admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-11-02T13:00:19.855562+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-11-02 13:00:23 +00:00
parent 48059230b7
commit a785bc14f9
46 changed files with 733 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2023/CVE-2023-11xx/CVE-2023-1192.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1192",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-01T20:15:08.597",
"lastModified": "2023-11-01T20:15:08.597",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:36.497",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-11xx/CVE-2023-1193.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1193",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-01T20:15:08.663",
"lastModified": "2023-11-01T20:15:08.663",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:36.497",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

47
CVE-2023/CVE-2023-31xx/CVE-2023-3164.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-3164",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-02T12:15:09.543",
"lastModified": "2023-11-02T12:54:30.570",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 2.5
}
]
},
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4156",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215930",
"source": "secalert@redhat.com"
}
]
}

4
CVE-2023/CVE-2023-33xx/CVE-2023-3397.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3397",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-01T20:15:08.737",
"lastModified": "2023-11-01T20:15:08.737",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:36.497",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-392xx/CVE-2023-39281.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39281",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-01T22:15:08.547",
"lastModified": "2023-11-01T22:15:08.547",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:36.497",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-430xx/CVE-2023-43076.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-43076",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-11-02T11:15:14.343",
"lastModified": "2023-11-02T12:54:30.570",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nDell PowerScale OneFS 8.2.x,9.0.0.x-9.5.0.x contains a denial-of-service vulnerability. A low privilege remote attacker could potentially exploit this vulnerability to cause an out of memory (OOM) condition.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000218934/powerscale-onefs-security-updates-for-multiple-security-vulnerabilities",
"source": "security_alert@emc.com"
}
]
}

55
CVE-2023/CVE-2023-430xx/CVE-2023-43087.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-43087",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-11-02T11:15:14.460",
"lastModified": "2023-11-02T12:54:30.570",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nDell PowerScale OneFS 8.2.x, 9.0.0.x-9.5.0.x contains an improper handling of insufficient permissions. A low privileged remote attacker could potentially exploit this vulnerability to cause information disclosure.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-280"
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000218934/powerscale-onefs-security-updates-for-multiple-security-vulnerabilities",
"source": "security_alert@emc.com"
}
]
}

24
CVE-2023/CVE-2023-431xx/CVE-2023-43193.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-43193",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-02T12:15:09.627",
"lastModified": "2023-11-02T12:54:30.570",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Submitty before v22.06.00 is vulnerable to Cross Site Scripting (XSS). An attacker can create a malicious link in the forum that leads to XSS."
}
],
"metrics": {},
"references": [
{
"url": "https://fuchai.net/cve/CVE-2023-43193",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/Submitty/Submitty/pull/8032",
"source": "cve@mitre.org"
}
]
}

28
CVE-2023/CVE-2023-433xx/CVE-2023-43336.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-43336",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-02T12:15:09.673",
"lastModified": "2023-11-02T12:54:30.570",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Sangoma Technologies FreePBX before cdr 15.0.18, 16.0.40, 15.0.16, and 16.0.17 was discovered to contain an access control issue via a modified parameter value, e.g., changing extension=self to extension=101."
}
],
"metrics": {},
"references": [
{
"url": "http://freepbx.com",
"source": "cve@mitre.org"
},
{
"url": "http://sangoma.com",
"source": "cve@mitre.org"
},
{
"url": "https://medium.com/@janirudransh/security-disclosure-of-vulnerability-cve-2023-23336-4429d416f826",
"source": "cve@mitre.org"
}
]
}

4
CVE-2023/CVE-2023-440xx/CVE-2023-44025.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44025",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-01T22:15:08.597",
"lastModified": "2023-11-01T22:15:08.597",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:39.827",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-449xx/CVE-2023-44954.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44954",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-01T23:15:07.900",
"lastModified": "2023-11-01T23:15:07.900",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:36.497",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-450xx/CVE-2023-45012.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45012",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T03:15:09.490",
"lastModified": "2023-11-02T03:15:09.490",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:36.497",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-450xx/CVE-2023-45013.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45013",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T03:15:09.580",
"lastModified": "2023-11-02T03:15:09.580",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:36.497",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-450xx/CVE-2023-45014.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45014",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T03:15:09.663",
"lastModified": "2023-11-02T03:15:09.663",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:36.497",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-450xx/CVE-2023-45015.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45015",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T03:15:09.747",
"lastModified": "2023-11-02T03:15:09.747",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:36.497",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-450xx/CVE-2023-45016.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45016",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T03:15:09.830",
"lastModified": "2023-11-02T03:15:09.830",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:36.497",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-450xx/CVE-2023-45017.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45017",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T03:15:09.913",
"lastModified": "2023-11-02T03:15:09.913",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:36.497",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-450xx/CVE-2023-45018.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45018",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T03:15:10.003",
"lastModified": "2023-11-02T03:15:10.003",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:30.570",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-450xx/CVE-2023-45019.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45019",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T03:15:10.090",
"lastModified": "2023-11-02T03:15:10.090",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:30.570",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-451xx/CVE-2023-45111.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45111",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T02:15:08.357",
"lastModified": "2023-11-02T02:15:08.357",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:39.827",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-451xx/CVE-2023-45112.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45112",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T02:15:08.447",
"lastModified": "2023-11-02T02:15:08.447",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:36.497",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-451xx/CVE-2023-45113.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45113",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T02:15:08.533",
"lastModified": "2023-11-02T02:15:08.533",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:36.497",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-451xx/CVE-2023-45114.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45114",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T02:15:08.623",
"lastModified": "2023-11-02T02:15:08.623",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:36.497",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-452xx/CVE-2023-45201.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45201",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-01T22:15:08.643",
"lastModified": "2023-11-01T22:15:08.643",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:36.497",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-452xx/CVE-2023-45202.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45202",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-01T23:15:07.950",
"lastModified": "2023-11-01T23:15:07.950",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:36.497",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-452xx/CVE-2023-45203.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45203",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-01T23:15:08.047",
"lastModified": "2023-11-01T23:15:08.047",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:36.497",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-463xx/CVE-2023-46327.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46327",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-11-02T03:15:10.173",
"lastModified": "2023-11-02T03:15:10.173",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:30.570",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-464xx/CVE-2023-46428.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46428",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-01T21:15:08.733",
"lastModified": "2023-11-01T21:15:08.733",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:36.497",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-464xx/CVE-2023-46448.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46448",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-01T22:15:08.730",
"lastModified": "2023-11-01T22:15:08.730",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:39.827",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-464xx/CVE-2023-46482.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46482",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-01T19:15:45.393",
"lastModified": "2023-11-01T19:15:45.393",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:39.827",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

81
CVE-2023/CVE-2023-465xx/CVE-2023-46541.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46541",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-25T18:17:38.683",
"lastModified": "2023-10-25T20:31:55.900",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-02T12:49:01.120",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,86 @@
"value": "Se descubri\u00f3 que TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web conten\u00eda un desbordamiento de pila a trav\u00e9s de la funci\u00f3n formIpv6Setup."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:x2000r_firmware:1.0.0-b20230221.0948:*:*:*:*:*:*:*",
"matchCriteriaId": "65D639C6-D133-46D4-9492-0FC53E83BA9E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:x2000r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299F34FB-4D53-4846-B6F0-4431D61B5154"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/XYIYM/Digging/blob/main/TOTOLINK/X2000R/10/1.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://totolink.cn/home/menu/detail.html?menu_listtpl=download&id=85&ids=36",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

4
CVE-2023/CVE-2023-465xx/CVE-2023-46595.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46595",
"sourceIdentifier": "security.vulnerabilities@algosec.com",
"published": "2023-11-02T08:15:08.040",
"lastModified": "2023-11-02T08:15:08.040",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:30.570",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-466xx/CVE-2023-46695.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46695",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-02T06:15:08.000",
"lastModified": "2023-11-02T06:15:08.000",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:30.570",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-467xx/CVE-2023-46724.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46724",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-01T20:15:08.800",
"lastModified": "2023-11-01T20:15:08.800",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:36.497",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-472xx/CVE-2023-47204.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47204",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-02T06:15:08.517",
"lastModified": "2023-11-02T06:15:08.517",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:30.570",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-54xx/CVE-2023-5408.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5408",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-02T03:15:10.230",
"lastModified": "2023-11-02T03:15:10.230",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:30.570",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-56xx/CVE-2023-5606.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5606",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-11-02T09:15:08.507",
"lastModified": "2023-11-02T09:15:08.507",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:30.570",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2023/CVE-2023-58xx/CVE-2023-5860.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-5860",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-11-02T12:15:09.720",
"lastModified": "2023-11-02T12:54:30.570",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Icons Font Loader plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the upload function in all versions up to, and including, 1.1.2. This makes it possible for authenticated attackers, with administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/2987296/icons-font-loader",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/12a9fbe8-445a-478a-b6ce-cd669ccb6a2d?source=cve",
"source": "security@wordfence.com"
}
]
}

4
CVE-2023/CVE-2023-58xx/CVE-2023-5875.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5875",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-11-02T09:15:08.617",
"lastModified": "2023-11-02T09:15:08.617",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:30.570",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-58xx/CVE-2023-5876.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5876",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-11-02T09:15:08.747",
"lastModified": "2023-11-02T09:15:08.747",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:30.570",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-59xx/CVE-2023-5910.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5910",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-11-02T00:15:23.373",
"lastModified": "2023-11-02T00:15:23.373",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:36.497",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

92
CVE-2023/CVE-2023-59xx/CVE-2023-5916.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2023-5916",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-11-02T11:15:14.540",
"lastModified": "2023-11-02T12:54:30.570",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in Lissy93 Dashy 2.1.1. This affects an unknown part of the file /config-manager/save of the component Configuration Handler. The manipulation of the argument config leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-244305 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://github.com/Lissy93/dashy/issues/1336",
"source": "cna@vuldb.com"
},
{
"url": "https://treasure-blarney-085.notion.site/Dashy-0dca8a0ebbd84f78ae6d03528ff1538c?pvs=4",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.244305",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.244305",
"source": "cna@vuldb.com"
}
]
}

100
CVE-2023/CVE-2023-59xx/CVE-2023-5917.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2023-5917",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-11-02T11:15:14.630",
"lastModified": "2023-11-02T12:54:30.570",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in phpBB up to 3.3.10. This issue affects the function main of the file phpBB/includes/acp/acp_icons.php of the component Smiley Pack Handler. The manipulation of the argument pak leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 3.3.11 is able to address this issue. The patch is named ccf6e6c255d38692d72fcb613b113e6eaa240aac. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-244307."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 3.3
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/phpbb/phpbb/commit/ccf6e6c255d38692d72fcb613b113e6eaa240aac",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/phpbb/phpbb/releases/tag/release-3.3.11",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.244307",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.244307",
"source": "cna@vuldb.com"
},
{
"url": "https://www.phpbb.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://www.phpbb.com/community/viewtopic.php?t=2646991",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-59xx/CVE-2023-5918.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-5918",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-11-02T12:15:09.800",
"lastModified": "2023-11-02T12:54:30.570",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in SourceCodester Visitor Management System 1.0. Affected is an unknown function of the file manage_user.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-244308."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/Castle1984/CveRecord/blob/main/Sql_apply.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.244308",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.244308",
"source": "cna@vuldb.com"
}
]
}

4
CVE-2023/CVE-2023-59xx/CVE-2023-5920.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5920",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-11-02T09:15:08.837",
"lastModified": "2023-11-02T09:15:08.837",
"vulnStatus": "Received",
"lastModified": "2023-11-02T12:54:30.570",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

52
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-11-02T11:00:20.307943+00:00
2023-11-02T13:00:19.855562+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-11-02T10:15:14.503000+00:00
2023-11-02T12:54:39.827000+00:00
```
### Last Data Feed Release
@ -29,27 +29,53 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
229581
229590
```
### CVEs added in the last Commit
Recently added CVEs: `4`
Recently added CVEs: `9`
* [CVE-2023-5606](CVE-2023/CVE-2023-56xx/CVE-2023-5606.json) (`2023-11-02T09:15:08.507`)
* [CVE-2023-5875](CVE-2023/CVE-2023-58xx/CVE-2023-5875.json) (`2023-11-02T09:15:08.617`)
* [CVE-2023-5876](CVE-2023/CVE-2023-58xx/CVE-2023-5876.json) (`2023-11-02T09:15:08.747`)
* [CVE-2023-5920](CVE-2023/CVE-2023-59xx/CVE-2023-5920.json) (`2023-11-02T09:15:08.837`)
* [CVE-2023-43076](CVE-2023/CVE-2023-430xx/CVE-2023-43076.json) (`2023-11-02T11:15:14.343`)
* [CVE-2023-43087](CVE-2023/CVE-2023-430xx/CVE-2023-43087.json) (`2023-11-02T11:15:14.460`)
* [CVE-2023-5916](CVE-2023/CVE-2023-59xx/CVE-2023-5916.json) (`2023-11-02T11:15:14.540`)
* [CVE-2023-5917](CVE-2023/CVE-2023-59xx/CVE-2023-5917.json) (`2023-11-02T11:15:14.630`)
* [CVE-2023-3164](CVE-2023/CVE-2023-31xx/CVE-2023-3164.json) (`2023-11-02T12:15:09.543`)
* [CVE-2023-43193](CVE-2023/CVE-2023-431xx/CVE-2023-43193.json) (`2023-11-02T12:15:09.627`)
* [CVE-2023-43336](CVE-2023/CVE-2023-433xx/CVE-2023-43336.json) (`2023-11-02T12:15:09.673`)
* [CVE-2023-5860](CVE-2023/CVE-2023-58xx/CVE-2023-5860.json) (`2023-11-02T12:15:09.720`)
* [CVE-2023-5918](CVE-2023/CVE-2023-59xx/CVE-2023-5918.json) (`2023-11-02T12:15:09.800`)
### CVEs modified in the last Commit
Recently modified CVEs: `4`
Recently modified CVEs: `36`
* [CVE-2023-3654](CVE-2023/CVE-2023-36xx/CVE-2023-3654.json) (`2023-11-02T10:15:11.023`)
* [CVE-2023-3655](CVE-2023/CVE-2023-36xx/CVE-2023-3655.json) (`2023-11-02T10:15:13.703`)
* [CVE-2023-3656](CVE-2023/CVE-2023-36xx/CVE-2023-3656.json) (`2023-11-02T10:15:14.067`)
* [CVE-2023-45160](CVE-2023/CVE-2023-451xx/CVE-2023-45160.json) (`2023-11-02T10:15:14.503`)
* [CVE-2023-5920](CVE-2023/CVE-2023-59xx/CVE-2023-5920.json) (`2023-11-02T12:54:30.570`)
* [CVE-2023-1192](CVE-2023/CVE-2023-11xx/CVE-2023-1192.json) (`2023-11-02T12:54:36.497`)
* [CVE-2023-1193](CVE-2023/CVE-2023-11xx/CVE-2023-1193.json) (`2023-11-02T12:54:36.497`)
* [CVE-2023-3397](CVE-2023/CVE-2023-33xx/CVE-2023-3397.json) (`2023-11-02T12:54:36.497`)
* [CVE-2023-46724](CVE-2023/CVE-2023-467xx/CVE-2023-46724.json) (`2023-11-02T12:54:36.497`)
* [CVE-2023-46428](CVE-2023/CVE-2023-464xx/CVE-2023-46428.json) (`2023-11-02T12:54:36.497`)
* [CVE-2023-39281](CVE-2023/CVE-2023-392xx/CVE-2023-39281.json) (`2023-11-02T12:54:36.497`)
* [CVE-2023-45201](CVE-2023/CVE-2023-452xx/CVE-2023-45201.json) (`2023-11-02T12:54:36.497`)
* [CVE-2023-44954](CVE-2023/CVE-2023-449xx/CVE-2023-44954.json) (`2023-11-02T12:54:36.497`)
* [CVE-2023-45202](CVE-2023/CVE-2023-452xx/CVE-2023-45202.json) (`2023-11-02T12:54:36.497`)
* [CVE-2023-45203](CVE-2023/CVE-2023-452xx/CVE-2023-45203.json) (`2023-11-02T12:54:36.497`)
* [CVE-2023-5910](CVE-2023/CVE-2023-59xx/CVE-2023-5910.json) (`2023-11-02T12:54:36.497`)
* [CVE-2023-45112](CVE-2023/CVE-2023-451xx/CVE-2023-45112.json) (`2023-11-02T12:54:36.497`)
* [CVE-2023-45113](CVE-2023/CVE-2023-451xx/CVE-2023-45113.json) (`2023-11-02T12:54:36.497`)
* [CVE-2023-45114](CVE-2023/CVE-2023-451xx/CVE-2023-45114.json) (`2023-11-02T12:54:36.497`)
* [CVE-2023-45012](CVE-2023/CVE-2023-450xx/CVE-2023-45012.json) (`2023-11-02T12:54:36.497`)
* [CVE-2023-45013](CVE-2023/CVE-2023-450xx/CVE-2023-45013.json) (`2023-11-02T12:54:36.497`)
* [CVE-2023-45014](CVE-2023/CVE-2023-450xx/CVE-2023-45014.json) (`2023-11-02T12:54:36.497`)
* [CVE-2023-45015](CVE-2023/CVE-2023-450xx/CVE-2023-45015.json) (`2023-11-02T12:54:36.497`)
* [CVE-2023-45016](CVE-2023/CVE-2023-450xx/CVE-2023-45016.json) (`2023-11-02T12:54:36.497`)
* [CVE-2023-45017](CVE-2023/CVE-2023-450xx/CVE-2023-45017.json) (`2023-11-02T12:54:36.497`)
* [CVE-2023-46482](CVE-2023/CVE-2023-464xx/CVE-2023-46482.json) (`2023-11-02T12:54:39.827`)
* [CVE-2023-44025](CVE-2023/CVE-2023-440xx/CVE-2023-44025.json) (`2023-11-02T12:54:39.827`)
* [CVE-2023-46448](CVE-2023/CVE-2023-464xx/CVE-2023-46448.json) (`2023-11-02T12:54:39.827`)
* [CVE-2023-45111](CVE-2023/CVE-2023-451xx/CVE-2023-45111.json) (`2023-11-02T12:54:39.827`)
## Download and Usage