diff --git a/CVE-2018/CVE-2018-180xx/CVE-2018-18020.json b/CVE-2018/CVE-2018-180xx/CVE-2018-18020.json index 7a7f3b28875..c5c7c2371d9 100644 --- a/CVE-2018/CVE-2018-180xx/CVE-2018-18020.json +++ b/CVE-2018/CVE-2018-180xx/CVE-2018-18020.json @@ -2,8 +2,8 @@ "id": "CVE-2018-18020", "sourceIdentifier": "cve@mitre.org", "published": "2018-10-06T14:29:00.660", - "lastModified": "2020-08-24T17:37:01.140", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-30T01:15:27.203", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -101,6 +101,10 @@ "Issue Tracking", "Third Party Advisory" ] + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00037.html", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-257xx/CVE-2021-25786.json b/CVE-2021/CVE-2021-257xx/CVE-2021-25786.json index e27225dd00a..5c47e8ae41f 100644 --- a/CVE-2021/CVE-2021-257xx/CVE-2021-25786.json +++ b/CVE-2021/CVE-2021-257xx/CVE-2021-25786.json @@ -2,8 +2,8 @@ "id": "CVE-2021-25786", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-11T14:15:11.987", - "lastModified": "2023-08-16T15:21:03.207", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-30T01:15:27.833", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -72,6 +72,10 @@ "Issue Tracking", "Patch" ] + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00037.html", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-369xx/CVE-2021-36978.json b/CVE-2021/CVE-2021-369xx/CVE-2021-36978.json index f37563a2273..ea8e730c929 100644 --- a/CVE-2021/CVE-2021-369xx/CVE-2021-36978.json +++ b/CVE-2021/CVE-2021-369xx/CVE-2021-36978.json @@ -2,8 +2,8 @@ "id": "CVE-2021-36978", "sourceIdentifier": "cve@mitre.org", "published": "2021-07-20T07:15:08.030", - "lastModified": "2021-07-29T17:50:40.250", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-30T01:15:27.953", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -124,6 +124,10 @@ "Patch", "Third Party Advisory" ] + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00037.html", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-377xx/CVE-2021-37706.json b/CVE-2021/CVE-2021-377xx/CVE-2021-37706.json index ecef5cd0ab5..feef58cfab9 100644 --- a/CVE-2021/CVE-2021-377xx/CVE-2021-37706.json +++ b/CVE-2021/CVE-2021-377xx/CVE-2021-37706.json @@ -2,8 +2,8 @@ "id": "CVE-2021-37706", "sourceIdentifier": "security-advisories@github.com", "published": "2021-12-22T18:15:07.487", - "lastModified": "2023-02-02T18:08:22.203", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-30T01:15:28.083", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -295,6 +295,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html", + "source": "security-advisories@github.com" + }, { "url": "https://security.gentoo.org/glsa/202210-37", "source": "security-advisories@github.com", diff --git a/CVE-2021/CVE-2021-432xx/CVE-2021-43299.json b/CVE-2021/CVE-2021-432xx/CVE-2021-43299.json index c0551646081..40f04276098 100644 --- a/CVE-2021/CVE-2021-432xx/CVE-2021-43299.json +++ b/CVE-2021/CVE-2021-432xx/CVE-2021-43299.json @@ -2,8 +2,8 @@ "id": "CVE-2021-43299", "sourceIdentifier": "reefs@jfrog.com", "published": "2022-02-16T21:15:07.707", - "lastModified": "2023-01-28T01:14:52.757", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-30T01:15:28.297", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -65,22 +65,22 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "reefs@jfrog.com", "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-787" + "value": "CWE-121" } ] }, { - "source": "reefs@jfrog.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-121" + "value": "CWE-787" } ] } @@ -153,6 +153,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html", + "source": "reefs@jfrog.com" + }, { "url": "https://www.debian.org/security/2022/dsa-5285", "source": "reefs@jfrog.com", diff --git a/CVE-2021/CVE-2021-433xx/CVE-2021-43300.json b/CVE-2021/CVE-2021-433xx/CVE-2021-43300.json index 15bd3051278..530a270385d 100644 --- a/CVE-2021/CVE-2021-433xx/CVE-2021-43300.json +++ b/CVE-2021/CVE-2021-433xx/CVE-2021-43300.json @@ -2,8 +2,8 @@ "id": "CVE-2021-43300", "sourceIdentifier": "reefs@jfrog.com", "published": "2022-02-16T21:15:07.760", - "lastModified": "2023-01-27T19:42:56.860", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-30T01:15:28.447", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -65,22 +65,22 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "reefs@jfrog.com", "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-787" + "value": "CWE-121" } ] }, { - "source": "reefs@jfrog.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-121" + "value": "CWE-787" } ] } @@ -153,6 +153,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html", + "source": "reefs@jfrog.com" + }, { "url": "https://www.debian.org/security/2022/dsa-5285", "source": "reefs@jfrog.com", diff --git a/CVE-2021/CVE-2021-433xx/CVE-2021-43301.json b/CVE-2021/CVE-2021-433xx/CVE-2021-43301.json index 26d28911ab3..4c03bd49bf4 100644 --- a/CVE-2021/CVE-2021-433xx/CVE-2021-43301.json +++ b/CVE-2021/CVE-2021-433xx/CVE-2021-43301.json @@ -2,8 +2,8 @@ "id": "CVE-2021-43301", "sourceIdentifier": "reefs@jfrog.com", "published": "2022-02-16T21:15:07.813", - "lastModified": "2023-01-28T01:12:32.460", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-30T01:15:28.577", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -65,22 +65,22 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "reefs@jfrog.com", "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-787" + "value": "CWE-121" } ] }, { - "source": "reefs@jfrog.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-121" + "value": "CWE-787" } ] } @@ -148,6 +148,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html", + "source": "reefs@jfrog.com" + }, { "url": "https://www.debian.org/security/2022/dsa-5285", "source": "reefs@jfrog.com", diff --git a/CVE-2021/CVE-2021-433xx/CVE-2021-43302.json b/CVE-2021/CVE-2021-433xx/CVE-2021-43302.json index 0ea700214db..1afb9cf7e96 100644 --- a/CVE-2021/CVE-2021-433xx/CVE-2021-43302.json +++ b/CVE-2021/CVE-2021-433xx/CVE-2021-43302.json @@ -2,8 +2,8 @@ "id": "CVE-2021-43302", "sourceIdentifier": "reefs@jfrog.com", "published": "2022-02-16T21:15:07.867", - "lastModified": "2023-01-27T19:46:17.150", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-30T01:15:28.670", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -65,7 +65,7 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "reefs@jfrog.com", "type": "Primary", "description": [ { @@ -75,7 +75,7 @@ ] }, { - "source": "reefs@jfrog.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { @@ -153,6 +153,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html", + "source": "reefs@jfrog.com" + }, { "url": "https://www.debian.org/security/2022/dsa-5285", "source": "reefs@jfrog.com", diff --git a/CVE-2021/CVE-2021-433xx/CVE-2021-43303.json b/CVE-2021/CVE-2021-433xx/CVE-2021-43303.json index 59eb7faaf06..d9f299b9df5 100644 --- a/CVE-2021/CVE-2021-433xx/CVE-2021-43303.json +++ b/CVE-2021/CVE-2021-433xx/CVE-2021-43303.json @@ -2,8 +2,8 @@ "id": "CVE-2021-43303", "sourceIdentifier": "reefs@jfrog.com", "published": "2022-02-16T21:15:07.920", - "lastModified": "2023-02-02T18:50:50.663", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-30T01:15:28.777", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -65,7 +65,7 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "reefs@jfrog.com", "type": "Primary", "description": [ { @@ -75,7 +75,7 @@ ] }, { - "source": "reefs@jfrog.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { @@ -153,6 +153,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html", + "source": "reefs@jfrog.com" + }, { "url": "https://www.debian.org/security/2022/dsa-5285", "source": "reefs@jfrog.com", diff --git a/CVE-2021/CVE-2021-438xx/CVE-2021-43804.json b/CVE-2021/CVE-2021-438xx/CVE-2021-43804.json index 911cffa1349..dbb46fe23e2 100644 --- a/CVE-2021/CVE-2021-438xx/CVE-2021-43804.json +++ b/CVE-2021/CVE-2021-438xx/CVE-2021-43804.json @@ -2,8 +2,8 @@ "id": "CVE-2021-43804", "sourceIdentifier": "security-advisories@github.com", "published": "2021-12-22T18:15:07.900", - "lastModified": "2023-02-02T18:08:18.473", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-30T01:15:28.910", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -176,6 +176,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html", + "source": "security-advisories@github.com" + }, { "url": "https://security.gentoo.org/glsa/202210-37", "source": "security-advisories@github.com", diff --git a/CVE-2021/CVE-2021-438xx/CVE-2021-43845.json b/CVE-2021/CVE-2021-438xx/CVE-2021-43845.json index 50321f3e2ea..06915f3ca94 100644 --- a/CVE-2021/CVE-2021-438xx/CVE-2021-43845.json +++ b/CVE-2021/CVE-2021-438xx/CVE-2021-43845.json @@ -2,8 +2,8 @@ "id": "CVE-2021-43845", "sourceIdentifier": "security-advisories@github.com", "published": "2021-12-27T18:15:07.460", - "lastModified": "2023-01-27T19:56:11.017", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-30T01:15:29.180", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -191,6 +191,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html", + "source": "security-advisories@github.com" + }, { "url": "https://security.gentoo.org/glsa/202210-37", "source": "security-advisories@github.com", diff --git a/CVE-2022/CVE-2022-217xx/CVE-2022-21722.json b/CVE-2022/CVE-2022-217xx/CVE-2022-21722.json index 18935eb79ba..ca16f3c23d1 100644 --- a/CVE-2022/CVE-2022-217xx/CVE-2022-21722.json +++ b/CVE-2022/CVE-2022-217xx/CVE-2022-21722.json @@ -2,8 +2,8 @@ "id": "CVE-2022-21722", "sourceIdentifier": "security-advisories@github.com", "published": "2022-01-27T00:15:07.653", - "lastModified": "2023-02-02T18:29:00.820", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-30T01:15:29.397", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -176,6 +176,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html", + "source": "security-advisories@github.com" + }, { "url": "https://security.gentoo.org/glsa/202210-37", "source": "security-advisories@github.com", diff --git a/CVE-2022/CVE-2022-217xx/CVE-2022-21723.json b/CVE-2022/CVE-2022-217xx/CVE-2022-21723.json index ce4f3f5adfe..a87b94e50e0 100644 --- a/CVE-2022/CVE-2022-217xx/CVE-2022-21723.json +++ b/CVE-2022/CVE-2022-217xx/CVE-2022-21723.json @@ -2,8 +2,8 @@ "id": "CVE-2022-21723", "sourceIdentifier": "security-advisories@github.com", "published": "2022-01-27T00:15:07.737", - "lastModified": "2023-02-02T18:30:15.207", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-30T01:15:30.153", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -289,6 +289,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html", + "source": "security-advisories@github.com" + }, { "url": "https://security.gentoo.org/glsa/202210-37", "source": "security-advisories@github.com", diff --git a/CVE-2022/CVE-2022-235xx/CVE-2022-23537.json b/CVE-2022/CVE-2022-235xx/CVE-2022-23537.json index 7b3c4375bd3..439ff97a391 100644 --- a/CVE-2022/CVE-2022-235xx/CVE-2022-23537.json +++ b/CVE-2022/CVE-2022-235xx/CVE-2022-23537.json @@ -2,8 +2,8 @@ "id": "CVE-2022-23537", "sourceIdentifier": "security-advisories@github.com", "published": "2022-12-20T19:15:24.663", - "lastModified": "2023-06-27T18:19:46.640", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-30T01:15:30.337", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -56,22 +56,22 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "security-advisories@github.com", "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-125" + "value": "CWE-122" } ] }, { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-122" + "value": "CWE-125" } ] } @@ -110,6 +110,10 @@ "Patch", "Third Party Advisory" ] + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html", + "source": "security-advisories@github.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-235xx/CVE-2022-23547.json b/CVE-2022/CVE-2022-235xx/CVE-2022-23547.json index fe5a6f364b2..eda49eb57a6 100644 --- a/CVE-2022/CVE-2022-235xx/CVE-2022-23547.json +++ b/CVE-2022/CVE-2022-235xx/CVE-2022-23547.json @@ -2,8 +2,8 @@ "id": "CVE-2022-23547", "sourceIdentifier": "security-advisories@github.com", "published": "2022-12-23T15:15:14.917", - "lastModified": "2023-06-27T02:40:57.517", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-30T01:15:32.280", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -56,22 +56,22 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "security-advisories@github.com", "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-125" + "value": "CWE-122" } ] }, { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-122" + "value": "CWE-125" } ] } @@ -118,6 +118,10 @@ "Patch", "Third Party Advisory" ] + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html", + "source": "security-advisories@github.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-236xx/CVE-2022-23608.json b/CVE-2022/CVE-2022-236xx/CVE-2022-23608.json index 021526d14d9..ba2d9e05ab3 100644 --- a/CVE-2022/CVE-2022-236xx/CVE-2022-23608.json +++ b/CVE-2022/CVE-2022-236xx/CVE-2022-23608.json @@ -2,8 +2,8 @@ "id": "CVE-2022-23608", "sourceIdentifier": "security-advisories@github.com", "published": "2022-02-22T20:15:07.693", - "lastModified": "2023-02-02T18:30:18.493", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-30T01:15:32.583", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -299,6 +299,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html", + "source": "security-advisories@github.com" + }, { "url": "https://security.gentoo.org/glsa/202210-37", "source": "security-advisories@github.com", diff --git a/CVE-2022/CVE-2022-247xx/CVE-2022-24754.json b/CVE-2022/CVE-2022-247xx/CVE-2022-24754.json index 825980433a6..51dc27c84c1 100644 --- a/CVE-2022/CVE-2022-247xx/CVE-2022-24754.json +++ b/CVE-2022/CVE-2022-247xx/CVE-2022-24754.json @@ -2,8 +2,8 @@ "id": "CVE-2022-24754", "sourceIdentifier": "security-advisories@github.com", "published": "2022-03-11T20:15:08.873", - "lastModified": "2023-07-03T20:35:39.967", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-30T01:15:35.427", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -85,22 +85,22 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "security-advisories@github.com", "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-1284" + "value": "CWE-120" } ] }, { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-120" + "value": "CWE-1284" } ] } @@ -163,6 +163,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html", + "source": "security-advisories@github.com" + }, { "url": "https://security.gentoo.org/glsa/202210-37", "source": "security-advisories@github.com", diff --git a/CVE-2022/CVE-2022-247xx/CVE-2022-24763.json b/CVE-2022/CVE-2022-247xx/CVE-2022-24763.json index 3ffb216cdcd..d53ea2d17d5 100644 --- a/CVE-2022/CVE-2022-247xx/CVE-2022-24763.json +++ b/CVE-2022/CVE-2022-247xx/CVE-2022-24763.json @@ -2,8 +2,8 @@ "id": "CVE-2022-24763", "sourceIdentifier": "security-advisories@github.com", "published": "2022-03-30T21:15:07.927", - "lastModified": "2023-01-27T19:51:11.873", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-30T01:15:35.717", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -181,6 +181,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html", + "source": "security-advisories@github.com" + }, { "url": "https://security.gentoo.org/glsa/202210-37", "source": "security-advisories@github.com", diff --git a/CVE-2022/CVE-2022-247xx/CVE-2022-24764.json b/CVE-2022/CVE-2022-247xx/CVE-2022-24764.json index 9fb9122652d..585e5327985 100644 --- a/CVE-2022/CVE-2022-247xx/CVE-2022-24764.json +++ b/CVE-2022/CVE-2022-247xx/CVE-2022-24764.json @@ -2,8 +2,8 @@ "id": "CVE-2022-24764", "sourceIdentifier": "security-advisories@github.com", "published": "2022-03-22T17:15:07.870", - "lastModified": "2023-02-02T18:30:40.277", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-30T01:15:36.040", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -180,6 +180,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html", + "source": "security-advisories@github.com" + }, { "url": "https://security.gentoo.org/glsa/202210-37", "source": "security-advisories@github.com", diff --git a/CVE-2022/CVE-2022-247xx/CVE-2022-24793.json b/CVE-2022/CVE-2022-247xx/CVE-2022-24793.json index 4c8e2b56909..be05617badf 100644 --- a/CVE-2022/CVE-2022-247xx/CVE-2022-24793.json +++ b/CVE-2022/CVE-2022-247xx/CVE-2022-24793.json @@ -2,7 +2,7 @@ "id": "CVE-2022-24793", "sourceIdentifier": "security-advisories@github.com", "published": "2022-04-06T14:15:08.087", - "lastModified": "2023-03-20T17:15:12.147", + "lastModified": "2023-08-30T01:15:36.227", "vulnStatus": "Modified", "descriptions": [ { @@ -181,6 +181,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html", + "source": "security-advisories@github.com" + }, { "url": "https://security.gentoo.org/glsa/202210-37", "source": "security-advisories@github.com", diff --git a/CVE-2022/CVE-2022-310xx/CVE-2022-31031.json b/CVE-2022/CVE-2022-310xx/CVE-2022-31031.json index f0988088a57..3df4aa9e0a2 100644 --- a/CVE-2022/CVE-2022-310xx/CVE-2022-31031.json +++ b/CVE-2022/CVE-2022-310xx/CVE-2022-31031.json @@ -2,8 +2,8 @@ "id": "CVE-2022-31031", "sourceIdentifier": "security-advisories@github.com", "published": "2022-06-09T16:15:08.917", - "lastModified": "2023-06-29T14:25:53.187", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-30T01:15:36.573", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -85,22 +85,22 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "security-advisories@github.com", "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-787" + "value": "CWE-120" } ] }, { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-120" + "value": "CWE-787" } ] } @@ -167,6 +167,10 @@ "Mailing List" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html", + "source": "security-advisories@github.com" + }, { "url": "https://security.gentoo.org/glsa/202210-37", "source": "security-advisories@github.com", diff --git a/CVE-2022/CVE-2022-392xx/CVE-2022-39244.json b/CVE-2022/CVE-2022-392xx/CVE-2022-39244.json index 848ffe1c606..608e398c5e8 100644 --- a/CVE-2022/CVE-2022-392xx/CVE-2022-39244.json +++ b/CVE-2022/CVE-2022-392xx/CVE-2022-39244.json @@ -2,7 +2,7 @@ "id": "CVE-2022-39244", "sourceIdentifier": "security-advisories@github.com", "published": "2022-10-06T18:16:11.207", - "lastModified": "2023-02-24T00:15:11.847", + "lastModified": "2023-08-30T01:15:36.887", "vulnStatus": "Modified", "descriptions": [ { @@ -60,7 +60,7 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "security-advisories@github.com", "type": "Primary", "description": [ { @@ -70,7 +70,7 @@ ] }, { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { @@ -118,6 +118,10 @@ "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html", "source": "security-advisories@github.com" }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html", + "source": "security-advisories@github.com" + }, { "url": "https://security.gentoo.org/glsa/202210-37", "source": "security-advisories@github.com", diff --git a/CVE-2023/CVE-2023-275xx/CVE-2023-27585.json b/CVE-2023/CVE-2023-275xx/CVE-2023-27585.json index 6dd48fef8d7..355efc4ffc9 100644 --- a/CVE-2023/CVE-2023-275xx/CVE-2023-27585.json +++ b/CVE-2023/CVE-2023-275xx/CVE-2023-27585.json @@ -2,7 +2,7 @@ "id": "CVE-2023-27585", "sourceIdentifier": "security-advisories@github.com", "published": "2023-03-14T17:15:19.587", - "lastModified": "2023-06-23T16:15:09.087", + "lastModified": "2023-08-30T01:15:37.417", "vulnStatus": "Modified", "descriptions": [ { @@ -115,6 +115,10 @@ "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00020.html", "source": "security-advisories@github.com" }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html", + "source": "security-advisories@github.com" + }, { "url": "https://www.debian.org/security/2023/dsa-5438", "source": "security-advisories@github.com" diff --git a/CVE-2023/CVE-2023-347xx/CVE-2023-34724.json b/CVE-2023/CVE-2023-347xx/CVE-2023-34724.json index 287a2ee83aa..97d427b276e 100644 --- a/CVE-2023/CVE-2023-347xx/CVE-2023-34724.json +++ b/CVE-2023/CVE-2023-347xx/CVE-2023-34724.json @@ -2,23 +2,94 @@ "id": "CVE-2023-34724", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-28T22:15:08.230", - "lastModified": "2023-08-29T05:18:54.617", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-30T00:27:00.350", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in TECHView LA5570 Wireless Gateway 1.0.19_T53, allows physical attackers to gain escalated privileges via the UART interface." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:jaycar:la5570_firmware:1.0.19_t53:*:*:*:*:*:*:*", + "matchCriteriaId": "725D3A05-4F91-4EFD-8590-22FFADBD2F47" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:jaycar:la5570:-:*:*:*:*:*:*:*", + "matchCriteriaId": "46B24E7F-1C4B-49B5-BE0E-1AF9D84020FD" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.exploitsecurity.io/post/cve-2023-34723-cve-2023-34724-cve-2023-34725", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://www.jaycar.com.au/wireless-gateway-home-automation-controller/p/LA5570", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-347xx/CVE-2023-34725.json b/CVE-2023/CVE-2023-347xx/CVE-2023-34725.json index 81d23c58c28..b6a5eb7c50a 100644 --- a/CVE-2023/CVE-2023-347xx/CVE-2023-34725.json +++ b/CVE-2023/CVE-2023-347xx/CVE-2023-34725.json @@ -2,23 +2,94 @@ "id": "CVE-2023-34725", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-28T22:15:08.493", - "lastModified": "2023-08-29T05:18:54.617", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-30T00:27:32.253", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in TechView LA-5570 Wireless Gateway 1.0.19_T53, allows physical attackers to gain escalated privileges via a telnet connection." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-668" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:jaycar:la5570_firmware:1.0.19_t53:*:*:*:*:*:*:*", + "matchCriteriaId": "725D3A05-4F91-4EFD-8590-22FFADBD2F47" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:jaycar:la5570:-:*:*:*:*:*:*:*", + "matchCriteriaId": "46B24E7F-1C4B-49B5-BE0E-1AF9D84020FD" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.exploitsecurity.io/post/cve-2023-34723-cve-2023-34724-cve-2023-34725", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://www.jaycar.com.au/wireless-gateway-home-automation-controller/p/LA5570", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-390xx/CVE-2023-39059.json b/CVE-2023/CVE-2023-390xx/CVE-2023-39059.json index b89f6973ae8..53693734d27 100644 --- a/CVE-2023/CVE-2023-390xx/CVE-2023-39059.json +++ b/CVE-2023/CVE-2023-390xx/CVE-2023-39059.json @@ -2,23 +2,82 @@ "id": "CVE-2023-39059", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-28T22:15:08.983", - "lastModified": "2023-08-29T05:18:54.617", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-30T00:30:06.513", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue in ansible semaphore v.2.8.90 allows a remote attacker to execute arbitrary code via a crafted payload to the extra variables parameter." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ansible-semaphore:ansible_semaphore:2.8.90:*:*:*:*:ansible:*:*", + "matchCriteriaId": "16DD3CFA-9FB4-472D-B86E-AAF810A591E2" + } + ] + } + ] + } + ], "references": [ { "url": "https://gist.github.com/Alevsk/1757da24c5fb8db735d392fd4146ca3a", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.alevsk.com/2023/07/a-quick-story-of-security-pitfalls-with-execcommand-in-software-integrations/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-407xx/CVE-2023-40781.json b/CVE-2023/CVE-2023-407xx/CVE-2023-40781.json index bd5cf742f9c..7c7235a3505 100644 --- a/CVE-2023/CVE-2023-407xx/CVE-2023-40781.json +++ b/CVE-2023/CVE-2023-407xx/CVE-2023-40781.json @@ -2,19 +2,75 @@ "id": "CVE-2023-40781", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-28T22:15:09.157", - "lastModified": "2023-08-29T05:18:54.617", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-30T00:30:27.107", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Buffer Overflow vulnerability in Libming Libming v.0.4.8 allows a remote attacker to cause a denial of service via a crafted .swf file to the makeswf function." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:libming:libming:0.4.8:*:*:*:*:*:*:*", + "matchCriteriaId": "DD92BC79-2548-4C6F-9BDD-26C12BDF68AC" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/libming/libming/issues/288", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-408xx/CVE-2023-40825.json b/CVE-2023/CVE-2023-408xx/CVE-2023-40825.json index ee047dfce46..d414d9f61c8 100644 --- a/CVE-2023/CVE-2023-408xx/CVE-2023-40825.json +++ b/CVE-2023/CVE-2023-408xx/CVE-2023-40825.json @@ -2,19 +2,79 @@ "id": "CVE-2023-40825", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-28T22:15:09.293", - "lastModified": "2023-08-29T05:18:54.617", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-30T00:32:16.193", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue in Perfree PerfreeBlog v.3.1.2 allows a remote attacker to execute arbitrary code via crafted plugin listed in admin/plugin/access/list." + }, + { + "lang": "es", + "value": "Un problema en PerfreeBlog v3.1.2 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un plugin manipulado listado en \"admin/plugin/access/list\"." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:perfree:perfreeblog:3.1.2:*:*:*:*:*:*:*", + "matchCriteriaId": "8D85BC31-3119-4CC1-89DD-CF50428AEAD0" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/perfree/PerfreeBlog/issues/15", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-408xx/CVE-2023-40827.json b/CVE-2023/CVE-2023-408xx/CVE-2023-40827.json index 481ae245ecf..c657ef820e4 100644 --- a/CVE-2023/CVE-2023-408xx/CVE-2023-40827.json +++ b/CVE-2023/CVE-2023-408xx/CVE-2023-40827.json @@ -2,27 +2,98 @@ "id": "CVE-2023-40827", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-28T22:15:09.583", - "lastModified": "2023-08-29T05:18:54.617", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T23:56:57.150", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the loadpluginPath parameter." + }, + { + "lang": "es", + "value": "Un problema en Pf4j v3.9.0 y anteriores permite a un atacante remoto obtener informaci\u00f3n sensible y ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro \"loadpluginPath\"." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pf4j_project:pf4j:*:*:*:*:*:*:*:*", + "versionEndIncluding": "3.9.0", + "matchCriteriaId": "DB85990D-5588-477E-ADF2-EB0D1DCBC83B" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/pf4j/pf4j/issues/536", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Patch", + "Vendor Advisory" + ] }, { "url": "https://github.com/pf4j/pf4j/pull/537", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Patch", + "Vendor Advisory" + ] }, { "url": "https://github.com/pf4j/pf4j/pull/537/commits/ed9392069fe14c6c30d9f876710e5ad40f7ea8c1", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-408xx/CVE-2023-40828.json b/CVE-2023/CVE-2023-408xx/CVE-2023-40828.json index 206643d01a0..e950d423c64 100644 --- a/CVE-2023/CVE-2023-408xx/CVE-2023-40828.json +++ b/CVE-2023/CVE-2023-408xx/CVE-2023-40828.json @@ -2,27 +2,95 @@ "id": "CVE-2023-40828", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-28T22:15:09.713", - "lastModified": "2023-08-29T05:18:54.617", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T23:57:26.907", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the expandIfZip method in the extract function." + }, + { + "lang": "es", + "value": "Un problema en Pf4j v3.9.0 y anteriores permite a un atacante remoto obtener informaci\u00f3n sensible y ejecutar c\u00f3digo arbitrario a trav\u00e9s del m\u00e9todo \"expandIfZip\" en la funci\u00f3n \"extract\"." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pf4j_project:pf4j:*:*:*:*:*:*:*:*", + "versionEndIncluding": "3.9.0", + "matchCriteriaId": "DB85990D-5588-477E-ADF2-EB0D1DCBC83B" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/pf4j/pf4j/commit/8e0aa198c4e652cfc1eb9e05ca9b64397f67cc72", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/pf4j/pf4j/pull/537", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Vendor Advisory" + ] }, { "url": "https://github.com/pf4j/pf4j/pull/538", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-410xx/CVE-2023-41005.json b/CVE-2023/CVE-2023-410xx/CVE-2023-41005.json index acdc8504f23..27742e4d218 100644 --- a/CVE-2023/CVE-2023-410xx/CVE-2023-41005.json +++ b/CVE-2023/CVE-2023-410xx/CVE-2023-41005.json @@ -2,19 +2,80 @@ "id": "CVE-2023-41005", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-28T22:15:10.307", - "lastModified": "2023-08-29T05:18:54.617", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-30T00:33:41.410", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue in Pagekit pagekit v.1.0.18 alows a remote attacker to execute arbitrary code via thedownloadAction and updateAction functions in UpdateController.php" + }, + { + "lang": "es", + "value": "Un problema en Pagekit v1.0.18 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de las funciones \"thedownloadAction\" y \"updateAction\" en \"UpdateController.php\"." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pagekit:pagekit:1.0.18:*:*:*:*:*:*:*", + "matchCriteriaId": "A1E39691-604C-42A3-BA30-80433E0E09EA" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/pagekit/pagekit/issues/977", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-413xx/CVE-2023-41358.json b/CVE-2023/CVE-2023-413xx/CVE-2023-41358.json index 9f8507b97c1..cc48ac56c92 100644 --- a/CVE-2023/CVE-2023-413xx/CVE-2023-41358.json +++ b/CVE-2023/CVE-2023-413xx/CVE-2023-41358.json @@ -2,19 +2,76 @@ "id": "CVE-2023-41358", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-29T04:15:16.180", - "lastModified": "2023-08-29T05:18:54.617", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-30T00:44:34.590", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:frrouting:frrouting:*:*:*:*:*:*:*:*", + "versionEndIncluding": "9.0", + "matchCriteriaId": "21743BBD-2224-414A-9ECE-DDB43CCCD919" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/FRRouting/frr/pull/14260", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-413xx/CVE-2023-41359.json b/CVE-2023/CVE-2023-413xx/CVE-2023-41359.json index ca860730e98..b3fe4374d38 100644 --- a/CVE-2023/CVE-2023-413xx/CVE-2023-41359.json +++ b/CVE-2023/CVE-2023-413xx/CVE-2023-41359.json @@ -2,19 +2,76 @@ "id": "CVE-2023-41359", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-29T04:15:16.877", - "lastModified": "2023-08-29T05:18:54.617", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-30T00:44:45.430", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.c because there is no check for the availability of two bytes during AIGP validation." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:frrouting:frrouting:*:*:*:*:*:*:*:*", + "versionEndIncluding": "9.0", + "matchCriteriaId": "21743BBD-2224-414A-9ECE-DDB43CCCD919" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/FRRouting/frr/pull/14232", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-413xx/CVE-2023-41360.json b/CVE-2023/CVE-2023-413xx/CVE-2023-41360.json index a644d2033a8..0037d1e9a87 100644 --- a/CVE-2023/CVE-2023-413xx/CVE-2023-41360.json +++ b/CVE-2023/CVE-2023-413xx/CVE-2023-41360.json @@ -2,19 +2,76 @@ "id": "CVE-2023-41360", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-29T04:15:16.957", - "lastModified": "2023-08-29T05:18:54.617", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-30T00:44:54.753", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:frrouting:frrouting:*:*:*:*:*:*:*:*", + "versionEndIncluding": "9.0", + "matchCriteriaId": "21743BBD-2224-414A-9ECE-DDB43CCCD919" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/FRRouting/frr/pull/14245", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-413xx/CVE-2023-41361.json b/CVE-2023/CVE-2023-413xx/CVE-2023-41361.json index e504cce687c..39ae84e46d8 100644 --- a/CVE-2023/CVE-2023-413xx/CVE-2023-41361.json +++ b/CVE-2023/CVE-2023-413xx/CVE-2023-41361.json @@ -2,19 +2,80 @@ "id": "CVE-2023-41361", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-29T04:15:17.027", - "lastModified": "2023-08-29T05:18:54.617", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-30T00:45:03.640", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in FRRouting FRR 9.0. bgpd/bgp_open.c does not check for an overly large length of the rcv software version." + }, + { + "lang": "es", + "value": "Se ha descubierto un problema en FRRouting FRR v9.0. \"bgpd/bgp_open.c\" no comprueba una longitud excesiva de la versi\u00f3n de software rcv. " + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:frrouting:frrouting:*:*:*:*:*:*:*:*", + "versionEndIncluding": "9.0", + "matchCriteriaId": "21743BBD-2224-414A-9ECE-DDB43CCCD919" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/FRRouting/frr/pull/14241", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 00f0dd581c7..8849016d23b 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-08-29T23:55:25.192584+00:00 +2023-08-30T02:00:24.992635+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-08-29T23:53:39.837000+00:00 +2023-08-30T01:15:37.417000+00:00 ``` ### Last Data Feed Release @@ -23,7 +23,7 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2023-08-29T00:00:13.553847+00:00 +2023-08-30T00:00:13.572909+00:00 ``` ### Total Number of included CVEs @@ -34,47 +34,39 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### CVEs added in the last Commit -Recently added CVEs: `10` +Recently added CVEs: `0` -* [CVE-2020-18912](CVE-2020/CVE-2020-189xx/CVE-2020-18912.json) (`2023-08-29T23:15:07.980`) -* [CVE-2023-38971](CVE-2023/CVE-2023-389xx/CVE-2023-38971.json) (`2023-08-29T22:15:08.883`) -* [CVE-2023-38975](CVE-2023/CVE-2023-389xx/CVE-2023-38975.json) (`2023-08-29T22:15:08.980`) -* [CVE-2023-41153](CVE-2023/CVE-2023-411xx/CVE-2023-41153.json) (`2023-08-29T22:15:09.217`) -* [CVE-2023-4296](CVE-2023/CVE-2023-42xx/CVE-2023-4296.json) (`2023-08-29T22:15:09.297`) -* [CVE-2023-4611](CVE-2023/CVE-2023-46xx/CVE-2023-4611.json) (`2023-08-29T22:15:09.397`) -* [CVE-2023-39558](CVE-2023/CVE-2023-395xx/CVE-2023-39558.json) (`2023-08-29T23:15:08.827`) -* [CVE-2023-39559](CVE-2023/CVE-2023-395xx/CVE-2023-39559.json) (`2023-08-29T23:15:08.967`) -* [CVE-2023-41265](CVE-2023/CVE-2023-412xx/CVE-2023-41265.json) (`2023-08-29T23:15:09.170`) -* [CVE-2023-41266](CVE-2023/CVE-2023-412xx/CVE-2023-41266.json) (`2023-08-29T23:15:09.380`) ### CVEs modified in the last Commit -Recently modified CVEs: `23` +Recently modified CVEs: `35` -* [CVE-2018-11314](CVE-2018/CVE-2018-113xx/CVE-2018-11314.json) (`2023-08-29T22:15:08.127`) -* [CVE-2020-27366](CVE-2020/CVE-2020-273xx/CVE-2020-27366.json) (`2023-08-29T23:41:31.250`) -* [CVE-2022-27152](CVE-2022/CVE-2022-271xx/CVE-2022-27152.json) (`2023-08-29T22:15:08.747`) -* [CVE-2023-38976](CVE-2023/CVE-2023-389xx/CVE-2023-38976.json) (`2023-08-29T22:15:09.040`) -* [CVE-2023-39578](CVE-2023/CVE-2023-395xx/CVE-2023-39578.json) (`2023-08-29T22:15:09.127`) -* [CVE-2023-40709](CVE-2023/CVE-2023-407xx/CVE-2023-40709.json) (`2023-08-29T23:32:09.780`) -* [CVE-2023-40708](CVE-2023/CVE-2023-407xx/CVE-2023-40708.json) (`2023-08-29T23:33:16.533`) -* [CVE-2023-40707](CVE-2023/CVE-2023-407xx/CVE-2023-40707.json) (`2023-08-29T23:34:10.753`) -* [CVE-2023-40706](CVE-2023/CVE-2023-407xx/CVE-2023-40706.json) (`2023-08-29T23:34:50.430`) -* [CVE-2023-4229](CVE-2023/CVE-2023-42xx/CVE-2023-4229.json) (`2023-08-29T23:35:40.940`) -* [CVE-2023-4228](CVE-2023/CVE-2023-42xx/CVE-2023-4228.json) (`2023-08-29T23:36:22.147`) -* [CVE-2023-4227](CVE-2023/CVE-2023-42xx/CVE-2023-4227.json) (`2023-08-29T23:39:20.507`) -* [CVE-2023-39709](CVE-2023/CVE-2023-397xx/CVE-2023-39709.json) (`2023-08-29T23:39:57.640`) -* [CVE-2023-39062](CVE-2023/CVE-2023-390xx/CVE-2023-39062.json) (`2023-08-29T23:40:24.717`) -* [CVE-2023-39560](CVE-2023/CVE-2023-395xx/CVE-2023-39560.json) (`2023-08-29T23:41:48.403`) -* [CVE-2023-38030](CVE-2023/CVE-2023-380xx/CVE-2023-38030.json) (`2023-08-29T23:42:27.287`) -* [CVE-2023-38029](CVE-2023/CVE-2023-380xx/CVE-2023-38029.json) (`2023-08-29T23:46:48.037`) -* [CVE-2023-38028](CVE-2023/CVE-2023-380xx/CVE-2023-38028.json) (`2023-08-29T23:47:08.563`) -* [CVE-2023-38024](CVE-2023/CVE-2023-380xx/CVE-2023-38024.json) (`2023-08-29T23:47:23.267`) -* [CVE-2023-38025](CVE-2023/CVE-2023-380xx/CVE-2023-38025.json) (`2023-08-29T23:47:47.977`) -* [CVE-2023-38969](CVE-2023/CVE-2023-389xx/CVE-2023-38969.json) (`2023-08-29T23:49:01.320`) -* [CVE-2023-32241](CVE-2023/CVE-2023-322xx/CVE-2023-32241.json) (`2023-08-29T23:49:20.647`) -* [CVE-2023-40826](CVE-2023/CVE-2023-408xx/CVE-2023-40826.json) (`2023-08-29T23:53:39.837`) +* [CVE-2021-43845](CVE-2021/CVE-2021-438xx/CVE-2021-43845.json) (`2023-08-30T01:15:29.180`) +* [CVE-2022-21722](CVE-2022/CVE-2022-217xx/CVE-2022-21722.json) (`2023-08-30T01:15:29.397`) +* [CVE-2022-21723](CVE-2022/CVE-2022-217xx/CVE-2022-21723.json) (`2023-08-30T01:15:30.153`) +* [CVE-2022-23537](CVE-2022/CVE-2022-235xx/CVE-2022-23537.json) (`2023-08-30T01:15:30.337`) +* [CVE-2022-23547](CVE-2022/CVE-2022-235xx/CVE-2022-23547.json) (`2023-08-30T01:15:32.280`) +* [CVE-2022-23608](CVE-2022/CVE-2022-236xx/CVE-2022-23608.json) (`2023-08-30T01:15:32.583`) +* [CVE-2022-24754](CVE-2022/CVE-2022-247xx/CVE-2022-24754.json) (`2023-08-30T01:15:35.427`) +* [CVE-2022-24763](CVE-2022/CVE-2022-247xx/CVE-2022-24763.json) (`2023-08-30T01:15:35.717`) +* [CVE-2022-24764](CVE-2022/CVE-2022-247xx/CVE-2022-24764.json) (`2023-08-30T01:15:36.040`) +* [CVE-2022-24793](CVE-2022/CVE-2022-247xx/CVE-2022-24793.json) (`2023-08-30T01:15:36.227`) +* [CVE-2022-31031](CVE-2022/CVE-2022-310xx/CVE-2022-31031.json) (`2023-08-30T01:15:36.573`) +* [CVE-2022-39244](CVE-2022/CVE-2022-392xx/CVE-2022-39244.json) (`2023-08-30T01:15:36.887`) +* [CVE-2023-40827](CVE-2023/CVE-2023-408xx/CVE-2023-40827.json) (`2023-08-29T23:56:57.150`) +* [CVE-2023-40828](CVE-2023/CVE-2023-408xx/CVE-2023-40828.json) (`2023-08-29T23:57:26.907`) +* [CVE-2023-34724](CVE-2023/CVE-2023-347xx/CVE-2023-34724.json) (`2023-08-30T00:27:00.350`) +* [CVE-2023-34725](CVE-2023/CVE-2023-347xx/CVE-2023-34725.json) (`2023-08-30T00:27:32.253`) +* [CVE-2023-39059](CVE-2023/CVE-2023-390xx/CVE-2023-39059.json) (`2023-08-30T00:30:06.513`) +* [CVE-2023-40781](CVE-2023/CVE-2023-407xx/CVE-2023-40781.json) (`2023-08-30T00:30:27.107`) +* [CVE-2023-40825](CVE-2023/CVE-2023-408xx/CVE-2023-40825.json) (`2023-08-30T00:32:16.193`) +* [CVE-2023-41005](CVE-2023/CVE-2023-410xx/CVE-2023-41005.json) (`2023-08-30T00:33:41.410`) +* [CVE-2023-41358](CVE-2023/CVE-2023-413xx/CVE-2023-41358.json) (`2023-08-30T00:44:34.590`) +* [CVE-2023-41359](CVE-2023/CVE-2023-413xx/CVE-2023-41359.json) (`2023-08-30T00:44:45.430`) +* [CVE-2023-41360](CVE-2023/CVE-2023-413xx/CVE-2023-41360.json) (`2023-08-30T00:44:54.753`) +* [CVE-2023-41361](CVE-2023/CVE-2023-413xx/CVE-2023-41361.json) (`2023-08-30T00:45:03.640`) +* [CVE-2023-27585](CVE-2023/CVE-2023-275xx/CVE-2023-27585.json) (`2023-08-30T01:15:37.417`) ## Download and Usage