admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-26T20:00:29.405086+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-05-26 20:00:33 +00:00
parent e6bcbdeb73
commit a61e2377d7
93 changed files with 47155 additions and 436 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2014/CVE-2014-103xx/CVE-2014-10386.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2014-10386",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-08-22T20:15:10.987",
"lastModified": "2019-08-29T12:54:26.557",
"lastModified": "2023-05-26T18:55:47.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp-livechat:wp_live_chat_support:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:3cx:live_chat:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.1.0",
"matchCriteriaId": "831D2982-986C-4EDB-A45B-16516B3C2455"
"matchCriteriaId": "E4C42BE8-333E-40B2-8DF1-51E721EAAA58"
}
]
}

6
CVE-2016/CVE-2016-108xx/CVE-2016-10879.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2016-10879",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-08-12T15:15:11.807",
"lastModified": "2019-08-15T19:59:01.523",
"lastModified": "2023-05-26T18:55:47.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp-livechat:wp_live_chat_support:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:3cx:live_chat:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.2.02",
"matchCriteriaId": "7F9EAC1B-D27F-4484-82F3-7A7F84521538"
"matchCriteriaId": "88D216FD-B0A2-4D8C-859B-100A25AD52B2"
}
]
}

6
CVE-2017/CVE-2017-185xx/CVE-2017-18507.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-18507",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-08-13T17:15:13.813",
"lastModified": "2019-08-15T16:51:08.900",
"lastModified": "2023-05-26T18:55:47.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp-livechat:wp_live_chat_support:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:3cx:live_chat:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "7.1.05",
"matchCriteriaId": "84EF068F-850D-4AB7-979C-264D41197F6B"
"matchCriteriaId": "1E61EC76-0A18-4A6F-BB26-77FEFCF15687"
}
]
}

6
CVE-2017/CVE-2017-185xx/CVE-2017-18508.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-18508",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-08-12T15:15:11.997",
"lastModified": "2023-02-24T19:32:23.457",
"lastModified": "2023-05-26T18:55:47.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp-livechat:wp_live_chat_support:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:3cx:live_chat:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "7.1.03",
"matchCriteriaId": "C8860206-5B95-4C92-9487-1D28C86B0181"
"matchCriteriaId": "70C19154-7F3B-4358-8B80-6A2374C867A6"
}
]
}

6
CVE-2017/CVE-2017-21xx/CVE-2017-2187.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-2187",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2017-06-09T16:29:01.610",
"lastModified": "2017-06-16T14:36:41.037",
"lastModified": "2023-05-26T18:55:47.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codecabin_:wp_live_chat_support:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:3cx:live_chat:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "7.0.06",
"matchCriteriaId": "919FDE32-013E-40A8-B5D7-4747133A5380"
"matchCriteriaId": "C5744F57-C6A9-4D17-961D-5272C7048FFB"
}
]
}

6
CVE-2018/CVE-2018-111xx/CVE-2018-11105.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-11105",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-05-15T15:29:00.210",
"lastModified": "2018-06-19T15:13:52.240",
"lastModified": "2023-05-26T18:55:47.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp-livechat:wp_live_chat_support:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:3cx:live_chat:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "8.0.08",
"matchCriteriaId": "298FFDE7-7077-49C0-BB7A-7E1A76EADE38"
"matchCriteriaId": "7CE9A0BB-94C9-434B-B6C3-2918EE26505E"
}
]
}

6
CVE-2018/CVE-2018-184xx/CVE-2018-18460.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-18460",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-10-18T06:29:01.040",
"lastModified": "2018-11-30T17:44:24.703",
"lastModified": "2023-05-26T18:55:47.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp-livechat:wp_live_chat_support:8.0.15:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "BC509618-BBB1-4BB1-803F-399293102ABE"
"criteria": "cpe:2.3:a:3cx:live_chat:8.0.15:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "6A66C8B4-0A71-4727-9C74-B7436E9EB7BE"
}
]
}

6
CVE-2018/CVE-2018-98xx/CVE-2018-9864.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-9864",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-04-09T17:29:00.247",
"lastModified": "2018-05-15T18:30:59.637",
"lastModified": "2023-05-26T18:55:47.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp-livechat:_wp_live_chat_support:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:3cx:live_chat:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "8.0.06",
"matchCriteriaId": "3F545FF5-63CD-44F9-B93C-55B5B63D76E6"
"matchCriteriaId": "983323AB-D1D5-4E39-9E82-2FFDF8B8A00D"
}
]
}

6
CVE-2019/CVE-2019-111xx/CVE-2019-11185.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-11185",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-06-03T21:29:00.490",
"lastModified": "2019-06-04T20:42:22.437",
"lastModified": "2023-05-26T18:55:47.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp-livechat:wp_live_chat_support_pro:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:3cx:live_chat:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "8.0.26",
"matchCriteriaId": "0AE79B6E-CFFE-4A36-BB21-22BA9F28BB4F"
"matchCriteriaId": "67BCD490-D917-4DCD-9A08-73158864786C"
}
]
}

6
CVE-2019/CVE-2019-149xx/CVE-2019-14950.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-14950",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-08-12T15:15:12.527",
"lastModified": "2019-08-15T20:02:31.910",
"lastModified": "2023-05-26T18:55:47.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp-livechat:wp_live_chat_support:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:3cx:live_chat:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "8.0.27",
"matchCriteriaId": "37F90B39-E71A-4D0C-A468-839BB814540D"
"matchCriteriaId": "2AB07AA9-D10B-4CFB-93D6-4007648CD9F5"
}
]
}

12
CVE-2019/CVE-2019-99xx/CVE-2019-9911.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-9911",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-03-22T00:29:00.440",
"lastModified": "2019-03-25T16:42:34.983",
"lastModified": "2023-05-26T18:17:49.987",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextscripts:social_networks_auto-poster:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:nextscripts:social_networks_auto_poster:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.2.8",
"matchCriteriaId": "C0490CD0-EFEC-4977-A5BD-BD26996227A8"
"matchCriteriaId": "5B539477-F5BF-432B-8B87-BDDC22DD708F"
}
]
}

6
CVE-2019/CVE-2019-99xx/CVE-2019-9913.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-9913",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-03-22T00:29:00.533",
"lastModified": "2019-03-22T20:30:54.480",
"lastModified": "2023-05-26T18:55:47.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp-livechat:wp_live_chat_support:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:3cx:live_chat:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "8.0.18",
"matchCriteriaId": "E558635C-9BB9-43CB-890A-50E92AAB65CB"
"matchCriteriaId": "A375E7D9-1936-49C3-B47E-A5A55C80BC68"
}
]
}

6
CVE-2020/CVE-2020-150xx/CVE-2020-15020.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-15020",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-08-31T13:15:10.920",
"lastModified": "2020-09-04T16:47:06.680",
"lastModified": "2023-05-26T19:42:41.190",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:elementor:page_builder:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:elementor:website_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.9.13",
"matchCriteriaId": "7BE4A1E9-F00E-4E4F-835D-1036D112B2B2"
"matchCriteriaId": "9349A3E7-DD2F-4633-9B72-5277F16C107D"
}
]
}

6
CVE-2020/CVE-2020-206xx/CVE-2020-20634.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-20634",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-08-21T15:15:12.680",
"lastModified": "2021-07-21T11:39:23.747",
"lastModified": "2023-05-26T19:42:49.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:elementor:elementor_page_builder:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:elementor:website_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.9.5",
"matchCriteriaId": "96B3E027-AE88-4417-A973-43B7E805989B"
"matchCriteriaId": "4B4F09E3-0189-4E38-AE39-F8B194472636"
}
]
}

6
CVE-2020/CVE-2020-71xx/CVE-2020-7109.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-7109",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-01-22T17:15:11.617",
"lastModified": "2020-01-24T21:55:47.483",
"lastModified": "2023-05-26T19:42:02.553",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:elementor:elementor_page_builder:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:elementor:website_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.8.4",
"matchCriteriaId": "C634276D-BDFE-4A8F-AD8E-B8320053B196"
"matchCriteriaId": "F289E103-88B8-4163-89BD-1900E0AEE4CD"
}
]
}

6
CVE-2020/CVE-2020-84xx/CVE-2020-8426.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-8426",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-01-28T23:15:12.907",
"lastModified": "2020-08-25T12:36:10.160",
"lastModified": "2023-05-26T19:42:45.083",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:elementor:elementor_page_builder:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:elementor:website_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.8.5",
"matchCriteriaId": "C59B9040-5D72-414A-AB3E-B21B346C8A6B"
"matchCriteriaId": "583D9586-0CDC-46A0-A9F9-0CBE170C1961"
}
]
}

6
CVE-2021/CVE-2021-244xx/CVE-2021-24450.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-24450",
"sourceIdentifier": "contact@wpscan.com",
"published": "2021-08-02T11:15:09.233",
"lastModified": "2021-08-10T14:55:44.307",
"lastModified": "2023-05-26T19:38:26.543",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:profilepress:profilepress:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:properfraction:profilepress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.1.8",
"matchCriteriaId": "7906FBA5-9AC4-4027-9E65-1CB836825FCB"
"matchCriteriaId": "1EEC1B08-31E1-4502-B317-28FD2E4BF263"
}
]
}

6
CVE-2021/CVE-2021-245xx/CVE-2021-24522.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-24522",
"sourceIdentifier": "contact@wpscan.com",
"published": "2021-08-09T10:15:08.117",
"lastModified": "2021-08-17T16:00:58.043",
"lastModified": "2023-05-26T19:38:26.543",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:profilepress:profilepress:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:properfraction:profilepress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.1.11",
"matchCriteriaId": "9D85989E-6561-4D14-8E5D-D404A7D9194E"
"matchCriteriaId": "D25B4042-E055-4ADE-AA2E-C511CDB70F92"
}
]
}

6
CVE-2021/CVE-2021-346xx/CVE-2021-34621.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-34621",
"sourceIdentifier": "security@wordfence.com",
"published": "2021-07-07T13:15:08.537",
"lastModified": "2022-10-27T12:42:36.543",
"lastModified": "2023-05-26T19:38:26.543",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -114,10 +114,10 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:profilepress:profilepress:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:properfraction:profilepress:*:*:*:*:*:wordpress:*:*",
"versionStartIncluding": "3.0.0",
"versionEndIncluding": "3.1.3",
"matchCriteriaId": "E6F99847-3C19-434C-B1E9-79FC9D7C2148"
"matchCriteriaId": "428C3713-4BAD-4581-AF5D-8F148D83EC02"
}
]
}

6
CVE-2021/CVE-2021-346xx/CVE-2021-34622.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-34622",
"sourceIdentifier": "security@wordfence.com",
"published": "2021-07-07T13:15:08.597",
"lastModified": "2022-10-27T11:59:24.017",
"lastModified": "2023-05-26T19:38:26.543",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -114,10 +114,10 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:profilepress:profilepress:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:properfraction:profilepress:*:*:*:*:*:wordpress:*:*",
"versionStartIncluding": "3.0.0",
"versionEndIncluding": "3.1.3",
"matchCriteriaId": "E6F99847-3C19-434C-B1E9-79FC9D7C2148"
"matchCriteriaId": "428C3713-4BAD-4581-AF5D-8F148D83EC02"
}
]
}

6
CVE-2021/CVE-2021-346xx/CVE-2021-34623.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-34623",
"sourceIdentifier": "security@wordfence.com",
"published": "2021-07-07T13:15:08.657",
"lastModified": "2021-08-09T14:38:08.693",
"lastModified": "2023-05-26T19:38:26.543",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -114,10 +114,10 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:profilepress:profilepress:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:properfraction:profilepress:*:*:*:*:*:wordpress:*:*",
"versionStartIncluding": "3.0.0",
"versionEndIncluding": "3.1.3",
"matchCriteriaId": "E6F99847-3C19-434C-B1E9-79FC9D7C2148"
"matchCriteriaId": "428C3713-4BAD-4581-AF5D-8F148D83EC02"
}
]
}

6
CVE-2021/CVE-2021-346xx/CVE-2021-34624.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-34624",
"sourceIdentifier": "security@wordfence.com",
"published": "2021-07-07T13:15:08.713",
"lastModified": "2021-08-09T14:38:08.693",
"lastModified": "2023-05-26T19:38:26.543",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -114,10 +114,10 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:profilepress:profilepress:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:properfraction:profilepress:*:*:*:*:*:wordpress:*:*",
"versionStartIncluding": "3.0.0",
"versionEndIncluding": "3.1.3",
"matchCriteriaId": "E6F99847-3C19-434C-B1E9-79FC9D7C2148"
"matchCriteriaId": "428C3713-4BAD-4581-AF5D-8F148D83EC02"
}
]
}

29
CVE-2021/CVE-2021-359xx/CVE-2021-35977.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-35977",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-10-08T15:15:08.870",
"lastModified": "2021-10-16T00:14:23.810",
"lastModified": "2023-05-26T18:18:32.127",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -557,33 +557,6 @@
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:digi:connectcore_8x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0C6871-F8AC-4DEF-8C72-565C4570F3CA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:digi:connectcore_8x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5227D0B2-C6F7-4EFB-A4A4-473196EC0767"
}
]
}
]
}
],
"references": [

29
CVE-2021/CVE-2021-359xx/CVE-2021-35979.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-35979",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-10-08T15:15:08.917",
"lastModified": "2022-07-12T17:42:04.277",
"lastModified": "2023-05-26T18:18:41.580",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -557,33 +557,6 @@
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:digi:connectcore_8x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0C6871-F8AC-4DEF-8C72-565C4570F3CA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:digi:connectcore_8x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5227D0B2-C6F7-4EFB-A4A4-473196EC0767"
}
]
}
]
}
],
"references": [

29
CVE-2021/CVE-2021-367xx/CVE-2021-36767.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-36767",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-10-08T15:15:09.037",
"lastModified": "2022-04-29T12:49:37.823",
"lastModified": "2023-05-26T18:18:57.070",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -531,33 +531,6 @@
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:digi:connectcore_8x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0C6871-F8AC-4DEF-8C72-565C4570F3CA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:digi:connectcore_8x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5227D0B2-C6F7-4EFB-A4A4-473196EC0767"
}
]
}
]
},
{
"operator": "AND",
"nodes": [

85
CVE-2021/CVE-2021-468xx/CVE-2021-46888.json
View File

@ -2,31 +2,102 @@
"id": "CVE-2021-46888",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-21T20:15:09.240",
"lastModified": "2023-05-22T10:56:56.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:58:19.657",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in hledger before 1.23. A Stored Cross-Site Scripting (XSS) vulnerability exists in toBloodhoundJson that allows an attacker to execute JavaScript by encoding user-controlled values in a payload with base64 and parsing them with the atob function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hledger:hledger:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.23",
"matchCriteriaId": "600B56CE-4478-4153-A735-BE58CC01399E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/simonmichael/hledger/issues/1525",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/simonmichael/hledger/pull/1663",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/simonmichael/hledger/releases/tag/1.23",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.youtube.com/watch?v=QnRO-VkfIic",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

6
CVE-2022/CVE-2022-13xx/CVE-2022-1329.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-1329",
"sourceIdentifier": "security@wordfence.com",
"published": "2022-04-19T21:15:13.987",
"lastModified": "2022-11-08T20:19:56.800",
"lastModified": "2023-05-26T19:42:37.227",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -118,10 +118,10 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:elementor:elementor_website_builder:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:elementor:website_builder:*:*:*:*:*:wordpress:*:*",
"versionStartIncluding": "3.6.0",
"versionEndIncluding": "3.6.2",
"matchCriteriaId": "C9F690DD-E4BF-4D8D-B054-8915AD84D1A8"
"matchCriteriaId": "F1900B6F-557E-447E-B624-4379C2005F69"
}
]
}

13
CVE-2022/CVE-2022-25xx/CVE-2022-2590.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-2590",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-08-31T16:15:11.227",
"lastModified": "2023-02-12T22:15:28.367",
"vulnStatus": "Modified",
"lastModified": "2023-05-26T19:42:29.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -71,8 +71,8 @@
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0",
"matchCriteriaId": "6B6A7A8C-53A0-4231-8D93-7E82EE88D700"
"versionEndExcluding": "5.19.6",
"matchCriteriaId": "89E99903-E16D-475D-954B-2BAC46C98262"
}
]
}
@ -82,7 +82,10 @@
"references": [
{
"url": "https://lore.kernel.org/linux-mm/20220808073232.8808-1-david%40redhat.com/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.openwall.com/lists/oss-security/2022/08/08/1",

35
CVE-2022/CVE-2022-29xx/CVE-2022-2959.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-2959",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-08-25T18:15:10.303",
"lastModified": "2023-02-14T13:15:11.070",
"vulnStatus": "Modified",
"lastModified": "2023-05-26T19:42:24.853",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -74,8 +74,30 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.19",
"matchCriteriaId": "E74E9AF8-BDF5-4917-A9CA-0AAD8E13149B"
"versionStartIncluding": "5.8",
"versionEndExcluding": "5.10.120",
"matchCriteriaId": "2E3E8401-3132-4A03-AB2A-C9BF29856AFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.45",
"matchCriteriaId": "08D699AD-F4CE-4BDD-A97E-4997299C7712"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.13",
"matchCriteriaId": "192FC54B-5367-49D6-B410-0285F14665B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.2",
"matchCriteriaId": "9FF255A1-64F4-4E31-AF44-C92FB8773BA2"
}
]
}
@ -93,7 +115,10 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20230214-0005/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1165/",

116
CVE-2022/CVE-2022-301xx/CVE-2022-30114.json
View File

@ -2,27 +2,131 @@
"id": "CVE-2022-30114",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-19T12:15:09.340",
"lastModified": "2023-05-19T13:00:09.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:07:15.257",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow in a network service in Fastweb FASTGate MediaAccess FGA2130FWB, firmware version 18.3.n.0482_FW_230_FGA2130, and DGA4131FWB, firmware version up to 18.3.n.0462_FW_261_DGA4131, allows a remote attacker to reboot the device through a crafted HTTP request, causing DoS."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fastweb:fastgate_vdsl2_dga4131fwb_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3.n.0482_fw_264_dga4131",
"matchCriteriaId": "94940174-3278-4418-816A-AD8CDA14326C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:fastweb:fastgate_vdsl2_dga4131fwb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6608877-D165-49F2-B028-FE3AC7DDA705"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fastweb:fastgate_gpon_fga2130fwb_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.3.n.0482_fw_233_fga2130",
"matchCriteriaId": "8DCABC6B-5F41-4E06-A360-7C2264812572"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:fastweb:fastgate_gpon_fga2130fwb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A03406C0-71DB-43E1-822C-C4296C1B200B"
}
]
}
]
}
],
"references": [
{
"url": "http://fastgate.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://fastweb.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://str0ng4le.github.io/jekyll/update/2023/05/12/fastgate-bof-cve-2022-30114/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}

56
CVE-2022/CVE-2022-30xx/CVE-2022-3028.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-3028",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-08-31T16:15:11.867",
"lastModified": "2023-02-14T13:15:11.523",
"vulnStatus": "Modified",
"lastModified": "2023-05-26T19:42:22.107",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -86,8 +86,51 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0",
"matchCriteriaId": "87B81C9D-7173-4FFB-97BC-9C41AB20A53C"
"versionStartIncluding": "3.14",
"versionEndExcluding": "4.9.327",
"matchCriteriaId": "160A2CE9-E9EF-43E8-B97F-FB93F0BDDF3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.292",
"matchCriteriaId": "42DF7D19-F259-47AF-8715-288480443B27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.257",
"matchCriteriaId": "379F570B-8101-4252-AE1C-B802D441D9B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.212",
"matchCriteriaId": "BEFFBCD7-9B53-46AB-B3FD-53EAD80FD3E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.140",
"matchCriteriaId": "A26216A8-920B-4892-A1EB-143451AFFC31"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.64",
"matchCriteriaId": "292F3687-ADC2-4F3D-9710-3BCAD11A52BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.19.6",
"matchCriteriaId": "89E99903-E16D-475D-954B-2BAC46C98262"
},
{
"vulnerable": true,
@ -204,7 +247,10 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20230214-0004/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}
]
}

10
CVE-2022/CVE-2022-346xx/CVE-2022-34641.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-34641",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-07-18T23:15:13.087",
"lastModified": "2022-07-26T18:07:12.263",
"lastModified": "2023-05-26T18:21:27.353",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -57,6 +57,11 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:boom-core:riscvc-boom:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1507C03F-AB2F-4B03-BC3F-29B9B3690AD6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openhwgroup:cva6:-:*:*:*:*:*:*:*",
@ -82,8 +87,7 @@
"url": "https://github.com/openhwgroup/cva6/pull/908",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
"Patch"
]
},
{

41
CVE-2022/CVE-2022-357xx/CVE-2022-35798.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-35798",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-05-18T23:15:09.700",
"lastModified": "2023-05-19T13:00:09.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:22:38.770",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,45 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:azure_arc_jumpstart:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0",
"versionEndExcluding": "2.0",
"matchCriteriaId": "73E9221D-B9C8-4997-9F6B-0834A415C2A4"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35798",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

50
CVE-2022/CVE-2022-36xx/CVE-2022-3635.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3635",
"sourceIdentifier": "cna@vuldb.com",
"published": "2022-10-21T11:15:09.557",
"lastModified": "2022-12-03T02:39:06.337",
"lastModified": "2023-05-26T19:42:19.687",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -93,8 +93,52 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.12",
"versionEndExcluding": "4.9.326",
"matchCriteriaId": "CA5723EA-07E5-4A9C-8618-3393D55BBC56"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.291",
"matchCriteriaId": "3BBC7E43-6161-4F21-977C-5BB7792C6C94"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.256",
"matchCriteriaId": "6C47CDE3-B039-4AE5-B8E4-1DC820E473FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.211",
"matchCriteriaId": "B1C63D19-C08C-4308-A848-B2523C9275BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.138",
"matchCriteriaId": "445ACC04-A2BA-4176-B4C9-CA4AA59096D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.63",
"matchCriteriaId": "D5744A03-DA40-4A78-9063-13179361DC6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.19.4",
"matchCriteriaId": "0E669300-DA42-4ACD-86D8-68BE5F29FB88"
}
]
}

56
CVE-2022/CVE-2022-36xx/CVE-2022-3649.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3649",
"sourceIdentifier": "cna@vuldb.com",
"published": "2022-10-21T20:15:09.837",
"lastModified": "2023-02-28T15:40:04.613",
"lastModified": "2023-05-26T19:42:16.857",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -94,8 +94,58 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.331",
"matchCriteriaId": "F5B7C986-E6CA-41ED-A833-EA73FCF421D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.296",
"matchCriteriaId": "1927ABC6-E0D2-478F-B103-B982A42D1158"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.262",
"matchCriteriaId": "D6B62970-1FAD-4ED6-930A-23E26A8D2E08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.220",
"matchCriteriaId": "125F7133-B3B7-4175-8CF3-FF0845483254"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.148",
"matchCriteriaId": "A125CF4C-603D-4ED4-AE18-CFC7C8D5CCF1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.74",
"matchCriteriaId": "381A1822-66FA-4BF1-BCA9-7AF2DFCFFBE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.19.16",
"matchCriteriaId": "950EB0FE-7220-47B0-A80D-CEFD803A69C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0",
"versionEndExcluding": "6.0.2",
"matchCriteriaId": "B0624AD1-5A88-463E-96D1-F938FCBA6EEA"
}
]
}

47
CVE-2022/CVE-2022-468xx/CVE-2022-46851.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-46851",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-23T14:15:09.277",
"lastModified": "2023-05-23T14:18:11.573",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:37:41.350",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:brainstormforce:starter_templates:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.1.21",
"matchCriteriaId": "0CF0086F-B2D4-42AC-9A3F-8E579E591D2D"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/astra-sites/wordpress-starter-templates-elementor-wordpress-beaver-builder-templates-plugin-3-1-20-cross-site-request-forgery-csrf?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2022/CVE-2022-468xx/CVE-2022-46853.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-46853",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-23T14:15:09.410",
"lastModified": "2023-05-23T14:18:11.573",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:37:55.000",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:radiustheme:post_grid:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "5.0.5",
"matchCriteriaId": "7CB6D8AE-5A86-45A3-BE0A-0B36D4257DB6"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/the-post-grid/wordpress-the-post-grid-shortcode-gutenberg-blocks-and-elementor-addon-for-post-grid-plugin-5-0-4-cross-site-request-forgery-csrf?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2022/CVE-2022-471xx/CVE-2022-47167.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47167",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-22T10:15:11.957",
"lastModified": "2023-05-22T10:56:50.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T19:25:28.473",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:crayon_syntax_highlighter_project:crayon_syntax_highlighter:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.8.4",
"matchCriteriaId": "BA2926AC-7F02-417F-9185-45555C7261FE"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/crayon-syntax-highlighter/wordpress-crayon-syntax-highlighter-plugin-2-8-4-cross-site-request-forgery-csrf?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2022/CVE-2022-476xx/CVE-2022-47609.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47609",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-22T09:15:10.457",
"lastModified": "2023-05-22T10:56:50.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T19:10:10.687",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nicearma:dnui-delete-not-used-image:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.8.1",
"matchCriteriaId": "B00C868B-8C58-4A2A-B8AE-48F93981AC38"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/dnui-delete-not-used-image-wordpress/wordpress-dnui-plugin-2-8-1-multiple-cross-site-request-forgery-csrf?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

72
CVE-2023/CVE-2023-11xx/CVE-2023-1195.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-1195",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-18T22:15:09.373",
"lastModified": "2023-05-19T13:00:09.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:27:29.387",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server->hostname to NULL, leading to an invalid pointer request."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -23,10 +56,41 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1",
"matchCriteriaId": "9064B383-DD48-40A2-8947-F5BA6E6B6713"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/torvalds/linux/commit/153695d36ead0ccc4d0256953c751cabf673e621",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Patch"
]
}
]
}

6
CVE-2023/CVE-2023-14xx/CVE-2023-1424.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1424",
"sourceIdentifier": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"published": "2023-05-24T05:15:08.780",
"lastModified": "2023-05-24T12:59:09.197",
"lastModified": "2023-05-26T19:15:09.263",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -58,6 +58,10 @@
{
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-003_en.pdf",
"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1727",
"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp"
}
]
}

80
CVE-2023/CVE-2023-16xx/CVE-2023-1618.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1618",
"sourceIdentifier": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"published": "2023-05-19T05:15:20.350",
"lastModified": "2023-05-19T13:00:09.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:20:54.650",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
},
{
"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1188"
}
]
},
{
"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"type": "Secondary",
@ -46,18 +76,58 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:mitsubishielectric:melsec_ws0-geth00200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BE5176E-49E3-48EF-9E05-DFE39E9AE6BB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mitsubishielectric:melsec_ws0-geth00200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2309DB7C-07CA-4821-A7A2-F461652E62C8"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/vu/JVNVU96063959",
"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp"
"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-138-02",
"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp"
"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-002_en.pdf",
"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp"
"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"tags": [
"Vendor Advisory"
]
}
]
}

32
CVE-2023/CVE-2023-16xx/CVE-2023-1664.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-1664",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-26T18:15:09.740",
"lastModified": "2023-05-26T18:15:09.740",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Keycloak. This flaw depends on a non-default configuration \"Revalidate Client Certificate\" to be enabled and the reverse proxy is not validating the certificate before Keycloak. Using this method an attacker may choose the certificate which will be validated by the server. If this happens and the KC_SPI_TRUSTSTORE_FILE_FILE variable is missing/misconfigured, any trustfile may be accepted with the logging information of \"Cannot validate client certificate trust: Truststore not available\". This may not impact availability as the attacker would have no access to the server, but consumer applications Integrity or Confidentiality may be impacted considering a possible access to them. Considering the environment is correctly set to use \"Revalidate Client Certificate\" this flaw is avoidable."
}
],
"metrics": {},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182196&comment#0",
"source": "secalert@redhat.com"
}
]
}

40
CVE-2023/CVE-2023-16xx/CVE-2023-1667.json Normal file
View File

@ -0,0 +1,40 @@
{
"id": "CVE-2023-1667",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-26T18:15:10.740",
"lastModified": "2023-05-26T18:15:10.740",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service."
}
],
"metrics": {},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "http://www.libssh.org/security/advisories/CVE-2023-1667.txt",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-1667",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182199",
"source": "secalert@redhat.com"
}
]
}

108
CVE-2023/CVE-2023-16xx/CVE-2023-1696.json
View File

@ -2,23 +2,121 @@
"id": "CVE-2023-1696",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-05-20T15:15:08.847",
"lastModified": "2023-05-22T10:57:01.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:29:05.273",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF07E7F-3A18-4B74-B73D-DF3647C2A48F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64118936-E2A5-4935-8594-29DF29B5475A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE0AFB0-A112-484B-BEAD-A7F1BDDCE313"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/4/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202304-0000001506528486",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

40
CVE-2023/CVE-2023-19xx/CVE-2023-1981.json Normal file
View File

@ -0,0 +1,40 @@
{
"id": "CVE-2023-1981",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-26T18:15:11.277",
"lastModified": "2023-05-26T18:15:11.277",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a dbus call, causing the avahi daemon to crash."
}
],
"metrics": {},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-1981",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185911",
"source": "secalert@redhat.com"
},
{
"url": "https://github.com/lathiat/avahi/issues/375",
"source": "secalert@redhat.com"
}
]
}

59
CVE-2023/CVE-2023-201xx/CVE-2023-20110.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20110",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-05-18T03:15:09.900",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T19:11:22.413",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "ykramarz@cisco.com",
@ -35,6 +57,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -46,10 +78,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:smart_software_manager_on-prem:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8-202303",
"matchCriteriaId": "270F6EEA-44C3-477E-8361-77989855D5E2"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssm-sql-X9MmjSYh",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

6226
CVE-2023/CVE-2023-201xx/CVE-2023-20156.json
View File

File diff suppressed because it is too large Load Diff

6226
CVE-2023/CVE-2023-201xx/CVE-2023-20157.json
View File

File diff suppressed because it is too large Load Diff

6226
CVE-2023/CVE-2023-201xx/CVE-2023-20158.json
View File

File diff suppressed because it is too large Load Diff

6226
CVE-2023/CVE-2023-201xx/CVE-2023-20159.json
View File

File diff suppressed because it is too large Load Diff

6226
CVE-2023/CVE-2023-201xx/CVE-2023-20160.json
View File

File diff suppressed because it is too large Load Diff

6226
CVE-2023/CVE-2023-201xx/CVE-2023-20161.json
View File

File diff suppressed because it is too large Load Diff

6226
CVE-2023/CVE-2023-201xx/CVE-2023-20162.json
View File

File diff suppressed because it is too large Load Diff

139
CVE-2023/CVE-2023-201xx/CVE-2023-20163.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20163",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-05-18T03:15:10.480",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T19:37:47.797",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "ykramarz@cisco.com",
@ -35,6 +57,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -46,10 +78,111 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.7",
"matchCriteriaId": "DDE2869D-6E9E-4717-A8D4-9E3204889F14"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A1063044-BCD7-487F-9880-141C30547E36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch1:*:*:*:*:*:*",
"matchCriteriaId": "DA42E65A-7207-48B8-BE1B-0B352201BC09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch2:*:*:*:*:*:*",
"matchCriteriaId": "75DDAF38-4D5F-4EE4-A428-68D28FC0DA96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch3:*:*:*:*:*:*",
"matchCriteriaId": "C5FB6AA6-F8C9-48A6-BDDA-1D25C43564EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch4:*:*:*:*:*:*",
"matchCriteriaId": "2B3A267A-5FEA-426D-903E-BD3F4F94A1A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch5:*:*:*:*:*:*",
"matchCriteriaId": "B1B3207B-1B9C-41AA-8EF6-8478458462E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch6:*:*:*:*:*:*",
"matchCriteriaId": "C5B9E7F3-B0F2-4A6A-B939-A62E9B12CCEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch7:*:*:*:*:*:*",
"matchCriteriaId": "EF4C5A58-D0AE-48D6-9757-18C1D5BE5070"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:-:*:*:*:*:*:*",
"matchCriteriaId": "C4DB9726-532F-45CE-81FD-45F2F6C7CE51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "2E8F0066-0EC0-41FD-80BE-55C4ED5F6B0E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch3:*:*:*:*:*:*",
"matchCriteriaId": "5D1765DB-1BEF-4CE9-8B86-B91F709600EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch4:*:*:*:*:*:*",
"matchCriteriaId": "3D1E80EF-C3FD-4F7A-B63D-0EAA5C878B11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch5:*:*:*:*:*:*",
"matchCriteriaId": "095F27EC-5713-4D4F-AD06-57D3DF068B90"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch6:*:*:*:*:*:*",
"matchCriteriaId": "FEA5210C-E674-4C4B-9EB3-C681C70005B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "36722B6C-64A5-4D00-94E1-442878C37A35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2:patch1:*:*:*:*:*:*",
"matchCriteriaId": "7EEEA06A-AD58-48D3-8975-B21A961985B3"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-injection-sRQnsEU9",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

139
CVE-2023/CVE-2023-201xx/CVE-2023-20164.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20164",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-05-18T03:15:10.547",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T19:37:53.943",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "ykramarz@cisco.com",
@ -35,6 +57,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -46,10 +78,111 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.7",
"matchCriteriaId": "DDE2869D-6E9E-4717-A8D4-9E3204889F14"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A1063044-BCD7-487F-9880-141C30547E36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch1:*:*:*:*:*:*",
"matchCriteriaId": "DA42E65A-7207-48B8-BE1B-0B352201BC09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch2:*:*:*:*:*:*",
"matchCriteriaId": "75DDAF38-4D5F-4EE4-A428-68D28FC0DA96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch3:*:*:*:*:*:*",
"matchCriteriaId": "C5FB6AA6-F8C9-48A6-BDDA-1D25C43564EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch4:*:*:*:*:*:*",
"matchCriteriaId": "2B3A267A-5FEA-426D-903E-BD3F4F94A1A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch5:*:*:*:*:*:*",
"matchCriteriaId": "B1B3207B-1B9C-41AA-8EF6-8478458462E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch6:*:*:*:*:*:*",
"matchCriteriaId": "C5B9E7F3-B0F2-4A6A-B939-A62E9B12CCEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch7:*:*:*:*:*:*",
"matchCriteriaId": "EF4C5A58-D0AE-48D6-9757-18C1D5BE5070"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:-:*:*:*:*:*:*",
"matchCriteriaId": "C4DB9726-532F-45CE-81FD-45F2F6C7CE51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "2E8F0066-0EC0-41FD-80BE-55C4ED5F6B0E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch3:*:*:*:*:*:*",
"matchCriteriaId": "5D1765DB-1BEF-4CE9-8B86-B91F709600EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch4:*:*:*:*:*:*",
"matchCriteriaId": "3D1E80EF-C3FD-4F7A-B63D-0EAA5C878B11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch5:*:*:*:*:*:*",
"matchCriteriaId": "095F27EC-5713-4D4F-AD06-57D3DF068B90"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1:patch6:*:*:*:*:*:*",
"matchCriteriaId": "FEA5210C-E674-4C4B-9EB3-C681C70005B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "36722B6C-64A5-4D00-94E1-442878C37A35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2:patch1:*:*:*:*:*:*",
"matchCriteriaId": "7EEEA06A-AD58-48D3-8975-B21A961985B3"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-injection-sRQnsEU9",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-208xx/CVE-2023-20868.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-20868",
"sourceIdentifier": "security@vmware.com",
"published": "2023-05-26T18:15:12.723",
"lastModified": "2023-05-26T18:15:12.723",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "NSX-T contains a reflected cross-site scripting vulnerability due to a lack of input validation. A remote attacker can inject HTML or JavaScript to redirect to malicious pages."
}
],
"metrics": {},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0010.html",
"source": "security@vmware.com"
}
]
}

61
CVE-2023/CVE-2023-20xx/CVE-2023-2088.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-2088",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-12T21:15:09.430",
"lastModified": "2023-05-15T12:54:39.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:00:46.623",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be triggered intentionally or by accident. A remote, authenticated attacker could exploit this vulnerability by detaching one of their volumes from Cinder. The highest impact is to confidentiality."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -27,10 +60,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openstack:-:*:*:*:*:*:*:*",
"matchCriteriaId": "204E9339-F284-43C7-ACC0-C19F5076D523"
}
]
}
]
}
],
"references": [
{
"url": "https://bugs.launchpad.net/bugs/2004555",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
]
}
]
}

20
CVE-2023/CVE-2023-229xx/CVE-2023-22970.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-22970",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-26T18:15:13.357",
"lastModified": "2023-05-26T18:15:13.357",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Bottles before 51.0 mishandles YAML load, which allows remote code execution via a crafted file."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/bottlesdevs/Bottles/issues/2463",
"source": "cve@mitre.org"
}
]
}

40
CVE-2023/CVE-2023-22xx/CVE-2023-2283.json Normal file
View File

@ -0,0 +1,40 @@
{
"id": "CVE-2023-2283",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-26T18:15:13.770",
"lastModified": "2023-05-26T18:15:13.770",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value `rc,` which is initialized to SSH_ERROR and later rewritten to save the return value of the function call `pki_key_check_hash_compatible.` The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls `goto error` returning SSH_OK."
}
],
"metrics": {},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-2283",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189736",
"source": "secalert@redhat.com"
},
{
"url": "https://www.libssh.org/security/advisories/CVE-2023-2283.txt",
"source": "secalert@redhat.com"
}
]
}

350
CVE-2023/CVE-2023-234xx/CVE-2023-23444.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23444",
"sourceIdentifier": "psirt@sick.de",
"published": "2023-05-12T13:15:09.350",
"lastModified": "2023-05-12T14:21:53.020",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:15:18.340",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
},
{
"source": "psirt@sick.de",
"type": "Secondary",
@ -34,18 +54,338 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:ue410-en4_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E3BEC1A-8FFB-47E6-A874-783A02593844"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:ue410-en4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "593FA8EA-007A-47C0-9F22-89E420BBE0D4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:ue410-en3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCC9ADCE-3CEE-4FFD-894A-B8F9073C58CB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:ue410-en3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4C5D33-6A97-4509-8151-65D79F03F18A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:ue410-en1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "598DD1E1-DF04-4C3D-9628-B57C653F4FAD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:ue410-en1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A963DB6B-C9A9-4B1D-A239-C7B608F2CBD1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:fx0-gpnt00030_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9447F86A-5967-4C97-AF69-369EF2BD2052"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:fx0-gpnt00030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CABEFF4-C0A4-4054-8174-7B3762BC0C3F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:fx0-gpnt00010_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00770E9A-64BC-4440-A921-49ECD5C5986D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:fx0-gpnt00010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60B6F37A-78EE-4D1F-ACAE-FDE864F847B8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:fx0-gpnt00000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30BF991A-B66F-48B3-8902-D50C3B38A30D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:fx0-gpnt00000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF3BF752-4F49-4E90-9790-1913ED64D8B3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:fx0-gmod00010_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "925AD219-B3D3-42B6-99E6-E97298AE0A4C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:fx0-gmod00010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97742720-A8E3-49FE-BE43-EFF720F3D52D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:fx0-gmod00000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E87CA0E-7749-4F1E-B30B-78183ACF3170"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:fx0-gmod00000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D96296E7-65D3-4C0A-8126-4AA8BEF85B39"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:fx0-gent00030_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "896EDB87-DB8E-4D82-83EB-65403F23FEB7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:fx0-gent00030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1809BCF9-541E-4348-87A3-4CB37D680704"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:fx0-gent00010_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61689FA0-FB90-4E9F-B500-AADCF8D827BE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:fx0-gent00010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBAC00EB-BB15-4A65-A58D-B3015F7CFF85"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:fx0-gent00000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8B658A-49DD-4F7C-9A20-191C8F6F3D8F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:fx0-gent00000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB590A4-F5E4-4A17-B5A6-33A995C96BAB"
}
]
}
]
}
],
"references": [
{
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.json",
"source": "psirt@sick.de"
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.pdf",
"source": "psirt@sick.de"
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://sick.com/psirt",
"source": "psirt@sick.de"
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-235xx/CVE-2023-23557.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-23557",
"sourceIdentifier": "cve-assign@fb.com",
"published": "2023-05-18T22:15:09.540",
"lastModified": "2023-05-19T13:00:09.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:23:04.003",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An error in Hermes' algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a malicious attacker to execute arbitrary code via type confusion. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
},
{
"source": "cve-assign@fb.com",
"type": "Secondary",
@ -23,14 +56,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:facebook:hermes:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2023-01-10",
"matchCriteriaId": "D3F86788-10E5-4DD4-99DA-865FDD9C7FD8"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/facebook/hermes/commit/a00d237346894c6067a594983be6634f4168c9ad",
"source": "cve-assign@fb.com"
"source": "cve-assign@fb.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.facebook.com/security/advisories/cve-2023-23557",
"source": "cve-assign@fb.com"
"source": "cve-assign@fb.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-237xx/CVE-2023-23705.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23705",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-23T14:15:09.507",
"lastModified": "2023-05-23T14:18:11.573",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:38:06.127",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hmplugin:wordpress_books_gallery:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.4.9",
"matchCriteriaId": "EBDC0529-9E80-4792-B1F2-DA9641C1E19C"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-books-gallery/wordpress-wordpress-books-gallery-plugin-4-4-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-237xx/CVE-2023-23706.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23706",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-23T13:15:09.410",
"lastModified": "2023-05-23T13:42:55.053",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:33:23.603",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:miniorange:wordpress_social_login_and_register_\\(discord\\,_google\\,_twitter\\,_linkedin\\):*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "7.6.0",
"matchCriteriaId": "A5377FFE-3556-4F24-943F-CC1BC1961854"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/miniorange-login-openid/wordpress-wordpress-social-login-and-register-discord-google-twitter-linkedin-plugin-7-5-14-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-237xx/CVE-2023-23713.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23713",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-23T14:15:09.577",
"lastModified": "2023-05-23T14:18:11.573",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:40:42.727",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:theme_tweaker_project:theme_tweaker:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "5.20",
"matchCriteriaId": "B9C991C4-2ED0-431B-A8A2-8CB5BADBA3E4"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/theme-tweaker-lite/wordpress-theme-tweaker-plugin-5-20-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-237xx/CVE-2023-23724.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23724",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-23T13:15:09.487",
"lastModified": "2023-05-23T13:42:55.053",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:33:55.137",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:winwar:wp_email_capture:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.10",
"matchCriteriaId": "C2F6EEB5-CA1D-49D2-A7CE-B90F766B63DA"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-email-capture/wordpress-wordpress-email-marketing-plugin-wp-email-capture-plugin-3-9-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-237xx/CVE-2023-23797.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23797",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-22T11:15:09.237",
"lastModified": "2023-05-22T13:21:34.157",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T19:23:56.160",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:secondlinethemes:auto_youtube_importer:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.4",
"matchCriteriaId": "7077A3DB-C253-4B56-8BA0-8647551F1256"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/auto-youtube-importer/wordpress-auto-youtube-importer-plugin-1-0-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-243xx/CVE-2023-24320.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24320",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-21T22:15:10.557",
"lastModified": "2023-03-03T16:31:54.867",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-26T18:15:13.473",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -70,6 +70,10 @@
"tags": [
"Exploit"
]
},
{
"url": "https://yuyudhn.github.io/CVE-2023-24320/",
"source": "cve@mitre.org"
}
]
}

127
CVE-2023/CVE-2023-250xx/CVE-2023-25005.json
View File

@ -2,19 +2,138 @@
"id": "CVE-2023-25005",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2023-05-12T21:15:09.220",
"lastModified": "2023-05-15T12:54:39.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:17:22.953",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021.0",
"versionEndExcluding": "2021.2",
"matchCriteriaId": "2ED3976D-7AEB-4682-A992-39E3FFF21613"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023.0",
"versionEndExcluding": "2023.1",
"matchCriteriaId": "9B5ED076-764C-400E-8DAD-7F9E0793FD7F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
"matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "67C2219C-5B50-4E46-B1F0-68218F1E5AF5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "E5684221-8B7C-4ADA-A1A8-727E7F0F67BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_5:*:*:*:*:*:*",
"matchCriteriaId": "EB247C2B-8221-457A-99F9-39D75D4DB8E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_6:*:*:*:*:*:*",
"matchCriteriaId": "E3E63C7B-C4A5-4722-88A5-6801AA086915"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_7:*:*:*:*:*:*",
"matchCriteriaId": "8CBCFD6F-2195-48AA-B6A9-8EBB7BF1F047"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_8:*:*:*:*:*:*",
"matchCriteriaId": "280DEA0C-EF21-4C54-8C9D-FC83152F2C86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_9:*:*:*:*:*:*",
"matchCriteriaId": "533A6090-B202-49D4-B0C7-7C189EB282AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:infraworks:2023.1:-:*:*:*:*:*:*",
"matchCriteriaId": "71061947-E7CE-44C8-8DAE-779AEDBEC170"
}
]
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0006",
"source": "psirt@autodesk.com"
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-250xx/CVE-2023-25056.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25056",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-23T14:15:09.657",
"lastModified": "2023-05-23T14:18:11.573",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:40:52.023",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:slickremix:feed_them_social:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.0.0",
"matchCriteriaId": "198A2969-25CA-4974-913B-82FA68670058"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/feed-them-social/wordpress-feed-them-social-for-twitter-feed-youtube-and-more-plugin-3-0-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-254xx/CVE-2023-25472.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25472",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-23T13:15:09.563",
"lastModified": "2023-05-23T13:42:55.053",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:35:26.097",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:podlove:podlove_podcast_publisher:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.8.4",
"matchCriteriaId": "83875A26-A5AA-4677-8661-A6482EEF046D"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/podlove-podcasting-plugin-for-wordpress/wordpress-podlove-podcast-publisher-plugin-3-8-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-254xx/CVE-2023-25481.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25481",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-23T13:15:09.637",
"lastModified": "2023-05-23T13:42:55.053",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:36:04.120",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +64,43 @@
"value": "CWE-352"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:podlove:podlove_subscribe_button:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.9",
"matchCriteriaId": "3BFD1106-D81F-4177-BA7D-5F9487693629"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/podlove-subscribe-button/wordpress-podlove-subscribe-button-plugin-1-3-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-257xx/CVE-2023-25707.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25707",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-23T13:15:09.707",
"lastModified": "2023-05-23T13:42:55.053",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:36:30.683",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vikwp:vikbooking_hotel_booking_engine_\\&_pms:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.6.0",
"matchCriteriaId": "499B4583-CFB1-47A2-9776-6F273DF42370"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/vikbooking/wordpress-vikbooking-hotel-booking-engine-pms-plugin-1-5-12-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2023/CVE-2023-259xx/CVE-2023-25933.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-25933",
"sourceIdentifier": "cve-assign@fb.com",
"published": "2023-05-18T22:15:09.750",
"lastModified": "2023-05-19T13:00:09.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:26:19.920",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A type confusion bug in TypedArray prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could have been used by a malicious attacker to execute arbitrary code via untrusted JavaScript. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
},
{
"source": "cve-assign@fb.com",
"type": "Secondary",
@ -23,14 +56,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:facebook:hermes:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA8E037E-6A33-4EA0-A5C1-55F29A30F900"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/facebook/hermes/commit/e6ed9c1a4b02dc219de1648f44cd808a56171b81",
"source": "cve-assign@fb.com"
"source": "cve-assign@fb.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.facebook.com/security/advisories/cve-2023-25933",
"source": "cve-assign@fb.com"
"source": "cve-assign@fb.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-25xx/CVE-2023-2512.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2512",
"sourceIdentifier": "cna@cloudflare.com",
"published": "2023-05-12T11:15:13.033",
"lastModified": "2023-05-12T14:21:53.020",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:52:34.763",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
},
{
"source": "cna@cloudflare.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
},
{
"source": "cna@cloudflare.com",
"type": "Secondary",
@ -46,14 +76,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cloudflare:workerd:*:*:*:*:*:node.js:*:*",
"versionEndExcluding": "1.20230419.0",
"matchCriteriaId": "1AF26A53-BECD-490F-AE46-A498A22C0077"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/cloudflare/workerd/releases/tag/v1.20230419.0",
"source": "cna@cloudflare.com"
"source": "cna@cloudflare.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/cloudflare/workerd/security/advisories/GHSA-8vx6-69vg-c46f",
"source": "cna@cloudflare.com"
"source": "cna@cloudflare.com",
"tags": [
"Vendor Advisory"
]
}
]
}

75
CVE-2023/CVE-2023-268xx/CVE-2023-26818.json
View File

@ -2,23 +2,88 @@
"id": "CVE-2023-26818",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-19T12:15:09.407",
"lastModified": "2023-05-19T13:00:09.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:06:06.020",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBRARIES flag."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:telegram:telegram:9.3.1:*:*:*:*:macos:*:*",
"matchCriteriaId": "1BB0B331-9AFD-4B37-9E12-82954F5648E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:telegram:telegram:9.4:*:*:*:*:macos:*:*",
"matchCriteriaId": "FCB8F5AC-982C-4FC0-A5C4-D4FF2FF23440"
}
]
}
]
}
],
"references": [
{
"url": "http://telegram.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://danrevah.github.io/2023/05/15/CVE-2023-26818-Bypass-TCC-with-Telegram/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}

72
CVE-2023/CVE-2023-27xx/CVE-2023-2704.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2704",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-05-19T03:15:08.840",
"lastModified": "2023-05-19T13:00:09.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:22:07.733",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,22 +76,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vibethemes:bp_social_connect:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.5",
"matchCriteriaId": "3EAD9569-B5C7-4CDC-8BD7-8DEF97DB5D1B"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/bp-social-connect/tags/1.5/includes/social/facebook/class.facebook.php#L138",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/bp-social-connect/tags/1.5/includes/social/facebook/class.facebook.php#L188",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2914042%40bp-social-connect%2Ftrunk&old=1904372%40bp-social-connect%2Ftrunk&sfp_email=&sfph_mail=#file6",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/44c96df2-530a-4ebe-b722-c606a7b135f9?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

66
CVE-2023/CVE-2023-27xx/CVE-2023-2789.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2789",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-18T13:15:09.507",
"lastModified": "2023-05-18T18:04:44.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:01:52.220",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,22 +93,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gnu:cflow:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E65C9A0B-1990-4D3A-8696-6F5004DA0D8E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/DaisyPo/fuzzing-vulncollect/blob/main/cflow/stack-overflow/parser.c/README.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/DaisyPo/fuzzing-vulncollect/files/11343936/poc-file.zip",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.229373",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.229373",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

66
CVE-2023/CVE-2023-27xx/CVE-2023-2799.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2799",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-18T16:15:09.970",
"lastModified": "2023-05-18T18:04:44.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:06:32.710",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,22 +93,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cnoa_oa_project:cnoa_oa:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.1.1.5",
"matchCriteriaId": "A9840789-AD20-4C28-A9DD-88564B3E13F3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Peanut886/Vulnerability/blob/main/imgs/2023-Guangzhou%20Xiezhong%20Software%20Technology%20Co.%2C%20LTD/2023-04-10(2).jpg",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/The-default-password-vulnerability-exists-in-the-intelligent-cooperative-office-system.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.229376",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.229376",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

49
CVE-2023/CVE-2023-280xx/CVE-2023-28045.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28045",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-05-19T09:15:09.140",
"lastModified": "2023-05-19T13:00:09.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:14:15.370",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
},
{
"source": "security_alert@emc.com",
"type": "Secondary",
@ -46,10 +66,33 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:cloudiq_collector:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.10.2",
"versionEndExcluding": "1.10.17",
"matchCriteriaId": "438B73C3-112F-4B30-B43E-DECF404A3297"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000213696/dsa-2023-165-dell-cloudiq-collector-security-update-for-missing-encryption-of-sensitive-data-vulnerability",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

67
CVE-2023/CVE-2023-280xx/CVE-2023-28081.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-28081",
"sourceIdentifier": "cve-assign@fb.com",
"published": "2023-05-18T22:15:09.807",
"lastModified": "2023-05-19T13:00:09.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:26:41.127",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A bytecode optimization bug in Hermes prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could be used to cause an use-after-free and obtain arbitrary code execution via a carefully crafted payload. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "cve-assign@fb.com",
"type": "Secondary",
@ -23,14 +56,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:facebook:hermes:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA8E037E-6A33-4EA0-A5C1-55F29A30F900"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/facebook/hermes/commit/e6ed9c1a4b02dc219de1648f44cd808a56171b81",
"source": "cve-assign@fb.com"
"source": "cve-assign@fb.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.facebook.com/security/advisories/cve-2023-28081",
"source": "cve-assign@fb.com"
"source": "cve-assign@fb.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

67
CVE-2023/CVE-2023-287xx/CVE-2023-28753.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-28753",
"sourceIdentifier": "cve-assign@fb.com",
"published": "2023-05-18T22:15:09.860",
"lastModified": "2023-05-19T13:00:09.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:25:43.450",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "netconsd prior to v0.2 was vulnerable to an integer overflow in its parse_packet function. A malicious individual could leverage this overflow to create heap memory corruption with attacker controlled data."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "cve-assign@fb.com",
"type": "Secondary",
@ -23,14 +56,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:facebook:netconsd:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7C31BF2-FE76-4643-8339-142389136E80"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/facebook/netconsd/commit/9fc54edf54f7caea1189c2b979337ed37af2c60e",
"source": "cve-assign@fb.com"
"source": "cve-assign@fb.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.facebook.com/security/advisories/cve-2023-28753",
"source": "cve-assign@fb.com"
"source": "cve-assign@fb.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-28xx/CVE-2023-2800.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2800",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-18T17:15:08.817",
"lastModified": "2023-05-18T18:04:44.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:11:36.360",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:huggingface:transformers:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.30.0",
"matchCriteriaId": "FD022D67-4790-4570-A900-C7A70C284EC2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/huggingface/transformers/commit/80ca92470938bbcc348e2d9cf4734c7c25cb1c43",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/a3867b4e-6701-4418-8c20-3c6e7084a44a",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-28xx/CVE-2023-2806.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2806",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-19T09:15:09.840",
"lastModified": "2023-05-19T13:00:09.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:13:15.623",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,49 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:weaver:e-cology:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "076EC640-EC76-442F-968D-B46303DA4DF3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Strangenees/e-cology/blob/main/main.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.229411",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.229411",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

6
CVE-2023/CVE-2023-296xx/CVE-2023-29643.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-29643",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-01T16:15:11.600",
"lastModified": "2023-05-06T03:08:55.093",
"lastModified": "2023-05-26T19:42:12.160",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -55,8 +55,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:perfreeblog_project:perfreeblog:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B35D7041-9E62-4000-9624-ADB858542C36"
"criteria": "cpe:2.3:a:perfree:perfreeblog:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D85BC31-3119-4CC1-89DD-CF50428AEAD0"
}
]
}

67
CVE-2023/CVE-2023-304xx/CVE-2023-30470.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-30470",
"sourceIdentifier": "cve-assign@fb.com",
"published": "2023-05-18T22:15:09.930",
"lastModified": "2023-05-19T13:00:09.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:24:59.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free related to unsound inference in the bytecode generation when optimizations are enabled for Hermes prior to commit da8990f737ebb9d9810633502f65ed462b819c09 could have been used by an attacker to achieve remote code execution. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "cve-assign@fb.com",
"type": "Secondary",
@ -23,14 +56,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:facebook:hermes:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA8E037E-6A33-4EA0-A5C1-55F29A30F900"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/facebook/hermes/commit/da8990f737ebb9d9810633502f65ed462b819c09",
"source": "cve-assign@fb.com"
"source": "cve-assign@fb.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.facebook.com/security/advisories/cve-2023-30470",
"source": "cve-assign@fb.com"
"source": "cve-assign@fb.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-315xx/CVE-2023-31584.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-31584",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-22T19:15:10.090",
"lastModified": "2023-05-23T13:04:43.693",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:54:40.197",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "GitHub repository cu/silicon commit a9ef36 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the User Input field."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:silicon_project:silicon:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2AC2EB9F-D941-478A-AF66-232809CC87EF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/cu/silicon",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/rootd4ddy/CVE-2023-31584",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-318xx/CVE-2023-31871.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31871",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-18T17:15:08.957",
"lastModified": "2023-05-18T18:04:44.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:20:56.740",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "OpenText Documentum Content Server before 23.2 has a flaw that allows for privilege escalation from a non-privileged Documentum user to root. The software comes prepackaged with a root owned SUID binary dm_secure_writer. The binary has security controls in place preventing creation of a file in a non-owned directory, or as the root user. However, these controls can be carefully bypassed to allow for an arbitrary file write as root."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opentext:documentum_content_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "23.2",
"matchCriteriaId": "D027F75E-1F90-4FC2-9ECA-E97FD430C582"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/picar0jsu/a8e623639da34f36202ce5e436668de7",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-323xx/CVE-2023-32318.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-32318",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-26T18:15:13.930",
"lastModified": "2023-05-26T18:15:13.930",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Nextcloud server provides a home for data. A regression in the session handling between Nextcloud Server and the Nextcloud Text app prevented a correct destruction of the session on logout if cookies were not cleared manually. After successfully authenticating with any other account the previous session would be continued and the attacker would be authenticated as the previously logged in user. It is recommended that the Nextcloud Server is upgraded to 25.0.6 or 26.0.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-613"
}
]
}
],
"references": [
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-q8c4-chpj-6v38",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/nextcloud/text/pull/3946",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-326xx/CVE-2023-32681.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-32681",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-26T18:15:14.147",
"lastModified": "2023-05-26T18:15:14.147",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information. This issue has been patched in version 2.31.0.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://github.com/psf/requests/commit/74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/psf/requests/releases/tag/v2.31.0",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q",
"source": "security-advisories@github.com"
}
]
}

88
CVE-2023/CVE-2023-327xx/CVE-2023-32758.json
View File

@ -2,27 +2,103 @@
"id": "CVE-2023-32758",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T04:15:10.330",
"lastModified": "2023-05-15T12:54:39.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:53:30.167",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "giturlparse (aka git-url-parse) through 1.2.2, as used in Semgrep through 1.21.0, is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing untrusted URLs. This might be relevant if Semgrep is analyzing an untrusted package (for example, to check whether it accesses any Git repository at an http:// URL), and that package's author placed a ReDoS attack payload in a URL used by the package."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:coala:git-url-parse:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.2.2",
"matchCriteriaId": "83D06CC5-06FA-4F72-BE31-F35ECB2A284F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:semgrep:semgrep:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.21.0",
"matchCriteriaId": "2CC52CD5-31F0-4CC6-BB04-04DDB331AD42"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/coala/git-url-parse/blob/master/giturlparse/parser.py#L53",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/returntocorp/semgrep/pull/7611",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://pypi.org/project/git-url-parse",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

64
CVE-2023/CVE-2023-333xx/CVE-2023-33338.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-33338",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-23T13:15:09.887",
"lastModified": "2023-05-23T13:42:55.053",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T18:37:07.430",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Old Age Home Management 1.0 is vulnerable to SQL Injection via the username parameter."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:old_age_home_management_system_project:old_age_home_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "947D16F2-8385-46FC-A8DE-AA247C3794BB"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/ANUJ-KUMAR/Old-Age-Home-Management-2022-2023-1.0",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

92
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-26T18:00:27.928718+00:00
2023-05-26T20:00:29.405086+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-26T17:54:55.423000+00:00
2023-05-26T19:42:49.147000+00:00
```
### Last Data Feed Release
@ -29,68 +29,52 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
216099
216107
```
### CVEs added in the last Commit
Recently added CVEs: `24`
Recently added CVEs: `8`
* [CVE-2021-46881](CVE-2021/CVE-2021-468xx/CVE-2021-46881.json) (`2023-05-26T17:15:11.947`)
* [CVE-2021-46882](CVE-2021/CVE-2021-468xx/CVE-2021-46882.json) (`2023-05-26T17:15:12.703`)
* [CVE-2021-46883](CVE-2021/CVE-2021-468xx/CVE-2021-46883.json) (`2023-05-26T17:15:12.780`)
* [CVE-2021-46884](CVE-2021/CVE-2021-468xx/CVE-2021-46884.json) (`2023-05-26T17:15:12.880`)
* [CVE-2021-46885](CVE-2021/CVE-2021-468xx/CVE-2021-46885.json) (`2023-05-26T17:15:12.987`)
* [CVE-2021-46886](CVE-2021/CVE-2021-468xx/CVE-2021-46886.json) (`2023-05-26T17:15:13.127`)
* [CVE-2021-46887](CVE-2021/CVE-2021-468xx/CVE-2021-46887.json) (`2023-05-26T17:15:13.227`)
* [CVE-2022-48478](CVE-2022/CVE-2022-484xx/CVE-2022-48478.json) (`2023-05-26T17:15:13.347`)
* [CVE-2022-48479](CVE-2022/CVE-2022-484xx/CVE-2022-48479.json) (`2023-05-26T17:15:13.450`)
* [CVE-2022-48480](CVE-2022/CVE-2022-484xx/CVE-2022-48480.json) (`2023-05-26T17:15:13.573`)
* [CVE-2023-33439](CVE-2023/CVE-2023-334xx/CVE-2023-33439.json) (`2023-05-26T16:15:09.597`)
* [CVE-2023-33440](CVE-2023/CVE-2023-334xx/CVE-2023-33440.json) (`2023-05-26T16:15:10.713`)
* [CVE-2023-33720](CVE-2023/CVE-2023-337xx/CVE-2023-33720.json) (`2023-05-26T16:15:10.980`)
* [CVE-2023-0116](CVE-2023/CVE-2023-01xx/CVE-2023-0116.json) (`2023-05-26T17:15:13.627`)
* [CVE-2023-0117](CVE-2023/CVE-2023-01xx/CVE-2023-0117.json) (`2023-05-26T17:15:13.743`)
* [CVE-2023-20882](CVE-2023/CVE-2023-208xx/CVE-2023-20882.json) (`2023-05-26T17:15:13.897`)
* [CVE-2023-20883](CVE-2023/CVE-2023-208xx/CVE-2023-20883.json) (`2023-05-26T17:15:14.047`)
* [CVE-2023-2002](CVE-2023/CVE-2023-20xx/CVE-2023-2002.json) (`2023-05-26T17:15:14.113`)
* [CVE-2023-2817](CVE-2023/CVE-2023-28xx/CVE-2023-2817.json) (`2023-05-26T17:15:17.600`)
* [CVE-2023-31225](CVE-2023/CVE-2023-312xx/CVE-2023-31225.json) (`2023-05-26T17:15:17.830`)
* [CVE-2023-31226](CVE-2023/CVE-2023-312xx/CVE-2023-31226.json) (`2023-05-26T17:15:17.913`)
* [CVE-2023-31227](CVE-2023/CVE-2023-312xx/CVE-2023-31227.json) (`2023-05-26T17:15:18.000`)
* [CVE-2023-33779](CVE-2023/CVE-2023-337xx/CVE-2023-33779.json) (`2023-05-26T17:15:18.153`)
* [CVE-2023-33780](CVE-2023/CVE-2023-337xx/CVE-2023-33780.json) (`2023-05-26T17:15:18.680`)
* [CVE-2023-1664](CVE-2023/CVE-2023-16xx/CVE-2023-1664.json) (`2023-05-26T18:15:09.740`)
* [CVE-2023-1667](CVE-2023/CVE-2023-16xx/CVE-2023-1667.json) (`2023-05-26T18:15:10.740`)
* [CVE-2023-1981](CVE-2023/CVE-2023-19xx/CVE-2023-1981.json) (`2023-05-26T18:15:11.277`)
* [CVE-2023-20868](CVE-2023/CVE-2023-208xx/CVE-2023-20868.json) (`2023-05-26T18:15:12.723`)
* [CVE-2023-22970](CVE-2023/CVE-2023-229xx/CVE-2023-22970.json) (`2023-05-26T18:15:13.357`)
* [CVE-2023-2283](CVE-2023/CVE-2023-22xx/CVE-2023-2283.json) (`2023-05-26T18:15:13.770`)
* [CVE-2023-32318](CVE-2023/CVE-2023-323xx/CVE-2023-32318.json) (`2023-05-26T18:15:13.930`)
* [CVE-2023-32681](CVE-2023/CVE-2023-326xx/CVE-2023-32681.json) (`2023-05-26T18:15:14.147`)
### CVEs modified in the last Commit
Recently modified CVEs: `41`
Recently modified CVEs: `84`
* [CVE-2022-45458](CVE-2022/CVE-2022-454xx/CVE-2022-45458.json) (`2023-05-26T17:20:59.377`)
* [CVE-2022-45457](CVE-2022/CVE-2022-454xx/CVE-2022-45457.json) (`2023-05-26T17:22:49.353`)
* [CVE-2022-45459](CVE-2022/CVE-2022-454xx/CVE-2022-45459.json) (`2023-05-26T17:49:09.873`)
* [CVE-2022-4418](CVE-2022/CVE-2022-44xx/CVE-2022-4418.json) (`2023-05-26T17:54:13.907`)
* [CVE-2023-27217](CVE-2023/CVE-2023-272xx/CVE-2023-27217.json) (`2023-05-26T16:11:04.130`)
* [CVE-2023-32784](CVE-2023/CVE-2023-327xx/CVE-2023-32784.json) (`2023-05-26T16:25:21.913`)
* [CVE-2023-27730](CVE-2023/CVE-2023-277xx/CVE-2023-27730.json) (`2023-05-26T16:26:59.573`)
* [CVE-2023-27729](CVE-2023/CVE-2023-277xx/CVE-2023-27729.json) (`2023-05-26T16:27:36.633`)
* [CVE-2023-27728](CVE-2023/CVE-2023-277xx/CVE-2023-27728.json) (`2023-05-26T16:28:40.973`)
* [CVE-2023-27727](CVE-2023/CVE-2023-277xx/CVE-2023-27727.json) (`2023-05-26T16:31:17.513`)
* [CVE-2023-33203](CVE-2023/CVE-2023-332xx/CVE-2023-33203.json) (`2023-05-26T16:52:01.157`)
* [CVE-2023-1698](CVE-2023/CVE-2023-16xx/CVE-2023-1698.json) (`2023-05-26T17:09:45.837`)
* [CVE-2023-1694](CVE-2023/CVE-2023-16xx/CVE-2023-1694.json) (`2023-05-26T17:14:43.323`)
* [CVE-2023-2004](CVE-2023/CVE-2023-20xx/CVE-2023-2004.json) (`2023-05-26T17:15:17.503`)
* [CVE-2023-33829](CVE-2023/CVE-2023-338xx/CVE-2023-33829.json) (`2023-05-26T17:15:19.063`)
* [CVE-2023-1693](CVE-2023/CVE-2023-16xx/CVE-2023-1693.json) (`2023-05-26T17:15:36.813`)
* [CVE-2023-1692](CVE-2023/CVE-2023-16xx/CVE-2023-1692.json) (`2023-05-26T17:16:58.140`)
* [CVE-2023-2822](CVE-2023/CVE-2023-28xx/CVE-2023-2822.json) (`2023-05-26T17:18:09.617`)
* [CVE-2023-28623](CVE-2023/CVE-2023-286xx/CVE-2023-28623.json) (`2023-05-26T17:25:56.600`)
* [CVE-2023-32677](CVE-2023/CVE-2023-326xx/CVE-2023-32677.json) (`2023-05-26T17:28:42.717`)
* [CVE-2023-32679](CVE-2023/CVE-2023-326xx/CVE-2023-32679.json) (`2023-05-26T17:33:04.877`)
* [CVE-2023-32675](CVE-2023/CVE-2023-326xx/CVE-2023-32675.json) (`2023-05-26T17:34:06.543`)
* [CVE-2023-31756](CVE-2023/CVE-2023-317xx/CVE-2023-31756.json) (`2023-05-26T17:35:26.557`)
* [CVE-2023-32303](CVE-2023/CVE-2023-323xx/CVE-2023-32303.json) (`2023-05-26T17:36:37.287`)
* [CVE-2023-2181](CVE-2023/CVE-2023-21xx/CVE-2023-2181.json) (`2023-05-26T17:50:55.790`)
* [CVE-2023-23706](CVE-2023/CVE-2023-237xx/CVE-2023-23706.json) (`2023-05-26T18:33:23.603`)
* [CVE-2023-23724](CVE-2023/CVE-2023-237xx/CVE-2023-23724.json) (`2023-05-26T18:33:55.137`)
* [CVE-2023-25472](CVE-2023/CVE-2023-254xx/CVE-2023-25472.json) (`2023-05-26T18:35:26.097`)
* [CVE-2023-25481](CVE-2023/CVE-2023-254xx/CVE-2023-25481.json) (`2023-05-26T18:36:04.120`)
* [CVE-2023-25707](CVE-2023/CVE-2023-257xx/CVE-2023-25707.json) (`2023-05-26T18:36:30.683`)
* [CVE-2023-33338](CVE-2023/CVE-2023-333xx/CVE-2023-33338.json) (`2023-05-26T18:37:07.430`)
* [CVE-2023-23705](CVE-2023/CVE-2023-237xx/CVE-2023-23705.json) (`2023-05-26T18:38:06.127`)
* [CVE-2023-23713](CVE-2023/CVE-2023-237xx/CVE-2023-23713.json) (`2023-05-26T18:40:42.727`)
* [CVE-2023-25056](CVE-2023/CVE-2023-250xx/CVE-2023-25056.json) (`2023-05-26T18:40:52.023`)
* [CVE-2023-2512](CVE-2023/CVE-2023-25xx/CVE-2023-2512.json) (`2023-05-26T18:52:34.763`)
* [CVE-2023-32758](CVE-2023/CVE-2023-327xx/CVE-2023-32758.json) (`2023-05-26T18:53:30.167`)
* [CVE-2023-31584](CVE-2023/CVE-2023-315xx/CVE-2023-31584.json) (`2023-05-26T18:54:40.197`)
* [CVE-2023-20110](CVE-2023/CVE-2023-201xx/CVE-2023-20110.json) (`2023-05-26T19:11:22.413`)
* [CVE-2023-20156](CVE-2023/CVE-2023-201xx/CVE-2023-20156.json) (`2023-05-26T19:13:01.863`)
* [CVE-2023-20157](CVE-2023/CVE-2023-201xx/CVE-2023-20157.json) (`2023-05-26T19:13:44.793`)
* [CVE-2023-20158](CVE-2023/CVE-2023-201xx/CVE-2023-20158.json) (`2023-05-26T19:14:46.943`)
* [CVE-2023-1424](CVE-2023/CVE-2023-14xx/CVE-2023-1424.json) (`2023-05-26T19:15:09.263`)
* [CVE-2023-20159](CVE-2023/CVE-2023-201xx/CVE-2023-20159.json) (`2023-05-26T19:21:01.830`)
* [CVE-2023-20160](CVE-2023/CVE-2023-201xx/CVE-2023-20160.json) (`2023-05-26T19:21:44.043`)
* [CVE-2023-20161](CVE-2023/CVE-2023-201xx/CVE-2023-20161.json) (`2023-05-26T19:22:06.537`)
* [CVE-2023-23797](CVE-2023/CVE-2023-237xx/CVE-2023-23797.json) (`2023-05-26T19:23:56.160`)
* [CVE-2023-20162](CVE-2023/CVE-2023-201xx/CVE-2023-20162.json) (`2023-05-26T19:37:39.220`)
* [CVE-2023-20163](CVE-2023/CVE-2023-201xx/CVE-2023-20163.json) (`2023-05-26T19:37:47.797`)
* [CVE-2023-20164](CVE-2023/CVE-2023-201xx/CVE-2023-20164.json) (`2023-05-26T19:37:53.943`)
* [CVE-2023-29643](CVE-2023/CVE-2023-296xx/CVE-2023-29643.json) (`2023-05-26T19:42:12.160`)
## Download and Usage