From a5a20a2c78d51b33c19f87f8593c1f825219b306 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Fri, 23 Feb 2024 21:00:29 +0000 Subject: [PATCH] Auto-Update: 2024-02-23T21:00:25.635599+00:00 --- CVE-2020/CVE-2020-119xx/CVE-2020-11935.json | 17 +- CVE-2021/CVE-2021-290xx/CVE-2021-29093.json | 12 +- CVE-2021/CVE-2021-290xx/CVE-2021-29094.json | 12 +- CVE-2021/CVE-2021-290xx/CVE-2021-29095.json | 12 +- CVE-2022/CVE-2022-214xx/CVE-2022-21476.json | 644 +++++++++++++++++++- CVE-2022/CVE-2022-34xx/CVE-2022-3479.json | 7 +- CVE-2022/CVE-2022-438xx/CVE-2022-43842.json | 59 ++ CVE-2023/CVE-2023-258xx/CVE-2023-25840.json | 23 +- CVE-2023/CVE-2023-443xx/CVE-2023-44330.json | 6 +- CVE-2023/CVE-2023-443xx/CVE-2023-44372.json | 14 +- CVE-2023/CVE-2023-45xx/CVE-2023-4535.json | 45 +- CVE-2023/CVE-2023-492xx/CVE-2023-49299.json | 8 +- CVE-2023/CVE-2023-513xx/CVE-2023-51392.json | 4 +- CVE-2023/CVE-2023-513xx/CVE-2023-51393.json | 59 ++ CVE-2023/CVE-2023-513xx/CVE-2023-51394.json | 55 ++ CVE-2024/CVE-2024-18xx/CVE-2024-1820.json | 4 +- CVE-2024/CVE-2024-18xx/CVE-2024-1821.json | 4 +- CVE-2024/CVE-2024-18xx/CVE-2024-1822.json | 4 +- CVE-2024/CVE-2024-18xx/CVE-2024-1823.json | 4 +- CVE-2024/CVE-2024-18xx/CVE-2024-1824.json | 4 +- CVE-2024/CVE-2024-18xx/CVE-2024-1825.json | 4 +- CVE-2024/CVE-2024-18xx/CVE-2024-1826.json | 4 +- CVE-2024/CVE-2024-18xx/CVE-2024-1827.json | 4 +- CVE-2024/CVE-2024-18xx/CVE-2024-1828.json | 4 +- CVE-2024/CVE-2024-18xx/CVE-2024-1829.json | 4 +- CVE-2024/CVE-2024-18xx/CVE-2024-1830.json | 88 +++ CVE-2024/CVE-2024-18xx/CVE-2024-1831.json | 88 +++ CVE-2024/CVE-2024-18xx/CVE-2024-1832.json | 88 +++ CVE-2024/CVE-2024-18xx/CVE-2024-1833.json | 88 +++ CVE-2024/CVE-2024-18xx/CVE-2024-1834.json | 88 +++ CVE-2024/CVE-2024-233xx/CVE-2024-23320.json | 8 +- CVE-2024/CVE-2024-261xx/CVE-2024-26150.json | 4 +- CVE-2024/CVE-2024-273xx/CVE-2024-27318.json | 4 +- CVE-2024/CVE-2024-273xx/CVE-2024-27319.json | 4 +- README.md | 61 +- 35 files changed, 1423 insertions(+), 115 deletions(-) create mode 100644 CVE-2022/CVE-2022-438xx/CVE-2022-43842.json create mode 100644 CVE-2023/CVE-2023-513xx/CVE-2023-51393.json create mode 100644 CVE-2023/CVE-2023-513xx/CVE-2023-51394.json create mode 100644 CVE-2024/CVE-2024-18xx/CVE-2024-1830.json create mode 100644 CVE-2024/CVE-2024-18xx/CVE-2024-1831.json create mode 100644 CVE-2024/CVE-2024-18xx/CVE-2024-1832.json create mode 100644 CVE-2024/CVE-2024-18xx/CVE-2024-1833.json create mode 100644 CVE-2024/CVE-2024-18xx/CVE-2024-1834.json diff --git a/CVE-2020/CVE-2020-119xx/CVE-2020-11935.json b/CVE-2020/CVE-2020-119xx/CVE-2020-11935.json index 29b601fe1a8..9e0aec063e0 100644 --- a/CVE-2020/CVE-2020-119xx/CVE-2020-11935.json +++ b/CVE-2020/CVE-2020-119xx/CVE-2020-11935.json @@ -2,7 +2,7 @@ "id": "CVE-2020-11935", "sourceIdentifier": "security@ubuntu.com", "published": "2023-04-07T02:15:07.543", - "lastModified": "2023-04-13T18:47:52.580", + "lastModified": "2024-02-23T19:38:53.747", "vulnStatus": "Analyzed", "descriptions": [ { @@ -121,21 +121,6 @@ ] } ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", - "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" - } - ] - } - ] } ], "references": [ diff --git a/CVE-2021/CVE-2021-290xx/CVE-2021-29093.json b/CVE-2021/CVE-2021-290xx/CVE-2021-29093.json index 57d7ee28b35..613292beae9 100644 --- a/CVE-2021/CVE-2021-290xx/CVE-2021-29093.json +++ b/CVE-2021/CVE-2021-290xx/CVE-2021-29093.json @@ -2,8 +2,8 @@ "id": "CVE-2021-29093", "sourceIdentifier": "psirt@esri.com", "published": "2021-03-25T21:15:13.167", - "lastModified": "2023-11-07T03:32:26.470", - "vulnStatus": "Modified", + "lastModified": "2024-02-23T19:38:24.760", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -39,7 +39,7 @@ ], "cvssMetricV30": [ { - "source": "cedc17bb-4939-4f40-a1f4-30ae8af1094e", + "source": "psirt@esri.com", "type": "Secondary", "cvssData": { "version": "3.0", @@ -97,7 +97,7 @@ ] }, { - "source": "cedc17bb-4939-4f40-a1f4-30ae8af1094e", + "source": "psirt@esri.com", "type": "Secondary", "description": [ { @@ -116,9 +116,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:esri:arcgis:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:esri:arcgis_server:*:*:*:*:*:*:*:*", "versionEndIncluding": "10.8.1", - "matchCriteriaId": "6F2E7485-F644-42FB-BC99-22F5BD1D0DD1" + "matchCriteriaId": "3ABA4B71-7460-4EA5-B432-C75B4090D1F7" } ] } diff --git a/CVE-2021/CVE-2021-290xx/CVE-2021-29094.json b/CVE-2021/CVE-2021-290xx/CVE-2021-29094.json index 135438ec39e..d41a62667ca 100644 --- a/CVE-2021/CVE-2021-290xx/CVE-2021-29094.json +++ b/CVE-2021/CVE-2021-290xx/CVE-2021-29094.json @@ -2,8 +2,8 @@ "id": "CVE-2021-29094", "sourceIdentifier": "psirt@esri.com", "published": "2021-03-25T21:15:13.277", - "lastModified": "2023-11-07T03:32:26.877", - "vulnStatus": "Modified", + "lastModified": "2024-02-23T19:37:43.923", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -39,7 +39,7 @@ ], "cvssMetricV30": [ { - "source": "cedc17bb-4939-4f40-a1f4-30ae8af1094e", + "source": "psirt@esri.com", "type": "Secondary", "cvssData": { "version": "3.0", @@ -97,7 +97,7 @@ ] }, { - "source": "cedc17bb-4939-4f40-a1f4-30ae8af1094e", + "source": "psirt@esri.com", "type": "Secondary", "description": [ { @@ -116,9 +116,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:esri:arcgis:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:esri:arcgis_server:*:*:*:*:*:*:*:*", "versionEndIncluding": "10.8.1", - "matchCriteriaId": "6F2E7485-F644-42FB-BC99-22F5BD1D0DD1" + "matchCriteriaId": "3ABA4B71-7460-4EA5-B432-C75B4090D1F7" } ] } diff --git a/CVE-2021/CVE-2021-290xx/CVE-2021-29095.json b/CVE-2021/CVE-2021-290xx/CVE-2021-29095.json index 20c1395017a..1037361c41e 100644 --- a/CVE-2021/CVE-2021-290xx/CVE-2021-29095.json +++ b/CVE-2021/CVE-2021-290xx/CVE-2021-29095.json @@ -2,8 +2,8 @@ "id": "CVE-2021-29095", "sourceIdentifier": "psirt@esri.com", "published": "2021-03-25T21:15:13.357", - "lastModified": "2023-11-07T03:32:27.207", - "vulnStatus": "Modified", + "lastModified": "2024-02-23T19:38:04.767", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -39,7 +39,7 @@ ], "cvssMetricV30": [ { - "source": "cedc17bb-4939-4f40-a1f4-30ae8af1094e", + "source": "psirt@esri.com", "type": "Secondary", "cvssData": { "version": "3.0", @@ -97,7 +97,7 @@ ] }, { - "source": "cedc17bb-4939-4f40-a1f4-30ae8af1094e", + "source": "psirt@esri.com", "type": "Secondary", "description": [ { @@ -116,9 +116,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:esri:arcgis:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:esri:arcgis_server:*:*:*:*:*:*:*:*", "versionEndIncluding": "10.8.1", - "matchCriteriaId": "6F2E7485-F644-42FB-BC99-22F5BD1D0DD1" + "matchCriteriaId": "3ABA4B71-7460-4EA5-B432-C75B4090D1F7" } ] } diff --git a/CVE-2022/CVE-2022-214xx/CVE-2022-21476.json b/CVE-2022/CVE-2022-214xx/CVE-2022-21476.json index 3ad124f11e3..de1c976318f 100644 --- a/CVE-2022/CVE-2022-214xx/CVE-2022-21476.json +++ b/CVE-2022/CVE-2022-214xx/CVE-2022-21476.json @@ -2,7 +2,7 @@ "id": "CVE-2022-21476", "sourceIdentifier": "secalert_us@oracle.com", "published": "2022-04-19T21:15:17.503", - "lastModified": "2023-04-27T17:51:31.157", + "lastModified": "2024-02-23T20:03:12.610", "vulnStatus": "Analyzed", "descriptions": [ { @@ -77,7 +77,6 @@ ], "configurations": [ { - "operator": "AND", "nodes": [ { "operator": "OR", @@ -128,7 +127,6 @@ ] }, { - "operator": "AND", "nodes": [ { "operator": "OR", @@ -228,7 +226,6 @@ ] }, { - "operator": "AND", "nodes": [ { "operator": "OR", @@ -254,7 +251,6 @@ ] }, { - "operator": "AND", "nodes": [ { "operator": "OR", @@ -293,6 +289,644 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11", + "versionEndIncluding": "11.0.14", + "matchCriteriaId": "9C0D3169-24B4-4733-BD40-59D0BB5DAC13" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13", + "versionEndIncluding": "13.0.10", + "matchCriteriaId": "D1D003C0-042E-4126-AEDA-F85863FEAB45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15", + "versionEndIncluding": "15.0.6", + "matchCriteriaId": "EC2C87EC-6234-482F-B597-962E3C52D01B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17", + "versionEndIncluding": "17.0.2", + "matchCriteriaId": "38F4BE82-B2A6-4E48-B1E0-100ACF94B9CD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:-:*:*:*:*:*:*", + "matchCriteriaId": "E78B7C5A-FA51-41E4-AAB0-C6DED2EFCF4C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update1:*:*:*:*:*:*", + "matchCriteriaId": "02011EDC-20A7-4A16-A592-7C76E0037997" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update10:*:*:*:*:*:*", + "matchCriteriaId": "AC6D4652-1226-4C60-BEDF-01EBF8AC0849" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update101:*:*:*:*:*:*", + "matchCriteriaId": "3C1F9ED7-7D93-41F4-9130-15BA734420AC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update11:*:*:*:*:*:*", + "matchCriteriaId": "1CF9CDF1-95D3-4125-A73F-396D2280FC4E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update111:*:*:*:*:*:*", + "matchCriteriaId": "A13266DC-F8D9-4F30-987F-65BBEAF8D3A8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update121:*:*:*:*:*:*", + "matchCriteriaId": "C28388AB-CFC9-4749-A90F-383F5B905EA9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update13:*:*:*:*:*:*", + "matchCriteriaId": "DA1B00F9-A81C-48B7-8DAA-F394DDF323F3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update131:*:*:*:*:*:*", + "matchCriteriaId": "CA7AD457-6CE6-4925-8D94-A907B40233D9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update141:*:*:*:*:*:*", + "matchCriteriaId": "A6F3FDD1-7CAC-4B84-ABB7-64E9D3FBD708" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update15:*:*:*:*:*:*", + "matchCriteriaId": "5480E5AD-DB46-474A-9B57-84ED088A75FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update151:*:*:*:*:*:*", + "matchCriteriaId": "881A4AE9-6012-4E91-98BE-0A352CC20703" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update161:*:*:*:*:*:*", + "matchCriteriaId": "7E1E1079-57D9-473B-A017-964F4745F329" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update17:*:*:*:*:*:*", + "matchCriteriaId": "B8D6446E-2915-4F12-87BE-E7420BC2626E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update171:*:*:*:*:*:*", + "matchCriteriaId": "564EDCE3-16E6-401D-8A43-032D1F8875E1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update181:*:*:*:*:*:*", + "matchCriteriaId": "08278802-D31B-488A-BA6A-EBC816DF883A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update191:*:*:*:*:*:*", + "matchCriteriaId": "72BDA05A-C8BD-472E-8465-EE1F3E5D8CF6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update2:*:*:*:*:*:*", + "matchCriteriaId": "7BBB0969-565E-43E2-B067-A10AAA5F1958" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update201:*:*:*:*:*:*", + "matchCriteriaId": "D78BE95D-6270-469A-8035-FCDDB398F952" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update21:*:*:*:*:*:*", + "matchCriteriaId": "88C24F40-3150-4584-93D9-8307DE04EEE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update211:*:*:*:*:*:*", + "matchCriteriaId": "E0FC5A03-FF11-4787-BBF1-3ACF93A21F2D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update221:*:*:*:*:*:*", + "matchCriteriaId": "19626B36-62FC-4497-A2E1-7D6CD9839B19" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update231:*:*:*:*:*:*", + "matchCriteriaId": "5713AEBD-35F6-44E8-A0CC-A42830D7AE20" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update241:*:*:*:*:*:*", + "matchCriteriaId": "8BE0C04B-440E-4B35-ACC8-6264514F764C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update25:*:*:*:*:*:*", + "matchCriteriaId": "555EC2A6-0475-48ED-AE0C-B306714A9333" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update251:*:*:*:*:*:*", + "matchCriteriaId": "EC1CF2AD-3F7A-4EF3-BD41-117A21553A9F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update261:*:*:*:*:*:*", + "matchCriteriaId": "02C55E2E-AEDE-455C-B128-168C918B5D97" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update271:*:*:*:*:*:*", + "matchCriteriaId": "81831D37-6597-441B-87DE-38F7191BEA42" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update281:*:*:*:*:*:*", + "matchCriteriaId": "EEA1594D-0AB5-436D-9E60-C26EE2175753" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update291:*:*:*:*:*:*", + "matchCriteriaId": "B868FA41-C71B-491C-880B-484740B30C72" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update3:*:*:*:*:*:*", + "matchCriteriaId": "C242D3BE-9114-4A9E-BB78-45754C7CC450" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update301:*:*:*:*:*:*", + "matchCriteriaId": "95954182-9541-4181-9647-B17FA5A79F9F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update311:*:*:*:*:*:*", + "matchCriteriaId": "9F6F0137-F91F-4028-BED2-C29640D52C23" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update321:*:*:*:*:*:*", + "matchCriteriaId": "EAFB6B15-4AE6-47FC-8847-9DFADB7AE253" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update331:*:*:*:*:*:*", + "matchCriteriaId": "A8971E08-2CA2-46F4-8C26-12D2AFAC3B04" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update4:*:*:*:*:*:*", + "matchCriteriaId": "D61068FE-18EE-4ADB-BC69-A3ECE8724575" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update40:*:*:*:*:*:*", + "matchCriteriaId": "EFB59E80-4EC4-4399-BF40-6733E4E475A9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update45:*:*:*:*:*:*", + "matchCriteriaId": "84E31265-22E1-4E91-BFCB-D2AFF445926A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update5:*:*:*:*:*:*", + "matchCriteriaId": "AB3A58C3-94BB-4120-BE1D-AAF8BBF7F22B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update51:*:*:*:*:*:*", + "matchCriteriaId": "50319E52-8739-47C5-B61E-3CA9B6A9A48F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update55:*:*:*:*:*:*", + "matchCriteriaId": "7ED515B9-DC74-4DC5-B98A-08D87D85E11E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update6:*:*:*:*:*:*", + "matchCriteriaId": "6D1D4868-1F9F-43F7-968C-6469B67D3F1B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update60:*:*:*:*:*:*", + "matchCriteriaId": "568F1AC4-B0D7-4438-82E5-0E61500F2240" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update65:*:*:*:*:*:*", + "matchCriteriaId": "F5E99B4A-EDAD-4471-81C4-7E9C775C9D9F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update67:*:*:*:*:*:*", + "matchCriteriaId": "14E9133E-9FF3-40DB-9A11-7469EF5FD265" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update7:*:*:*:*:*:*", + "matchCriteriaId": "94834710-3FA9-49D9-8600-B514CBCA4270" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update72:*:*:*:*:*:*", + "matchCriteriaId": "4228D9E1-7D82-4B49-9669-9CDAD7187432" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update76:*:*:*:*:*:*", + "matchCriteriaId": "F6231F48-2936-4F7D-96D5-4BA11F78EBE8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update80:*:*:*:*:*:*", + "matchCriteriaId": "D96D5061-4A81-497E-9AD6-A8381B3B454C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update85:*:*:*:*:*:*", + "matchCriteriaId": "5345C21E-A01B-43B9-9A20-F2783D921C60" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update9:*:*:*:*:*:*", + "matchCriteriaId": "B219F360-83BD-4111-AB59-C9D4F55AF4C0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update91:*:*:*:*:*:*", + "matchCriteriaId": "D25377EA-8E8F-4C76-8EA9-3BBDFB352815" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update95:*:*:*:*:*:*", + "matchCriteriaId": "59FEFE05-269A-4EAF-A80F-E4C2107B1197" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update97:*:*:*:*:*:*", + "matchCriteriaId": "E7E2AA7C-F602-4DB7-9EC1-0708C46C253C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:7:update99:*:*:*:*:*:*", + "matchCriteriaId": "FB70E154-A304-429E-80F5-8D87B00E32D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:-:*:*:*:*:*:*", + "matchCriteriaId": "70892D06-6E75-4425-BBF0-4B684EC62A1C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:milestone1:*:*:*:*:*:*", + "matchCriteriaId": "7A165D71-71CC-4E6A-AA4F-FF8DB5B9A5AB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:milestone2:*:*:*:*:*:*", + "matchCriteriaId": "7417B2BB-9AC2-4AF4-A828-C89A0735AD92" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:milestone3:*:*:*:*:*:*", + "matchCriteriaId": "6A0A57B5-6F88-4288-9CDE-F6613FE068D2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:milestone4:*:*:*:*:*:*", + "matchCriteriaId": "67ED8559-C348-4932-B7CE-CB96976A30EC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:milestone5:*:*:*:*:*:*", + "matchCriteriaId": "40AC3D91-263F-4345-9FAA-0E573EA64590" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:milestone6:*:*:*:*:*:*", + "matchCriteriaId": "DD92AFA9-81F8-48D4-B79A-E7F066F69A99" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:milestone7:*:*:*:*:*:*", + "matchCriteriaId": "2C4B2F24-A730-4818-90C8-A2D90C081F03" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:milestone8:*:*:*:*:*:*", + "matchCriteriaId": "464087F2-C285-4574-957E-CE0663F07DE0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:milestone9:*:*:*:*:*:*", + "matchCriteriaId": "3E9BB880-A4F6-4887-8BB9-47AA298753D5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update101:*:*:*:*:*:*", + "matchCriteriaId": "18DCFF53-B298-4534-AB5C-8A5EF59C616F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update102:*:*:*:*:*:*", + "matchCriteriaId": "083419F8-FDDF-4E36-88F8-857DB317C1D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update11:*:*:*:*:*:*", + "matchCriteriaId": "D7A74F65-57E8-4C9A-BA96-5EF401504F13" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update111:*:*:*:*:*:*", + "matchCriteriaId": "0D0B90FC-57B6-4315-9B29-3C36E58B2CF5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update112:*:*:*:*:*:*", + "matchCriteriaId": "07812576-3C35-404C-A7D7-9BE9E3D76E00" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update121:*:*:*:*:*:*", + "matchCriteriaId": "00C52B1C-5447-4282-9667-9EBE0720B423" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update131:*:*:*:*:*:*", + "matchCriteriaId": "92BB9EB0-0C12-4E77-89EE-FB77097841B8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update141:*:*:*:*:*:*", + "matchCriteriaId": "FF9D5DCE-2E8F-42B9-9038-AEA7E8C8CFFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update151:*:*:*:*:*:*", + "matchCriteriaId": "ABC0E7BB-F8B7-4369-9910-71240E4073A3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update152:*:*:*:*:*:*", + "matchCriteriaId": "551B2640-8CEC-4C24-AF8B-7A7CEF864D9D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update161:*:*:*:*:*:*", + "matchCriteriaId": "0AE30779-48FB-451E-8CE1-F469F93B8772" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update162:*:*:*:*:*:*", + "matchCriteriaId": "60590FDE-7156-4314-A012-AA38BD2ADDC9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update171:*:*:*:*:*:*", + "matchCriteriaId": "BE51AD3A-8331-4E8F-9DB1-7A0051731DFB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update172:*:*:*:*:*:*", + "matchCriteriaId": "F24F6122-2256-41B6-9033-794C6424ED99" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update181:*:*:*:*:*:*", + "matchCriteriaId": "0EAFA79E-8C7A-48CF-8868-11378FE4B26F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update191:*:*:*:*:*:*", + "matchCriteriaId": "D1D6F19F-59B5-4BB6-AD35-013384025970" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update192:*:*:*:*:*:*", + "matchCriteriaId": "E7BA97BC-3ADA-465A-835B-6C3C5F416B56" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update20:*:*:*:*:*:*", + "matchCriteriaId": "B71F77A4-B7EB-47A1-AAFD-431A7D040B86" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update201:*:*:*:*:*:*", + "matchCriteriaId": "91D6BEA9-5943-44A4-946D-CEAA9BA99376" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update202:*:*:*:*:*:*", + "matchCriteriaId": "C079A3E0-44EB-4B9C-B4FC-B7621D165C3B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update211:*:*:*:*:*:*", + "matchCriteriaId": "2CB74086-14B8-4237-8357-E0C6B5BB8313" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update212:*:*:*:*:*:*", + "matchCriteriaId": "3ABED20A-7C34-4E86-9AFB-F4DC9ECBB3A9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update221:*:*:*:*:*:*", + "matchCriteriaId": "00C2B9C9-1177-4DA6-96CE-55F37F383F99" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update222:*:*:*:*:*:*", + "matchCriteriaId": "435CF189-0BD8-40DF-A0DC-99862CDEAF8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update231:*:*:*:*:*:*", + "matchCriteriaId": "12A3F367-33AD-47C3-BFDC-871A17E72C94" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update232:*:*:*:*:*:*", + "matchCriteriaId": "A18F994F-72CA-4AF5-A7D1-9F5AEA286D85" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update241:*:*:*:*:*:*", + "matchCriteriaId": "78261932-7373-4F16-91E0-1A72ADBEBC3E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update242:*:*:*:*:*:*", + "matchCriteriaId": "9BD90D3D-9B3A-4101-9A8A-5090F0A9719F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update25:*:*:*:*:*:*", + "matchCriteriaId": "B38C0276-0EBD-4E0B-BFCF-4DDECACE04E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update252:*:*:*:*:*:*", + "matchCriteriaId": "F5A40B8A-D428-4008-9F21-AF21394C51D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update262:*:*:*:*:*:*", + "matchCriteriaId": "FEC5B777-01E1-45EE-AF95-C3BD1F098B2F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update271:*:*:*:*:*:*", + "matchCriteriaId": "3B504718-5DCE-43B4-B19A-C6B6E7444BD3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update281:*:*:*:*:*:*", + "matchCriteriaId": "3102AA10-99A8-49A9-867E-7EEC56865680" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update282:*:*:*:*:*:*", + "matchCriteriaId": "5A55CBC7-A7B2-4B89-8AB5-ED30DBE6814E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update291:*:*:*:*:*:*", + "matchCriteriaId": "15BA8A26-2CDA-442B-A549-6BE92DCCD205" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update301:*:*:*:*:*:*", + "matchCriteriaId": "56F2883B-6A1B-4081-8877-07AF3A73F6CD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update302:*:*:*:*:*:*", + "matchCriteriaId": "98C0742E-ACDD-4DB4-8A4C-B96702C8976C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update31:*:*:*:*:*:*", + "matchCriteriaId": "F8483034-DD5A-445D-892F-CDE90A7D58EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update312:*:*:*:*:*:*", + "matchCriteriaId": "1716A5CD-1C32-4F19-9DDE-F9C7CCB6B420" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update322:*:*:*:*:*:*", + "matchCriteriaId": "DAB4F663-BCAF-43DB-BCC3-24C060B0CBAB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update40:*:*:*:*:*:*", + "matchCriteriaId": "8279718F-878F-4868-8859-1728D13CD0D8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update45:*:*:*:*:*:*", + "matchCriteriaId": "2C024E1A-FD2C-42E8-B227-C2AFD3040436" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update5:*:*:*:*:*:*", + "matchCriteriaId": "4F24389D-DDD0-4204-AA24-31C920A4F47E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update51:*:*:*:*:*:*", + "matchCriteriaId": "966979BE-1F21-4729-B6B8-610F74648344" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update60:*:*:*:*:*:*", + "matchCriteriaId": "F8534265-33BF-460D-BF74-5F55FDE50F29" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update65:*:*:*:*:*:*", + "matchCriteriaId": "F77AFC25-1466-4E56-9D5F-6988F3288E16" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update66:*:*:*:*:*:*", + "matchCriteriaId": "A650BEB8-E56F-4E42-9361-8D2DB083F0F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update71:*:*:*:*:*:*", + "matchCriteriaId": "799FFECD-E80A-44B3-953D-CDB5E195F3AA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update72:*:*:*:*:*:*", + "matchCriteriaId": "A7047507-7CAF-4A14-AA9A-5CEF806EDE98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update73:*:*:*:*:*:*", + "matchCriteriaId": "CFC7B179-95D3-4F94-84F6-73F1034A1AF2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update74:*:*:*:*:*:*", + "matchCriteriaId": "9FB28526-9385-44CA-AF08-1899E6C3AE4D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update77:*:*:*:*:*:*", + "matchCriteriaId": "E26B69E4-0B43-415F-A82B-52FDCB262B3E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update91:*:*:*:*:*:*", + "matchCriteriaId": "27BC4150-70EC-462B-8FC5-20B3442CBB31" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:8:update92:*:*:*:*:*:*", + "matchCriteriaId": "02646989-ECD9-40AE-A83E-EFF4080C69B9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:18:*:*:*:*:*:*:*", + "matchCriteriaId": "56CBFC1F-C120-44F2-877A-C1C880AA89C4" + } + ] + } + ] } ], "references": [ diff --git a/CVE-2022/CVE-2022-34xx/CVE-2022-3479.json b/CVE-2022/CVE-2022-34xx/CVE-2022-3479.json index 93bb51e273e..dffc3f8d0b6 100644 --- a/CVE-2022/CVE-2022-34xx/CVE-2022-3479.json +++ b/CVE-2022/CVE-2022-34xx/CVE-2022-3479.json @@ -2,7 +2,7 @@ "id": "CVE-2022-3479", "sourceIdentifier": "secalert@redhat.com", "published": "2022-10-14T17:15:15.463", - "lastModified": "2023-02-11T17:42:34.217", + "lastModified": "2024-02-23T19:14:45.433", "vulnStatus": "Analyzed", "descriptions": [ { @@ -60,8 +60,9 @@ { "vulnerable": true, "criteria": "cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*", - "versionEndIncluding": "3.81", - "matchCriteriaId": "A1EFB0BD-D1C1-40A1-929C-4DA5D6A1520B" + "versionStartIncluding": "3.77", + "versionEndExcluding": "3.87", + "matchCriteriaId": "7E02C234-DBC0-43EE-9E43-EA689C30E9D6" } ] } diff --git a/CVE-2022/CVE-2022-438xx/CVE-2022-43842.json b/CVE-2022/CVE-2022-438xx/CVE-2022-43842.json new file mode 100644 index 00000000000..f2cb4c370b8 --- /dev/null +++ b/CVE-2022/CVE-2022-438xx/CVE-2022-43842.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2022-43842", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2024-02-23T19:15:08.243", + "lastModified": "2024-02-23T19:31:25.817", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "IBM Aspera Console 3.4.0 through 3.4.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 239079." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 8.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/239079", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7122632", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-258xx/CVE-2023-25840.json b/CVE-2023/CVE-2023-258xx/CVE-2023-25840.json index 79e2201d9e8..205b0f50186 100644 --- a/CVE-2023/CVE-2023-258xx/CVE-2023-25840.json +++ b/CVE-2023/CVE-2023-258xx/CVE-2023-25840.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25840", "sourceIdentifier": "psirt@esri.com", "published": "2023-07-21T19:15:10.160", - "lastModified": "2023-08-01T16:05:05.347", + "lastModified": "2024-02-23T19:38:32.780", "vulnStatus": "Analyzed", "descriptions": [ { @@ -68,6 +68,7 @@ ], "configurations": [ { + "operator": "AND", "nodes": [ { "operator": "OR", @@ -75,10 +76,26 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:esri:arcgis:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:esri:arcgis_server:*:*:*:*:*:*:*:*", "versionStartIncluding": "10.8.1", "versionEndExcluding": "11.1", - "matchCriteriaId": "B9E2953E-FE3E-41D1-8A88-638C3DEED27F" + "matchCriteriaId": "ACBAC314-0835-45D8-AB97-40355497CA41" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" } ] } diff --git a/CVE-2023/CVE-2023-443xx/CVE-2023-44330.json b/CVE-2023/CVE-2023-443xx/CVE-2023-44330.json index 355e94f2c91..cec50dc3130 100644 --- a/CVE-2023/CVE-2023-443xx/CVE-2023-44330.json +++ b/CVE-2023/CVE-2023-443xx/CVE-2023-44330.json @@ -2,8 +2,8 @@ "id": "CVE-2023-44330", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T15:15:08.683", - "lastModified": "2023-12-05T09:15:07.197", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-02-23T19:39:49.207", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -45,7 +45,7 @@ "description": [ { "lang": "en", - "value": "CWE-125" + "value": "CWE-787" } ] }, diff --git a/CVE-2023/CVE-2023-443xx/CVE-2023-44372.json b/CVE-2023/CVE-2023-443xx/CVE-2023-44372.json index abdfcc96b13..8c3ba2e26bc 100644 --- a/CVE-2023/CVE-2023-443xx/CVE-2023-44372.json +++ b/CVE-2023/CVE-2023-443xx/CVE-2023-44372.json @@ -2,8 +2,8 @@ "id": "CVE-2023-44372", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T10:15:18.533", - "lastModified": "2023-11-22T16:58:26.867", - "vulnStatus": "Analyzed", + "lastModified": "2024-02-23T19:15:08.467", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -61,7 +61,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Secondary", + "type": "Primary", "description": [ { "lang": "en", @@ -161,6 +161,14 @@ "tags": [ "Broken Link" ] + }, + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb23-54.html", + "source": "psirt@adobe.com" + }, + { + "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1842", + "source": "psirt@adobe.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4535.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4535.json index 281ca9430ba..a5f4e6630b3 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4535.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4535.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4535", "sourceIdentifier": "secalert@redhat.com", "published": "2023-11-06T17:15:12.083", - "lastModified": "2023-12-23T05:15:09.140", - "vulnStatus": "Modified", + "lastModified": "2024-02-23T20:13:02.827", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -89,10 +89,18 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:opensc_project:opensc:*:*:*:*:*:*:*:*", - "versionStartIncluding": "0.17.0", - "versionEndIncluding": "0.23.0", - "matchCriteriaId": "49097C9B-6EFD-4D11-8042-B1A0746D8F12" + "criteria": "cpe:2.3:a:opensc_project:opensc:0.23.0:-:*:*:*:*:*:*", + "matchCriteriaId": "5359CB94-DE52-425E-AA8D-2792F953364F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:opensc_project:opensc:0.23.0:rc1:*:*:*:*:*:*", + "matchCriteriaId": "5A5A2D65-6BDA-464B-A5FA-BC79240E5EBF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:opensc_project:opensc:0.23.0:rc2:*:*:*:*:*:*", + "matchCriteriaId": "83814E22-74DD-41C3-AA1E-62B500D84B41" } ] } @@ -104,6 +112,16 @@ "operator": "OR", "negate": false, "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", + "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646" + }, { "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", @@ -117,7 +135,10 @@ "references": [ { "url": "https://access.redhat.com/errata/RHSA-2023:7879", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/security/cve/CVE-2023-4535", @@ -164,11 +185,17 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3CPQOMCDWFRBMEFR5VK4N5MMXXU42ODE/", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GLYEFIBBA37TK3UNMZN5NOJ7IWCIXLQP/", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Mailing List" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-492xx/CVE-2023-49299.json b/CVE-2023/CVE-2023-492xx/CVE-2023-49299.json index 7203a27e248..17cdc5ae90c 100644 --- a/CVE-2023/CVE-2023-492xx/CVE-2023-49299.json +++ b/CVE-2023/CVE-2023-492xx/CVE-2023-49299.json @@ -2,8 +2,8 @@ "id": "CVE-2023-49299", "sourceIdentifier": "security@apache.org", "published": "2023-12-30T17:15:07.870", - "lastModified": "2024-01-05T18:29:44.063", - "vulnStatus": "Analyzed", + "lastModified": "2024-02-23T19:15:08.617", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -69,6 +69,10 @@ } ], "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2024/02/23/3", + "source": "security@apache.org" + }, { "url": "https://github.com/apache/dolphinscheduler/pull/15228", "source": "security@apache.org", diff --git a/CVE-2023/CVE-2023-513xx/CVE-2023-51392.json b/CVE-2023/CVE-2023-513xx/CVE-2023-51392.json index c97d11507b8..aa392156b2b 100644 --- a/CVE-2023/CVE-2023-513xx/CVE-2023-51392.json +++ b/CVE-2023/CVE-2023-513xx/CVE-2023-51392.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51392", "sourceIdentifier": "product-security@silabs.com", "published": "2024-02-23T17:15:07.840", - "lastModified": "2024-02-23T17:15:07.840", - "vulnStatus": "Received", + "lastModified": "2024-02-23T19:31:25.817", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-513xx/CVE-2023-51393.json b/CVE-2023/CVE-2023-513xx/CVE-2023-51393.json new file mode 100644 index 00000000000..18624a3dfe7 --- /dev/null +++ b/CVE-2023/CVE-2023-513xx/CVE-2023-51393.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-51393", + "sourceIdentifier": "product-security@silabs.com", + "published": "2024-02-23T20:15:51.687", + "lastModified": "2024-02-23T20:15:51.687", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nDue to an allocation of resources without limits, an uncontrolled resource consumption vulnerability exists in Silicon Labs Ember ZNet SDK prior to v7.4.0.0 (delivered as part of Silicon Labs Gecko SDK v4.4.0) which may enable attackers to trigger a bus fault and crash of the device, requiring a reboot in order to rejoin the network." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "product-security@silabs.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "product-security@silabs.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + }, + { + "lang": "en", + "value": "CWE-770" + } + ] + } + ], + "references": [ + { + "url": "https://community.silabs.com/068Vm000001NaAM", + "source": "product-security@silabs.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-513xx/CVE-2023-51394.json b/CVE-2023/CVE-2023-513xx/CVE-2023-51394.json new file mode 100644 index 00000000000..cd264c6a4c3 --- /dev/null +++ b/CVE-2023/CVE-2023-513xx/CVE-2023-51394.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-51394", + "sourceIdentifier": "product-security@silabs.com", + "published": "2024-02-23T20:15:51.880", + "lastModified": "2024-02-23T20:15:51.880", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "High traffic environments may result in NULL Pointer Dereference vulnerability in Silicon Labs's Ember ZNet SDK before v7.4.0, causing a system crash." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "product-security@silabs.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "product-security@silabs.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "references": [ + { + "url": "https://community.silabs.com/068Vm000001NL4u", + "source": "product-security@silabs.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1820.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1820.json index bfd132b5237..9a5853152a1 100644 --- a/CVE-2024/CVE-2024-18xx/CVE-2024-1820.json +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1820.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1820", "sourceIdentifier": "cna@vuldb.com", "published": "2024-02-23T16:15:47.223", - "lastModified": "2024-02-23T16:15:47.223", - "vulnStatus": "Received", + "lastModified": "2024-02-23T19:31:25.817", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1821.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1821.json index cfbdaec937e..af2db039107 100644 --- a/CVE-2024/CVE-2024-18xx/CVE-2024-1821.json +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1821.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1821", "sourceIdentifier": "cna@vuldb.com", "published": "2024-02-23T16:15:47.510", - "lastModified": "2024-02-23T16:15:47.510", - "vulnStatus": "Received", + "lastModified": "2024-02-23T19:31:25.817", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1822.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1822.json index f4ae563968f..63a9e0b2d0c 100644 --- a/CVE-2024/CVE-2024-18xx/CVE-2024-1822.json +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1822.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1822", "sourceIdentifier": "cna@vuldb.com", "published": "2024-02-23T16:15:47.817", - "lastModified": "2024-02-23T16:15:47.817", - "vulnStatus": "Received", + "lastModified": "2024-02-23T19:31:25.817", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1823.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1823.json index 6e8567441ad..c2c073653e8 100644 --- a/CVE-2024/CVE-2024-18xx/CVE-2024-1823.json +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1823.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1823", "sourceIdentifier": "cna@vuldb.com", "published": "2024-02-23T16:15:48.043", - "lastModified": "2024-02-23T16:15:48.043", - "vulnStatus": "Received", + "lastModified": "2024-02-23T19:31:25.817", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1824.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1824.json index 75bf925996d..8d73a20dee1 100644 --- a/CVE-2024/CVE-2024-18xx/CVE-2024-1824.json +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1824.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1824", "sourceIdentifier": "cna@vuldb.com", "published": "2024-02-23T16:15:48.263", - "lastModified": "2024-02-23T16:15:48.263", - "vulnStatus": "Received", + "lastModified": "2024-02-23T19:31:25.817", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1825.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1825.json index 453e738e014..6dc085bee20 100644 --- a/CVE-2024/CVE-2024-18xx/CVE-2024-1825.json +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1825.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1825", "sourceIdentifier": "cna@vuldb.com", "published": "2024-02-23T17:15:08.073", - "lastModified": "2024-02-23T17:15:08.073", - "vulnStatus": "Received", + "lastModified": "2024-02-23T19:31:25.817", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1826.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1826.json index 70c736688a8..facf6c5bd2f 100644 --- a/CVE-2024/CVE-2024-18xx/CVE-2024-1826.json +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1826.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1826", "sourceIdentifier": "cna@vuldb.com", "published": "2024-02-23T17:15:08.323", - "lastModified": "2024-02-23T17:15:08.323", - "vulnStatus": "Received", + "lastModified": "2024-02-23T19:31:25.817", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1827.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1827.json index 0abfd45e225..142e0ff0d9e 100644 --- a/CVE-2024/CVE-2024-18xx/CVE-2024-1827.json +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1827.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1827", "sourceIdentifier": "cna@vuldb.com", "published": "2024-02-23T18:15:50.013", - "lastModified": "2024-02-23T18:15:50.013", - "vulnStatus": "Received", + "lastModified": "2024-02-23T19:31:25.817", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1828.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1828.json index f0eb24817f1..270f079f21d 100644 --- a/CVE-2024/CVE-2024-18xx/CVE-2024-1828.json +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1828.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1828", "sourceIdentifier": "cna@vuldb.com", "published": "2024-02-23T18:15:50.263", - "lastModified": "2024-02-23T18:15:50.263", - "vulnStatus": "Received", + "lastModified": "2024-02-23T19:31:25.817", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1829.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1829.json index c9f538adfd3..e9c188dca6e 100644 --- a/CVE-2024/CVE-2024-18xx/CVE-2024-1829.json +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1829.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1829", "sourceIdentifier": "cna@vuldb.com", "published": "2024-02-23T18:15:50.517", - "lastModified": "2024-02-23T18:15:50.517", - "vulnStatus": "Received", + "lastModified": "2024-02-23T19:31:25.817", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1830.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1830.json new file mode 100644 index 00000000000..29a7ae6e428 --- /dev/null +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1830.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2024-1830", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-02-23T19:15:08.733", + "lastModified": "2024-02-23T19:31:25.817", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file Source/librarian/user/student/lost-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-254618 is the identifier assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/jxp98/VulResearch/blob/main/2024/02/3.5Library%20System%20In%20PHP%20-%20SQL%20Injection-student_lostpass.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.254618", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.254618", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1831.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1831.json new file mode 100644 index 00000000000..9ff12ed69c7 --- /dev/null +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1831.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2024-1831", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-02-23T19:15:08.973", + "lastModified": "2024-02-23T19:31:25.817", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, was found in SourceCodester Complete File Management System 1.0. Affected is an unknown function of the file users/index.php of the component Login Form. The manipulation of the argument username with the input torada%27+or+%271%27+%3D+%271%27+--+- leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-254622 is the identifier assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://toradah.notion.site/Login-Bypass-via-SQL-injection-b1e45264f6104bc696836ade6e60fb98?pvs=4", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.254622", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.254622", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1832.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1832.json new file mode 100644 index 00000000000..b2b7ebbd785 --- /dev/null +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1832.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2024-1832", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-02-23T20:15:52.070", + "lastModified": "2024-02-23T20:15:52.070", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in SourceCodester Complete File Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/ of the component Admin Login Form. The manipulation of the argument username with the input torada%27+or+%271%27+%3D+%271%27+--+- leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-254623." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://toradah.notion.site/SQL-Injection-via-Admin-Login-Form-7372893848cb4bb996ae2c9effb0266a?pvs=25", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.254623", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.254623", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1833.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1833.json new file mode 100644 index 00000000000..011aaa8ec97 --- /dev/null +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1833.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2024-1833", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-02-23T20:15:52.307", + "lastModified": "2024-02-23T20:15:52.307", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in SourceCodester Employee Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /Account/login.php. The manipulation of the argument txtusername leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-254624." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/employee-management-system.md#2accountloginphp", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.254624", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.254624", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-18xx/CVE-2024-1834.json b/CVE-2024/CVE-2024-18xx/CVE-2024-1834.json new file mode 100644 index 00000000000..1c7134df338 --- /dev/null +++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1834.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2024-1834", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-02-23T20:15:52.537", + "lastModified": "2024-02-23T20:15:52.537", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. It has been classified as problematic. This affects an unknown part of the file ?page=attendance&class_id=1. The manipulation of the argument class_date with the input 2024-02-23%22%3E%3Cscript%3Ealert(1)%3C/script%3E leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-254625 was assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 4.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Simple-Student-Attendance-System.md#2pageattendancexss", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.254625", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.254625", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-233xx/CVE-2024-23320.json b/CVE-2024/CVE-2024-233xx/CVE-2024-23320.json index 25bd66098de..ebcce8d821a 100644 --- a/CVE-2024/CVE-2024-233xx/CVE-2024-23320.json +++ b/CVE-2024/CVE-2024-233xx/CVE-2024-23320.json @@ -2,8 +2,8 @@ "id": "CVE-2024-23320", "sourceIdentifier": "security@apache.org", "published": "2024-02-23T17:15:08.570", - "lastModified": "2024-02-23T17:15:08.570", - "vulnStatus": "Received", + "lastModified": "2024-02-23T19:31:25.817", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", @@ -24,6 +24,10 @@ } ], "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2024/02/23/3", + "source": "security@apache.org" + }, { "url": "https://github.com/apache/dolphinscheduler/pull/15487", "source": "security@apache.org" diff --git a/CVE-2024/CVE-2024-261xx/CVE-2024-26150.json b/CVE-2024/CVE-2024-261xx/CVE-2024-26150.json index 11b232d5461..99f680d8e03 100644 --- a/CVE-2024/CVE-2024-261xx/CVE-2024-26150.json +++ b/CVE-2024/CVE-2024-261xx/CVE-2024-26150.json @@ -2,8 +2,8 @@ "id": "CVE-2024-26150", "sourceIdentifier": "security-advisories@github.com", "published": "2024-02-23T16:15:48.570", - "lastModified": "2024-02-23T16:15:48.570", - "vulnStatus": "Received", + "lastModified": "2024-02-23T19:31:25.817", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-273xx/CVE-2024-27318.json b/CVE-2024/CVE-2024-273xx/CVE-2024-27318.json index 1d259b73ef4..6356ca1be40 100644 --- a/CVE-2024/CVE-2024-273xx/CVE-2024-27318.json +++ b/CVE-2024/CVE-2024-273xx/CVE-2024-27318.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27318", "sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c", "published": "2024-02-23T18:15:50.767", - "lastModified": "2024-02-23T18:15:50.767", - "vulnStatus": "Received", + "lastModified": "2024-02-23T19:31:25.817", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2024/CVE-2024-273xx/CVE-2024-27319.json b/CVE-2024/CVE-2024-273xx/CVE-2024-27319.json index 607c3392f2e..606d4dfe12d 100644 --- a/CVE-2024/CVE-2024-273xx/CVE-2024-27319.json +++ b/CVE-2024/CVE-2024-273xx/CVE-2024-27319.json @@ -2,8 +2,8 @@ "id": "CVE-2024-27319", "sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c", "published": "2024-02-23T18:15:50.960", - "lastModified": "2024-02-23T18:15:50.960", - "vulnStatus": "Received", + "lastModified": "2024-02-23T19:31:25.817", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/README.md b/README.md index ff248c7d6c9..eee231136e1 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-02-23T19:00:38.039800+00:00 +2024-02-23T21:00:25.635599+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-02-23T18:51:09.787000+00:00 +2024-02-23T20:15:52.537000+00:00 ``` ### Last Data Feed Release @@ -29,37 +29,52 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -239327 +239335 ``` ### CVEs added in the last Commit -Recently added CVEs: `9` +Recently added CVEs: `8` -* [CVE-2023-51392](CVE-2023/CVE-2023-513xx/CVE-2023-51392.json) (`2024-02-23T17:15:07.840`) -* [CVE-2024-1825](CVE-2024/CVE-2024-18xx/CVE-2024-1825.json) (`2024-02-23T17:15:08.073`) -* [CVE-2024-1826](CVE-2024/CVE-2024-18xx/CVE-2024-1826.json) (`2024-02-23T17:15:08.323`) -* [CVE-2024-23320](CVE-2024/CVE-2024-233xx/CVE-2024-23320.json) (`2024-02-23T17:15:08.570`) -* [CVE-2024-1827](CVE-2024/CVE-2024-18xx/CVE-2024-1827.json) (`2024-02-23T18:15:50.013`) -* [CVE-2024-1828](CVE-2024/CVE-2024-18xx/CVE-2024-1828.json) (`2024-02-23T18:15:50.263`) -* [CVE-2024-1829](CVE-2024/CVE-2024-18xx/CVE-2024-1829.json) (`2024-02-23T18:15:50.517`) -* [CVE-2024-27318](CVE-2024/CVE-2024-273xx/CVE-2024-27318.json) (`2024-02-23T18:15:50.767`) -* [CVE-2024-27319](CVE-2024/CVE-2024-273xx/CVE-2024-27319.json) (`2024-02-23T18:15:50.960`) +* [CVE-2022-43842](CVE-2022/CVE-2022-438xx/CVE-2022-43842.json) (`2024-02-23T19:15:08.243`) +* [CVE-2023-51393](CVE-2023/CVE-2023-513xx/CVE-2023-51393.json) (`2024-02-23T20:15:51.687`) +* [CVE-2023-51394](CVE-2023/CVE-2023-513xx/CVE-2023-51394.json) (`2024-02-23T20:15:51.880`) +* [CVE-2024-1830](CVE-2024/CVE-2024-18xx/CVE-2024-1830.json) (`2024-02-23T19:15:08.733`) +* [CVE-2024-1831](CVE-2024/CVE-2024-18xx/CVE-2024-1831.json) (`2024-02-23T19:15:08.973`) +* [CVE-2024-1832](CVE-2024/CVE-2024-18xx/CVE-2024-1832.json) (`2024-02-23T20:15:52.070`) +* [CVE-2024-1833](CVE-2024/CVE-2024-18xx/CVE-2024-1833.json) (`2024-02-23T20:15:52.307`) +* [CVE-2024-1834](CVE-2024/CVE-2024-18xx/CVE-2024-1834.json) (`2024-02-23T20:15:52.537`) ### CVEs modified in the last Commit -Recently modified CVEs: `9` +Recently modified CVEs: `26` -* [CVE-2023-25841](CVE-2023/CVE-2023-258xx/CVE-2023-25841.json) (`2024-02-23T18:13:19.333`) -* [CVE-2023-25584](CVE-2023/CVE-2023-255xx/CVE-2023-25584.json) (`2024-02-23T18:51:09.787`) -* [CVE-2024-21384](CVE-2024/CVE-2024-213xx/CVE-2024-21384.json) (`2024-02-23T17:39:14.750`) -* [CVE-2024-21389](CVE-2024/CVE-2024-213xx/CVE-2024-21389.json) (`2024-02-23T17:39:57.703`) -* [CVE-2024-21393](CVE-2024/CVE-2024-213xx/CVE-2024-21393.json) (`2024-02-23T17:40:29.097`) -* [CVE-2024-21394](CVE-2024/CVE-2024-213xx/CVE-2024-21394.json) (`2024-02-23T17:40:46.883`) -* [CVE-2024-21395](CVE-2024/CVE-2024-213xx/CVE-2024-21395.json) (`2024-02-23T17:41:14.577`) -* [CVE-2024-21396](CVE-2024/CVE-2024-213xx/CVE-2024-21396.json) (`2024-02-23T17:41:27.623`) -* [CVE-2024-21397](CVE-2024/CVE-2024-213xx/CVE-2024-21397.json) (`2024-02-23T17:47:25.600`) +* [CVE-2021-29094](CVE-2021/CVE-2021-290xx/CVE-2021-29094.json) (`2024-02-23T19:37:43.923`) +* [CVE-2021-29095](CVE-2021/CVE-2021-290xx/CVE-2021-29095.json) (`2024-02-23T19:38:04.767`) +* [CVE-2021-29093](CVE-2021/CVE-2021-290xx/CVE-2021-29093.json) (`2024-02-23T19:38:24.760`) +* [CVE-2022-3479](CVE-2022/CVE-2022-34xx/CVE-2022-3479.json) (`2024-02-23T19:14:45.433`) +* [CVE-2022-21476](CVE-2022/CVE-2022-214xx/CVE-2022-21476.json) (`2024-02-23T20:03:12.610`) +* [CVE-2023-44372](CVE-2023/CVE-2023-443xx/CVE-2023-44372.json) (`2024-02-23T19:15:08.467`) +* [CVE-2023-49299](CVE-2023/CVE-2023-492xx/CVE-2023-49299.json) (`2024-02-23T19:15:08.617`) +* [CVE-2023-51392](CVE-2023/CVE-2023-513xx/CVE-2023-51392.json) (`2024-02-23T19:31:25.817`) +* [CVE-2023-25840](CVE-2023/CVE-2023-258xx/CVE-2023-25840.json) (`2024-02-23T19:38:32.780`) +* [CVE-2023-44330](CVE-2023/CVE-2023-443xx/CVE-2023-44330.json) (`2024-02-23T19:39:49.207`) +* [CVE-2023-4535](CVE-2023/CVE-2023-45xx/CVE-2023-4535.json) (`2024-02-23T20:13:02.827`) +* [CVE-2024-1820](CVE-2024/CVE-2024-18xx/CVE-2024-1820.json) (`2024-02-23T19:31:25.817`) +* [CVE-2024-1821](CVE-2024/CVE-2024-18xx/CVE-2024-1821.json) (`2024-02-23T19:31:25.817`) +* [CVE-2024-1822](CVE-2024/CVE-2024-18xx/CVE-2024-1822.json) (`2024-02-23T19:31:25.817`) +* [CVE-2024-1823](CVE-2024/CVE-2024-18xx/CVE-2024-1823.json) (`2024-02-23T19:31:25.817`) +* [CVE-2024-1824](CVE-2024/CVE-2024-18xx/CVE-2024-1824.json) (`2024-02-23T19:31:25.817`) +* [CVE-2024-26150](CVE-2024/CVE-2024-261xx/CVE-2024-26150.json) (`2024-02-23T19:31:25.817`) +* [CVE-2024-1825](CVE-2024/CVE-2024-18xx/CVE-2024-1825.json) (`2024-02-23T19:31:25.817`) +* [CVE-2024-1826](CVE-2024/CVE-2024-18xx/CVE-2024-1826.json) (`2024-02-23T19:31:25.817`) +* [CVE-2024-23320](CVE-2024/CVE-2024-233xx/CVE-2024-23320.json) (`2024-02-23T19:31:25.817`) +* [CVE-2024-1827](CVE-2024/CVE-2024-18xx/CVE-2024-1827.json) (`2024-02-23T19:31:25.817`) +* [CVE-2024-1828](CVE-2024/CVE-2024-18xx/CVE-2024-1828.json) (`2024-02-23T19:31:25.817`) +* [CVE-2024-1829](CVE-2024/CVE-2024-18xx/CVE-2024-1829.json) (`2024-02-23T19:31:25.817`) +* [CVE-2024-27318](CVE-2024/CVE-2024-273xx/CVE-2024-27318.json) (`2024-02-23T19:31:25.817`) +* [CVE-2024-27319](CVE-2024/CVE-2024-273xx/CVE-2024-27319.json) (`2024-02-23T19:31:25.817`) ## Download and Usage