admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 03:27:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-06-11T16:00:26.286505+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-06-11 16:00:29 +00:00
parent f52d56da91
commit a396438574
10 changed files with 439 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
CVE-2022/CVE-2022-412xx/CVE-2022-41216.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-41216",
"sourceIdentifier": "csirt@divd.nl",
"published": "2023-02-22T15:15:11.433",
"lastModified": "2023-03-02T20:20:52.247",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-11T14:15:09.277",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -96,19 +96,16 @@
}
],
"references": [
{
"url": "https://csirt.divd.nl/2022-00052",
"source": "csirt@divd.nl",
"tags": [
"Broken Link"
]
},
{
"url": "https://csirt.divd.nl/CVE-2022-41216",
"source": "csirt@divd.nl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://csirt.divd.nl/DIVD-2022-00052",
"source": "csirt@divd.nl"
}
]
}

15
CVE-2022/CVE-2022-412xx/CVE-2022-41217.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-41217",
"sourceIdentifier": "csirt@divd.nl",
"published": "2023-02-22T15:15:11.540",
"lastModified": "2023-03-02T20:24:44.370",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-11T14:15:09.473",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -96,19 +96,16 @@
}
],
"references": [
{
"url": "https://csirt.divd.nl/2022-00052",
"source": "csirt@divd.nl",
"tags": [
"Broken Link"
]
},
{
"url": "https://csirt.divd.nl/CVE-2022-41217",
"source": "csirt@divd.nl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://csirt.divd.nl/DIVD-2022-00052",
"source": "csirt@divd.nl"
}
]
}

59
CVE-2023/CVE-2023-225xx/CVE-2023-22582.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-22582",
"sourceIdentifier": "csirt@divd.nl",
"published": "2023-06-11T14:15:09.567",
"lastModified": "2023-06-11T14:15:09.567",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Danfoss AK-EM100 web applications allow for Reflected Cross-Site Scripting."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "csirt@divd.nl",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "csirt@divd.nl",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://csirt.divd.nl/DIVD-2023-00021",
"source": "csirt@divd.nl"
},
{
"url": "https://divd.nl/cves/CVE-2023-22582",
"source": "csirt@divd.nl"
}
]
}

59
CVE-2023/CVE-2023-225xx/CVE-2023-22583.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-22583",
"sourceIdentifier": "csirt@divd.nl",
"published": "2023-06-11T14:15:09.650",
"lastModified": "2023-06-11T14:15:09.650",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Danfoss AK-EM100 web forms allow for SQL injection in the login forms."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "csirt@divd.nl",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "csirt@divd.nl",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://csirt.divd.nl/DIVD-2023-00021",
"source": "csirt@divd.nl"
},
{
"url": "https://divd.nl/cves/CVE-2023-22583",
"source": "csirt@divd.nl"
}
]
}

59
CVE-2023/CVE-2023-225xx/CVE-2023-22584.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-22584",
"sourceIdentifier": "csirt@divd.nl",
"published": "2023-06-11T14:15:09.730",
"lastModified": "2023-06-11T14:15:09.730",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Danfoss AK-EM100 stores login credentials in cleartext."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "csirt@divd.nl",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "csirt@divd.nl",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-312"
}
]
}
],
"references": [
{
"url": "https://csirt.divd.nl/DIVD-2023-00021",
"source": "csirt@divd.nl"
},
{
"url": "https://divd.nl/cves/CVE-2023-22584",
"source": "csirt@divd.nl"
}
]
}

59
CVE-2023/CVE-2023-225xx/CVE-2023-22585.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-22585",
"sourceIdentifier": "csirt@divd.nl",
"published": "2023-06-11T14:15:09.797",
"lastModified": "2023-06-11T14:15:09.797",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Danfoss AK-EM100 web applications allow for Reflected Cross-Site Scripting in the title parameter."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "csirt@divd.nl",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "csirt@divd.nl",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://csirt.divd.nl/DIVD-2023-00021",
"source": "csirt@divd.nl"
},
{
"url": "https://divd.nl/cves/CVE-2023-22585",
"source": "csirt@divd.nl"
}
]
}

59
CVE-2023/CVE-2023-225xx/CVE-2023-22586.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-22586",
"sourceIdentifier": "csirt@divd.nl",
"published": "2023-06-11T14:15:09.853",
"lastModified": "2023-06-11T14:15:09.853",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Danfoss AK-EM100 web applications allow for Local File Inclusion in the file parameter."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "csirt@divd.nl",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "csirt@divd.nl",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://csirt.divd.nl/DIVD-2023-00021",
"source": "csirt@divd.nl"
},
{
"url": "https://divd.nl/cves/CVE-2023-22586",
"source": "csirt@divd.nl"
}
]
}

59
CVE-2023/CVE-2023-259xx/CVE-2023-25911.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-25911",
"sourceIdentifier": "csirt@divd.nl",
"published": "2023-06-11T14:15:09.923",
"lastModified": "2023-06-11T14:15:09.923",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Danfoss AK-EM100 web applications allow for OS command injection through the web application parameters."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "csirt@divd.nl",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "csirt@divd.nl",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://csirt.divd.nl/DIVD-2023-00021",
"source": "csirt@divd.nl"
},
{
"url": "https://divd.nl/cves/CVE-2023-25911",
"source": "csirt@divd.nl"
}
]
}

59
CVE-2023/CVE-2023-259xx/CVE-2023-25912.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-25912",
"sourceIdentifier": "csirt@divd.nl",
"published": "2023-06-11T14:15:09.987",
"lastModified": "2023-06-11T14:15:09.987",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The webreport generation feature in the Danfoss AK-EM100 allows an unauthorized actor to generate a web report that discloses sensitive information such as the internal IP address, usernames and internal device values."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "csirt@divd.nl",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "csirt@divd.nl",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://csirt.divd.nl/DIVD-2023-00021",
"source": "csirt@divd.nl"
},
{
"url": "https://divd.nl/cves/CVE-2023-25912",
"source": "csirt@divd.nl"
}
]
}

20
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-06-11T12:00:24.835240+00:00
2023-06-11T16:00:26.286505+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-06-11T11:15:42.500000+00:00
2023-06-11T14:15:09.987000+00:00
```
### Last Data Feed Release
@ -29,20 +29,28 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
217395
217402
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `7`
* [CVE-2023-3192](CVE-2023/CVE-2023-31xx/CVE-2023-3192.json) (`2023-06-11T11:15:42.500`)
* [CVE-2023-22582](CVE-2023/CVE-2023-225xx/CVE-2023-22582.json) (`2023-06-11T14:15:09.567`)
* [CVE-2023-22583](CVE-2023/CVE-2023-225xx/CVE-2023-22583.json) (`2023-06-11T14:15:09.650`)
* [CVE-2023-22584](CVE-2023/CVE-2023-225xx/CVE-2023-22584.json) (`2023-06-11T14:15:09.730`)
* [CVE-2023-22585](CVE-2023/CVE-2023-225xx/CVE-2023-22585.json) (`2023-06-11T14:15:09.797`)
* [CVE-2023-22586](CVE-2023/CVE-2023-225xx/CVE-2023-22586.json) (`2023-06-11T14:15:09.853`)
* [CVE-2023-25911](CVE-2023/CVE-2023-259xx/CVE-2023-25911.json) (`2023-06-11T14:15:09.923`)
* [CVE-2023-25912](CVE-2023/CVE-2023-259xx/CVE-2023-25912.json) (`2023-06-11T14:15:09.987`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `2`
* [CVE-2022-41216](CVE-2022/CVE-2022-412xx/CVE-2022-41216.json) (`2023-06-11T14:15:09.277`)
* [CVE-2022-41217](CVE-2022/CVE-2022-412xx/CVE-2022-41217.json) (`2023-06-11T14:15:09.473`)
## Download and Usage