mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-09 16:05:11 +00:00
Auto-Update: 2023-11-29T11:00:18.604388+00:00
This commit is contained in:
parent
cdef2a1036
commit
aae6a96fed
@ -2,12 +2,12 @@
|
||||
"id": "CVE-2023-5598",
|
||||
"sourceIdentifier": "3DS.Information-Security@3ds.com",
|
||||
"published": "2023-11-21T10:15:07.900",
|
||||
"lastModified": "2023-11-25T01:22:55.993",
|
||||
"vulnStatus": "Analyzed",
|
||||
"lastModified": "2023-11-29T10:15:07.353",
|
||||
"vulnStatus": "Modified",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Stored Cross-site Scripting (XSS) vulnerabilities\u00c2\u00a0affecting 3DSwym in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x allow an attacker to execute arbitrary script code."
|
||||
"value": "Stored Cross-site Scripting (XSS) vulnerabilities affecting 3DSwym in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x allow an attacker to execute arbitrary script code."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
|
@ -2,12 +2,12 @@
|
||||
"id": "CVE-2023-6020",
|
||||
"sourceIdentifier": "security@huntr.dev",
|
||||
"published": "2023-11-16T21:15:09.443",
|
||||
"lastModified": "2023-11-24T23:09:22.967",
|
||||
"vulnStatus": "Analyzed",
|
||||
"lastModified": "2023-11-29T10:15:07.507",
|
||||
"vulnStatus": "Modified",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "LFI in Ray's /static/ directory allows attackers to read any file on the server without authentication."
|
||||
"value": "LFI in Ray's /static/ directory allows attackers to read any file on the server without authentication.\n\n"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
@ -35,28 +35,26 @@
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 3.6
|
||||
}
|
||||
],
|
||||
"cvssMetricV30": [
|
||||
},
|
||||
{
|
||||
"source": "security@huntr.dev",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.0",
|
||||
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N",
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "CHANGED",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "LOW",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 9.3,
|
||||
"baseSeverity": "CRITICAL"
|
||||
"baseScore": 7.5,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 4.7
|
||||
"impactScore": 3.6
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -2,12 +2,12 @@
|
||||
"id": "CVE-2023-6021",
|
||||
"sourceIdentifier": "security@huntr.dev",
|
||||
"published": "2023-11-16T17:15:09.020",
|
||||
"lastModified": "2023-11-24T23:05:43.850",
|
||||
"vulnStatus": "Analyzed",
|
||||
"lastModified": "2023-11-29T10:15:07.707",
|
||||
"vulnStatus": "Modified",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "LFI in Ray's log API endpoint allows attackers to read any file on the server without authentication."
|
||||
"value": "LFI in Ray's log API endpoint allows attackers to read any file on the server without authentication.\n\n"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
@ -35,28 +35,26 @@
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 3.6
|
||||
}
|
||||
],
|
||||
"cvssMetricV30": [
|
||||
},
|
||||
{
|
||||
"source": "security@huntr.dev",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.0",
|
||||
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N",
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "CHANGED",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "LOW",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 9.3,
|
||||
"baseSeverity": "CRITICAL"
|
||||
"baseScore": 7.5,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 4.7
|
||||
"impactScore": 3.6
|
||||
}
|
||||
]
|
||||
},
|
||||
|
55
CVE-2023/CVE-2023-60xx/CVE-2023-6070.json
Normal file
55
CVE-2023/CVE-2023-60xx/CVE-2023-6070.json
Normal file
@ -0,0 +1,55 @@
|
||||
{
|
||||
"id": "CVE-2023-6070",
|
||||
"sourceIdentifier": "trellixpsirt@trellix.com",
|
||||
"published": "2023-11-29T09:15:21.877",
|
||||
"lastModified": "2023-11-29T09:15:21.877",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "\nA server-side request forgery vulnerability in ESM prior to version 11.6.8 allows a low privileged authenticated user to upload arbitrary content, potentially altering configuration. This is possible through the certificate validation functionality where the API accepts uploaded content and doesn't parse for invalid data\n\n"
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "trellixpsirt@trellix.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 4.3,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 1.4
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "trellixpsirt@trellix.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-918"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://kcm.trellix.com/corporate/index?page=content&id=SB10413",
|
||||
"source": "trellixpsirt@trellix.com"
|
||||
}
|
||||
]
|
||||
}
|
24
README.md
24
README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
|
||||
### Last Repository Update
|
||||
|
||||
```plain
|
||||
2023-11-29T07:00:17.662412+00:00
|
||||
2023-11-29T11:00:18.604388+00:00
|
||||
```
|
||||
|
||||
### Most recent CVE Modification Timestamp synchronized with NVD
|
||||
|
||||
```plain
|
||||
2023-11-29T06:15:46.853000+00:00
|
||||
2023-11-29T10:15:07.707000+00:00
|
||||
```
|
||||
|
||||
### Last Data Feed Release
|
||||
@ -29,29 +29,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
|
||||
### Total Number of included CVEs
|
||||
|
||||
```plain
|
||||
231672
|
||||
231673
|
||||
```
|
||||
|
||||
### CVEs added in the last Commit
|
||||
|
||||
Recently added CVEs: `9`
|
||||
Recently added CVEs: `1`
|
||||
|
||||
* [CVE-2023-46886](CVE-2023/CVE-2023-468xx/CVE-2023-46886.json) (`2023-11-29T05:15:07.863`)
|
||||
* [CVE-2023-46887](CVE-2023/CVE-2023-468xx/CVE-2023-46887.json) (`2023-11-29T05:15:07.980`)
|
||||
* [CVE-2023-47462](CVE-2023/CVE-2023-474xx/CVE-2023-47462.json) (`2023-11-29T05:15:08.033`)
|
||||
* [CVE-2023-45479](CVE-2023/CVE-2023-454xx/CVE-2023-45479.json) (`2023-11-29T06:15:46.507`)
|
||||
* [CVE-2023-45480](CVE-2023/CVE-2023-454xx/CVE-2023-45480.json) (`2023-11-29T06:15:46.620`)
|
||||
* [CVE-2023-45481](CVE-2023/CVE-2023-454xx/CVE-2023-45481.json) (`2023-11-29T06:15:46.660`)
|
||||
* [CVE-2023-45482](CVE-2023/CVE-2023-454xx/CVE-2023-45482.json) (`2023-11-29T06:15:46.710`)
|
||||
* [CVE-2023-45483](CVE-2023/CVE-2023-454xx/CVE-2023-45483.json) (`2023-11-29T06:15:46.760`)
|
||||
* [CVE-2023-45484](CVE-2023/CVE-2023-454xx/CVE-2023-45484.json) (`2023-11-29T06:15:46.810`)
|
||||
* [CVE-2023-6070](CVE-2023/CVE-2023-60xx/CVE-2023-6070.json) (`2023-11-29T09:15:21.877`)
|
||||
|
||||
|
||||
### CVEs modified in the last Commit
|
||||
|
||||
Recently modified CVEs: `1`
|
||||
Recently modified CVEs: `3`
|
||||
|
||||
* [CVE-2023-5408](CVE-2023/CVE-2023-54xx/CVE-2023-5408.json) (`2023-11-29T06:15:46.853`)
|
||||
* [CVE-2023-5598](CVE-2023/CVE-2023-55xx/CVE-2023-5598.json) (`2023-11-29T10:15:07.353`)
|
||||
* [CVE-2023-6020](CVE-2023/CVE-2023-60xx/CVE-2023-6020.json) (`2023-11-29T10:15:07.507`)
|
||||
* [CVE-2023-6021](CVE-2023/CVE-2023-60xx/CVE-2023-6021.json) (`2023-11-29T10:15:07.707`)
|
||||
|
||||
|
||||
## Download and Usage
|
||||
|
Loading…
x
Reference in New Issue
Block a user