From a24715143f9e5ca35dac415cdaf4ff1d077a1fe7 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 27 Jun 2023 16:00:30 +0000 Subject: [PATCH] Auto-Update: 2023-06-27T16:00:27.568906+00:00 --- CVE-2017/CVE-2017-49xx/CVE-2017-4947.json | 6 +- CVE-2021/CVE-2021-302xx/CVE-2021-30203.json | 20 +++ CVE-2021/CVE-2021-302xx/CVE-2021-30205.json | 20 +++ CVE-2021/CVE-2021-374xx/CVE-2021-37404.json | 10 +- CVE-2021/CVE-2021-450xx/CVE-2021-45046.json | 26 ++-- CVE-2022/CVE-2022-09xx/CVE-2022-0902.json | 6 +- CVE-2022/CVE-2022-10xx/CVE-2022-1016.json | 12 +- CVE-2022/CVE-2022-10xx/CVE-2022-1025.json | 26 ++-- CVE-2022/CVE-2022-12xx/CVE-2022-1245.json | 4 +- CVE-2022/CVE-2022-13xx/CVE-2022-1323.json | 14 ++- CVE-2022/CVE-2022-13xx/CVE-2022-1373.json | 14 ++- CVE-2022/CVE-2022-15xx/CVE-2022-1572.json | 18 ++- CVE-2022/CVE-2022-15xx/CVE-2022-1574.json | 18 ++- CVE-2022/CVE-2022-16xx/CVE-2022-1656.json | 14 ++- CVE-2022/CVE-2022-17xx/CVE-2022-1720.json | 9 +- CVE-2022/CVE-2022-17xx/CVE-2022-1778.json | 4 +- CVE-2022/CVE-2022-17xx/CVE-2022-1794.json | 14 ++- CVE-2022/CVE-2022-19xx/CVE-2022-1922.json | 4 +- CVE-2022/CVE-2022-19xx/CVE-2022-1923.json | 4 +- CVE-2022/CVE-2022-19xx/CVE-2022-1924.json | 4 +- CVE-2022/CVE-2022-19xx/CVE-2022-1925.json | 6 +- CVE-2022/CVE-2022-19xx/CVE-2022-1941.json | 38 +++++- CVE-2022/CVE-2022-19xx/CVE-2022-1974.json | 4 +- CVE-2022/CVE-2022-20xx/CVE-2022-2023.json | 2 +- CVE-2022/CVE-2022-20xx/CVE-2022-2034.json | 14 ++- CVE-2022/CVE-2022-234xx/CVE-2022-23488.json | 4 +- CVE-2022/CVE-2022-235xx/CVE-2022-23509.json | 4 +- CVE-2022/CVE-2022-235xx/CVE-2022-23523.json | 4 +- CVE-2022/CVE-2022-40xx/CVE-2022-4024.json | 18 ++- CVE-2022/CVE-2022-411xx/CVE-2022-41158.json | 4 +- CVE-2022/CVE-2022-411xx/CVE-2022-41167.json | 18 ++- CVE-2022/CVE-2022-411xx/CVE-2022-41172.json | 18 ++- CVE-2022/CVE-2022-411xx/CVE-2022-41175.json | 6 +- CVE-2022/CVE-2022-411xx/CVE-2022-41177.json | 18 ++- CVE-2022/CVE-2022-411xx/CVE-2022-41179.json | 18 ++- CVE-2022/CVE-2022-411xx/CVE-2022-41180.json | 18 ++- CVE-2022/CVE-2022-411xx/CVE-2022-41184.json | 18 ++- CVE-2022/CVE-2022-411xx/CVE-2022-41185.json | 18 ++- CVE-2022/CVE-2022-411xx/CVE-2022-41186.json | 18 ++- CVE-2022/CVE-2022-411xx/CVE-2022-41187.json | 6 +- CVE-2022/CVE-2022-411xx/CVE-2022-41189.json | 18 ++- CVE-2022/CVE-2022-411xx/CVE-2022-41190.json | 18 ++- CVE-2022/CVE-2022-411xx/CVE-2022-41191.json | 18 ++- CVE-2022/CVE-2022-411xx/CVE-2022-41193.json | 18 ++- CVE-2022/CVE-2022-411xx/CVE-2022-41195.json | 18 ++- CVE-2022/CVE-2022-411xx/CVE-2022-41196.json | 18 ++- CVE-2022/CVE-2022-411xx/CVE-2022-41198.json | 18 ++- CVE-2022/CVE-2022-411xx/CVE-2022-41199.json | 18 ++- CVE-2022/CVE-2022-412xx/CVE-2022-41200.json | 18 ++- CVE-2022/CVE-2022-412xx/CVE-2022-41201.json | 6 +- CVE-2022/CVE-2022-412xx/CVE-2022-41202.json | 6 +- CVE-2022/CVE-2022-412xx/CVE-2022-41211.json | 6 +- CVE-2022/CVE-2022-412xx/CVE-2022-41230.json | 14 ++- CVE-2022/CVE-2022-412xx/CVE-2022-41255.json | 14 ++- CVE-2022/CVE-2022-417xx/CVE-2022-41716.json | 4 +- CVE-2022/CVE-2022-418xx/CVE-2022-41858.json | 128 +++++++++++++++++++- CVE-2022/CVE-2022-418xx/CVE-2022-41877.json | 10 +- CVE-2022/CVE-2022-419xx/CVE-2022-41902.json | 14 ++- CVE-2022/CVE-2022-419xx/CVE-2022-41918.json | 4 +- CVE-2022/CVE-2022-419xx/CVE-2022-41924.json | 4 +- CVE-2022/CVE-2022-419xx/CVE-2022-41934.json | 14 ++- CVE-2022/CVE-2022-419xx/CVE-2022-41945.json | 10 +- CVE-2022/CVE-2022-419xx/CVE-2022-41966.json | 14 ++- CVE-2022/CVE-2022-41xx/CVE-2022-4102.json | 6 +- CVE-2022/CVE-2022-41xx/CVE-2022-4103.json | 18 ++- CVE-2022/CVE-2022-41xx/CVE-2022-4115.json | 32 +++++ CVE-2022/CVE-2022-41xx/CVE-2022-4123.json | 14 ++- CVE-2022/CVE-2022-41xx/CVE-2022-4124.json | 18 ++- CVE-2022/CVE-2022-423xx/CVE-2022-42377.json | 4 +- CVE-2022/CVE-2022-42xx/CVE-2022-4223.json | 14 ++- CVE-2022/CVE-2022-468xx/CVE-2022-46850.json | 47 ++++++- CVE-2023/CVE-2023-05xx/CVE-2023-0588.json | 32 +++++ CVE-2023/CVE-2023-08xx/CVE-2023-0873.json | 32 +++++ CVE-2023/CVE-2023-11xx/CVE-2023-1166.json | 32 +++++ CVE-2023/CVE-2023-18xx/CVE-2023-1891.json | 32 +++++ CVE-2023/CVE-2023-20xx/CVE-2023-2032.json | 32 +++++ CVE-2023/CVE-2023-20xx/CVE-2023-2068.json | 32 +++++ CVE-2023/CVE-2023-21xx/CVE-2023-2178.json | 32 +++++ CVE-2023/CVE-2023-23xx/CVE-2023-2326.json | 32 +++++ CVE-2023/CVE-2023-24xx/CVE-2023-2482.json | 32 +++++ CVE-2023/CVE-2023-25xx/CVE-2023-2580.json | 32 +++++ CVE-2023/CVE-2023-25xx/CVE-2023-2592.json | 32 +++++ CVE-2023/CVE-2023-26xx/CVE-2023-2601.json | 36 ++++++ CVE-2023/CVE-2023-26xx/CVE-2023-2605.json | 32 +++++ CVE-2023/CVE-2023-26xx/CVE-2023-2623.json | 32 +++++ CVE-2023/CVE-2023-26xx/CVE-2023-2624.json | 32 +++++ CVE-2023/CVE-2023-26xx/CVE-2023-2627.json | 36 ++++++ CVE-2023/CVE-2023-26xx/CVE-2023-2628.json | 32 +++++ CVE-2023/CVE-2023-27xx/CVE-2023-2711.json | 32 +++++ CVE-2023/CVE-2023-27xx/CVE-2023-2743.json | 32 +++++ CVE-2023/CVE-2023-27xx/CVE-2023-2744.json | 32 +++++ CVE-2023/CVE-2023-27xx/CVE-2023-2795.json | 32 +++++ CVE-2023/CVE-2023-28xx/CVE-2023-2818.json | 55 +++++++++ CVE-2023/CVE-2023-28xx/CVE-2023-2842.json | 32 +++++ CVE-2023/CVE-2023-28xx/CVE-2023-2877.json | 32 +++++ CVE-2023/CVE-2023-29xx/CVE-2023-2996.json | 36 ++++++ CVE-2023/CVE-2023-344xx/CVE-2023-34453.json | 63 +++++++++- CVE-2023/CVE-2023-346xx/CVE-2023-34613.json | 65 +++++++++- CVE-2023/CVE-2023-346xx/CVE-2023-34614.json | 65 +++++++++- CVE-2023/CVE-2023-346xx/CVE-2023-34615.json | 66 +++++++++- CVE-2023/CVE-2023-346xx/CVE-2023-34616.json | 66 +++++++++- CVE-2023/CVE-2023-346xx/CVE-2023-34620.json | 66 +++++++++- CVE-2023/CVE-2023-346xx/CVE-2023-34623.json | 66 +++++++++- CVE-2023/CVE-2023-34xx/CVE-2023-3405.json | 55 +++++++++ CVE-2023/CVE-2023-34xx/CVE-2023-3431.json | 59 +++++++++ CVE-2023/CVE-2023-34xx/CVE-2023-3432.json | 59 +++++++++ CVE-2023/CVE-2023-358xx/CVE-2023-35844.json | 80 ++++++++++-- CVE-2023/CVE-2023-358xx/CVE-2023-35878.json | 59 ++++++++- CVE-2023/CVE-2023-358xx/CVE-2023-35882.json | 59 ++++++++- CVE-2023/CVE-2023-359xx/CVE-2023-35998.json | 55 +++++++++ CVE-2023/CVE-2023-360xx/CVE-2023-36000.json | 55 +++++++++ CVE-2023/CVE-2023-360xx/CVE-2023-36002.json | 55 +++++++++ README.md | 87 ++++++++----- 113 files changed, 2719 insertions(+), 260 deletions(-) create mode 100644 CVE-2021/CVE-2021-302xx/CVE-2021-30203.json create mode 100644 CVE-2021/CVE-2021-302xx/CVE-2021-30205.json create mode 100644 CVE-2022/CVE-2022-41xx/CVE-2022-4115.json create mode 100644 CVE-2023/CVE-2023-05xx/CVE-2023-0588.json create mode 100644 CVE-2023/CVE-2023-08xx/CVE-2023-0873.json create mode 100644 CVE-2023/CVE-2023-11xx/CVE-2023-1166.json create mode 100644 CVE-2023/CVE-2023-18xx/CVE-2023-1891.json create mode 100644 CVE-2023/CVE-2023-20xx/CVE-2023-2032.json create mode 100644 CVE-2023/CVE-2023-20xx/CVE-2023-2068.json create mode 100644 CVE-2023/CVE-2023-21xx/CVE-2023-2178.json create mode 100644 CVE-2023/CVE-2023-23xx/CVE-2023-2326.json create mode 100644 CVE-2023/CVE-2023-24xx/CVE-2023-2482.json create mode 100644 CVE-2023/CVE-2023-25xx/CVE-2023-2580.json create mode 100644 CVE-2023/CVE-2023-25xx/CVE-2023-2592.json create mode 100644 CVE-2023/CVE-2023-26xx/CVE-2023-2601.json create mode 100644 CVE-2023/CVE-2023-26xx/CVE-2023-2605.json create mode 100644 CVE-2023/CVE-2023-26xx/CVE-2023-2623.json create mode 100644 CVE-2023/CVE-2023-26xx/CVE-2023-2624.json create mode 100644 CVE-2023/CVE-2023-26xx/CVE-2023-2627.json create mode 100644 CVE-2023/CVE-2023-26xx/CVE-2023-2628.json create mode 100644 CVE-2023/CVE-2023-27xx/CVE-2023-2711.json create mode 100644 CVE-2023/CVE-2023-27xx/CVE-2023-2743.json create mode 100644 CVE-2023/CVE-2023-27xx/CVE-2023-2744.json create mode 100644 CVE-2023/CVE-2023-27xx/CVE-2023-2795.json create mode 100644 CVE-2023/CVE-2023-28xx/CVE-2023-2818.json create mode 100644 CVE-2023/CVE-2023-28xx/CVE-2023-2842.json create mode 100644 CVE-2023/CVE-2023-28xx/CVE-2023-2877.json create mode 100644 CVE-2023/CVE-2023-29xx/CVE-2023-2996.json create mode 100644 CVE-2023/CVE-2023-34xx/CVE-2023-3405.json create mode 100644 CVE-2023/CVE-2023-34xx/CVE-2023-3431.json create mode 100644 CVE-2023/CVE-2023-34xx/CVE-2023-3432.json create mode 100644 CVE-2023/CVE-2023-359xx/CVE-2023-35998.json create mode 100644 CVE-2023/CVE-2023-360xx/CVE-2023-36000.json create mode 100644 CVE-2023/CVE-2023-360xx/CVE-2023-36002.json diff --git a/CVE-2017/CVE-2017-49xx/CVE-2017-4947.json b/CVE-2017/CVE-2017-49xx/CVE-2017-4947.json index 9523492627d..bce74e3baee 100644 --- a/CVE-2017/CVE-2017-49xx/CVE-2017-4947.json +++ b/CVE-2017/CVE-2017-49xx/CVE-2017-4947.json @@ -2,12 +2,12 @@ "id": "CVE-2017-4947", "sourceIdentifier": "security@vmware.com", "published": "2018-01-29T16:29:00.730", - "lastModified": "2018-02-27T18:38:23.130", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-27T15:15:09.240", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "VMware Realize Automation (7.3 and 7.2) and vSphere Integrated Containers (1.x before 1.3) contain a deserialization vulnerability via Xenon. Successful exploitation of this issue may allow remote attackers to execute arbitrary code on the appliance." + "value": "VMware vRealize Automation (7.3 and 7.2) and vSphere Integrated Containers (1.x before 1.3) contain a deserialization vulnerability via Xenon. Successful exploitation of this issue may allow remote attackers to execute arbitrary code on the appliance.\n\n" }, { "lang": "es", diff --git a/CVE-2021/CVE-2021-302xx/CVE-2021-30203.json b/CVE-2021/CVE-2021-302xx/CVE-2021-30203.json new file mode 100644 index 00000000000..f9bf598fd98 --- /dev/null +++ b/CVE-2021/CVE-2021-302xx/CVE-2021-30203.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2021-30203", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-27T14:15:09.667", + "lastModified": "2023-06-27T14:15:09.667", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A reflected cross-site scripting (XSS) vulnerability in the zero parameter of dzzoffice 2.02.1_SC_UTF8 allows attackers to execute arbitrary web scripts or HTML." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/zyx0814/dzzoffice/issues/183", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-302xx/CVE-2021-30205.json b/CVE-2021/CVE-2021-302xx/CVE-2021-30205.json new file mode 100644 index 00000000000..5c038277595 --- /dev/null +++ b/CVE-2021/CVE-2021-302xx/CVE-2021-30205.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2021-30205", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-27T14:15:09.737", + "lastModified": "2023-06-27T14:15:09.737", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Incorrect access control in the component /index.php?mod=system&op=orgtree of dzzoffice 2.02.1_SC_UTF8 allows unauthenticated attackers to browse departments and usernames." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/zyx0814/dzzoffice/issues/184", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-374xx/CVE-2021-37404.json b/CVE-2021/CVE-2021-374xx/CVE-2021-37404.json index 8598d891178..c2323686f8b 100644 --- a/CVE-2021/CVE-2021-374xx/CVE-2021-37404.json +++ b/CVE-2021/CVE-2021-374xx/CVE-2021-37404.json @@ -2,8 +2,8 @@ "id": "CVE-2021-37404", "sourceIdentifier": "security@apache.org", "published": "2022-06-13T07:15:08.327", - "lastModified": "2023-06-26T17:58:44.603", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-27T15:15:09.823", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -65,7 +65,7 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "security@apache.org", "type": "Primary", "description": [ { @@ -75,12 +75,12 @@ ] }, { - "source": "security@apache.org", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-131" + "value": "CWE-787" } ] } diff --git a/CVE-2021/CVE-2021-450xx/CVE-2021-45046.json b/CVE-2021/CVE-2021-450xx/CVE-2021-45046.json index 5abab79dcb6..3bfa906a9fd 100644 --- a/CVE-2021/CVE-2021-450xx/CVE-2021-45046.json +++ b/CVE-2021/CVE-2021-450xx/CVE-2021-45046.json @@ -2,8 +2,8 @@ "id": "CVE-2021-45046", "sourceIdentifier": "security@apache.org", "published": "2021-12-14T19:15:07.733", - "lastModified": "2023-06-26T19:04:30.537", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-27T14:15:09.800", + "vulnStatus": "Modified", "cisaExploitAdd": "2023-05-01", "cisaActionDue": "2023-05-22", "cisaRequiredAction": "Apply updates per vendor instructions.", @@ -69,7 +69,7 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "security@apache.org", "type": "Primary", "description": [ { @@ -79,12 +79,12 @@ ] }, { - "source": "security@apache.org", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-502" + "value": "CWE-917" } ] } @@ -817,20 +817,12 @@ ] }, { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/", - "source": "security@apache.org", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/", + "source": "security@apache.org" }, { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/", - "source": "security@apache.org", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/", + "source": "security@apache.org" }, { "url": "https://logging.apache.org/log4j/2.x/security.html", diff --git a/CVE-2022/CVE-2022-09xx/CVE-2022-0902.json b/CVE-2022/CVE-2022-09xx/CVE-2022-0902.json index fdca25ab4be..4941d955128 100644 --- a/CVE-2022/CVE-2022-09xx/CVE-2022-0902.json +++ b/CVE-2022/CVE-2022-09xx/CVE-2022-0902.json @@ -2,7 +2,7 @@ "id": "CVE-2022-0902", "sourceIdentifier": "cybersecurity@ch.abb.com", "published": "2022-07-21T16:15:08.610", - "lastModified": "2022-07-28T18:56:05.750", + "lastModified": "2023-06-27T15:50:28.677", "vulnStatus": "Analyzed", "descriptions": [ { @@ -66,10 +66,6 @@ { "lang": "en", "value": "CWE-22" - }, - { - "lang": "en", - "value": "CWE-77" } ] }, diff --git a/CVE-2022/CVE-2022-10xx/CVE-2022-1016.json b/CVE-2022/CVE-2022-10xx/CVE-2022-1016.json index c9431d92f0e..be2390af298 100644 --- a/CVE-2022/CVE-2022-10xx/CVE-2022-1016.json +++ b/CVE-2022/CVE-2022-10xx/CVE-2022-1016.json @@ -2,8 +2,8 @@ "id": "CVE-2022-1016", "sourceIdentifier": "secalert@redhat.com", "published": "2022-08-29T15:15:10.143", - "lastModified": "2023-02-12T22:15:22.407", - "vulnStatus": "Modified", + "lastModified": "2023-06-27T15:47:56.347", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -40,22 +40,22 @@ }, "weaknesses": [ { - "source": "secalert@redhat.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-824" + "value": "CWE-909" } ] }, { - "source": "nvd@nist.gov", + "source": "secalert@redhat.com", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-416" + "value": "CWE-824" } ] } diff --git a/CVE-2022/CVE-2022-10xx/CVE-2022-1025.json b/CVE-2022/CVE-2022-10xx/CVE-2022-1025.json index 8d52e63248e..f0f20050856 100644 --- a/CVE-2022/CVE-2022-10xx/CVE-2022-1025.json +++ b/CVE-2022/CVE-2022-10xx/CVE-2022-1025.json @@ -2,8 +2,8 @@ "id": "CVE-2022-1025", "sourceIdentifier": "secalert@redhat.com", "published": "2022-07-12T21:15:09.277", - "lastModified": "2023-02-12T22:15:22.517", - "vulnStatus": "Modified", + "lastModified": "2023-06-27T15:54:30.907", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -65,8 +65,18 @@ }, "weaknesses": [ { - "source": "secalert@redhat.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, + { + "source": "secalert@redhat.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -77,16 +87,6 @@ "value": "CWE-284" } ] - }, - { - "source": "nvd@nist.gov", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-863" - } - ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-12xx/CVE-2022-1245.json b/CVE-2022/CVE-2022-12xx/CVE-2022-1245.json index 7f33b9c4f01..ac962482c79 100644 --- a/CVE-2022/CVE-2022-12xx/CVE-2022-1245.json +++ b/CVE-2022/CVE-2022-12xx/CVE-2022-1245.json @@ -2,7 +2,7 @@ "id": "CVE-2022-1245", "sourceIdentifier": "secalert@redhat.com", "published": "2022-07-08T00:15:07.937", - "lastModified": "2022-07-15T17:10:42.960", + "lastModified": "2023-06-27T15:57:06.270", "vulnStatus": "Analyzed", "descriptions": [ { @@ -70,7 +70,7 @@ "description": [ { "lang": "en", - "value": "CWE-862" + "value": "CWE-639" } ] }, diff --git a/CVE-2022/CVE-2022-13xx/CVE-2022-1323.json b/CVE-2022/CVE-2022-13xx/CVE-2022-1323.json index f66cecc52fc..29ef4c5cd59 100644 --- a/CVE-2022/CVE-2022-13xx/CVE-2022-1323.json +++ b/CVE-2022/CVE-2022-13xx/CVE-2022-1323.json @@ -2,7 +2,7 @@ "id": "CVE-2022-1323", "sourceIdentifier": "contact@wpscan.com", "published": "2022-08-08T14:15:08.457", - "lastModified": "2022-08-12T15:33:33.917", + "lastModified": "2023-06-27T15:50:04.507", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,8 +40,18 @@ }, "weaknesses": [ { - "source": "contact@wpscan.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + }, + { + "source": "contact@wpscan.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-13xx/CVE-2022-1373.json b/CVE-2022/CVE-2022-13xx/CVE-2022-1373.json index efe684acb83..fae9cdf76ff 100644 --- a/CVE-2022/CVE-2022-13xx/CVE-2022-1373.json +++ b/CVE-2022/CVE-2022-13xx/CVE-2022-1373.json @@ -2,7 +2,7 @@ "id": "CVE-2022-1373", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2022-08-17T21:15:08.647", - "lastModified": "2022-08-19T01:13:40.017", + "lastModified": "2023-06-27T15:49:41.903", "vulnStatus": "Analyzed", "descriptions": [ { @@ -60,8 +60,18 @@ }, "weaknesses": [ { - "source": "ics-cert@hq.dhs.gov", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + }, + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-15xx/CVE-2022-1572.json b/CVE-2022/CVE-2022-15xx/CVE-2022-1572.json index 0ae9d72f45e..533252911b5 100644 --- a/CVE-2022/CVE-2022-15xx/CVE-2022-1572.json +++ b/CVE-2022/CVE-2022-15xx/CVE-2022-1572.json @@ -2,7 +2,7 @@ "id": "CVE-2022-1572", "sourceIdentifier": "contact@wpscan.com", "published": "2022-06-27T09:15:09.120", - "lastModified": "2022-07-07T15:45:50.653", + "lastModified": "2023-06-27T15:57:42.557", "vulnStatus": "Analyzed", "descriptions": [ { @@ -65,8 +65,22 @@ }, "weaknesses": [ { - "source": "contact@wpscan.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + }, + { + "lang": "en", + "value": "CWE-862" + } + ] + }, + { + "source": "contact@wpscan.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-15xx/CVE-2022-1574.json b/CVE-2022/CVE-2022-15xx/CVE-2022-1574.json index 05482278226..fb05741da2a 100644 --- a/CVE-2022/CVE-2022-15xx/CVE-2022-1574.json +++ b/CVE-2022/CVE-2022-15xx/CVE-2022-1574.json @@ -2,7 +2,7 @@ "id": "CVE-2022-1574", "sourceIdentifier": "contact@wpscan.com", "published": "2022-06-27T09:15:09.227", - "lastModified": "2022-07-07T15:47:58.593", + "lastModified": "2023-06-27T15:57:30.970", "vulnStatus": "Analyzed", "descriptions": [ { @@ -65,8 +65,22 @@ }, "weaknesses": [ { - "source": "contact@wpscan.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + }, + { + "lang": "en", + "value": "CWE-862" + } + ] + }, + { + "source": "contact@wpscan.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-16xx/CVE-2022-1656.json b/CVE-2022/CVE-2022-16xx/CVE-2022-1656.json index 1d34c0ae189..9a74f97f9db 100644 --- a/CVE-2022/CVE-2022-16xx/CVE-2022-1656.json +++ b/CVE-2022/CVE-2022-16xx/CVE-2022-1656.json @@ -2,7 +2,7 @@ "id": "CVE-2022-1656", "sourceIdentifier": "security@wordfence.com", "published": "2022-06-13T13:15:11.553", - "lastModified": "2022-06-17T23:27:57.257", + "lastModified": "2023-06-27T15:39:00.237", "vulnStatus": "Analyzed", "descriptions": [ { @@ -85,8 +85,18 @@ }, "weaknesses": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-17xx/CVE-2022-1720.json b/CVE-2022/CVE-2022-17xx/CVE-2022-1720.json index eea1aa821b5..49cddebd84e 100644 --- a/CVE-2022/CVE-2022-17xx/CVE-2022-1720.json +++ b/CVE-2022/CVE-2022-17xx/CVE-2022-1720.json @@ -2,8 +2,8 @@ "id": "CVE-2022-1720", "sourceIdentifier": "security@huntr.dev", "published": "2022-06-20T15:15:10.267", - "lastModified": "2023-05-03T12:15:24.930", - "vulnStatus": "Modified", + "lastModified": "2023-06-27T15:57:54.307", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -279,7 +279,10 @@ }, { "url": "https://security.gentoo.org/glsa/202305-16", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://support.apple.com/kb/HT213443", diff --git a/CVE-2022/CVE-2022-17xx/CVE-2022-1778.json b/CVE-2022/CVE-2022-17xx/CVE-2022-1778.json index 7d2d21e1519..7a65c8e5850 100644 --- a/CVE-2022/CVE-2022-17xx/CVE-2022-1778.json +++ b/CVE-2022/CVE-2022-17xx/CVE-2022-1778.json @@ -2,7 +2,7 @@ "id": "CVE-2022-1778", "sourceIdentifier": "cybersecurity@hitachienergy.com", "published": "2022-09-14T18:15:09.953", - "lastModified": "2022-10-05T13:45:56.650", + "lastModified": "2023-06-27T15:47:06.047", "vulnStatus": "Analyzed", "descriptions": [ { @@ -65,7 +65,7 @@ "description": [ { "lang": "en", - "value": "CWE-120" + "value": "CWE-119" } ] }, diff --git a/CVE-2022/CVE-2022-17xx/CVE-2022-1794.json b/CVE-2022/CVE-2022-17xx/CVE-2022-1794.json index 887c0575999..8181a89132b 100644 --- a/CVE-2022/CVE-2022-17xx/CVE-2022-1794.json +++ b/CVE-2022/CVE-2022-17xx/CVE-2022-1794.json @@ -2,7 +2,7 @@ "id": "CVE-2022-1794", "sourceIdentifier": "info@cert.vde.com", "published": "2022-07-11T11:15:08.047", - "lastModified": "2022-09-23T16:29:48.687", + "lastModified": "2023-06-27T15:56:43.407", "vulnStatus": "Analyzed", "descriptions": [ { @@ -85,8 +85,18 @@ }, "weaknesses": [ { - "source": "info@cert.vde.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-522" + } + ] + }, + { + "source": "info@cert.vde.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-19xx/CVE-2022-1922.json b/CVE-2022/CVE-2022-19xx/CVE-2022-1922.json index e8f6e5a7d2f..732008e0fd6 100644 --- a/CVE-2022/CVE-2022-19xx/CVE-2022-1922.json +++ b/CVE-2022/CVE-2022-19xx/CVE-2022-1922.json @@ -2,7 +2,7 @@ "id": "CVE-2022-1922", "sourceIdentifier": "secalert@redhat.com", "published": "2022-07-19T20:15:10.907", - "lastModified": "2022-10-26T13:44:48.710", + "lastModified": "2023-06-27T15:54:21.557", "vulnStatus": "Analyzed", "descriptions": [ { @@ -45,7 +45,7 @@ "description": [ { "lang": "en", - "value": "CWE-787" + "value": "CWE-190" } ] }, diff --git a/CVE-2022/CVE-2022-19xx/CVE-2022-1923.json b/CVE-2022/CVE-2022-19xx/CVE-2022-1923.json index 8d6a305063e..86f1feabcc1 100644 --- a/CVE-2022/CVE-2022-19xx/CVE-2022-1923.json +++ b/CVE-2022/CVE-2022-19xx/CVE-2022-1923.json @@ -2,7 +2,7 @@ "id": "CVE-2022-1923", "sourceIdentifier": "secalert@redhat.com", "published": "2022-07-19T20:15:10.967", - "lastModified": "2022-10-26T13:45:13.087", + "lastModified": "2023-06-27T15:51:28.127", "vulnStatus": "Analyzed", "descriptions": [ { @@ -45,7 +45,7 @@ "description": [ { "lang": "en", - "value": "CWE-787" + "value": "CWE-190" } ] }, diff --git a/CVE-2022/CVE-2022-19xx/CVE-2022-1924.json b/CVE-2022/CVE-2022-19xx/CVE-2022-1924.json index 32fd2bb3d18..475fdcc136d 100644 --- a/CVE-2022/CVE-2022-19xx/CVE-2022-1924.json +++ b/CVE-2022/CVE-2022-19xx/CVE-2022-1924.json @@ -2,7 +2,7 @@ "id": "CVE-2022-1924", "sourceIdentifier": "secalert@redhat.com", "published": "2022-07-19T20:15:11.027", - "lastModified": "2022-10-26T13:45:19.277", + "lastModified": "2023-06-27T15:51:15.940", "vulnStatus": "Analyzed", "descriptions": [ { @@ -45,7 +45,7 @@ "description": [ { "lang": "en", - "value": "CWE-787" + "value": "CWE-190" } ] }, diff --git a/CVE-2022/CVE-2022-19xx/CVE-2022-1925.json b/CVE-2022/CVE-2022-19xx/CVE-2022-1925.json index 9f6d38f5dbc..edc0ed1482c 100644 --- a/CVE-2022/CVE-2022-19xx/CVE-2022-1925.json +++ b/CVE-2022/CVE-2022-19xx/CVE-2022-1925.json @@ -2,7 +2,7 @@ "id": "CVE-2022-1925", "sourceIdentifier": "secalert@redhat.com", "published": "2022-07-19T20:15:11.080", - "lastModified": "2022-10-26T13:45:22.827", + "lastModified": "2023-06-27T15:50:42.127", "vulnStatus": "Analyzed", "descriptions": [ { @@ -46,10 +46,6 @@ { "lang": "en", "value": "CWE-190" - }, - { - "lang": "en", - "value": "CWE-787" } ] }, diff --git a/CVE-2022/CVE-2022-19xx/CVE-2022-1941.json b/CVE-2022/CVE-2022-19xx/CVE-2022-1941.json index bb861d7ea1b..a545ed2f68b 100644 --- a/CVE-2022/CVE-2022-19xx/CVE-2022-1941.json +++ b/CVE-2022/CVE-2022-19xx/CVE-2022-1941.json @@ -2,8 +2,8 @@ "id": "CVE-2022-1941", "sourceIdentifier": "cve-coordination@google.com", "published": "2022-09-22T15:15:09.203", - "lastModified": "2023-04-18T09:15:08.357", - "vulnStatus": "Modified", + "lastModified": "2023-06-27T15:45:37.350", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -45,7 +45,7 @@ "description": [ { "lang": "en", - "value": "CWE-119" + "value": "NVD-CWE-Other" } ] }, @@ -131,6 +131,11 @@ "operator": "OR", "negate": false, "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", + "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD" + }, { "vulnerable": true, "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", @@ -139,6 +144,21 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" + } + ] + } + ] } ], "references": [ @@ -166,7 +186,10 @@ }, { "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00019.html", - "source": "cve-coordination@google.com" + "source": "cve-coordination@google.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBAUKJQL6O4TIWYBENORSY5P43TVB4M3/", @@ -175,6 +198,13 @@ "Mailing List", "Third Party Advisory" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPCGUT3T5L6C3IDWUPSUO22QDCGQKTOP/", + "source": "cve-coordination@google.com", + "tags": [ + "Mailing List" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-19xx/CVE-2022-1974.json b/CVE-2022/CVE-2022-19xx/CVE-2022-1974.json index b7abe63e804..df1606bd493 100644 --- a/CVE-2022/CVE-2022-19xx/CVE-2022-1974.json +++ b/CVE-2022/CVE-2022-19xx/CVE-2022-1974.json @@ -2,7 +2,7 @@ "id": "CVE-2022-1974", "sourceIdentifier": "secalert@redhat.com", "published": "2022-08-31T16:15:10.007", - "lastModified": "2022-09-07T15:54:56.587", + "lastModified": "2023-06-27T15:47:18.970", "vulnStatus": "Analyzed", "descriptions": [ { @@ -45,7 +45,7 @@ "description": [ { "lang": "en", - "value": "CWE-416" + "value": "CWE-367" } ] }, diff --git a/CVE-2022/CVE-2022-20xx/CVE-2022-2023.json b/CVE-2022/CVE-2022-20xx/CVE-2022-2023.json index 43ebd367718..d8640351152 100644 --- a/CVE-2022/CVE-2022-20xx/CVE-2022-2023.json +++ b/CVE-2022/CVE-2022-20xx/CVE-2022-2023.json @@ -2,7 +2,7 @@ "id": "CVE-2022-2023", "sourceIdentifier": "security@huntr.dev", "published": "2022-06-20T04:15:09.973", - "lastModified": "2022-06-28T19:20:56.823", + "lastModified": "2023-06-27T15:58:07.787", "vulnStatus": "Analyzed", "descriptions": [ { diff --git a/CVE-2022/CVE-2022-20xx/CVE-2022-2034.json b/CVE-2022/CVE-2022-20xx/CVE-2022-2034.json index aed9ecf1ff8..2780b969120 100644 --- a/CVE-2022/CVE-2022-20xx/CVE-2022-2034.json +++ b/CVE-2022/CVE-2022-20xx/CVE-2022-2034.json @@ -2,7 +2,7 @@ "id": "CVE-2022-2034", "sourceIdentifier": "contact@wpscan.com", "published": "2022-08-29T18:15:09.027", - "lastModified": "2022-09-01T06:39:20.070", + "lastModified": "2023-06-27T15:47:37.503", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,8 +40,18 @@ }, "weaknesses": [ { - "source": "contact@wpscan.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + }, + { + "source": "contact@wpscan.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-234xx/CVE-2022-23488.json b/CVE-2022/CVE-2022-234xx/CVE-2022-23488.json index 03f2512d360..2f769c52014 100644 --- a/CVE-2022/CVE-2022-234xx/CVE-2022-23488.json +++ b/CVE-2022/CVE-2022-234xx/CVE-2022-23488.json @@ -2,7 +2,7 @@ "id": "CVE-2022-23488", "sourceIdentifier": "security-advisories@github.com", "published": "2022-12-17T01:15:09.293", - "lastModified": "2022-12-22T13:56:57.427", + "lastModified": "2023-06-27T15:11:47.877", "vulnStatus": "Analyzed", "descriptions": [ { @@ -61,7 +61,7 @@ "description": [ { "lang": "en", - "value": "CWE-668" + "value": "CWE-863" } ] }, diff --git a/CVE-2022/CVE-2022-235xx/CVE-2022-23509.json b/CVE-2022/CVE-2022-235xx/CVE-2022-23509.json index 5ccb433f948..2eed6f74ef9 100644 --- a/CVE-2022/CVE-2022-235xx/CVE-2022-23509.json +++ b/CVE-2022/CVE-2022-235xx/CVE-2022-23509.json @@ -2,7 +2,7 @@ "id": "CVE-2022-23509", "sourceIdentifier": "security-advisories@github.com", "published": "2023-01-09T14:15:09.980", - "lastModified": "2023-01-13T20:27:04.817", + "lastModified": "2023-06-27T15:13:31.357", "vulnStatus": "Analyzed", "descriptions": [ { @@ -61,7 +61,7 @@ "description": [ { "lang": "en", - "value": "NVD-CWE-noinfo" + "value": "CWE-319" } ] }, diff --git a/CVE-2022/CVE-2022-235xx/CVE-2022-23523.json b/CVE-2022/CVE-2022-235xx/CVE-2022-23523.json index 4c4d1fd80d1..ec3e4262e8f 100644 --- a/CVE-2022/CVE-2022-235xx/CVE-2022-23523.json +++ b/CVE-2022/CVE-2022-235xx/CVE-2022-23523.json @@ -2,7 +2,7 @@ "id": "CVE-2022-23523", "sourceIdentifier": "security-advisories@github.com", "published": "2022-12-13T08:15:10.140", - "lastModified": "2022-12-15T19:54:38.217", + "lastModified": "2023-06-27T14:59:10.640", "vulnStatus": "Analyzed", "descriptions": [ { @@ -61,7 +61,7 @@ "description": [ { "lang": "en", - "value": "CWE-125" + "value": "NVD-CWE-Other" } ] }, diff --git a/CVE-2022/CVE-2022-40xx/CVE-2022-4024.json b/CVE-2022/CVE-2022-40xx/CVE-2022-4024.json index 86cb51d1d21..266f83faa8b 100644 --- a/CVE-2022/CVE-2022-40xx/CVE-2022-4024.json +++ b/CVE-2022/CVE-2022-40xx/CVE-2022-4024.json @@ -2,7 +2,7 @@ "id": "CVE-2022-4024", "sourceIdentifier": "contact@wpscan.com", "published": "2022-12-19T14:15:11.760", - "lastModified": "2022-12-22T20:55:34.393", + "lastModified": "2023-06-27T15:33:42.210", "vulnStatus": "Analyzed", "descriptions": [ { @@ -36,7 +36,7 @@ }, "weaknesses": [ { - "source": "contact@wpscan.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -48,6 +48,20 @@ "value": "CWE-862" } ] + }, + { + "source": "contact@wpscan.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + }, + { + "lang": "en", + "value": "CWE-862" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-411xx/CVE-2022-41158.json b/CVE-2022/CVE-2022-411xx/CVE-2022-41158.json index 98406172570..0ed0f23a154 100644 --- a/CVE-2022/CVE-2022-411xx/CVE-2022-41158.json +++ b/CVE-2022/CVE-2022-411xx/CVE-2022-41158.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41158", "sourceIdentifier": "vuln@krcert.or.kr", "published": "2022-11-25T19:15:11.867", - "lastModified": "2022-12-01T15:26:35.607", + "lastModified": "2023-06-27T14:58:35.293", "vulnStatus": "Analyzed", "descriptions": [ { @@ -61,7 +61,7 @@ "description": [ { "lang": "en", - "value": "CWE-94" + "value": "CWE-22" } ] }, diff --git a/CVE-2022/CVE-2022-411xx/CVE-2022-41167.json b/CVE-2022/CVE-2022-411xx/CVE-2022-41167.json index b3f58ec4f5b..3755218cdc6 100644 --- a/CVE-2022/CVE-2022-411xx/CVE-2022-41167.json +++ b/CVE-2022/CVE-2022-411xx/CVE-2022-41167.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41167", "sourceIdentifier": "cna@sap.com", "published": "2022-10-11T21:15:16.793", - "lastModified": "2022-10-12T20:02:39.437", + "lastModified": "2023-06-27T15:55:04.977", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,8 +40,22 @@ }, "weaknesses": [ { - "source": "cna@sap.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "cna@sap.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-411xx/CVE-2022-41172.json b/CVE-2022/CVE-2022-411xx/CVE-2022-41172.json index f8ae00ce90d..e10e7894cda 100644 --- a/CVE-2022/CVE-2022-411xx/CVE-2022-41172.json +++ b/CVE-2022/CVE-2022-411xx/CVE-2022-41172.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41172", "sourceIdentifier": "cna@sap.com", "published": "2022-10-11T21:15:17.817", - "lastModified": "2022-10-12T19:58:32.127", + "lastModified": "2023-06-27T15:22:01.463", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,8 +40,22 @@ }, "weaknesses": [ { - "source": "cna@sap.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "cna@sap.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-411xx/CVE-2022-41175.json b/CVE-2022/CVE-2022-411xx/CVE-2022-41175.json index 8337dca8bc5..6de76864eb9 100644 --- a/CVE-2022/CVE-2022-411xx/CVE-2022-41175.json +++ b/CVE-2022/CVE-2022-411xx/CVE-2022-41175.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41175", "sourceIdentifier": "cna@sap.com", "published": "2022-10-11T21:15:18.487", - "lastModified": "2022-10-12T19:57:09.860", + "lastModified": "2023-06-27T15:22:05.237", "vulnStatus": "Analyzed", "descriptions": [ { @@ -46,6 +46,10 @@ { "lang": "en", "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-787" } ] }, diff --git a/CVE-2022/CVE-2022-411xx/CVE-2022-41177.json b/CVE-2022/CVE-2022-411xx/CVE-2022-41177.json index dc8624286b2..6566b35caf6 100644 --- a/CVE-2022/CVE-2022-411xx/CVE-2022-41177.json +++ b/CVE-2022/CVE-2022-411xx/CVE-2022-41177.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41177", "sourceIdentifier": "cna@sap.com", "published": "2022-10-11T21:15:18.857", - "lastModified": "2022-10-12T19:56:03.707", + "lastModified": "2023-06-27T15:22:09.450", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,8 +40,22 @@ }, "weaknesses": [ { - "source": "cna@sap.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "cna@sap.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-411xx/CVE-2022-41179.json b/CVE-2022/CVE-2022-411xx/CVE-2022-41179.json index 5e1d6420eb3..066be0a33c5 100644 --- a/CVE-2022/CVE-2022-411xx/CVE-2022-41179.json +++ b/CVE-2022/CVE-2022-411xx/CVE-2022-41179.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41179", "sourceIdentifier": "cna@sap.com", "published": "2022-10-11T21:15:19.293", - "lastModified": "2022-10-12T20:06:30.897", + "lastModified": "2023-06-27T15:20:47.173", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,8 +40,22 @@ }, "weaknesses": [ { - "source": "cna@sap.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "cna@sap.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-411xx/CVE-2022-41180.json b/CVE-2022/CVE-2022-411xx/CVE-2022-41180.json index 0eebc69e0fc..4ebe55cecdc 100644 --- a/CVE-2022/CVE-2022-411xx/CVE-2022-41180.json +++ b/CVE-2022/CVE-2022-411xx/CVE-2022-41180.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41180", "sourceIdentifier": "cna@sap.com", "published": "2022-10-11T21:15:19.523", - "lastModified": "2022-10-12T20:06:19.863", + "lastModified": "2023-06-27T15:20:52.047", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,8 +40,22 @@ }, "weaknesses": [ { - "source": "cna@sap.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "cna@sap.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-411xx/CVE-2022-41184.json b/CVE-2022/CVE-2022-411xx/CVE-2022-41184.json index ede0f69dcab..648dfa4fded 100644 --- a/CVE-2022/CVE-2022-411xx/CVE-2022-41184.json +++ b/CVE-2022/CVE-2022-411xx/CVE-2022-41184.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41184", "sourceIdentifier": "cna@sap.com", "published": "2022-10-11T21:15:20.543", - "lastModified": "2022-10-12T20:05:23.913", + "lastModified": "2023-06-27T15:20:55.047", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,8 +40,22 @@ }, "weaknesses": [ { - "source": "cna@sap.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "cna@sap.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-411xx/CVE-2022-41185.json b/CVE-2022/CVE-2022-411xx/CVE-2022-41185.json index ea40d240de1..cbe0377c17d 100644 --- a/CVE-2022/CVE-2022-411xx/CVE-2022-41185.json +++ b/CVE-2022/CVE-2022-411xx/CVE-2022-41185.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41185", "sourceIdentifier": "cna@sap.com", "published": "2022-10-11T21:15:20.700", - "lastModified": "2022-10-12T20:03:50.313", + "lastModified": "2023-06-27T15:20:59.053", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,8 +40,22 @@ }, "weaknesses": [ { - "source": "cna@sap.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "cna@sap.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-411xx/CVE-2022-41186.json b/CVE-2022/CVE-2022-411xx/CVE-2022-41186.json index 78599893ecd..56c71da2a2f 100644 --- a/CVE-2022/CVE-2022-411xx/CVE-2022-41186.json +++ b/CVE-2022/CVE-2022-411xx/CVE-2022-41186.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41186", "sourceIdentifier": "cna@sap.com", "published": "2022-10-11T21:15:20.927", - "lastModified": "2022-10-12T20:10:47.207", + "lastModified": "2023-06-27T15:17:41.347", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,8 +40,22 @@ }, "weaknesses": [ { - "source": "cna@sap.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "cna@sap.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-411xx/CVE-2022-41187.json b/CVE-2022/CVE-2022-411xx/CVE-2022-41187.json index 06408ac7e72..b1fcefb7a87 100644 --- a/CVE-2022/CVE-2022-411xx/CVE-2022-41187.json +++ b/CVE-2022/CVE-2022-411xx/CVE-2022-41187.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41187", "sourceIdentifier": "cna@sap.com", "published": "2022-10-11T21:15:21.137", - "lastModified": "2022-10-12T20:20:01.487", + "lastModified": "2023-06-27T15:18:00.647", "vulnStatus": "Analyzed", "descriptions": [ { @@ -46,6 +46,10 @@ { "lang": "en", "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-787" } ] }, diff --git a/CVE-2022/CVE-2022-411xx/CVE-2022-41189.json b/CVE-2022/CVE-2022-411xx/CVE-2022-41189.json index ee2e35945e9..23fad6f9d9f 100644 --- a/CVE-2022/CVE-2022-411xx/CVE-2022-41189.json +++ b/CVE-2022/CVE-2022-411xx/CVE-2022-41189.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41189", "sourceIdentifier": "cna@sap.com", "published": "2022-10-11T21:15:21.543", - "lastModified": "2022-10-12T20:20:23.327", + "lastModified": "2023-06-27T15:18:06.620", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,8 +40,22 @@ }, "weaknesses": [ { - "source": "cna@sap.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "cna@sap.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-411xx/CVE-2022-41190.json b/CVE-2022/CVE-2022-411xx/CVE-2022-41190.json index d7547f52c94..51889d1bf33 100644 --- a/CVE-2022/CVE-2022-411xx/CVE-2022-41190.json +++ b/CVE-2022/CVE-2022-411xx/CVE-2022-41190.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41190", "sourceIdentifier": "cna@sap.com", "published": "2022-10-11T21:15:21.840", - "lastModified": "2022-10-12T20:20:33.290", + "lastModified": "2023-06-27T15:18:11.237", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,8 +40,22 @@ }, "weaknesses": [ { - "source": "cna@sap.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "cna@sap.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-411xx/CVE-2022-41191.json b/CVE-2022/CVE-2022-411xx/CVE-2022-41191.json index cd98d9a9403..cfb96326529 100644 --- a/CVE-2022/CVE-2022-411xx/CVE-2022-41191.json +++ b/CVE-2022/CVE-2022-411xx/CVE-2022-41191.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41191", "sourceIdentifier": "cna@sap.com", "published": "2022-10-11T21:15:22.307", - "lastModified": "2022-10-12T20:20:42.133", + "lastModified": "2023-06-27T15:22:14.090", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,8 +40,22 @@ }, "weaknesses": [ { - "source": "cna@sap.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "cna@sap.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-411xx/CVE-2022-41193.json b/CVE-2022/CVE-2022-411xx/CVE-2022-41193.json index c11e33317bf..cf26ace168c 100644 --- a/CVE-2022/CVE-2022-411xx/CVE-2022-41193.json +++ b/CVE-2022/CVE-2022-411xx/CVE-2022-41193.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41193", "sourceIdentifier": "cna@sap.com", "published": "2022-10-11T21:15:23.213", - "lastModified": "2022-10-12T20:17:59.657", + "lastModified": "2023-06-27T15:30:59.420", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,8 +40,22 @@ }, "weaknesses": [ { - "source": "cna@sap.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "cna@sap.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-411xx/CVE-2022-41195.json b/CVE-2022/CVE-2022-411xx/CVE-2022-41195.json index b38bad3fc6a..6e96f2a62cc 100644 --- a/CVE-2022/CVE-2022-411xx/CVE-2022-41195.json +++ b/CVE-2022/CVE-2022-411xx/CVE-2022-41195.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41195", "sourceIdentifier": "cna@sap.com", "published": "2022-10-11T21:15:24.100", - "lastModified": "2022-10-12T20:18:23.577", + "lastModified": "2023-06-27T15:31:08.927", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,8 +40,22 @@ }, "weaknesses": [ { - "source": "cna@sap.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "cna@sap.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-411xx/CVE-2022-41196.json b/CVE-2022/CVE-2022-411xx/CVE-2022-41196.json index 48d208886ed..f0f15dc8020 100644 --- a/CVE-2022/CVE-2022-411xx/CVE-2022-41196.json +++ b/CVE-2022/CVE-2022-411xx/CVE-2022-41196.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41196", "sourceIdentifier": "cna@sap.com", "published": "2022-10-11T21:15:24.520", - "lastModified": "2022-10-12T20:18:38.893", + "lastModified": "2023-06-27T15:31:19.807", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,8 +40,22 @@ }, "weaknesses": [ { - "source": "cna@sap.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "cna@sap.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-411xx/CVE-2022-41198.json b/CVE-2022/CVE-2022-411xx/CVE-2022-41198.json index 9200a977f52..7221dba632a 100644 --- a/CVE-2022/CVE-2022-411xx/CVE-2022-41198.json +++ b/CVE-2022/CVE-2022-411xx/CVE-2022-41198.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41198", "sourceIdentifier": "cna@sap.com", "published": "2022-10-11T21:15:25.433", - "lastModified": "2022-10-12T20:18:57.533", + "lastModified": "2023-06-27T15:31:27.230", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,8 +40,22 @@ }, "weaknesses": [ { - "source": "cna@sap.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "cna@sap.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-411xx/CVE-2022-41199.json b/CVE-2022/CVE-2022-411xx/CVE-2022-41199.json index a60788fea63..760359ed8db 100644 --- a/CVE-2022/CVE-2022-411xx/CVE-2022-41199.json +++ b/CVE-2022/CVE-2022-411xx/CVE-2022-41199.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41199", "sourceIdentifier": "cna@sap.com", "published": "2022-10-11T21:15:25.923", - "lastModified": "2022-10-12T20:19:08.193", + "lastModified": "2023-06-27T15:22:33.103", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,8 +40,22 @@ }, "weaknesses": [ { - "source": "cna@sap.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "cna@sap.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-412xx/CVE-2022-41200.json b/CVE-2022/CVE-2022-412xx/CVE-2022-41200.json index dc9a12b242c..f0d5062f1d7 100644 --- a/CVE-2022/CVE-2022-412xx/CVE-2022-41200.json +++ b/CVE-2022/CVE-2022-412xx/CVE-2022-41200.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41200", "sourceIdentifier": "cna@sap.com", "published": "2022-10-11T21:15:26.097", - "lastModified": "2022-10-12T20:17:25.287", + "lastModified": "2023-06-27T15:22:36.767", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,8 +40,22 @@ }, "weaknesses": [ { - "source": "cna@sap.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "cna@sap.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-412xx/CVE-2022-41201.json b/CVE-2022/CVE-2022-412xx/CVE-2022-41201.json index 2e6a94962b5..8b82b176f69 100644 --- a/CVE-2022/CVE-2022-412xx/CVE-2022-41201.json +++ b/CVE-2022/CVE-2022-412xx/CVE-2022-41201.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41201", "sourceIdentifier": "cna@sap.com", "published": "2022-10-11T21:15:26.203", - "lastModified": "2022-10-12T20:17:07.460", + "lastModified": "2023-06-27T15:22:47.807", "vulnStatus": "Analyzed", "descriptions": [ { @@ -46,6 +46,10 @@ { "lang": "en", "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-787" } ] }, diff --git a/CVE-2022/CVE-2022-412xx/CVE-2022-41202.json b/CVE-2022/CVE-2022-412xx/CVE-2022-41202.json index 451a93b39bb..edbf710c433 100644 --- a/CVE-2022/CVE-2022-412xx/CVE-2022-41202.json +++ b/CVE-2022/CVE-2022-412xx/CVE-2022-41202.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41202", "sourceIdentifier": "cna@sap.com", "published": "2022-10-11T21:15:26.303", - "lastModified": "2022-10-12T20:16:37.280", + "lastModified": "2023-06-27T15:22:55.293", "vulnStatus": "Analyzed", "descriptions": [ { @@ -46,6 +46,10 @@ { "lang": "en", "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-787" } ] }, diff --git a/CVE-2022/CVE-2022-412xx/CVE-2022-41211.json b/CVE-2022/CVE-2022-412xx/CVE-2022-41211.json index 34ea6e60b36..b51225b1256 100644 --- a/CVE-2022/CVE-2022-412xx/CVE-2022-41211.json +++ b/CVE-2022/CVE-2022-412xx/CVE-2022-41211.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41211", "sourceIdentifier": "cna@sap.com", "published": "2022-11-08T22:15:18.623", - "lastModified": "2022-12-08T22:49:30.647", + "lastModified": "2023-06-27T14:06:08.953", "vulnStatus": "Analyzed", "descriptions": [ { @@ -59,6 +59,10 @@ "source": "nvd@nist.gov", "type": "Primary", "description": [ + { + "lang": "en", + "value": "CWE-119" + }, { "lang": "en", "value": "CWE-787" diff --git a/CVE-2022/CVE-2022-412xx/CVE-2022-41230.json b/CVE-2022/CVE-2022-412xx/CVE-2022-41230.json index f2734688977..fa9fa8f78d7 100644 --- a/CVE-2022/CVE-2022-412xx/CVE-2022-41230.json +++ b/CVE-2022/CVE-2022-412xx/CVE-2022-41230.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41230", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2022-09-21T16:15:10.217", - "lastModified": "2022-09-22T15:08:00.500", + "lastModified": "2023-06-27T14:39:11.823", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,8 +40,18 @@ }, "weaknesses": [ { - "source": "jenkinsci-cert@googlegroups.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + }, + { + "source": "jenkinsci-cert@googlegroups.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-412xx/CVE-2022-41255.json b/CVE-2022/CVE-2022-412xx/CVE-2022-41255.json index 987a9bb5ffc..54b3e6f8e60 100644 --- a/CVE-2022/CVE-2022-412xx/CVE-2022-41255.json +++ b/CVE-2022/CVE-2022-412xx/CVE-2022-41255.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41255", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2022-09-21T16:15:11.683", - "lastModified": "2022-09-22T18:47:18.540", + "lastModified": "2023-06-27T14:39:25.127", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,8 +40,18 @@ }, "weaknesses": [ { - "source": "jenkinsci-cert@googlegroups.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-522" + } + ] + }, + { + "source": "jenkinsci-cert@googlegroups.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-417xx/CVE-2022-41716.json b/CVE-2022/CVE-2022-417xx/CVE-2022-41716.json index 6f4e0aded9c..f9428cbe593 100644 --- a/CVE-2022/CVE-2022-417xx/CVE-2022-41716.json +++ b/CVE-2022/CVE-2022-417xx/CVE-2022-41716.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41716", "sourceIdentifier": "security@golang.org", "published": "2022-11-02T16:15:11.150", - "lastModified": "2022-11-04T13:16:13.183", + "lastModified": "2023-06-27T14:39:47.540", "vulnStatus": "Analyzed", "descriptions": [ { @@ -41,7 +41,7 @@ "description": [ { "lang": "en", - "value": "CWE-74" + "value": "NVD-CWE-Other" } ] }, diff --git a/CVE-2022/CVE-2022-418xx/CVE-2022-41858.json b/CVE-2022/CVE-2022-418xx/CVE-2022-41858.json index 08cf114f66a..6e779982232 100644 --- a/CVE-2022/CVE-2022-418xx/CVE-2022-41858.json +++ b/CVE-2022/CVE-2022-418xx/CVE-2022-41858.json @@ -2,8 +2,8 @@ "id": "CVE-2022-41858", "sourceIdentifier": "secalert@redhat.com", "published": "2023-01-17T18:15:11.140", - "lastModified": "2023-02-23T19:15:11.400", - "vulnStatus": "Modified", + "lastModified": "2023-06-27T15:14:40.373", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -36,8 +36,18 @@ }, "weaknesses": [ { - "source": "secalert@redhat.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + }, + { + "source": "secalert@redhat.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -56,8 +66,76 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionEndExcluding": "5.18", - "matchCriteriaId": "FE93544F-B946-47CF-9697-FBF3484FCB92" + "versionStartIncluding": "2.6.12.1", + "versionEndExcluding": "4.9.311", + "matchCriteriaId": "1B1D4B25-439B-4B58-9DCD-5EFCCA3B3044" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.14.0", + "versionEndExcluding": "4.14.276", + "matchCriteriaId": "96C58C8B-5A45-438A-9404-355E1BDC721B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.19.0", + "versionEndExcluding": "4.19.239", + "matchCriteriaId": "54574198-19C7-4027-808B-59EAED63DA16" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.4.0", + "versionEndExcluding": "5.4.190", + "matchCriteriaId": "0C6AE903-5265-4FC0-9341-D962BD3821C4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10.0", + "versionEndExcluding": "5.10.112", + "matchCriteriaId": "195C1389-A37F-4A44-AEA6-3EBBE89D363F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15.0", + "versionEndExcluding": "5.15.35", + "matchCriteriaId": "E1379333-FB4C-49F1-AEC6-D395BB10C397" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.17.0", + "versionEndExcluding": "5.17.4", + "matchCriteriaId": "F4190EB3-39F4-4DFA-A11A-DE283D1BF94D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*", + "matchCriteriaId": "6F62EECE-8FB1-4D57-85D8-CB9E23CF313C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*", + "matchCriteriaId": "0AB349B2-3F78-4197-882B-90ADB3BF645A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*", + "matchCriteriaId": "6AC88830-A9BC-4607-B572-A4B502FC9FD0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*", + "matchCriteriaId": "476CB3A5-D022-4F13-AAEF-CB6A5785516A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*", + "matchCriteriaId": "8CFD5CDD-1709-44C7-82BD-BAFDC46990D6" }, { "vulnerable": true, @@ -67,6 +145,41 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*", + "matchCriteriaId": "27227B35-932A-4035-B39F-6A455753C0D6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*", + "matchCriteriaId": "489D20B9-166F-423D-8C48-A23D3026E33B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*", + "matchCriteriaId": "A4AD592C-222D-4C6F-B176-8145A1A5AFEC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*", + "matchCriteriaId": "8603654B-A8A9-4DEB-B0DD-C82E1C885749" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*", + "matchCriteriaId": "C855C933-F271-45E6-8E85-8D7CF2EF1BE6" + } + ] + } + ] } ], "references": [ @@ -80,7 +193,10 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20230223-0006/", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-418xx/CVE-2022-41877.json b/CVE-2022/CVE-2022-418xx/CVE-2022-41877.json index 9abbae5fe0e..54eff1623e3 100644 --- a/CVE-2022/CVE-2022-418xx/CVE-2022-41877.json +++ b/CVE-2022/CVE-2022-418xx/CVE-2022-41877.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41877", "sourceIdentifier": "security-advisories@github.com", "published": "2022-11-16T20:15:10.507", - "lastModified": "2023-01-25T19:56:41.633", + "lastModified": "2023-06-27T14:18:53.020", "vulnStatus": "Analyzed", "descriptions": [ { @@ -56,22 +56,22 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-119" + "value": "CWE-1284" } ] }, { - "source": "nvd@nist.gov", + "source": "security-advisories@github.com", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-125" + "value": "CWE-119" } ] } diff --git a/CVE-2022/CVE-2022-419xx/CVE-2022-41902.json b/CVE-2022/CVE-2022-419xx/CVE-2022-41902.json index 58d9cb6236c..6f622120840 100644 --- a/CVE-2022/CVE-2022-419xx/CVE-2022-41902.json +++ b/CVE-2022/CVE-2022-419xx/CVE-2022-41902.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41902", "sourceIdentifier": "security-advisories@github.com", "published": "2022-12-06T22:15:10.513", - "lastModified": "2022-12-08T02:56:50.997", + "lastModified": "2023-06-27T14:58:54.877", "vulnStatus": "Analyzed", "descriptions": [ { @@ -56,8 +56,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-419xx/CVE-2022-41918.json b/CVE-2022/CVE-2022-419xx/CVE-2022-41918.json index cfa045ecb19..dd53bf86168 100644 --- a/CVE-2022/CVE-2022-419xx/CVE-2022-41918.json +++ b/CVE-2022/CVE-2022-419xx/CVE-2022-41918.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41918", "sourceIdentifier": "security-advisories@github.com", "published": "2022-11-15T23:15:28.283", - "lastModified": "2022-12-12T19:43:03.753", + "lastModified": "2023-06-27T14:06:48.647", "vulnStatus": "Analyzed", "descriptions": [ { @@ -61,7 +61,7 @@ "description": [ { "lang": "en", - "value": "CWE-863" + "value": "NVD-CWE-Other" } ] }, diff --git a/CVE-2022/CVE-2022-419xx/CVE-2022-41924.json b/CVE-2022/CVE-2022-419xx/CVE-2022-41924.json index 7240cf35e22..0fd8a67ed6c 100644 --- a/CVE-2022/CVE-2022-419xx/CVE-2022-41924.json +++ b/CVE-2022/CVE-2022-419xx/CVE-2022-41924.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41924", "sourceIdentifier": "security-advisories@github.com", "published": "2022-11-23T19:15:12.400", - "lastModified": "2022-12-01T15:45:47.270", + "lastModified": "2023-06-27T14:18:59.750", "vulnStatus": "Analyzed", "descriptions": [ { @@ -63,7 +63,7 @@ "description": [ { "lang": "en", - "value": "CWE-352" + "value": "CWE-346" } ] }, diff --git a/CVE-2022/CVE-2022-419xx/CVE-2022-41934.json b/CVE-2022/CVE-2022-419xx/CVE-2022-41934.json index b9db4864ee2..3d7491c3809 100644 --- a/CVE-2022/CVE-2022-419xx/CVE-2022-41934.json +++ b/CVE-2022/CVE-2022-419xx/CVE-2022-41934.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41934", "sourceIdentifier": "security-advisories@github.com", "published": "2022-11-23T20:15:10.097", - "lastModified": "2022-11-30T17:30:12.047", + "lastModified": "2023-06-27T14:39:58.070", "vulnStatus": "Analyzed", "descriptions": [ { @@ -56,8 +56,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-116" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-419xx/CVE-2022-41945.json b/CVE-2022/CVE-2022-419xx/CVE-2022-41945.json index 380b6efe5b2..1de221dc859 100644 --- a/CVE-2022/CVE-2022-419xx/CVE-2022-41945.json +++ b/CVE-2022/CVE-2022-419xx/CVE-2022-41945.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41945", "sourceIdentifier": "security-advisories@github.com", "published": "2022-11-21T23:15:10.047", - "lastModified": "2023-03-01T18:03:15.677", + "lastModified": "2023-06-27T14:01:24.990", "vulnStatus": "Analyzed", "descriptions": [ { @@ -56,22 +56,22 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-94" + "value": "NVD-CWE-Other" } ] }, { - "source": "nvd@nist.gov", + "source": "security-advisories@github.com", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-77" + "value": "CWE-94" } ] } diff --git a/CVE-2022/CVE-2022-419xx/CVE-2022-41966.json b/CVE-2022/CVE-2022-419xx/CVE-2022-41966.json index dd996041a24..2c036535420 100644 --- a/CVE-2022/CVE-2022-419xx/CVE-2022-41966.json +++ b/CVE-2022/CVE-2022-419xx/CVE-2022-41966.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41966", "sourceIdentifier": "security-advisories@github.com", "published": "2022-12-28T00:15:14.237", - "lastModified": "2023-01-06T17:05:31.553", + "lastModified": "2023-06-27T14:04:14.103", "vulnStatus": "Analyzed", "descriptions": [ { @@ -56,8 +56,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-674" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-41xx/CVE-2022-4102.json b/CVE-2022/CVE-2022-41xx/CVE-2022-4102.json index d38b3395271..c2a5e683ed2 100644 --- a/CVE-2022/CVE-2022-41xx/CVE-2022-4102.json +++ b/CVE-2022/CVE-2022-41xx/CVE-2022-4102.json @@ -2,7 +2,7 @@ "id": "CVE-2022-4102", "sourceIdentifier": "contact@wpscan.com", "published": "2023-01-09T23:15:27.247", - "lastModified": "2023-01-13T06:51:04.363", + "lastModified": "2023-06-27T15:35:04.127", "vulnStatus": "Analyzed", "descriptions": [ { @@ -39,6 +39,10 @@ "source": "nvd@nist.gov", "type": "Primary", "description": [ + { + "lang": "en", + "value": "CWE-352" + }, { "lang": "en", "value": "CWE-862" diff --git a/CVE-2022/CVE-2022-41xx/CVE-2022-4103.json b/CVE-2022/CVE-2022-41xx/CVE-2022-4103.json index c4a26aa98bc..0fddf486349 100644 --- a/CVE-2022/CVE-2022-41xx/CVE-2022-4103.json +++ b/CVE-2022/CVE-2022-41xx/CVE-2022-4103.json @@ -2,7 +2,7 @@ "id": "CVE-2022-4103", "sourceIdentifier": "contact@wpscan.com", "published": "2023-01-09T23:15:27.330", - "lastModified": "2023-01-13T19:32:27.147", + "lastModified": "2023-06-27T15:54:40.787", "vulnStatus": "Analyzed", "descriptions": [ { @@ -36,7 +36,7 @@ }, "weaknesses": [ { - "source": "contact@wpscan.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -48,6 +48,20 @@ "value": "CWE-862" } ] + }, + { + "source": "contact@wpscan.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + }, + { + "lang": "en", + "value": "CWE-862" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-41xx/CVE-2022-4115.json b/CVE-2022/CVE-2022-41xx/CVE-2022-4115.json new file mode 100644 index 00000000000..0a9d4f36eeb --- /dev/null +++ b/CVE-2022/CVE-2022-41xx/CVE-2022-4115.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2022-4115", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:10.077", + "lastModified": "2023-06-27T14:15:10.077", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Editorial Calendar WordPress plugin through 3.7.12 does not sanitise and escape its settings, allowing users with roles as low as contributor to inject arbitrary web scripts in the plugin admin panel, enabling a Stored Cross-Site Scripting vulnerability targeting higher privileged users." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/2b5071e1-9532-4a6c-9da4-d07932474ca4", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-41xx/CVE-2022-4123.json b/CVE-2022/CVE-2022-41xx/CVE-2022-4123.json index c7d84b9b92c..997ab1806f7 100644 --- a/CVE-2022/CVE-2022-41xx/CVE-2022-4123.json +++ b/CVE-2022/CVE-2022-41xx/CVE-2022-4123.json @@ -2,7 +2,7 @@ "id": "CVE-2022-4123", "sourceIdentifier": "secalert@redhat.com", "published": "2022-12-08T16:15:14.937", - "lastModified": "2022-12-12T15:46:25.110", + "lastModified": "2023-06-27T14:59:05.893", "vulnStatus": "Analyzed", "descriptions": [ { @@ -36,8 +36,18 @@ }, "weaknesses": [ { - "source": "secalert@redhat.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + }, + { + "source": "secalert@redhat.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-41xx/CVE-2022-4124.json b/CVE-2022/CVE-2022-41xx/CVE-2022-4124.json index cac3215b33e..b3e5dd38d6c 100644 --- a/CVE-2022/CVE-2022-41xx/CVE-2022-4124.json +++ b/CVE-2022/CVE-2022-41xx/CVE-2022-4124.json @@ -2,7 +2,7 @@ "id": "CVE-2022-4124", "sourceIdentifier": "contact@wpscan.com", "published": "2022-12-19T14:15:12.513", - "lastModified": "2022-12-22T22:04:28.780", + "lastModified": "2023-06-27T15:12:02.703", "vulnStatus": "Analyzed", "descriptions": [ { @@ -36,7 +36,7 @@ }, "weaknesses": [ { - "source": "contact@wpscan.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -48,6 +48,20 @@ "value": "CWE-862" } ] + }, + { + "source": "contact@wpscan.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + }, + { + "lang": "en", + "value": "CWE-862" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-423xx/CVE-2022-42377.json b/CVE-2022/CVE-2022-423xx/CVE-2022-42377.json index 5fb6db59917..00bea84d055 100644 --- a/CVE-2022/CVE-2022-423xx/CVE-2022-42377.json +++ b/CVE-2022/CVE-2022-423xx/CVE-2022-42377.json @@ -2,7 +2,7 @@ "id": "CVE-2022-42377", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2023-01-26T18:59:55.340", - "lastModified": "2023-02-02T14:13:48.480", + "lastModified": "2023-06-27T14:04:27.247", "vulnStatus": "Analyzed", "descriptions": [ { @@ -63,7 +63,7 @@ "description": [ { "lang": "en", - "value": "CWE-119" + "value": "CWE-787" } ] }, diff --git a/CVE-2022/CVE-2022-42xx/CVE-2022-4223.json b/CVE-2022/CVE-2022-42xx/CVE-2022-4223.json index 97e7e180af8..828d2899351 100644 --- a/CVE-2022/CVE-2022-42xx/CVE-2022-4223.json +++ b/CVE-2022/CVE-2022-42xx/CVE-2022-4223.json @@ -2,7 +2,7 @@ "id": "CVE-2022-4223", "sourceIdentifier": "secalert@redhat.com", "published": "2022-12-13T16:15:26.277", - "lastModified": "2022-12-19T16:59:10.927", + "lastModified": "2023-06-27T14:04:21.833", "vulnStatus": "Analyzed", "descriptions": [ { @@ -36,8 +36,18 @@ }, "weaknesses": [ { - "source": "secalert@redhat.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + }, + { + "source": "secalert@redhat.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-468xx/CVE-2022-46850.json b/CVE-2022/CVE-2022-468xx/CVE-2022-46850.json index 3e079c5ad2b..6d39be40569 100644 --- a/CVE-2022/CVE-2022-468xx/CVE-2022-46850.json +++ b/CVE-2022/CVE-2022-468xx/CVE-2022-46850.json @@ -2,8 +2,8 @@ "id": "CVE-2022-46850", "sourceIdentifier": "audit@patchstack.com", "published": "2023-06-19T13:15:09.493", - "lastModified": "2023-06-20T07:12:55.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-27T14:47:29.597", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:easy_media_replace_project:easy_media_replace:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "0.1.3", + "matchCriteriaId": "8115B0DB-9FEB-4CFB-98D0-6D2C1721D086" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/easy-media-replace/wordpress-easy-media-replace-plugin-0-1-3-arbitrary-file-deletion?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-05xx/CVE-2023-0588.json b/CVE-2023/CVE-2023-05xx/CVE-2023-0588.json new file mode 100644 index 00000000000..e5a08da4bcb --- /dev/null +++ b/CVE-2023/CVE-2023-05xx/CVE-2023-0588.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-0588", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:10.150", + "lastModified": "2023-06-27T14:15:10.150", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Catalyst Connect Zoho CRM Client Portal WordPress plugin before 2.1.0 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high-privilege users such as admin." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/84be272e-0891-461c-91ad-496b64f92f8f", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-08xx/CVE-2023-0873.json b/CVE-2023/CVE-2023-08xx/CVE-2023-0873.json new file mode 100644 index 00000000000..e4319900447 --- /dev/null +++ b/CVE-2023/CVE-2023-08xx/CVE-2023-0873.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-0873", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:10.213", + "lastModified": "2023-06-27T14:15:10.213", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Kanban Boards for WordPress plugin before 2.5.21 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/8816d4c1-9e8e-4b6f-a36a-10a98a7ccfcd", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-11xx/CVE-2023-1166.json b/CVE-2023/CVE-2023-11xx/CVE-2023-1166.json new file mode 100644 index 00000000000..81b2b219813 --- /dev/null +++ b/CVE-2023/CVE-2023-11xx/CVE-2023-1166.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-1166", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:10.277", + "lastModified": "2023-06-27T14:15:10.277", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The USM-Premium WordPress plugin before 16.3 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup)." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/825eccf9-f351-4a5b-b238-9969141b94fa", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-18xx/CVE-2023-1891.json b/CVE-2023/CVE-2023-18xx/CVE-2023-1891.json new file mode 100644 index 00000000000..ae643de259b --- /dev/null +++ b/CVE-2023/CVE-2023-18xx/CVE-2023-1891.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-1891", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:10.340", + "lastModified": "2023-06-27T14:15:10.340", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Accordion & FAQ WordPress plugin before 1.9.9 does not escape various generated URLs, before outputting them in attributes when some notices are displayed, leading to Reflected Cross-Site Scripting" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/4e5d993f-cc20-4b5f-b4c8-c13004151828", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-20xx/CVE-2023-2032.json b/CVE-2023/CVE-2023-20xx/CVE-2023-2032.json new file mode 100644 index 00000000000..e0c7eb0b8e7 --- /dev/null +++ b/CVE-2023/CVE-2023-20xx/CVE-2023-2032.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-2032", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:10.417", + "lastModified": "2023-06-27T14:15:10.417", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Custom 404 Pro WordPress plugin before 3.8.1 does not properly sanitize database inputs, leading to multiple SQL Injection vulnerabilities." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/17acde5d-44ea-4e77-8670-260d22e28ffe", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-20xx/CVE-2023-2068.json b/CVE-2023/CVE-2023-20xx/CVE-2023-2068.json new file mode 100644 index 00000000000..82bc3ef20be --- /dev/null +++ b/CVE-2023/CVE-2023-20xx/CVE-2023-2068.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-2068", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:10.477", + "lastModified": "2023-06-27T14:15:10.477", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The File Manager Advanced Shortcode WordPress plugin through 2.3.2 does not adequately prevent uploading files with disallowed MIME types when using the shortcode. This leads to RCE in cases where the allowed MIME type list does not include PHP files. In the worst case, this is available to unauthenticated users." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/58f72953-56d2-4d86-a49b-311b5fc58056", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-21xx/CVE-2023-2178.json b/CVE-2023/CVE-2023-21xx/CVE-2023-2178.json new file mode 100644 index 00000000000..edaf151dda3 --- /dev/null +++ b/CVE-2023/CVE-2023-21xx/CVE-2023-2178.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-2178", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:10.540", + "lastModified": "2023-06-27T14:15:10.540", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Aajoda Testimonials WordPress plugin before 2.2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/e84b71f9-4208-4efb-90e8-1c778e7d2ebb", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2326.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2326.json new file mode 100644 index 00000000000..d37b732c01c --- /dev/null +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2326.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-2326", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:10.600", + "lastModified": "2023-06-27T14:15:10.600", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Gravity Forms Google Sheet Connector WordPress plugin before 1.3.5, gsheetconnector-gravityforms-pro WordPress plugin through 1.3.5 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a CSRF attack" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/f922695a-b803-4edf-aadc-80c79d99bebb", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2482.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2482.json new file mode 100644 index 00000000000..8ae5c2013db --- /dev/null +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2482.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-2482", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:10.663", + "lastModified": "2023-06-27T14:15:10.663", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Responsive CSS EDITOR WordPress plugin through 1.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high-privilege users such as admin." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/c0f73781-be7e-482e-91de-ad7991ad4bd5", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-25xx/CVE-2023-2580.json b/CVE-2023/CVE-2023-25xx/CVE-2023-2580.json new file mode 100644 index 00000000000..820b1ea8893 --- /dev/null +++ b/CVE-2023/CVE-2023-25xx/CVE-2023-2580.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-2580", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:10.730", + "lastModified": "2023-06-27T14:15:10.730", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The AI Engine WordPress plugin before 1.6.83 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup)." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/7ee1efb1-9969-40b2-8ab2-ea427091bbd8", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-25xx/CVE-2023-2592.json b/CVE-2023/CVE-2023-25xx/CVE-2023-2592.json new file mode 100644 index 00000000000..dcf21273af4 --- /dev/null +++ b/CVE-2023/CVE-2023-25xx/CVE-2023-2592.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-2592", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:10.790", + "lastModified": "2023-06-27T14:15:10.790", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The FormCraft WordPress plugin before 3.9.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/d4298960-eaba-4185-a730-3e621d9680e1", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2601.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2601.json new file mode 100644 index 00000000000..89fcc17f988 --- /dev/null +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2601.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2023-2601", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:10.847", + "lastModified": "2023-06-27T14:15:10.847", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The wpbrutalai WordPress plugin before 2.0.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin via CSRF." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/57769468-3802-4985-bf5e-44ec1d59f5fd", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2605.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2605.json new file mode 100644 index 00000000000..b72997dd662 --- /dev/null +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2605.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-2605", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:10.910", + "lastModified": "2023-06-27T14:15:10.910", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The wpbrutalai WordPress plugin before 2.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against a logged in high privilege users such as admin." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/372cb940-71ba-4d19-b35a-ab15f8c2fdeb", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2623.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2623.json new file mode 100644 index 00000000000..d3999516a3c --- /dev/null +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2623.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-2623", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:10.967", + "lastModified": "2023-06-27T14:15:10.967", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The KiviCare WordPress plugin before 3.2.1 does not restrict the information returned in a response and returns all user data, allowing low privilege users such as subscriber to retrieve sensitive information such as the user email and hashed password of other users" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/85cc39b1-416f-4d23-84c1-fdcbffb0dda0", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2624.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2624.json new file mode 100644 index 00000000000..4a94afff584 --- /dev/null +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2624.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-2624", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:11.030", + "lastModified": "2023-06-27T14:15:11.030", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The KiviCare WordPress plugin before 3.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as administrator" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/dc3a841d-a95b-462e-be4b-acaa44e77264", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2627.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2627.json new file mode 100644 index 00000000000..f359bb7deef --- /dev/null +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2627.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2023-2627", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:11.090", + "lastModified": "2023-06-27T14:15:11.090", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The KiviCare WordPress plugin before 3.2.1 does not have proper CSRF and authorisation checks in various AJAX actions, allowing any authenticated users, such as subscriber to call them. Attacks include but are not limited to: Add arbitrary Clinic Admin/Doctors/etc and update plugin's settings" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + }, + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/162d0029-2adc-4925-9985-1d5d672dbe75", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2628.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2628.json new file mode 100644 index 00000000000..d0ca9b805a2 --- /dev/null +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2628.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-2628", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:11.153", + "lastModified": "2023-06-27T14:15:11.153", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The KiviCare WordPress plugin before 3.2.1 does not have CSRF checks (either flawed or missing completely) in various AJAX actions, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks. This includes, but is not limited to: Delete arbitrary appointments/medical records/etc, create/update various users (patients, doctors etc)" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/e0741e2c-c529-4815-8744-16e01cdb0aed", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2711.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2711.json new file mode 100644 index 00000000000..912f0ef3f46 --- /dev/null +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2711.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-2711", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:11.267", + "lastModified": "2023-06-27T14:15:11.267", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Ultimate Product Catalog WordPress plugin before 5.2.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/71c5b5b5-8694-4738-8e4b-8670a8d21c86", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2743.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2743.json new file mode 100644 index 00000000000..f337e995037 --- /dev/null +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2743.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-2743", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:11.373", + "lastModified": "2023-06-27T14:15:11.373", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The ERP WordPress plugin before 1.12.4 does not sanitise and escape the employee_name parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/517c6aa4-a56d-4f13-b370-7c864dd9c7db", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2744.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2744.json new file mode 100644 index 00000000000..e837472d516 --- /dev/null +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2744.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-2744", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:11.433", + "lastModified": "2023-06-27T14:15:11.433", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The ERP WordPress plugin before 1.12.4 does not properly sanitise and escape the `type` parameter in the `erp/v1/accounting/v1/people` REST API endpoint before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/435da8a1-9955-46d7-a508-b5738259e731", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2795.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2795.json new file mode 100644 index 00000000000..01ec1ecefc0 --- /dev/null +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2795.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-2795", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:11.493", + "lastModified": "2023-06-27T14:15:11.493", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The CodeColorer WordPress plugin before 0.10.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/2d6ecd21-3dd4-423d-80e7-277c45080a9f", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2818.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2818.json new file mode 100644 index 00000000000..a590877f1e2 --- /dev/null +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2818.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-2818", + "sourceIdentifier": "security@proofpoint.com", + "published": "2023-06-27T15:15:10.350", + "lastModified": "2023-06-27T15:15:10.350", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An insecure filesystem permission in the Insider Threat Management Agent for Windows enables local unprivileged users to disrupt agent monitoring. All versions prior to 7.14.3 are affected. Agents for MacOS and Linux and Cloud are unaffected." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@proofpoint.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@proofpoint.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-281" + } + ] + } + ], + "references": [ + { + "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005", + "source": "security@proofpoint.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2842.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2842.json new file mode 100644 index 00000000000..f8e55e4f9f3 --- /dev/null +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2842.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-2842", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:11.567", + "lastModified": "2023-06-27T14:15:11.567", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The WP Inventory Manager WordPress plugin before 2.1.0.14 does not have CSRF checks, which could allow attackers to make logged-in admins delete Inventory Items via a CSRF attack" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/0357ecc7-56f5-4843-a928-bf2d3ce75596", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2877.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2877.json new file mode 100644 index 00000000000..dd75df5a645 --- /dev/null +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2877.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-2877", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:11.633", + "lastModified": "2023-06-27T14:15:11.633", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Formidable Forms WordPress plugin before 6.3.1 does not adequately authorize the user or validate the plugin URL in its functionality for installing add-ons. This allows a user with a role as low as Subscriber to install and activate arbitrary plugins of arbitrary versions from the WordPress.org plugin repository onto the site, leading to Remote Code Execution." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/33765da5-c56e-42c1-83dd-fcaad976b402", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-29xx/CVE-2023-2996.json b/CVE-2023/CVE-2023-29xx/CVE-2023-2996.json new file mode 100644 index 00000000000..6473721166c --- /dev/null +++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2996.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2023-2996", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-06-27T14:15:11.723", + "lastModified": "2023-06-27T14:15:11.723", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Jetpack WordPress plugin before 12.1.1 does not validate uploaded files, allowing users with author roles or above to manipulate existing files on the site, deleting arbitrary files, and in rare cases achieve Remote Code Execution via phar deserialization." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://jetpack.com/blog/jetpack-12-1-1-critical-security-update/", + "source": "contact@wpscan.com" + }, + { + "url": "https://wpscan.com/vulnerability/52d221bd-ae42-435d-a90a-60a5ae530663", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-344xx/CVE-2023-34453.json b/CVE-2023/CVE-2023-344xx/CVE-2023-34453.json index 05d4c65c11f..7d6e6c1d6d9 100644 --- a/CVE-2023/CVE-2023-344xx/CVE-2023-34453.json +++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34453.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34453", "sourceIdentifier": "security-advisories@github.com", "published": "2023-06-15T17:15:09.790", - "lastModified": "2023-06-15T20:46:39.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-27T15:59:58.483", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,22 +66,53 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xerial:snappy-java:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.1.10.1", + "matchCriteriaId": "11C2E65C-E284-478A-8D65-351AF645472B" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/xerial/snappy-java/blob/05c39b2ca9b5b7b39611529cc302d3d796329611/src/main/java/org/xerial/snappy/BitShuffle.java#L107", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://github.com/xerial/snappy-java/blob/master/src/main/java/org/xerial/snappy/BitShuffle.java", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://github.com/xerial/snappy-java/commit/820e2e074c58748b41dbd547f4edba9e108ad905", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/xerial/snappy-java/security/advisories/GHSA-pqr6-cmr2-h8hf", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34613.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34613.json index 9ef5a886a88..1ead9a218e9 100644 --- a/CVE-2023/CVE-2023-346xx/CVE-2023-34613.json +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34613.json @@ -2,19 +2,76 @@ "id": "CVE-2023-34613", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-14T14:15:10.050", - "lastModified": "2023-06-14T15:30:53.640", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-27T14:53:34.677", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered sojo thru 1.1.1 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sojo_project:sojo:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.1.1", + "matchCriteriaId": "5FFA3DAE-DCCF-4E81-A7F5-AD23CDC33A60" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/maddingo/sojo/issues/15", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34614.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34614.json index fac3d27033f..e38eed2c1f0 100644 --- a/CVE-2023/CVE-2023-346xx/CVE-2023-34614.json +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34614.json @@ -2,19 +2,76 @@ "id": "CVE-2023-34614", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-14T14:15:10.100", - "lastModified": "2023-06-14T15:30:53.640", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-27T15:03:32.087", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered jmarsden/jsonij thru 0.5.2 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jsonij_project:jsonij:*:*:*:*:*:*:*:*", + "versionEndIncluding": "0.5.2", + "matchCriteriaId": "BD69A8B5-1D0D-4430-B597-32A8781F7155" + } + ] + } + ] + } + ], "references": [ { "url": "https://bitbucket.org/jmarsden/jsonij/issues/7/stack-overflow-error-caused-by-jsonij", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34615.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34615.json index a043fe74260..62811ef5946 100644 --- a/CVE-2023/CVE-2023-346xx/CVE-2023-34615.json +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34615.json @@ -2,19 +2,77 @@ "id": "CVE-2023-34615", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-14T14:15:10.143", - "lastModified": "2023-06-14T15:30:53.640", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-27T15:34:28.360", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered JSONUtil thru 5.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jsonutil_project:jsonutil:*:*:*:*:*:*:*:*", + "versionEndIncluding": "5.0", + "matchCriteriaId": "4E667EB9-E23A-472F-8CB9-9CD3624CD23E" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/billdavidson/JSONUtil/issues/10", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34616.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34616.json index 24dd2956a2a..65e8aedac86 100644 --- a/CVE-2023/CVE-2023-346xx/CVE-2023-34616.json +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34616.json @@ -2,19 +2,77 @@ "id": "CVE-2023-34616", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-14T14:15:10.190", - "lastModified": "2023-06-14T15:30:53.640", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-27T15:15:16.007", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered pbjson thru 0.4.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pbjson_project:pbjson:*:*:*:*:*:*:*:*", + "versionEndIncluding": "0.4.0", + "matchCriteriaId": "0A61C7FF-6846-4E0D-9F94-A9D1ECF054D2" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/InductiveComputerScience/pbJson/issues/2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34620.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34620.json index d4c34f5f3b8..bda7a4ba236 100644 --- a/CVE-2023/CVE-2023-346xx/CVE-2023-34620.json +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34620.json @@ -2,19 +2,77 @@ "id": "CVE-2023-34620", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-14T14:15:10.277", - "lastModified": "2023-06-14T15:30:53.640", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-27T15:22:58.187", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered hjson thru 3.0.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hjson_project:hjson:*:*:*:*:*:*:*:*", + "versionEndIncluding": "3.0.0", + "matchCriteriaId": "BC37294D-79CC-42A3-8A85-F35E0677ADF5" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/hjson/hjson-java/issues/24", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34623.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34623.json index e9e48cfbdd8..478ae79bbee 100644 --- a/CVE-2023/CVE-2023-346xx/CVE-2023-34623.json +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34623.json @@ -2,19 +2,77 @@ "id": "CVE-2023-34623", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-14T14:15:10.317", - "lastModified": "2023-06-14T15:30:53.640", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-27T15:27:27.380", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jtidy_project:jtidy:*:*:*:*:*:*:*:*", + "versionEndIncluding": "r938", + "matchCriteriaId": "00C679F6-F718-42E9-A94A-5A10E1B26D35" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/trajano/jtidy/issues/4", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3405.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3405.json new file mode 100644 index 00000000000..e530026edb2 --- /dev/null +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3405.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-3405", + "sourceIdentifier": "security@m-files.com", + "published": "2023-06-27T15:15:11.447", + "lastModified": "2023-06-27T15:15:11.447", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Unchecked parameter value in M-Files Server in versions before 23.6.12695.3 (excluding 23.2 SR2 and newer) allows anonymous user to cause denial of service" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@m-files.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@m-files.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-248" + } + ] + } + ], + "references": [ + { + "url": "https://www.m-files.com/about/trust-center/security-advisories/cve-2023-3405", + "source": "security@m-files.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3431.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3431.json new file mode 100644 index 00000000000..c6f3b417759 --- /dev/null +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3431.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-3431", + "sourceIdentifier": "security@huntr.dev", + "published": "2023-06-27T15:15:11.743", + "lastModified": "2023-06-27T15:15:11.743", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Access Control in GitHub repository plantuml/plantuml prior to 1.2023.9." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/plantuml/plantuml/commit/fbe7fa3b25b4c887d83927cffb1009ec6cb8ab1e", + "source": "security@huntr.dev" + }, + { + "url": "https://huntr.dev/bounties/fa741f95-b53c-4ed7-b157-e32c5145164c", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3432.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3432.json new file mode 100644 index 00000000000..20023b2fcee --- /dev/null +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3432.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-3432", + "sourceIdentifier": "security@huntr.dev", + "published": "2023-06-27T15:15:11.980", + "lastModified": "2023-06-27T15:15:11.980", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Server-Side Request Forgery (SSRF) in GitHub repository plantuml/plantuml prior to 1.2023.9." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/plantuml/plantuml/commit/b32500bb61ae617bb312496d6d832e4be8190797", + "source": "security@huntr.dev" + }, + { + "url": "https://huntr.dev/bounties/8ac3316f-431c-468d-87e4-3dafff2ecf51", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35844.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35844.json index 353ed566010..c92c93bfb03 100644 --- a/CVE-2023/CVE-2023-358xx/CVE-2023-35844.json +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35844.json @@ -2,31 +2,97 @@ "id": "CVE-2023-35844", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-19T02:15:08.903", - "lastModified": "2023-06-20T07:12:55.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-27T15:48:14.627", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that an intended file extension (.csv or .png) is used." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lightdash:lightdash:*:*:*:*:*:*:*:*", + "versionEndExcluding": "0.510.3", + "matchCriteriaId": "8D62C6A5-FC94-45F8-86CE-AAFE64A2D1FF" + } + ] + } + ] + } + ], "references": [ { "url": "https://advisory.dw1.io/59", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/lightdash/lightdash/commit/fcc808c84c2cc3afb343063e32a49440d32a553c", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/lightdash/lightdash/compare/0.510.2...0.510.3", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/lightdash/lightdash/pull/5090", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35878.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35878.json index b1899c03cea..0daad646c4b 100644 --- a/CVE-2023/CVE-2023-358xx/CVE-2023-35878.json +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35878.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35878", "sourceIdentifier": "audit@patchstack.com", "published": "2023-06-20T08:15:09.670", - "lastModified": "2023-06-20T13:03:08.293", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-27T15:16:31.900", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -36,7 +56,7 @@ }, "weaknesses": [ { - "source": "audit@patchstack.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,12 +64,43 @@ "value": "CWE-79" } ] + }, + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:extra_user_details_project:extra_user_details:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "0.5", + "matchCriteriaId": "02AD3A68-F0CC-455C-B08E-649968C33642" + } + ] + } + ] } ], "references": [ { "url": "https://patchstack.com/database/vulnerability/extra-user-details/wordpress-extra-user-details-plugin-0-5-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35882.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35882.json index 74742863a3c..de935fee462 100644 --- a/CVE-2023/CVE-2023-358xx/CVE-2023-35882.json +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35882.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35882", "sourceIdentifier": "audit@patchstack.com", "published": "2023-06-20T08:15:09.733", - "lastModified": "2023-06-20T13:03:08.293", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-27T15:16:07.943", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -36,7 +56,7 @@ }, "weaknesses": [ { - "source": "audit@patchstack.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,12 +64,43 @@ "value": "CWE-79" } ] + }, + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:heateor:super_socializer:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "7.13.52", + "matchCriteriaId": "CDD73A97-EBC9-49D2-A4BE-ADE42D2E44DD" + } + ] + } + ] } ], "references": [ { "url": "https://patchstack.com/database/vulnerability/super-socializer/wordpress-super-socializer-plugin-7-13-52-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-359xx/CVE-2023-35998.json b/CVE-2023/CVE-2023-359xx/CVE-2023-35998.json new file mode 100644 index 00000000000..eb3d38e4faa --- /dev/null +++ b/CVE-2023/CVE-2023-359xx/CVE-2023-35998.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-35998", + "sourceIdentifier": "security@proofpoint.com", + "published": "2023-06-27T15:15:10.720", + "lastModified": "2023-06-27T15:15:10.720", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A missing authorization check in multiple SOAP endpoints of the Insider Threat Management Server enables an attacker on an adjacent network to read and write unauthorized objects. Successful exploitation requires an attacker to first obtain a valid agent authentication token. All versions before 7.14.3 are affected." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@proofpoint.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.1, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security@proofpoint.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005", + "source": "security@proofpoint.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-360xx/CVE-2023-36000.json b/CVE-2023/CVE-2023-360xx/CVE-2023-36000.json new file mode 100644 index 00000000000..82c54141d53 --- /dev/null +++ b/CVE-2023/CVE-2023-360xx/CVE-2023-36000.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-36000", + "sourceIdentifier": "security@proofpoint.com", + "published": "2023-06-27T15:15:11.013", + "lastModified": "2023-06-27T15:15:11.013", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A missing authorization check in the MacOS agent configuration endpoint of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to obtain sensitive information. Successful exploitation requires an attacker to first obtain a valid agent authentication token. All versions before 7.14.3 are affected." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@proofpoint.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@proofpoint.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005", + "source": "security@proofpoint.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-360xx/CVE-2023-36002.json b/CVE-2023/CVE-2023-360xx/CVE-2023-36002.json new file mode 100644 index 00000000000..22f5b6b3578 --- /dev/null +++ b/CVE-2023/CVE-2023-360xx/CVE-2023-36002.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-36002", + "sourceIdentifier": "security@proofpoint.com", + "published": "2023-06-27T15:15:11.187", + "lastModified": "2023-06-27T15:15:11.187", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A missing authorization check in multiple URL validation endpoints of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to smuggle content via DNS lookups. All versions before 7.14.3 are affected." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@proofpoint.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@proofpoint.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005", + "source": "security@proofpoint.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index ba9daa2e8e9..aaba2a366b7 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-06-27T14:00:27.456279+00:00 +2023-06-27T16:00:27.568906+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-06-27T13:52:24.327000+00:00 +2023-06-27T15:59:58.483000+00:00 ``` ### Last Data Feed Release @@ -29,46 +29,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -218625 +218659 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `34` -* [CVE-2023-34395](CVE-2023/CVE-2023-343xx/CVE-2023-34395.json) (`2023-06-27T12:15:13.187`) -* [CVE-2023-35798](CVE-2023/CVE-2023-357xx/CVE-2023-35798.json) (`2023-06-27T12:15:13.340`) +* [CVE-2023-2178](CVE-2023/CVE-2023-21xx/CVE-2023-2178.json) (`2023-06-27T14:15:10.540`) +* [CVE-2023-2326](CVE-2023/CVE-2023-23xx/CVE-2023-2326.json) (`2023-06-27T14:15:10.600`) +* [CVE-2023-2482](CVE-2023/CVE-2023-24xx/CVE-2023-2482.json) (`2023-06-27T14:15:10.663`) +* [CVE-2023-2580](CVE-2023/CVE-2023-25xx/CVE-2023-2580.json) (`2023-06-27T14:15:10.730`) +* [CVE-2023-2592](CVE-2023/CVE-2023-25xx/CVE-2023-2592.json) (`2023-06-27T14:15:10.790`) +* [CVE-2023-2601](CVE-2023/CVE-2023-26xx/CVE-2023-2601.json) (`2023-06-27T14:15:10.847`) +* [CVE-2023-2605](CVE-2023/CVE-2023-26xx/CVE-2023-2605.json) (`2023-06-27T14:15:10.910`) +* [CVE-2023-2623](CVE-2023/CVE-2023-26xx/CVE-2023-2623.json) (`2023-06-27T14:15:10.967`) +* [CVE-2023-2624](CVE-2023/CVE-2023-26xx/CVE-2023-2624.json) (`2023-06-27T14:15:11.030`) +* [CVE-2023-2627](CVE-2023/CVE-2023-26xx/CVE-2023-2627.json) (`2023-06-27T14:15:11.090`) +* [CVE-2023-2628](CVE-2023/CVE-2023-26xx/CVE-2023-2628.json) (`2023-06-27T14:15:11.153`) +* [CVE-2023-2711](CVE-2023/CVE-2023-27xx/CVE-2023-2711.json) (`2023-06-27T14:15:11.267`) +* [CVE-2023-2743](CVE-2023/CVE-2023-27xx/CVE-2023-2743.json) (`2023-06-27T14:15:11.373`) +* [CVE-2023-2744](CVE-2023/CVE-2023-27xx/CVE-2023-2744.json) (`2023-06-27T14:15:11.433`) +* [CVE-2023-2795](CVE-2023/CVE-2023-27xx/CVE-2023-2795.json) (`2023-06-27T14:15:11.493`) +* [CVE-2023-2842](CVE-2023/CVE-2023-28xx/CVE-2023-2842.json) (`2023-06-27T14:15:11.567`) +* [CVE-2023-2877](CVE-2023/CVE-2023-28xx/CVE-2023-2877.json) (`2023-06-27T14:15:11.633`) +* [CVE-2023-2996](CVE-2023/CVE-2023-29xx/CVE-2023-2996.json) (`2023-06-27T14:15:11.723`) +* [CVE-2023-2818](CVE-2023/CVE-2023-28xx/CVE-2023-2818.json) (`2023-06-27T15:15:10.350`) +* [CVE-2023-35998](CVE-2023/CVE-2023-359xx/CVE-2023-35998.json) (`2023-06-27T15:15:10.720`) +* [CVE-2023-36000](CVE-2023/CVE-2023-360xx/CVE-2023-36000.json) (`2023-06-27T15:15:11.013`) +* [CVE-2023-36002](CVE-2023/CVE-2023-360xx/CVE-2023-36002.json) (`2023-06-27T15:15:11.187`) +* [CVE-2023-3405](CVE-2023/CVE-2023-34xx/CVE-2023-3405.json) (`2023-06-27T15:15:11.447`) +* [CVE-2023-3431](CVE-2023/CVE-2023-34xx/CVE-2023-3431.json) (`2023-06-27T15:15:11.743`) +* [CVE-2023-3432](CVE-2023/CVE-2023-34xx/CVE-2023-3432.json) (`2023-06-27T15:15:11.980`) ### CVEs modified in the last Commit -Recently modified CVEs: `42` +Recently modified CVEs: `78` -* [CVE-2023-33584](CVE-2023/CVE-2023-335xx/CVE-2023-33584.json) (`2023-06-27T12:41:36.247`) -* [CVE-2023-3339](CVE-2023/CVE-2023-33xx/CVE-2023-3339.json) (`2023-06-27T12:42:05.453`) -* [CVE-2023-36273](CVE-2023/CVE-2023-362xx/CVE-2023-36273.json) (`2023-06-27T12:42:21.960`) -* [CVE-2023-35884](CVE-2023/CVE-2023-358xx/CVE-2023-35884.json) (`2023-06-27T12:44:17.220`) -* [CVE-2023-3312](CVE-2023/CVE-2023-33xx/CVE-2023-3312.json) (`2023-06-27T12:44:33.867`) -* [CVE-2023-3220](CVE-2023/CVE-2023-32xx/CVE-2023-3220.json) (`2023-06-27T12:44:47.967`) -* [CVE-2023-32372](CVE-2023/CVE-2023-323xx/CVE-2023-32372.json) (`2023-06-27T12:45:16.263`) -* [CVE-2023-32373](CVE-2023/CVE-2023-323xx/CVE-2023-32373.json) (`2023-06-27T12:47:29.253`) -* [CVE-2023-28191](CVE-2023/CVE-2023-281xx/CVE-2023-28191.json) (`2023-06-27T12:47:58.410`) -* [CVE-2023-3316](CVE-2023/CVE-2023-33xx/CVE-2023-3316.json) (`2023-06-27T12:49:10.240`) -* [CVE-2023-27992](CVE-2023/CVE-2023-279xx/CVE-2023-27992.json) (`2023-06-27T12:49:34.573`) -* [CVE-2023-35862](CVE-2023/CVE-2023-358xx/CVE-2023-35862.json) (`2023-06-27T12:50:18.327`) -* [CVE-2023-34642](CVE-2023/CVE-2023-346xx/CVE-2023-34642.json) (`2023-06-27T12:50:28.597`) -* [CVE-2023-34641](CVE-2023/CVE-2023-346xx/CVE-2023-34641.json) (`2023-06-27T12:50:42.143`) -* [CVE-2023-32387](CVE-2023/CVE-2023-323xx/CVE-2023-32387.json) (`2023-06-27T12:52:14.023`) -* [CVE-2023-2779](CVE-2023/CVE-2023-27xx/CVE-2023-2779.json) (`2023-06-27T12:56:39.960`) -* [CVE-2023-3206](CVE-2023/CVE-2023-32xx/CVE-2023-3206.json) (`2023-06-27T13:07:57.660`) -* [CVE-2023-3208](CVE-2023/CVE-2023-32xx/CVE-2023-3208.json) (`2023-06-27T13:09:52.753`) -* [CVE-2023-32220](CVE-2023/CVE-2023-322xx/CVE-2023-32220.json) (`2023-06-27T13:10:22.060`) -* [CVE-2023-2805](CVE-2023/CVE-2023-28xx/CVE-2023-2805.json) (`2023-06-27T13:12:41.560`) -* [CVE-2023-2811](CVE-2023/CVE-2023-28xx/CVE-2023-2811.json) (`2023-06-27T13:14:25.397`) -* [CVE-2023-2431](CVE-2023/CVE-2023-24xx/CVE-2023-2431.json) (`2023-06-27T13:15:09.597`) -* [CVE-2023-2480](CVE-2023/CVE-2023-24xx/CVE-2023-2480.json) (`2023-06-27T13:15:09.690`) -* [CVE-2023-2812](CVE-2023/CVE-2023-28xx/CVE-2023-2812.json) (`2023-06-27T13:23:06.547`) -* [CVE-2023-2899](CVE-2023/CVE-2023-28xx/CVE-2023-2899.json) (`2023-06-27T13:39:17.767`) +* [CVE-2022-1323](CVE-2022/CVE-2022-13xx/CVE-2022-1323.json) (`2023-06-27T15:50:04.507`) +* [CVE-2022-0902](CVE-2022/CVE-2022-09xx/CVE-2022-0902.json) (`2023-06-27T15:50:28.677`) +* [CVE-2022-1925](CVE-2022/CVE-2022-19xx/CVE-2022-1925.json) (`2023-06-27T15:50:42.127`) +* [CVE-2022-1924](CVE-2022/CVE-2022-19xx/CVE-2022-1924.json) (`2023-06-27T15:51:15.940`) +* [CVE-2022-1923](CVE-2022/CVE-2022-19xx/CVE-2022-1923.json) (`2023-06-27T15:51:28.127`) +* [CVE-2022-1922](CVE-2022/CVE-2022-19xx/CVE-2022-1922.json) (`2023-06-27T15:54:21.557`) +* [CVE-2022-1025](CVE-2022/CVE-2022-10xx/CVE-2022-1025.json) (`2023-06-27T15:54:30.907`) +* [CVE-2022-4103](CVE-2022/CVE-2022-41xx/CVE-2022-4103.json) (`2023-06-27T15:54:40.787`) +* [CVE-2022-41167](CVE-2022/CVE-2022-411xx/CVE-2022-41167.json) (`2023-06-27T15:55:04.977`) +* [CVE-2022-1794](CVE-2022/CVE-2022-17xx/CVE-2022-1794.json) (`2023-06-27T15:56:43.407`) +* [CVE-2022-1245](CVE-2022/CVE-2022-12xx/CVE-2022-1245.json) (`2023-06-27T15:57:06.270`) +* [CVE-2022-1574](CVE-2022/CVE-2022-15xx/CVE-2022-1574.json) (`2023-06-27T15:57:30.970`) +* [CVE-2022-1572](CVE-2022/CVE-2022-15xx/CVE-2022-1572.json) (`2023-06-27T15:57:42.557`) +* [CVE-2022-1720](CVE-2022/CVE-2022-17xx/CVE-2022-1720.json) (`2023-06-27T15:57:54.307`) +* [CVE-2022-2023](CVE-2022/CVE-2022-20xx/CVE-2022-2023.json) (`2023-06-27T15:58:07.787`) +* [CVE-2023-34613](CVE-2023/CVE-2023-346xx/CVE-2023-34613.json) (`2023-06-27T14:53:34.677`) +* [CVE-2023-34614](CVE-2023/CVE-2023-346xx/CVE-2023-34614.json) (`2023-06-27T15:03:32.087`) +* [CVE-2023-34616](CVE-2023/CVE-2023-346xx/CVE-2023-34616.json) (`2023-06-27T15:15:16.007`) +* [CVE-2023-35882](CVE-2023/CVE-2023-358xx/CVE-2023-35882.json) (`2023-06-27T15:16:07.943`) +* [CVE-2023-35878](CVE-2023/CVE-2023-358xx/CVE-2023-35878.json) (`2023-06-27T15:16:31.900`) +* [CVE-2023-34620](CVE-2023/CVE-2023-346xx/CVE-2023-34620.json) (`2023-06-27T15:22:58.187`) +* [CVE-2023-34623](CVE-2023/CVE-2023-346xx/CVE-2023-34623.json) (`2023-06-27T15:27:27.380`) +* [CVE-2023-34615](CVE-2023/CVE-2023-346xx/CVE-2023-34615.json) (`2023-06-27T15:34:28.360`) +* [CVE-2023-35844](CVE-2023/CVE-2023-358xx/CVE-2023-35844.json) (`2023-06-27T15:48:14.627`) +* [CVE-2023-34453](CVE-2023/CVE-2023-344xx/CVE-2023-34453.json) (`2023-06-27T15:59:58.483`) ## Download and Usage