2023-04-24T13:02:13.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:24:38.437",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +76,109 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "470",
"versionEndExcluding": "470.182.03",
"matchCriteriaId": "9D77307A-16B0-4C98-A8AC-ECBFB2EC434C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "515",
"versionEndExcluding": "515.105.01",
"matchCriteriaId": "2684008A-1AAD-445D-BBC1-7073FDD5442A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "525",
"versionEndExcluding": "525.105.17",
"matchCriteriaId": "D6836303-BA7D-4E65-948B-2BC67CA635F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "530",
"versionEndExcluding": "530.41.03",
"matchCriteriaId": "9C654F1D-85AD-4838-AA0B-D1FAEAC6FF71"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24DE5CC2-3787-4605-8EFA-77590E36E960"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "333646B0-AAD5-4DD7-8940-6334D0A8E77C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "450",
"versionEndExcluding": "450.236.01",
"matchCriteriaId": "7906887A-3589-422F-BCC0-0547DEA150A6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D135086F-CA5E-4242-ACBA-C3AC82F4BE03"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5452",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

282
CVE-2023/CVE-2023-01xx/CVE-2023-0199.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0199",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-04-22T03:15:08.970",
"lastModified": "2023-04-24T13:02:13.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:25:09.480",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 4.2
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +76,256 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "470",
"versionEndExcluding": "470.182.03",
"matchCriteriaId": "9D77307A-16B0-4C98-A8AC-ECBFB2EC434C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "515",
"versionEndExcluding": "515.105.01",
"matchCriteriaId": "2684008A-1AAD-445D-BBC1-7073FDD5442A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "525",
"versionEndExcluding": "525.105.17",
"matchCriteriaId": "D6836303-BA7D-4E65-948B-2BC67CA635F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "530",
"versionEndExcluding": "530.41.03",
"matchCriteriaId": "9C654F1D-85AD-4838-AA0B-D1FAEAC6FF71"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24DE5CC2-3787-4605-8EFA-77590E36E960"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "333646B0-AAD5-4DD7-8940-6334D0A8E77C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "450",
"versionEndExcluding": "450.236.01",
"matchCriteriaId": "7906887A-3589-422F-BCC0-0547DEA150A6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D135086F-CA5E-4242-ACBA-C3AC82F4BE03"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "450",
"versionEndExcluding": "454.14",
"matchCriteriaId": "2E2902D2-633E-4065-ABD5-A7A2CBD9965E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D135086F-CA5E-4242-ACBA-C3AC82F4BE03"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "470",
"versionEndExcluding": "474.30",
"matchCriteriaId": "122A3080-A6A7-4F69-8A11-2247C56E3512"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "515",
"versionEndExcluding": "518.03",
"matchCriteriaId": "ABFB6AEB-975B-488F-B490-7535D1F04075"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "333646B0-AAD5-4DD7-8940-6334D0A8E77C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "525",
"versionEndExcluding": "528.89",
"matchCriteriaId": "0C4C06DD-AF93-4497-8712-D8115842DE59"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "530",
"versionEndExcluding": "531.41",
"matchCriteriaId": "6D446FAB-5082-43E7-A4E0-D35B3E2E3BB2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "470",
"versionEndExcluding": "474.30",
"matchCriteriaId": "122A3080-A6A7-4F69-8A11-2247C56E3512"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "530",
"versionEndExcluding": "531.41",
"matchCriteriaId": "6D446FAB-5082-43E7-A4E0-D35B3E2E3BB2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24DE5CC2-3787-4605-8EFA-77590E36E960"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5452",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-02xx/CVE-2023-0202.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0202",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-04-22T03:15:09.203",
"lastModified": "2023-04-24T13:02:13.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T15:16:40.460",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +76,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nvidia:dgx_a100_firmware:*:*:*:*:sbios:*:*:*",
"versionEndExcluding": "1.18",
"matchCriteriaId": "186BD1FB-388F-4AB7-AEC1-655093C79F53"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:dgx_a100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8807CB65-5F49-42E8-B5D8-36943418ADB9"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5449",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-02xx/CVE-2023-0206.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0206",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-04-22T03:15:09.443",
"lastModified": "2023-04-24T13:02:13.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T15:04:40.167",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +76,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nvidia:dgx_a100_firmware:*:*:*:*:sbios:*:*:*",
"versionEndExcluding": "1.18",
"matchCriteriaId": "186BD1FB-388F-4AB7-AEC1-655093C79F53"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:dgx_a100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8807CB65-5F49-42E8-B5D8-36943418ADB9"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5449",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-08xx/CVE-2023-0899.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-0899",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-24T19:15:09.033",
"lastModified": "2023-04-25T12:52:57.877",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T15:21:19.640",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does not sanitise and escape a parameter before outputting it back in the Shoutbox, leading to Stored Cross-Site Scripting which could be used against high privilege users such as admins."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp_live_chat_shoutbox_project:wp_live_chat_shoutbox:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.4.2",
"matchCriteriaId": "4CAFA94C-A984-4478-8A3D-E548DF169102"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/e95f925f-118e-4fa1-8e8f-9dc1bc698f12",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-10xx/CVE-2023-1020.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-1020",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-24T19:15:09.103",
"lastModified": "2023-04-25T12:52:57.877",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T15:18:13.427",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp_live_chat_shoutbox_project:wp_live_chat_shoutbox:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.4.2",
"matchCriteriaId": "4CAFA94C-A984-4478-8A3D-E548DF169102"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/4e5aa9a3-65a0-47d6-bc26-a2fb6cb073ff",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-11xx/CVE-2023-1126.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-1126",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-24T19:15:09.180",
"lastModified": "2023-04-25T12:52:57.877",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:55:35.673",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The WP FEvents Book WordPress plugin through 0.46 does not sanitise and escape some parameters, which could allow any authenticated users, such as subscriber to perform Cross-Site Scripting attacks"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp_fevents_book_project:wp_fevents_book:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.46",
"matchCriteriaId": "3FAA7F63-57AD-4DDB-8547-8F5656AEB2E6"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/87ce3c59-b234-47bf-abca-e690b53bbe82",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-11xx/CVE-2023-1129.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-1129",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-24T19:15:09.267",
"lastModified": "2023-04-25T12:52:57.877",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:55:20.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The WP FEvents Book WordPress plugin through 0.46 does not ensures that bookings to be updated belong to the user making the request, allowing any authenticated user to book, add notes, or cancel booking on behalf of other users."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp_fevents_book_project:wp_fevents_book:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.46",
"matchCriteriaId": "3FAA7F63-57AD-4DDB-8547-8F5656AEB2E6"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/d40479de-fb04-41b8-9fb0-41b9eefbd8af",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-14xx/CVE-2023-1420.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-1420",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-24T19:15:09.487",
"lastModified": "2023-04-25T12:52:57.877",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:52:38.237",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Ajax Search Lite WordPress plugin before 4.11.1, Ajax Search Pro WordPress plugin before 4.26.2 does not sanitise and escape a parameter before outputting it back in a response of an AJAX action, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ajax_search_project:ajax_search:*:*:*:*:lite:wordpress:*:*",
"versionEndExcluding": "4.11.1",
"matchCriteriaId": "C1EC9E83-5D02-4720-AD12-AD7BCE6F9F9A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ajax_search_project:ajax_search:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "4.26.2",
"matchCriteriaId": "87EE2C87-BD59-4699-A6C7-3E0FA82B5B94"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/a9a54ee5-2b80-4f55-894c-1047030eea7f",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-14xx/CVE-2023-1435.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-1435",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-24T19:15:09.560",
"lastModified": "2023-04-25T12:52:57.877",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:51:05.643",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Ajax Search Pro WordPress plugin before 4.26.2 does not sanitise and escape various parameters before outputting them back in pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ajax_search_project:ajax_search:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "4.26.2",
"matchCriteriaId": "87EE2C87-BD59-4699-A6C7-3E0FA82B5B94"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/0ca62908-4ef5-41e0-9223-f77ad2c333d7",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-22xx/CVE-2023-2209.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2209",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-21T09:15:07.837",
"lastModified": "2023-04-24T13:02:28.070",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:33:57.820",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:coffee_shop_pos_system_project:coffee_shop_pos_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F4D1D90-B3B0-4E6B-9B75-C6A2C6FF6909"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/E1CHO/cve_hub/blob/main/Coffee%20Shop%20POS%20System/Coffee%20Shop%20POS%20System%20-%20vuln%201.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.226974",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.226974",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

72
CVE-2023/CVE-2023-22xx/CVE-2023-2211.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2211",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-21T09:15:08.050",
"lastModified": "2023-04-24T13:02:28.070",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T15:18:57.077",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -61,7 +83,7 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -69,20 +91,58 @@
"value": "CWE-89"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:coffee_shop_pos_system_project:coffee_shop_pos_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F4D1D90-B3B0-4E6B-9B75-C6A2C6FF6909"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/E1CHO/cve_hub/blob/main/Coffee%20Shop%20POS%20System/Coffee%20Shop%20POS%20System%20-%20vuln%203.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.226976",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.226976",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-22xx/CVE-2023-2212.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2212",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-21T10:15:07.610",
"lastModified": "2023-04-24T13:02:28.070",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T15:23:35.120",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:coffee_shop_pos_system_project:coffee_shop_pos_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F4D1D90-B3B0-4E6B-9B75-C6A2C6FF6909"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/E1CHO/cve_hub/blob/main/Coffee%20Shop%20POS%20System/Coffee%20Shop%20POS%20System%20-%20vuln%204.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.226977",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.226977",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-22xx/CVE-2023-2213.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2213",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-21T10:15:07.687",
"lastModified": "2023-04-24T13:02:28.070",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T15:26:32.377",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:coffee_shop_pos_system_project:coffee_shop_pos_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F4D1D90-B3B0-4E6B-9B75-C6A2C6FF6909"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/E1CHO/cve_hub/blob/main/Coffee%20Shop%20POS%20System/Coffee%20Shop%20POS%20System%20-%20vuln%205.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.226978",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.226978",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

60
CVE-2023/CVE-2023-22xx/CVE-2023-2214.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2214",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-21T10:15:07.740",
"lastModified": "2023-04-24T13:02:28.070",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T15:47:02.633",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:coffee_shop_pos_system_project:coffee_shop_pos_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F4D1D90-B3B0-4E6B-9B75-C6A2C6FF6909"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/E1CHO/cve_hub/blob/main/Coffee%20Shop%20POS%20System/Coffee%20Shop%20POS%20System%20-%20vuln%206.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.226979",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.226979",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-238xx/CVE-2023-23892.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23892",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-04-24T14:15:07.723",
"lastModified": "2023-04-24T15:35:56.667",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T15:24:12.240",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:m_chart_project:m_chart:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.10.0",
"matchCriteriaId": "DF575D13-628C-4C96-8D09-C0FD6E37114C"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/m-chart/wordpress-m-chart-plugin-1-9-4-auth-stored-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-24xx/CVE-2023-2445.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-2445",
"sourceIdentifier": "security@devolutions.net",
"published": "2023-05-02T14:15:09.207",
"lastModified": "2023-05-02T14:15:09.207",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper access control in Subscriptions Folder path filter in Devolutions Server 2023.1.1 and earlier allows attackers with administrator privileges to retrieve usage information on folders in user vaults via a specific folder name."
}
],
"metrics": {},
"references": [
{
"url": "https://devolutions.net/security/advisories/DEVO-2023-0013/",
"source": "security@devolutions.net"
}
]
}

92
CVE-2023/CVE-2023-24xx/CVE-2023-2476.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2023-2476",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-02T14:15:09.273",
"lastModified": "2023-05-02T14:15:09.273",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Dromara J2eeFAST up to 2.6.0. It has been classified as problematic. Affected is an unknown function of the component Announcement Handler. The manipulation of the argument ????/???? leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 7a9e1a00e3329fdc0ae05f7a8257cce77037134d. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-227868."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://gitee.com/dromara/J2EEFAST/commit/7a9e1a00e3329fdc0ae05f7a8257cce77037134d",
"source": "cna@vuldb.com"
},
{
"url": "https://gitee.com/dromara/J2EEFAST/issues/I6W380",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.227868",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.227868",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-24xx/CVE-2023-2477.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2477",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-02T14:15:09.353",
"lastModified": "2023-05-02T14:15:09.353",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Funadmin up to 3.2.3. It has been declared as problematic. Affected by this vulnerability is the function tagLoad of the file Cx.php. The manipulation of the argument file leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-227869 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://gitee.com/funadmin/funadmin/issues/I6W2YL",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.227869",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.227869",
"source": "cna@vuldb.com"
}
]
}

59
CVE-2023/CVE-2023-24xx/CVE-2023-2479.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-2479",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-02T15:15:23.760",
"lastModified": "2023-05-02T15:15:23.760",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "OS Command Injection in GitHub repository appium/appium-desktop prior to v1.22.3-4."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://github.com/appium/appium-desktop/commit/12a988aa08b9822e97056a09486c9bebb3aad8fe",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.dev/bounties/fbdeec3c-d197-4a68-a547-7f93fb9594b4",
"source": "security@huntr.dev"
}
]
}

74
CVE-2023/CVE-2023-255xx/CVE-2023-25510.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25510",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-04-22T03:15:10.413",
"lastModified": "2023-04-24T13:01:54.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:19:39.090",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +76,48 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:cuda_toolkit:*:*:*:*:*:*:*:*",
"versionEndExcluding": "12.1.1",
"matchCriteriaId": "BF2583F9-0D2C-4CA2-BEAE-C8BF6B6AB0EC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5456",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-255xx/CVE-2023-25511.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25511",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-04-22T03:15:10.550",
"lastModified": "2023-04-24T13:01:54.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:33:25.917",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-369"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +76,48 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:cuda_toolkit:*:*:*:*:*:*:*:*",
"versionEndExcluding": "12.1.1",
"matchCriteriaId": "BF2583F9-0D2C-4CA2-BEAE-C8BF6B6AB0EC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5456",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-255xx/CVE-2023-25512.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25512",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-04-22T03:15:10.647",
"lastModified": "2023-04-24T13:01:54.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:35:30.717",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 4.7
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +76,48 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:cuda_toolkit:*:*:*:*:*:*:*:*",
"versionEndExcluding": "12.1.0",
"matchCriteriaId": "8C27D9F5-10BC-42E9-BA7D-3F4DE2845C55"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5456",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-255xx/CVE-2023-25513.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25513",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-04-22T03:15:10.720",
"lastModified": "2023-04-24T13:01:54.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:57:52.180",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 4.7
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +76,48 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:cuda_toolkit:*:*:*:*:*:*:*:*",
"versionEndExcluding": "12.0.1",
"matchCriteriaId": "6E87B6DC-602A-4E44-B30B-854E8D8C2971"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5456",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

13
CVE-2023/CVE-2023-268xx/CVE-2023-26812.json
View File

@ -2,19 +2,14 @@
"id": "CVE-2023-26812",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T20:15:13.930",
"lastModified": "2023-04-28T22:22:40.580",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:15:09.063",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "Command execution vulnerability in the ActionEnter Class ins jfinal CMS version 5.1.0 allows attackers to execute arbitrary code via a created json file to the ueditor route."
"value": "** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-26813. Reason: This record is a reservation duplicate of CVE-2023-26813. Notes: All CVE users should reference CVE-2023-26813 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/jflyfox/jfinal_cms/issues/54",
"source": "cve@mitre.org"
}
]
"references": []
}

24
CVE-2023/CVE-2023-298xx/CVE-2023-29856.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-29856",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-02T15:15:23.697",
"lastModified": "2023-05-02T15:15:23.697",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-868L Hardware version A1, firmware version 1.12 is vulnerable to Buffer Overflow. The vulnerability is in scandir.sgi binary."
}
],
"metrics": {},
"references": [
{
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10325",
"source": "cve@mitre.org"
},
{
"url": "https://www.dlink.com/en/security-bulletin/",
"source": "cve@mitre.org"
}
]
}

76
CVE-2023/CVE-2023-299xx/CVE-2023-29907.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-29907",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-21T15:15:07.310",
"lastModified": "2023-04-24T13:02:23.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:10:44.453",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the Edit_BasicSSID_5G interface at /goform/aspForm."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_r200_firmware:r200v100r004:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F8C573-14D9-4500-B579-A9E2304E907F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:h3c:magic_r200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A10ECE46-86C7-480C-BBA5-FA7A00286A40"
}
]
}
]
}
],
"references": [
{
"url": "https://hackmd.io/@0dayResearch/rk-6aRRyn",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-299xx/CVE-2023-29908.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-29908",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-21T15:15:07.353",
"lastModified": "2023-04-24T13:02:23.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:11:37.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the SetMobileAPInfoById interface at /goform/aspForm."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_r200_firmware:r200v100r004:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F8C573-14D9-4500-B579-A9E2304E907F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:h3c:magic_r200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A10ECE46-86C7-480C-BBA5-FA7A00286A40"
}
]
}
]
}
],
"references": [
{
"url": "https://hackmd.io/@0dayResearch/Ski-S20J2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-299xx/CVE-2023-29909.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-29909",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-21T15:15:07.403",
"lastModified": "2023-04-24T13:02:23.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:12:31.197",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the AddWlanMacList interface at /goform/aspForm."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_r200_firmware:r200v100r004:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F8C573-14D9-4500-B579-A9E2304E907F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:h3c:magic_r200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A10ECE46-86C7-480C-BBA5-FA7A00286A40"
}
]
}
]
}
],
"references": [
{
"url": "https://hackmd.io/@0dayResearch/r1FC0AAy2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-299xx/CVE-2023-29910.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-29910",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-21T15:15:07.453",
"lastModified": "2023-04-24T13:02:23.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:13:13.533",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the UpdateMacClone interface at /goform/aspForm."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_r200_firmware:r200v100r004:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F8C573-14D9-4500-B579-A9E2304E907F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:h3c:magic_r200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A10ECE46-86C7-480C-BBA5-FA7A00286A40"
}
]
}
]
}
],
"references": [
{
"url": "https://hackmd.io/@0dayResearch/S1aGs1Jl2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-299xx/CVE-2023-29911.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-29911",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-21T15:15:07.500",
"lastModified": "2023-04-24T13:02:19.050",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:13:39.450",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the AddMacList interface at /goform/aspForm."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_r200_firmware:r200v100r004:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F8C573-14D9-4500-B579-A9E2304E907F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:h3c:magic_r200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A10ECE46-86C7-480C-BBA5-FA7A00286A40"
}
]
}
]
}
],
"references": [
{
"url": "https://hackmd.io/@0dayResearch/SyTaRoCJn",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-299xx/CVE-2023-29912.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-29912",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-21T15:15:07.547",
"lastModified": "2023-04-24T13:02:19.050",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:13:59.997",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R200 R200V100R004 was discovered to contain a stack overflow via the DelvsList interface at /goform/aspForm."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_r200_firmware:r200v100r004:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F8C573-14D9-4500-B579-A9E2304E907F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:h3c:magic_r200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A10ECE46-86C7-480C-BBA5-FA7A00286A40"
}
]
}
]
}
],
"references": [
{
"url": "https://hackmd.io/@0dayResearch/S1TusiR1n",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-299xx/CVE-2023-29913.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-29913",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-21T15:15:07.593",
"lastModified": "2023-04-24T13:02:19.050",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:14:13.937",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the SetAPWifiorLedInfoById interface at /goform/aspForm."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_r200_firmware:r200v100r004:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F8C573-14D9-4500-B579-A9E2304E907F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:h3c:magic_r200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A10ECE46-86C7-480C-BBA5-FA7A00286A40"
}
]
}
]
}
],
"references": [
{
"url": "https://hackmd.io/@0dayResearch/HyvnMn013",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-299xx/CVE-2023-29914.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-29914",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-21T15:15:07.643",
"lastModified": "2023-04-24T13:02:19.050",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:15:09.597",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_r200_firmware:r200v100r004:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F8C573-14D9-4500-B579-A9E2304E907F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:h3c:magic_r200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A10ECE46-86C7-480C-BBA5-FA7A00286A40"
}
]
}
]
}
],
"references": [
{
"url": "https://hackmd.io/@0dayResearch/H1Cn2sAk3",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-299xx/CVE-2023-29915.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-29915",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-21T15:15:07.687",
"lastModified": "2023-04-24T13:02:19.050",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:15:34.940",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via CMD parameter at /goform/aspForm."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_r200_firmware:r200v100r004:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F8C573-14D9-4500-B579-A9E2304E907F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:h3c:magic_r200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A10ECE46-86C7-480C-BBA5-FA7A00286A40"
}
]
}
]
}
],
"references": [
{
"url": "https://hackmd.io/@0dayResearch/HJBc2lyl2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-299xx/CVE-2023-29916.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-29916",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-21T15:15:07.730",
"lastModified": "2023-04-24T13:02:19.050",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:15:59.907",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the UpdateWanParams interface at /goform/aspForm."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_r200_firmware:r200v100r004:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F8C573-14D9-4500-B579-A9E2304E907F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:h3c:magic_r200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A10ECE46-86C7-480C-BBA5-FA7A00286A40"
}
]
}
]
}
],
"references": [
{
"url": "https://hackmd.io/@0dayResearch/rkpbC1Jgh",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-299xx/CVE-2023-29917.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-29917",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-21T15:15:07.777",
"lastModified": "2023-04-24T13:02:19.050",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:16:12.623",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via go parameter at /goform/aspForm."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_r200_firmware:r200v100r004:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F8C573-14D9-4500-B579-A9E2304E907F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:h3c:magic_r200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A10ECE46-86C7-480C-BBA5-FA7A00286A40"
}
]
}
]
}
],
"references": [
{
"url": "https://hackmd.io/@0dayResearch/rJJzEg1e3",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

13
CVE-2023/CVE-2023-301xx/CVE-2023-30183.json
View File

@ -2,19 +2,14 @@
"id": "CVE-2023-30183",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T14:15:11.117",
"lastModified": "2023-04-28T17:06:22.820",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:15:09.557",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "Wangmarket CMS v4.10 was discovered to contain a SQL injection vulnerability via the component /plugin/dataDictionary/tableView.do?tableName=."
"value": "** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-30349. Reason: This record is a reservation duplicate of CVE-2023-30349. Notes: All CVE users should reference CVE-2023-30349 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/xnx3/wangmarket/issues/7",
"source": "cve@mitre.org"
}
]
"references": []
}

74
CVE-2023/CVE-2023-304xx/CVE-2023-30458.json
View File

@ -2,27 +2,89 @@
"id": "CVE-2023-30458",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-24T08:15:07.107",
"lastModified": "2023-04-24T13:01:43.960",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:10:32.133",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A username enumeration issue was discovered in Medicine Tracker System 1.0. The login functionality allows a malicious user to guess a valid username due to a different response time from invalid usernames. When one enters a valid username, the response time increases depending on the length of the supplied password."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:medicine_tracker_system_project:medicine_tracker_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "313F1413-ACA3-49E9-9315-856D212D7DB5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/d34dun1c02n/CVE-2023-30458",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.sourcecodester.com/download-code?nid=16308&title=Medicine+Tracker+System+in+PHP+%28OOP%29+and+MySQL+DB+Source+Code+Free+Download",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.sourcecodester.com/php/16308/medicine-tracker-system-php-oop-and-mysql-db-source-code-free-download.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

65
CVE-2023/CVE-2023-310xx/CVE-2023-31084.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31084",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-24T06:15:07.997",
"lastModified": "2023-04-24T13:01:43.960",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:17:32.120",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(&fepriv->sem) is called. However, wait_event_interruptible would put the process to sleep, and down(&fepriv->sem) may block the process."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6FAA415-53CF-4007-875A-9045AD1A540F"
}
]
}
]
}
],
"references": [
{
"url": "https://lore.kernel.org/all/CA+UBctCu7fXn4q41O_3=id1+OdyQ85tZY1x+TkT-6OVBL6KAUw@mail.gmail.com/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-310xx/CVE-2023-31085.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31085",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-24T06:15:08.093",
"lastModified": "2023-04-24T13:01:43.960",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-02T14:11:02.420",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-369"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6FAA415-53CF-4007-875A-9045AD1A540F"
}
]
}
]
}
],
"references": [
{
"url": "https://lore.kernel.org/all/687864524.118195.1681799447034.JavaMail.zimbra@nod.at/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-320xx/CVE-2023-32007.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32007",
"sourceIdentifier": "security@apache.org",
"published": "2023-05-02T09:15:10.207",
"lastModified": "2023-05-02T12:56:12.940",
"lastModified": "2023-05-02T15:15:23.837",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -24,6 +24,10 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/05/02/1",
"source": "security@apache.org"
},
{
"url": "https://lists.apache.org/thread/poxgnxhhnzz735kr1wos366l5vdbb0nv",
"source": "security@apache.org"

112
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-02T14:00:24.246120+00:00
2023-05-02T16:00:24.186432+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-02T13:58:32.890000+00:00
2023-05-02T15:47:02.633000+00:00
```
### Last Data Feed Release
@ -29,75 +29,67 @@ Download and Changelog: [Click](releases/latest)
### Total Number of included CVEs
```plain
213920
213925
```
### CVEs added in the last Commit
Recently added CVEs: `5`
* [CVE-2023-23723](CVE-2023/CVE-2023-237xx/CVE-2023-23723.json) (`2023-05-02T12:15:22.430`)
* [CVE-2023-2473](CVE-2023/CVE-2023-24xx/CVE-2023-2473.json) (`2023-05-02T13:15:25.090`)
* [CVE-2023-2474](CVE-2023/CVE-2023-24xx/CVE-2023-2474.json) (`2023-05-02T13:15:25.197`)
* [CVE-2023-2475](CVE-2023/CVE-2023-24xx/CVE-2023-2475.json) (`2023-05-02T13:15:25.287`)
* [CVE-2023-29772](CVE-2023/CVE-2023-297xx/CVE-2023-29772.json) (`2023-05-02T13:15:24.957`)
* [CVE-2023-2445](CVE-2023/CVE-2023-24xx/CVE-2023-2445.json) (`2023-05-02T14:15:09.207`)
* [CVE-2023-2476](CVE-2023/CVE-2023-24xx/CVE-2023-2476.json) (`2023-05-02T14:15:09.273`)
* [CVE-2023-2477](CVE-2023/CVE-2023-24xx/CVE-2023-2477.json) (`2023-05-02T14:15:09.353`)
* [CVE-2023-2479](CVE-2023/CVE-2023-24xx/CVE-2023-2479.json) (`2023-05-02T15:15:23.760`)
* [CVE-2023-29856](CVE-2023/CVE-2023-298xx/CVE-2023-29856.json) (`2023-05-02T15:15:23.697`)
### CVEs modified in the last Commit
Recently modified CVEs: `51`
Recently modified CVEs: `43`
* [CVE-2013-10026](CVE-2013/CVE-2013-100xx/CVE-2013-10026.json) (`2023-05-02T12:56:18.213`)
* [CVE-2014-125100](CVE-2014/CVE-2014-1251xx/CVE-2014-125100.json) (`2023-05-02T12:56:18.213`)
* [CVE-2022-25713](CVE-2022/CVE-2022-257xx/CVE-2022-25713.json) (`2023-05-02T12:56:18.213`)
* [CVE-2022-33273](CVE-2022/CVE-2022-332xx/CVE-2022-33273.json) (`2023-05-02T12:56:18.213`)
* [CVE-2022-33281](CVE-2022/CVE-2022-332xx/CVE-2022-33281.json) (`2023-05-02T12:56:18.213`)
* [CVE-2022-33292](CVE-2022/CVE-2022-332xx/CVE-2022-33292.json) (`2023-05-02T12:56:18.213`)
* [CVE-2022-33304](CVE-2022/CVE-2022-333xx/CVE-2022-33304.json) (`2023-05-02T12:56:18.213`)
* [CVE-2022-33305](CVE-2022/CVE-2022-333xx/CVE-2022-33305.json) (`2023-05-02T12:56:18.213`)
* [CVE-2022-34144](CVE-2022/CVE-2022-341xx/CVE-2022-34144.json) (`2023-05-02T12:56:18.213`)
* [CVE-2022-35898](CVE-2022/CVE-2022-358xx/CVE-2022-35898.json) (`2023-05-02T12:56:26.420`)
* [CVE-2022-40504](CVE-2022/CVE-2022-405xx/CVE-2022-40504.json) (`2023-05-02T12:56:18.213`)
* [CVE-2022-40505](CVE-2022/CVE-2022-405xx/CVE-2022-40505.json) (`2023-05-02T12:56:18.213`)
* [CVE-2022-40508](CVE-2022/CVE-2022-405xx/CVE-2022-40508.json) (`2023-05-02T12:56:18.213`)
* [CVE-2022-48482](CVE-2022/CVE-2022-484xx/CVE-2022-48482.json) (`2023-05-02T12:56:18.213`)
* [CVE-2022-48483](CVE-2022/CVE-2022-484xx/CVE-2022-48483.json) (`2023-05-02T12:56:18.213`)
* [CVE-2023-0203](CVE-2023/CVE-2023-02xx/CVE-2023-0203.json) (`2023-05-02T13:53:49.337`)
* [CVE-2023-0204](CVE-2023/CVE-2023-02xx/CVE-2023-0204.json) (`2023-05-02T13:56:56.390`)
* [CVE-2023-0205](CVE-2023/CVE-2023-02xx/CVE-2023-0205.json) (`2023-05-02T13:58:32.890`)
* [CVE-2023-0891](CVE-2023/CVE-2023-08xx/CVE-2023-0891.json) (`2023-05-02T12:56:18.213`)
* [CVE-2023-0924](CVE-2023/CVE-2023-09xx/CVE-2023-0924.json) (`2023-05-02T12:56:18.213`)
* [CVE-2023-1021](CVE-2023/CVE-2023-10xx/CVE-2023-1021.json) (`2023-05-02T12:56:12.940`)
* [CVE-2023-1090](CVE-2023/CVE-2023-10xx/CVE-2023-1090.json) (`2023-05-02T12:56:12.940`)
* [CVE-2023-1125](CVE-2023/CVE-2023-11xx/CVE-2023-1125.json) (`2023-05-02T12:56:12.940`)
* [CVE-2023-1196](CVE-2023/CVE-2023-11xx/CVE-2023-1196.json) (`2023-05-02T12:56:12.940`)
* [CVE-2023-1525](CVE-2023/CVE-2023-15xx/CVE-2023-1525.json) (`2023-05-02T12:56:12.940`)
* [CVE-2023-1546](CVE-2023/CVE-2023-15xx/CVE-2023-1546.json) (`2023-05-02T12:56:12.940`)
* [CVE-2023-1554](CVE-2023/CVE-2023-15xx/CVE-2023-1554.json) (`2023-05-02T12:56:12.940`)
* [CVE-2023-1614](CVE-2023/CVE-2023-16xx/CVE-2023-1614.json) (`2023-05-02T12:56:12.940`)
* [CVE-2023-1669](CVE-2023/CVE-2023-16xx/CVE-2023-1669.json) (`2023-05-02T12:56:12.940`)
* [CVE-2023-1730](CVE-2023/CVE-2023-17xx/CVE-2023-1730.json) (`2023-05-02T12:56:12.940`)
* [CVE-2023-1804](CVE-2023/CVE-2023-18xx/CVE-2023-1804.json) (`2023-05-02T12:56:12.940`)
* [CVE-2023-1805](CVE-2023/CVE-2023-18xx/CVE-2023-1805.json) (`2023-05-02T12:56:12.940`)
* [CVE-2023-1809](CVE-2023/CVE-2023-18xx/CVE-2023-1809.json) (`2023-05-02T12:56:12.940`)
* [CVE-2023-1861](CVE-2023/CVE-2023-18xx/CVE-2023-1861.json) (`2023-05-02T12:56:12.940`)
* [CVE-2023-1911](CVE-2023/CVE-2023-19xx/CVE-2023-1911.json) (`2023-05-02T12:56:12.940`)
* [CVE-2023-2000](CVE-2023/CVE-2023-20xx/CVE-2023-2000.json) (`2023-05-02T12:56:12.940`)
* [CVE-2023-21642](CVE-2023/CVE-2023-216xx/CVE-2023-21642.json) (`2023-05-02T12:56:18.213`)
* [CVE-2023-21665](CVE-2023/CVE-2023-216xx/CVE-2023-21665.json) (`2023-05-02T12:56:18.213`)
* [CVE-2023-21666](CVE-2023/CVE-2023-216xx/CVE-2023-21666.json) (`2023-05-02T12:56:18.213`)
* [CVE-2023-2197](CVE-2023/CVE-2023-21xx/CVE-2023-2197.json) (`2023-05-02T12:56:26.420`)
* [CVE-2023-2210](CVE-2023/CVE-2023-22xx/CVE-2023-2210.json) (`2023-05-02T13:36:03.597`)
* [CVE-2023-2247](CVE-2023/CVE-2023-22xx/CVE-2023-2247.json) (`2023-05-02T12:56:18.213`)
* [CVE-2023-26987](CVE-2023/CVE-2023-269xx/CVE-2023-26987.json) (`2023-05-02T12:56:26.420`)
* [CVE-2023-27035](CVE-2023/CVE-2023-270xx/CVE-2023-27035.json) (`2023-05-02T12:56:26.420`)
* [CVE-2023-27108](CVE-2023/CVE-2023-271xx/CVE-2023-27108.json) (`2023-05-02T12:56:26.420`)
* [CVE-2023-29680](CVE-2023/CVE-2023-296xx/CVE-2023-29680.json) (`2023-05-02T12:56:26.420`)
* [CVE-2023-29681](CVE-2023/CVE-2023-296xx/CVE-2023-29681.json) (`2023-05-02T12:56:26.420`)
* [CVE-2023-30639](CVE-2023/CVE-2023-306xx/CVE-2023-30639.json) (`2023-05-02T12:56:26.420`)
* [CVE-2023-30869](CVE-2023/CVE-2023-308xx/CVE-2023-30869.json) (`2023-05-02T12:56:12.940`)
* [CVE-2023-31207](CVE-2023/CVE-2023-312xx/CVE-2023-31207.json) (`2023-05-02T12:56:12.940`)
* [CVE-2023-32007](CVE-2023/CVE-2023-320xx/CVE-2023-32007.json) (`2023-05-02T12:56:12.940`)
* [CVE-2022-33891](CVE-2022/CVE-2022-338xx/CVE-2022-33891.json) (`2023-05-02T15:15:23.457`)
* [CVE-2022-36788](CVE-2022/CVE-2022-367xx/CVE-2022-36788.json) (`2023-05-02T15:05:37.250`)
* [CVE-2022-45084](CVE-2022/CVE-2022-450xx/CVE-2022-45084.json) (`2023-05-02T15:27:53.933`)
* [CVE-2022-47158](CVE-2022/CVE-2022-471xx/CVE-2022-47158.json) (`2023-05-02T15:24:50.217`)
* [CVE-2022-47598](CVE-2022/CVE-2022-475xx/CVE-2022-47598.json) (`2023-05-02T15:26:41.773`)
* [CVE-2023-0184](CVE-2023/CVE-2023-01xx/CVE-2023-0184.json) (`2023-05-02T14:24:17.237`)
* [CVE-2023-0190](CVE-2023/CVE-2023-01xx/CVE-2023-0190.json) (`2023-05-02T14:24:38.437`)
* [CVE-2023-0199](CVE-2023/CVE-2023-01xx/CVE-2023-0199.json) (`2023-05-02T14:25:09.480`)
* [CVE-2023-0202](CVE-2023/CVE-2023-02xx/CVE-2023-0202.json) (`2023-05-02T15:16:40.460`)
* [CVE-2023-0206](CVE-2023/CVE-2023-02xx/CVE-2023-0206.json) (`2023-05-02T15:04:40.167`)
* [CVE-2023-0899](CVE-2023/CVE-2023-08xx/CVE-2023-0899.json) (`2023-05-02T15:21:19.640`)
* [CVE-2023-1020](CVE-2023/CVE-2023-10xx/CVE-2023-1020.json) (`2023-05-02T15:18:13.427`)
* [CVE-2023-1126](CVE-2023/CVE-2023-11xx/CVE-2023-1126.json) (`2023-05-02T14:55:35.673`)
* [CVE-2023-1129](CVE-2023/CVE-2023-11xx/CVE-2023-1129.json) (`2023-05-02T14:55:20.087`)
* [CVE-2023-1420](CVE-2023/CVE-2023-14xx/CVE-2023-1420.json) (`2023-05-02T14:52:38.237`)
* [CVE-2023-1435](CVE-2023/CVE-2023-14xx/CVE-2023-1435.json) (`2023-05-02T14:51:05.643`)
* [CVE-2023-2209](CVE-2023/CVE-2023-22xx/CVE-2023-2209.json) (`2023-05-02T14:33:57.820`)
* [CVE-2023-2211](CVE-2023/CVE-2023-22xx/CVE-2023-2211.json) (`2023-05-02T15:18:57.077`)
* [CVE-2023-2212](CVE-2023/CVE-2023-22xx/CVE-2023-2212.json) (`2023-05-02T15:23:35.120`)
* [CVE-2023-2213](CVE-2023/CVE-2023-22xx/CVE-2023-2213.json) (`2023-05-02T15:26:32.377`)
* [CVE-2023-2214](CVE-2023/CVE-2023-22xx/CVE-2023-2214.json) (`2023-05-02T15:47:02.633`)
* [CVE-2023-23892](CVE-2023/CVE-2023-238xx/CVE-2023-23892.json) (`2023-05-02T15:24:12.240`)
* [CVE-2023-25510](CVE-2023/CVE-2023-255xx/CVE-2023-25510.json) (`2023-05-02T14:19:39.090`)
* [CVE-2023-25511](CVE-2023/CVE-2023-255xx/CVE-2023-25511.json) (`2023-05-02T14:33:25.917`)
* [CVE-2023-25512](CVE-2023/CVE-2023-255xx/CVE-2023-25512.json) (`2023-05-02T14:35:30.717`)
* [CVE-2023-25513](CVE-2023/CVE-2023-255xx/CVE-2023-25513.json) (`2023-05-02T14:57:52.180`)
* [CVE-2023-26812](CVE-2023/CVE-2023-268xx/CVE-2023-26812.json) (`2023-05-02T14:15:09.063`)
* [CVE-2023-29907](CVE-2023/CVE-2023-299xx/CVE-2023-29907.json) (`2023-05-02T14:10:44.453`)
* [CVE-2023-29908](CVE-2023/CVE-2023-299xx/CVE-2023-29908.json) (`2023-05-02T14:11:37.147`)
* [CVE-2023-29909](CVE-2023/CVE-2023-299xx/CVE-2023-29909.json) (`2023-05-02T14:12:31.197`)
* [CVE-2023-29910](CVE-2023/CVE-2023-299xx/CVE-2023-29910.json) (`2023-05-02T14:13:13.533`)
* [CVE-2023-29911](CVE-2023/CVE-2023-299xx/CVE-2023-29911.json) (`2023-05-02T14:13:39.450`)
* [CVE-2023-29912](CVE-2023/CVE-2023-299xx/CVE-2023-29912.json) (`2023-05-02T14:13:59.997`)
* [CVE-2023-29913](CVE-2023/CVE-2023-299xx/CVE-2023-29913.json) (`2023-05-02T14:14:13.937`)
* [CVE-2023-29914](CVE-2023/CVE-2023-299xx/CVE-2023-29914.json) (`2023-05-02T14:15:09.597`)
* [CVE-2023-29915](CVE-2023/CVE-2023-299xx/CVE-2023-29915.json) (`2023-05-02T14:15:34.940`)
* [CVE-2023-29916](CVE-2023/CVE-2023-299xx/CVE-2023-29916.json) (`2023-05-02T14:15:59.907`)
* [CVE-2023-29917](CVE-2023/CVE-2023-299xx/CVE-2023-29917.json) (`2023-05-02T14:16:12.623`)
* [CVE-2023-30183](CVE-2023/CVE-2023-301xx/CVE-2023-30183.json) (`2023-05-02T14:15:09.557`)
* [CVE-2023-30458](CVE-2023/CVE-2023-304xx/CVE-2023-30458.json) (`2023-05-02T14:10:32.133`)
* [CVE-2023-31084](CVE-2023/CVE-2023-310xx/CVE-2023-31084.json) (`2023-05-02T14:17:32.120`)
* [CVE-2023-31085](CVE-2023/CVE-2023-310xx/CVE-2023-31085.json) (`2023-05-02T14:11:02.420`)
* [CVE-2023-32007](CVE-2023/CVE-2023-320xx/CVE-2023-32007.json) (`2023-05-02T15:15:23.837`)
## Download and Usage