admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-08-23T20:00:30.310908+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-08-23 20:00:33 +00:00
parent ae4ec670af
commit a2e2831c44
29 changed files with 1663 additions and 134 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
CVE-2020/CVE-2020-201xx/CVE-2020-20145.json
View File

@ -2,19 +2,14 @@
"id": "CVE-2020-20145", "id": "CVE-2020-20145",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:07.323", "published": "2023-08-22T19:16:07.323",
"lastModified": "2023-08-22T20:10:36.537", "lastModified": "2023-08-23T18:15:08.347",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Rejected",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "An issue was discovered in /src/helper.c in Dnsmasq up to and including 2.80 allows attackers to cause a denial of service via function create_helper." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-14834. Reason: This candidate is a reservation duplicate of CVE-2019-14834. Notes: All CVE users should reference CVE-2019-14834 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
], ],
"metrics": {}, "metrics": {},
"references": [ "references": []
{
"url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=69bc94779c2f035a9fffdb5327a54c3aeca73ed5",
"source": "cve@mitre.org"
}
]
} }

43
CVE-2023/CVE-2023-201xx/CVE-2023-20115.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-20115",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-08-23T19:15:07.587",
"lastModified": "2023-08-23T19:15:07.587",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SFTP server implementation for Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode could allow an authenticated, remote attacker to download or overwrite files from the underlying operating system of an affected device. \r\n\r This vulnerability is due to a logic error when verifying the user role when an SFTP connection is opened to an affected device. An attacker could exploit this vulnerability by connecting and authenticating via SFTP as a valid, non-administrator user. A successful exploit could allow the attacker to read or overwrite files from the underlying operating system with the privileges of the authenticated user.\r\n\r There are workarounds that address this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-sftp-xVAp5Hfd",
"source": "ykramarz@cisco.com"
}
]
}

43
CVE-2023/CVE-2023-201xx/CVE-2023-20168.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-20168",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-08-23T19:15:07.777",
"lastModified": "2023-08-23T19:15:07.777",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local attacker to cause an affected device to unexpectedly reload. This vulnerability is due to incorrect input validation when processing an authentication attempt if the directed request option is enabled for TACACS+ or RADIUS. An attacker could exploit this vulnerability by entering a crafted string at the login prompt of an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 4.0
}
]
},
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-remoteauth-dos-XB6pv74m",
"source": "ykramarz@cisco.com"
}
]
}

43
CVE-2023/CVE-2023-201xx/CVE-2023-20169.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-20169",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-08-23T19:15:07.893",
"lastModified": "2023-08-23T19:15:07.893",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco NX-OS Software for the Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to unexpectedly restart, which could cause an affected device to reload.\r\n\r This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition due to the unexpected restart of the IS-IS process, which could cause the affected device to reload. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2 adjacent to the affected device."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0
}
]
},
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-n3_9k-isis-dos-FTCXB4Vb",
"source": "ykramarz@cisco.com"
}
]
}

43
CVE-2023/CVE-2023-202xx/CVE-2023-20200.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-20200",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-08-23T19:15:08.020",
"lastModified": "2023-08-23T19:15:08.020",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Simple Network Management Protocol (SNMP) service of Cisco FXOS Software for Firepower 4100 Series and Firepower 9300 Security Appliances and of Cisco UCS 6300 Series Fabric Interconnects could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to the improper handling of specific SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.\r\n\r Note: This vulnerability affects all supported SNMP versions. To exploit this vulnerability through SNMPv2c or earlier, an attacker must know the SNMP community string that is configured on an affected device. To exploit this vulnerability through SNMPv3, the attacker must have valid credentials for an SNMP user who is configured on the affected device."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0
}
]
},
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fp-ucsfi-snmp-dos-qtv69NAO",
"source": "ykramarz@cisco.com"
}
]
}

43
CVE-2023/CVE-2023-202xx/CVE-2023-20230.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-20230",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-08-23T19:15:08.133",
"lastModified": "2023-08-23T19:15:08.133",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to read, modify, or delete non-tenant policies (for example, access policies) created by users associated with a different security domain on an affected system.\r\n\r This vulnerability is due to improper access control when restricted security domains are used to implement multi-tenancy for policies outside the tenant boundaries. An attacker with a valid user account associated with a restricted security domain could exploit this vulnerability. A successful exploit could allow the attacker to read, modify, or delete policies created by users associated with a different security domain. Exploitation is not possible for policies under tenants that an attacker has no authorization to access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-uapa-F4TAShk",
"source": "ykramarz@cisco.com"
}
]
}

43
CVE-2023/CVE-2023-202xx/CVE-2023-20234.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-20234",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-08-23T19:15:08.277",
"lastModified": "2023-08-23T19:15:08.277",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files.\r\n\r The vulnerability occurs because there is no validation of parameters when a specific CLI command is used. An attacker could exploit this vulnerability by authenticating to an affected device and using the command at the CLI. A successful exploit could allow the attacker to overwrite any file on the disk of the affected device, including system files. The attacker must have valid administrative credentials on the affected device to exploit this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-arbitrary-file-BLk6YupL",
"source": "ykramarz@cisco.com"
}
]
}

52
CVE-2023/CVE-2023-208xx/CVE-2023-20862.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20862", "id": "CVE-2023-20862",
"sourceIdentifier": "security@vmware.com", "sourceIdentifier": "security@vmware.com",
"published": "2023-04-19T20:15:10.910", "published": "2023-04-19T20:15:10.910",
"lastModified": "2023-05-26T20:15:32.853", "lastModified": "2023-08-23T18:34:50.803",
"vulnStatus": "Modified", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -17,20 +17,20 @@
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK", "attackVector": "NETWORK",
"attackComplexity": "LOW", "attackComplexity": "LOW",
"privilegesRequired": "NONE", "privilegesRequired": "LOW",
"userInteraction": "NONE", "userInteraction": "NONE",
"scope": "UNCHANGED", "scope": "UNCHANGED",
"confidentialityImpact": "HIGH", "confidentialityImpact": "LOW",
"integrityImpact": "HIGH", "integrityImpact": "LOW",
"availabilityImpact": "HIGH", "availabilityImpact": "LOW",
"baseScore": 9.8, "baseScore": 6.3,
"baseSeverity": "CRITICAL" "baseSeverity": "MEDIUM"
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 2.8,
"impactScore": 5.9 "impactScore": 3.4
} }
] ]
}, },
@ -77,12 +77,40 @@
] ]
} }
] ]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*",
"matchCriteriaId": "F3E0B672-3E06-4422-B2A4-0BD073AEC2A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://security.netapp.com/advisory/ntap-20230526-0002/", "url": "https://security.netapp.com/advisory/ntap-20230526-0002/",
"source": "security@vmware.com" "source": "security@vmware.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://spring.io/security/cve-2023-20862", "url": "https://spring.io/security/cve-2023-20862",

47
CVE-2023/CVE-2023-312xx/CVE-2023-31218.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31218", "id": "CVE-2023-31218",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-18T14:15:22.330", "published": "2023-08-18T14:15:22.330",
"lastModified": "2023-08-18T15:06:49.560", "lastModified": "2023-08-23T19:01:00.390",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{ {
"source": "audit@patchstack.com", "source": "audit@patchstack.com",
"type": "Secondary", "type": "Secondary",
@ -50,10 +70,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pluginus:wolf_-_wordpress_posts_bulk_editor_and_products_manager_professional:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.7",
"matchCriteriaId": "0CC40819-5552-4E0B-9F26-B49C42E94395"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/bulk-editor/wordpress-wolf-wordpress-posts-bulk-editor-and-manager-professional-plugin-1-0-6-cross-site-scripting-xss-via-csrf-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/bulk-editor/wordpress-wolf-wordpress-posts-bulk-editor-and-manager-professional-plugin-1-0-6-cross-site-scripting-xss-via-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

47
CVE-2023/CVE-2023-312xx/CVE-2023-31232.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31232", "id": "CVE-2023-31232",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-18T14:15:22.467", "published": "2023-08-18T14:15:22.467",
"lastModified": "2023-08-18T15:06:49.560", "lastModified": "2023-08-23T18:43:09.977",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{ {
"source": "audit@patchstack.com", "source": "audit@patchstack.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +66,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:artiss:plugins_list:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.5.1",
"matchCriteriaId": "3893BB85-EDA2-4498-9F7C-979D4149F3BC"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/plugins-list/wordpress-plugins-list-plugin-2-5-cross-site-scripting-xss-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/plugins-list/wordpress-plugins-list-plugin-2-5-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

245
CVE-2023/CVE-2023-314xx/CVE-2023-31492.json
View File

@ -2,23 +2,258 @@
"id": "CVE-2023-31492", "id": "CVE-2023-31492",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-17T23:15:09.167", "published": "2023-08-17T23:15:09.167",
"lastModified": "2023-08-22T22:15:08.390", "lastModified": "2023-08-23T18:09:23.857",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default passwords for the account restoration of unauthorized domains to the authenticated users." "value": "Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default passwords for the account restoration of unauthorized domains to the authenticated users."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1",
"matchCriteriaId": "B9D72627-17F9-427E-907B-56EA0A498131"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:-:*:*:*:*:*:*",
"matchCriteriaId": "DB6D57E0-63FB-4ED2-8F7A-D882EB4925BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7100:*:*:*:*:*:*",
"matchCriteriaId": "736740CB-A328-4163-BAC4-6C881A24C8B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7101:*:*:*:*:*:*",
"matchCriteriaId": "9B806083-7309-4215-AF81-DCC4D90B7876"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7102:*:*:*:*:*:*",
"matchCriteriaId": "A741CDA8-D1A8-4F83-AE54-7D3D3C433825"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7110:*:*:*:*:*:*",
"matchCriteriaId": "09563D6F-690B-4C7A-BA25-52D009724A74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7111:*:*:*:*:*:*",
"matchCriteriaId": "30FAC23B-831E-4904-AB3B-85A3C068CEB8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7112:*:*:*:*:*:*",
"matchCriteriaId": "9347D3CF-B5D1-4ACE-83E1-73748EF15120"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7113:*:*:*:*:*:*",
"matchCriteriaId": "322E0562-4586-4DF4-A935-C2447883495B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7114:*:*:*:*:*:*",
"matchCriteriaId": "EB9151D6-BD21-4268-9371-FF702C1AD84B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7115:*:*:*:*:*:*",
"matchCriteriaId": "B371E93E-7C85-42DD-AA7F-9B43D8D02963"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7116:*:*:*:*:*:*",
"matchCriteriaId": "094EEFA4-BD16-4F79-8133-62F9E2C8C675"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7117:*:*:*:*:*:*",
"matchCriteriaId": "DC5A6297-98E3-45C8-95FB-7F4E65D133BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7118:*:*:*:*:*:*",
"matchCriteriaId": "93C96678-34B7-4FCE-9DBD-1A7B3E0943BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7120:*:*:*:*:*:*",
"matchCriteriaId": "9E9B9E88-919F-4CF7-99DC-72E50BDF65A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7121:*:*:*:*:*:*",
"matchCriteriaId": "7848B31C-AB51-486B-8655-7D7A060BAFFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7122:*:*:*:*:*:*",
"matchCriteriaId": "1CFB5C4A-B717-4CC2-AE03-336C63D17B96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7123:*:*:*:*:*:*",
"matchCriteriaId": "456D49D7-F04D-4003-B429-8D5504959D04"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7124:*:*:*:*:*:*",
"matchCriteriaId": "BB788440-904B-430E-BF5B-12ADA816477E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7125:*:*:*:*:*:*",
"matchCriteriaId": "876CC4D6-9546-4D39-965A-EF5A4AF4AD93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7126:*:*:*:*:*:*",
"matchCriteriaId": "85432FE8-946F-448D-A92A-FF549EDC52F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7130:*:*:*:*:*:*",
"matchCriteriaId": "813E1389-A949-427C-92C6-3974702FEA5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7131:*:*:*:*:*:*",
"matchCriteriaId": "34A48841-EA09-4917-A6FF-DF645B581426"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7140:*:*:*:*:*:*",
"matchCriteriaId": "1C042646-9D36-4712-9E5D-40E55FCF7C24"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7141:*:*:*:*:*:*",
"matchCriteriaId": "9E6CD67A-7F5A-4F29-B563-7E4D72A1149F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7150:*:*:*:*:*:*",
"matchCriteriaId": "77A0C792-A8B7-48F8-9AD7-96B0CBAD4EBF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7151:*:*:*:*:*:*",
"matchCriteriaId": "7E53B3CB-4351-4E24-B80C-D62CC483D4D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7160:*:*:*:*:*:*",
"matchCriteriaId": "0068E901-62D2-4C4D-96F8-7823B0DF7DA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7161:*:*:*:*:*:*",
"matchCriteriaId": "CF70BA56-3478-4DA5-B013-4D9B820D2219"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7162:*:*:*:*:*:*",
"matchCriteriaId": "28E1833F-24C8-44EC-9B66-4D832AB1C9AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7163:*:*:*:*:*:*",
"matchCriteriaId": "7DCA2AF7-8732-4095-BB6F-6F40EADD7449"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7170:*:*:*:*:*:*",
"matchCriteriaId": "54247785-E55A-407D-A667-1734E7C84DF8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7171:*:*:*:*:*:*",
"matchCriteriaId": "5C8887B2-D378-4A7D-B678-9B2C68953E76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7180:*:*:*:*:*:*",
"matchCriteriaId": "ADD4EAD7-275A-4467-9217-102051BE49C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7181:*:*:*:*:*:*",
"matchCriteriaId": "8181AF41-779F-4289-BECE-03C2731FDA21"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7182:*:*:*:*:*:*",
"matchCriteriaId": "2BFB486E-9256-4B56-98BF-24B5A56415A2"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/passtheticket/vulnerability-research/blob/main/manage-engine-apps/admanager-recovery-password-disclosure.md", "url": "https://github.com/passtheticket/vulnerability-research/blob/main/manage-engine-apps/admanager-recovery-password-disclosure.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2023-31492.html", "url": "https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2023-31492.html",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

47
CVE-2023/CVE-2023-321xx/CVE-2023-32103.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32103", "id": "CVE-2023-32103",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-18T14:15:22.550", "published": "2023-08-18T14:15:22.550",
"lastModified": "2023-08-18T15:06:49.560", "lastModified": "2023-08-23T18:12:05.373",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{ {
"source": "audit@patchstack.com", "source": "audit@patchstack.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +66,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:themepalace:tp_education:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.5",
"matchCriteriaId": "074BFA04-8E10-4024-8514-45B72D991F24"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/tp-education/wordpress-tp-education-plugin-4-4-cross-site-scripting-xss-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/tp-education/wordpress-tp-education-plugin-4-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

47
CVE-2023/CVE-2023-321xx/CVE-2023-32105.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32105", "id": "CVE-2023-32105",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-18T14:15:22.633", "published": "2023-08-18T14:15:22.633",
"lastModified": "2023-08-18T15:06:49.560", "lastModified": "2023-08-23T18:22:31.213",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{ {
"source": "audit@patchstack.com", "source": "audit@patchstack.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +66,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp-pizza:wppizza:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.17.2",
"matchCriteriaId": "10439C2F-6A56-4425-B4B0-05DE8D801517"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/wppizza/wordpress-wppizza-a-restaurant-plugin-plugin-3-17-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/wppizza/wordpress-wppizza-a-restaurant-plugin-plugin-3-17-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

47
CVE-2023/CVE-2023-321xx/CVE-2023-32106.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32106", "id": "CVE-2023-32106",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-18T14:15:22.890", "published": "2023-08-18T14:15:22.890",
"lastModified": "2023-08-18T15:06:49.560", "lastModified": "2023-08-23T19:34:10.143",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{ {
"source": "audit@patchstack.com", "source": "audit@patchstack.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +66,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fahad_mahmood:wp_docs:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.0.0",
"matchCriteriaId": "74946BB8-522C-4777-81B7-E1F1FFC8AB4F"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/wp-docs/wordpress-wp-docs-plugin-1-9-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/wp-docs/wordpress-wp-docs-plugin-1-9-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

126
CVE-2023/CVE-2023-387xx/CVE-2023-38741.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38741", "id": "CVE-2023-38741",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-08-14T18:15:11.133", "published": "2023-08-14T18:15:11.133",
"lastModified": "2023-08-14T18:59:33.233", "lastModified": "2023-08-23T19:15:21.507",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "psirt@us.ibm.com", "source": "psirt@us.ibm.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{ {
"source": "psirt@us.ibm.com", "source": "psirt@us.ibm.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +76,102 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:txseries_for_multiplatform:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3D5EA02F-AA81-4101-9CE2-46ED4DE76B25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:txseries_for_multiplatform:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "569BF866-989C-4BF4-B80E-962F8979FD8B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:txseries_for_multiplatform:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BB032B5B-3B05-4809-8BF2-E08255E19475"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F480AA32-841A-4E68-9343-B2E7548B0A0C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/262905", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/262905",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.ibm.com/support/pages/node/7025476", "url": "https://www.ibm.com/support/pages/node/7025476",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

6
CVE-2023/CVE-2023-388xx/CVE-2023-38831.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-38831", "id": "CVE-2023-38831",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-23T17:15:43.863", "published": "2023-08-23T17:15:43.863",
"lastModified": "2023-08-23T17:15:43.863", "lastModified": "2023-08-23T18:15:08.537",
"vulnStatus": "Received", "vulnStatus": "Received",
"descriptions": [ "descriptions": [
{ {
@ -12,6 +12,10 @@
], ],
"metrics": {}, "metrics": {},
"references": [ "references": [
{
"url": "https://news.ycombinator.com/item?id=37236100",
"source": "cve@mitre.org"
},
{ {
"url": "https://www.bleepingcomputer.com/news/security/winrar-zero-day-exploited-since-april-to-hack-trading-accounts/", "url": "https://www.bleepingcomputer.com/news/security/winrar-zero-day-exploited-since-april-to-hack-trading-accounts/",
"source": "cve@mitre.org" "source": "cve@mitre.org"

85
CVE-2023/CVE-2023-396xx/CVE-2023-39665.json
View File

@ -2,27 +2,100 @@
"id": "CVE-2023-39665", "id": "CVE-2023-39665",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-18T03:15:21.787", "published": "2023-08-18T03:15:21.787",
"lastModified": "2023-08-18T12:43:51.207", "lastModified": "2023-08-23T18:45:46.490",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the acStack_50 parameter." "value": "** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the acStack_50 parameter."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-868l_firmware:1.12_eu_multi_20170316:*:*:*:*:*:*:*",
"matchCriteriaId": "0A83B951-9E4E-4CF8-BFDB-14C167F02F09"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-868l:a:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA57BC8-C8EE-49E3-A592-C68CC2AAA8E4"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/Davidteeri/Bug-Report/blob/main/D-Link/DIR-868L-bufferoverflow.md", "url": "https://github.com/Davidteeri/Bug-Report/blob/main/D-Link/DIR-868L-bufferoverflow.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}, },
{ {
"url": "https://support.dlink.com/", "url": "https://support.dlink.com/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.dlink.com/en/security-bulletin/", "url": "https://www.dlink.com/en/security-bulletin/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

85
CVE-2023/CVE-2023-396xx/CVE-2023-39667.json
View File

@ -2,27 +2,100 @@
"id": "CVE-2023-39667", "id": "CVE-2023-39667",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-18T03:15:22.020", "published": "2023-08-18T03:15:22.020",
"lastModified": "2023-08-18T12:43:51.207", "lastModified": "2023-08-23T19:06:14.460",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the param_2 parameter in the FUN_0000acb4 function." "value": "** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the param_2 parameter in the FUN_0000acb4 function."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-868l_firmware:1.12_eu_multi_20170316:*:*:*:*:*:*:*",
"matchCriteriaId": "0A83B951-9E4E-4CF8-BFDB-14C167F02F09"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-868l:a:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA57BC8-C8EE-49E3-A592-C68CC2AAA8E4"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/Davidteeri/Bug-Report/blob/main/D-Link/DIR-868L%20httpd-Improper%20Input%20Validation.md", "url": "https://github.com/Davidteeri/Bug-Report/blob/main/D-Link/DIR-868L%20httpd-Improper%20Input%20Validation.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}, },
{ {
"url": "https://support.dlink.com/", "url": "https://support.dlink.com/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.dlink.com/en/security-bulletin/", "url": "https://www.dlink.com/en/security-bulletin/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

85
CVE-2023/CVE-2023-396xx/CVE-2023-39668.json
View File

@ -2,27 +2,100 @@
"id": "CVE-2023-39668", "id": "CVE-2023-39668",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-18T03:15:22.103", "published": "2023-08-18T03:15:22.103",
"lastModified": "2023-08-18T12:43:51.207", "lastModified": "2023-08-23T19:10:07.457",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the param_2 parameter in the inet_ntoa() function." "value": "** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the param_2 parameter in the inet_ntoa() function."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-868l_firmware:1.12_eu_multi_20170316:*:*:*:*:*:*:*",
"matchCriteriaId": "0A83B951-9E4E-4CF8-BFDB-14C167F02F09"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-868l:a:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA57BC8-C8EE-49E3-A592-C68CC2AAA8E4"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/Davidteeri/Bug-Report/blob/main/D-Link/DIR-868L%20Buffer%20overflow%202.md", "url": "https://github.com/Davidteeri/Bug-Report/blob/main/D-Link/DIR-868L%20Buffer%20overflow%202.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}, },
{ {
"url": "https://support.dlink.com/", "url": "https://support.dlink.com/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.dlink.com/en/security-bulletin/", "url": "https://www.dlink.com/en/security-bulletin/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

80
CVE-2023/CVE-2023-396xx/CVE-2023-39670.json
View File

@ -2,23 +2,93 @@
"id": "CVE-2023-39670", "id": "CVE-2023-39670",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-18T03:15:22.413", "published": "2023-08-18T03:15:22.413",
"lastModified": "2023-08-18T12:43:51.207", "lastModified": "2023-08-23T19:13:26.790",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Tenda AC6 _US_AC6V1.0BR_V15.03.05.16 was discovered to contain a buffer overflow via the function fgets." "value": "Tenda AC6 _US_AC6V1.0BR_V15.03.05.16 was discovered to contain a buffer overflow via the function fgets."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac6_firmware:15.03.05.16:*:*:*:*:*:*:*",
"matchCriteriaId": "6F60AFD7-74AF-4CA2-8232-2858D5AD023A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac6:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B622BF6D-85E6-475A-B7FB-11BA1A641191"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/Davidteeri/Bug-Report/blob/main/Tenda/AC6%20buffer%20overflow.md", "url": "https://github.com/Davidteeri/Bug-Report/blob/main/Tenda/AC6%20buffer%20overflow.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}, },
{ {
"url": "https://www.tendacn.com/download/list-3.html", "url": "https://www.tendacn.com/download/list-3.html",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

80
CVE-2023/CVE-2023-396xx/CVE-2023-39673.json
View File

@ -2,23 +2,93 @@
"id": "CVE-2023-39673", "id": "CVE-2023-39673",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-18T03:15:24.247", "published": "2023-08-18T03:15:24.247",
"lastModified": "2023-08-18T12:43:51.207", "lastModified": "2023-08-23T19:27:09.853",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Tenda AC15 V1.0BR_V15.03.05.18_multi_TD01 was discovered to contain a buffer overflow via the function FUN_00010e34()." "value": "Tenda AC15 V1.0BR_V15.03.05.18_multi_TD01 was discovered to contain a buffer overflow via the function FUN_00010e34()."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac15_firmware:15.03.05.18:*:*:*:*:*:*:*",
"matchCriteriaId": "56881C41-A993-45CC-BAE6-E9DE17FA56E2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac15:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D5059CAD-BD1A-4808-BCED-006444E60701"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/Davidteeri/Bug-Report/blob/main/Tenda/AC15%20Impoper%20Input%20Validation.md", "url": "https://github.com/Davidteeri/Bug-Report/blob/main/Tenda/AC15%20Impoper%20Input%20Validation.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}, },
{ {
"url": "https://www.tendacn.com/download/list-3.html", "url": "https://www.tendacn.com/download/list-3.html",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

52
CVE-2023/CVE-2023-401xx/CVE-2023-40172.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40172", "id": "CVE-2023-40172",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-18T22:15:11.017", "published": "2023-08-18T22:15:11.017",
"lastModified": "2023-08-20T00:48:59.350", "lastModified": "2023-08-23T19:55:36.697",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +66,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fobybus:social-media-skeleton:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.5",
"matchCriteriaId": "C6B65799-63F2-4F3B-B6F8-BF9DD02EAB93"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/fobybus/social-media-skeleton/commit/344d798e82d6cc39844962c6d3cb2560f5907848", "url": "https://github.com/fobybus/social-media-skeleton/commit/344d798e82d6cc39844962c6d3cb2560f5907848",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-873h-pqjx-3pwg", "url": "https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-873h-pqjx-3pwg",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Product"
]
} }
] ]
} }

57
CVE-2023/CVE-2023-401xx/CVE-2023-40173.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40173", "id": "CVE-2023-40173",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-18T22:15:11.127", "published": "2023-08-18T22:15:11.127",
"lastModified": "2023-08-20T00:48:59.350", "lastModified": "2023-08-23T19:59:22.640",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -46,18 +66,45 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fobybus:social-media-skeleton:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.5",
"matchCriteriaId": "C6B65799-63F2-4F3B-B6F8-BF9DD02EAB93"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/fobybus/social-media-skeleton/commit/344d798e82d6cc39844962c6d3cb2560f5907848", "url": "https://github.com/fobybus/social-media-skeleton/commit/344d798e82d6cc39844962c6d3cb2560f5907848",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/fobybus/social-media-skeleton/commit/df31da44ffed3ea065cbbadc3c8052d0d489a2ef", "url": "https://github.com/fobybus/social-media-skeleton/commit/df31da44ffed3ea065cbbadc3c8052d0d489a2ef",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-rfmv-7m7g-v628", "url": "https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-rfmv-7m7g-v628",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

15
CVE-2023/CVE-2023-402xx/CVE-2023-40270.json Normal file
View File

@ -0,0 +1,15 @@
{
"id": "CVE-2023-40270",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-23T18:15:08.607",
"lastModified": "2023-08-23T18:15:08.607",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-38831. Reason: This candidate is a reservation duplicate of CVE-2023-38831. Notes: All CVE users should reference CVE-2023-38831 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
],
"metrics": {},
"references": []
}

59
CVE-2023/CVE-2023-406xx/CVE-2023-40612.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-40612",
"sourceIdentifier": "security@opennms.com",
"published": "2023-08-23T19:15:08.443",
"lastModified": "2023-08-23T19:15:08.443",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2, the file editor which is accessible to any user with ROLE_FILESYSTEM_EDITOR privileges is vulnerable to XXE injection attacks. The solution is to upgrade to Meridian 2023.1.5 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Erik Wynter for reporting this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@opennms.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.5,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "security@opennms.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-91"
}
]
}
],
"references": [
{
"url": "https://docs.opennms.com/meridian/2023/releasenotes/changelog.html#releasenotes-changelog-Meridian-2023.1.5",
"source": "security@opennms.com"
},
{
"url": "https://github.com/OpenNMS/opennms/pull/6288",
"source": "security@opennms.com"
}
]
}

62
CVE-2023/CVE-2023-44xx/CVE-2023-4407.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4407", "id": "CVE-2023-4407",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2023-08-18T13:15:09.830", "published": "2023-08-18T13:15:09.830",
"lastModified": "2023-08-21T19:15:08.937", "lastModified": "2023-08-23T19:51:48.947",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -11,6 +11,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
@ -71,18 +93,48 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:credit_lite_project:credit_lite:1.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C8B63850-C4BD-4E58-8B75-621A53AD2E1D"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "http://packetstormsecurity.com/files/174244/Credit-Lite-1.5.4-SQL-Injection.html", "url": "http://packetstormsecurity.com/files/174244/Credit-Lite-1.5.4-SQL-Injection.html",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.237511", "url": "https://vuldb.com/?ctiid.237511",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?id.237511", "url": "https://vuldb.com/?id.237511",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
} }
] ]
} }

61
CVE-2023/CVE-2023-44xx/CVE-2023-4409.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4409", "id": "CVE-2023-4409",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2023-08-18T13:15:09.980", "published": "2023-08-18T13:15:09.980",
"lastModified": "2023-08-18T15:06:49.560", "lastModified": "2023-08-23T19:47:32.717",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -11,6 +11,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
@ -71,18 +93,47 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:happysoft:nbs\\&happysoftwechat:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "552FDDAA-1E86-482B-9909-2238924831B1"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/ApricityXX/cve/blob/main/upload/upload.md", "url": "https://github.com/ApricityXX/cve/blob/main/upload/upload.md",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.237512", "url": "https://vuldb.com/?ctiid.237512",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?id.237512", "url": "https://vuldb.com/?id.237512",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
} }
] ]
} }

72
CVE-2023/CVE-2023-44xx/CVE-2023-4410.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4410", "id": "CVE-2023-4410",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2023-08-18T14:15:34.147", "published": "2023-08-18T14:15:34.147",
"lastModified": "2023-08-18T15:06:49.560", "lastModified": "2023-08-23T19:39:28.267",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -11,6 +11,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
@ -71,18 +93,58 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:ex1200l_firmware:9.3.5u.6146_b20201023:*:*:*:*:*:*:*",
"matchCriteriaId": "F2A5A448-0444-4DA7-8C74-66AA5300D40D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:ex1200l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4BC1501-2EAC-43B7-83E0-04FBA874D29D"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://gist.github.com/dmknght/02a29e1c5ae18b45eacc2085d22068e8", "url": "https://gist.github.com/dmknght/02a29e1c5ae18b45eacc2085d22068e8",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.237513", "url": "https://vuldb.com/?ctiid.237513",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?id.237513", "url": "https://vuldb.com/?id.237513",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

69
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-08-23T18:00:33.936001+00:00 2023-08-23T20:00:30.310908+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-08-23T17:47:51.137000+00:00 2023-08-23T19:59:22.640000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,50 +29,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
223319 223327
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `6` Recently added CVEs: `8`
* [CVE-2023-1409](CVE-2023/CVE-2023-14xx/CVE-2023-1409.json) (`2023-08-23T16:15:08.167`) * [CVE-2023-40270](CVE-2023/CVE-2023-402xx/CVE-2023-40270.json) (`2023-08-23T18:15:08.607`)
* [CVE-2023-37379](CVE-2023/CVE-2023-373xx/CVE-2023-37379.json) (`2023-08-23T16:15:09.330`) * [CVE-2023-20115](CVE-2023/CVE-2023-201xx/CVE-2023-20115.json) (`2023-08-23T19:15:07.587`)
* [CVE-2023-39441](CVE-2023/CVE-2023-394xx/CVE-2023-39441.json) (`2023-08-23T16:15:09.617`) * [CVE-2023-20168](CVE-2023/CVE-2023-201xx/CVE-2023-20168.json) (`2023-08-23T19:15:07.777`)
* [CVE-2023-40273](CVE-2023/CVE-2023-402xx/CVE-2023-40273.json) (`2023-08-23T16:15:09.803`) * [CVE-2023-20169](CVE-2023/CVE-2023-201xx/CVE-2023-20169.json) (`2023-08-23T19:15:07.893`)
* [CVE-2023-38831](CVE-2023/CVE-2023-388xx/CVE-2023-38831.json) (`2023-08-23T17:15:43.863`) * [CVE-2023-20200](CVE-2023/CVE-2023-202xx/CVE-2023-20200.json) (`2023-08-23T19:15:08.020`)
* [CVE-2023-39583](CVE-2023/CVE-2023-395xx/CVE-2023-39583.json) (`2023-08-23T17:15:44.063`) * [CVE-2023-20230](CVE-2023/CVE-2023-202xx/CVE-2023-20230.json) (`2023-08-23T19:15:08.133`)
* [CVE-2023-20234](CVE-2023/CVE-2023-202xx/CVE-2023-20234.json) (`2023-08-23T19:15:08.277`)
* [CVE-2023-40612](CVE-2023/CVE-2023-406xx/CVE-2023-40612.json) (`2023-08-23T19:15:08.443`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `70` Recently modified CVEs: `20`
* [CVE-2023-4433](CVE-2023/CVE-2023-44xx/CVE-2023-4433.json) (`2023-08-23T16:58:12.130`) * [CVE-2020-20145](CVE-2020/CVE-2020-201xx/CVE-2020-20145.json) (`2023-08-23T18:15:08.347`)
* [CVE-2023-4432](CVE-2023/CVE-2023-44xx/CVE-2023-4432.json) (`2023-08-23T16:58:29.763`) * [CVE-2023-31492](CVE-2023/CVE-2023-314xx/CVE-2023-31492.json) (`2023-08-23T18:09:23.857`)
* [CVE-2023-40312](CVE-2023/CVE-2023-403xx/CVE-2023-40312.json) (`2023-08-23T16:58:38.697`) * [CVE-2023-32103](CVE-2023/CVE-2023-321xx/CVE-2023-32103.json) (`2023-08-23T18:12:05.373`)
* [CVE-2023-40037](CVE-2023/CVE-2023-400xx/CVE-2023-40037.json) (`2023-08-23T16:59:00.893`) * [CVE-2023-38831](CVE-2023/CVE-2023-388xx/CVE-2023-38831.json) (`2023-08-23T18:15:08.537`)
* [CVE-2023-38839](CVE-2023/CVE-2023-388xx/CVE-2023-38839.json) (`2023-08-23T16:59:30.407`) * [CVE-2023-32105](CVE-2023/CVE-2023-321xx/CVE-2023-32105.json) (`2023-08-23T18:22:31.213`)
* [CVE-2023-32130](CVE-2023/CVE-2023-321xx/CVE-2023-32130.json) (`2023-08-23T16:59:45.130`) * [CVE-2023-20862](CVE-2023/CVE-2023-208xx/CVE-2023-20862.json) (`2023-08-23T18:34:50.803`)
* [CVE-2023-4412](CVE-2023/CVE-2023-44xx/CVE-2023-4412.json) (`2023-08-23T17:00:02.093`) * [CVE-2023-31232](CVE-2023/CVE-2023-312xx/CVE-2023-31232.json) (`2023-08-23T18:43:09.977`)
* [CVE-2023-27576](CVE-2023/CVE-2023-275xx/CVE-2023-27576.json) (`2023-08-23T17:00:20.757`) * [CVE-2023-39665](CVE-2023/CVE-2023-396xx/CVE-2023-39665.json) (`2023-08-23T18:45:46.490`)
* [CVE-2023-4411](CVE-2023/CVE-2023-44xx/CVE-2023-4411.json) (`2023-08-23T17:00:44.090`) * [CVE-2023-31218](CVE-2023/CVE-2023-312xx/CVE-2023-31218.json) (`2023-08-23T19:01:00.390`)
* [CVE-2023-4449](CVE-2023/CVE-2023-44xx/CVE-2023-4449.json) (`2023-08-23T17:02:04.030`) * [CVE-2023-39667](CVE-2023/CVE-2023-396xx/CVE-2023-39667.json) (`2023-08-23T19:06:14.460`)
* [CVE-2023-4444](CVE-2023/CVE-2023-44xx/CVE-2023-4444.json) (`2023-08-23T17:02:58.503`) * [CVE-2023-39668](CVE-2023/CVE-2023-396xx/CVE-2023-39668.json) (`2023-08-23T19:10:07.457`)
* [CVE-2023-4443](CVE-2023/CVE-2023-44xx/CVE-2023-4443.json) (`2023-08-23T17:03:37.750`) * [CVE-2023-39670](CVE-2023/CVE-2023-396xx/CVE-2023-39670.json) (`2023-08-23T19:13:26.790`)
* [CVE-2023-4442](CVE-2023/CVE-2023-44xx/CVE-2023-4442.json) (`2023-08-23T17:04:01.710`) * [CVE-2023-38741](CVE-2023/CVE-2023-387xx/CVE-2023-38741.json) (`2023-08-23T19:15:21.507`)
* [CVE-2023-4441](CVE-2023/CVE-2023-44xx/CVE-2023-4441.json) (`2023-08-23T17:04:25.183`) * [CVE-2023-39673](CVE-2023/CVE-2023-396xx/CVE-2023-39673.json) (`2023-08-23T19:27:09.853`)
* [CVE-2023-40311](CVE-2023/CVE-2023-403xx/CVE-2023-40311.json) (`2023-08-23T17:04:28.627`) * [CVE-2023-32106](CVE-2023/CVE-2023-321xx/CVE-2023-32106.json) (`2023-08-23T19:34:10.143`)
* [CVE-2023-4440](CVE-2023/CVE-2023-44xx/CVE-2023-4440.json) (`2023-08-23T17:04:47.187`) * [CVE-2023-4410](CVE-2023/CVE-2023-44xx/CVE-2023-4410.json) (`2023-08-23T19:39:28.267`)
* [CVE-2023-4438](CVE-2023/CVE-2023-44xx/CVE-2023-4438.json) (`2023-08-23T17:06:39.757`) * [CVE-2023-4409](CVE-2023/CVE-2023-44xx/CVE-2023-4409.json) (`2023-08-23T19:47:32.717`)
* [CVE-2023-4437](CVE-2023/CVE-2023-44xx/CVE-2023-4437.json) (`2023-08-23T17:07:08.507`) * [CVE-2023-4407](CVE-2023/CVE-2023-44xx/CVE-2023-4407.json) (`2023-08-23T19:51:48.947`)
* [CVE-2023-32107](CVE-2023/CVE-2023-321xx/CVE-2023-32107.json) (`2023-08-23T17:08:29.897`) * [CVE-2023-40172](CVE-2023/CVE-2023-401xx/CVE-2023-40172.json) (`2023-08-23T19:55:36.697`)
* [CVE-2023-39741](CVE-2023/CVE-2023-397xx/CVE-2023-39741.json) (`2023-08-23T17:08:59.037`) * [CVE-2023-40173](CVE-2023/CVE-2023-401xx/CVE-2023-40173.json) (`2023-08-23T19:59:22.640`)
* [CVE-2023-39743](CVE-2023/CVE-2023-397xx/CVE-2023-39743.json) (`2023-08-23T17:27:27.507`)
* [CVE-2023-4439](CVE-2023/CVE-2023-44xx/CVE-2023-4439.json) (`2023-08-23T17:29:18.960`)
* [CVE-2023-40313](CVE-2023/CVE-2023-403xx/CVE-2023-40313.json) (`2023-08-23T17:31:52.053`)
* [CVE-2023-39970](CVE-2023/CVE-2023-399xx/CVE-2023-39970.json) (`2023-08-23T17:39:56.180`)
* [CVE-2023-39672](CVE-2023/CVE-2023-396xx/CVE-2023-39672.json) (`2023-08-23T17:47:51.137`)
## Download and Usage ## Download and Usage