admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 03:27:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-04-29T04:00:24.285600+00:00

Browse Source
This commit is contained in:
René Helmke 2023-04-29 06:00:27 +02:00
parent d92e078d74
commit ad391fff3b
44 changed files with 2798 additions and 177 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
CVE-2014/CVE-2014-1250xx/CVE-2014-125099.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-125099",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-20T06:15:06.867",
"lastModified": "2023-04-20T13:15:05.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T02:54:19.860",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,22 +93,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:themeist:i_recommend_this:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.7.2",
"matchCriteriaId": "C73088C0-5069-45B8-877F-E158B6C94FE7"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wp-plugins/i-recommend-this/commit/058b3ef5c7577bf557557904a53ecc8599b13649",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/wp-plugins/i-recommend-this/releases/tag/3.7.3",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://vuldb.com/?ctiid.226309",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.226309",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

63
CVE-2021/CVE-2021-08xx/CVE-2021-0880.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2021-0880",
"sourceIdentifier": "security@android.com",
"published": "2023-04-19T20:15:10.597",
"lastModified": "2023-04-20T13:15:27.317",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T02:28:49.327",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In PVRSRVBridgeRGXKickTA3D of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270396792"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
}
]
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/2023-04-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2021/CVE-2021-08xx/CVE-2021-0885.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2021-0885",
"sourceIdentifier": "security@android.com",
"published": "2023-04-19T20:15:10.833",
"lastModified": "2023-04-20T13:15:27.317",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T02:29:25.257",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In PVRSRVBridgeSyncPrimOpTake of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270401914"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
}
]
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/2023-04-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2021/CVE-2021-339xx/CVE-2021-33970.json
View File

@ -2,27 +2,89 @@
"id": "CVE-2021-33970",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-19T22:15:10.023",
"lastModified": "2023-04-20T13:15:05.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T03:24:38.453",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in Qihoo 360 Chrome v13.0.2170.0 allows attacker to escalate priveleges."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:browser.360:chrome:13.0.2170.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3407AAA-D5FA-4C3A-B4C9-B8938FC7E26D"
}
]
}
]
}
],
"references": [
{
"url": "https://MemoryCorruptor.blogspot.com/p/vulnerabilities-disclosures.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://pastebin.com/Qug7tquW",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.youtube.com/channel/UCLJ6fZxUqbmPe4jiwC6o4hg/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

74
CVE-2021/CVE-2021-339xx/CVE-2021-33972.json
View File

@ -2,27 +2,89 @@
"id": "CVE-2021-33972",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-19T21:15:06.647",
"lastModified": "2023-04-20T13:15:13.917",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T02:38:23.727",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in Qihoo 360 Safe Browser v13.0.2170.0 allows attacker to escalate priveleges."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:browser.360:safe_browser:12.3.1611.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E72B7F5-F12D-459F-ADA3-741B5BC487D1"
}
]
}
]
}
],
"references": [
{
"url": "https://MemoryCorruptor.blogspot.com/p/vulnerabilities-disclosures.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://pastebin.com/qDedtZf3",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.youtube.com/channel/UCLJ6fZxUqbmPe4jiwC6o4hg/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

75
CVE-2021/CVE-2021-339xx/CVE-2021-33973.json
View File

@ -2,27 +2,90 @@
"id": "CVE-2021-33973",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-19T21:15:06.693",
"lastModified": "2023-04-20T13:15:13.917",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T02:40:06.307",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in Qihoo 360 Safe guard v12.1.0.1004, v12.1.0.1005, v13.1.0.1001 allows attacker to escalate priveleges."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:360totalsecurity:360_total_security:10.8.0.1213:*:*:*:*:*:*:*",
"matchCriteriaId": "3189D308-F320-4EDB-AB53-E4252E0557FE"
}
]
}
]
}
],
"references": [
{
"url": "https://MemoryCorruptor.blogspot.com/p/vulnerabilities-disclosures.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://pastebin.com/fsLDebg5",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.youtube.com/channel/UCLJ6fZxUqbmPe4jiwC6o4hg/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

74
CVE-2021/CVE-2021-339xx/CVE-2021-33975.json
View File

@ -2,27 +2,89 @@
"id": "CVE-2021-33975",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-19T21:15:06.783",
"lastModified": "2023-04-20T13:15:05.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T03:20:33.717",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in Qihoo 360 Total Security v10.8.0.1060 and v10.8.0.1213 allows attacker to escalate privileges."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:browser.360:safe_browser:13.0.2170.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0DA9EA66-32AA-4E47-9C96-6D078AA975B0"
}
]
}
]
}
],
"references": [
{
"url": "https://MemoryCorruptor.blogspot.com/p/vulnerabilities-disclosures.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://pastebin.com/ivNL7s0n",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.youtube.com/channel/UCLJ6fZxUqbmPe4jiwC6o4hg/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

78
CVE-2022/CVE-2022-25xx/CVE-2022-2507.json
View File

@ -2,19 +2,89 @@
"id": "CVE-2022-2507",
"sourceIdentifier": "security@octopus.com",
"published": "2023-04-19T08:15:07.903",
"lastModified": "2023-04-19T12:39:28.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T02:06:32.460",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In affected versions of Octopus Deploy it is possible to render user supplied input into the webpage"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2023.1.9794",
"matchCriteriaId": "E02114A2-62F1-4D4B-8159-7EEF9D2824B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022.4.0",
"versionEndExcluding": "2022.4.8332",
"matchCriteriaId": "38375DCE-BD92-4A69-9D55-A2ED265C5C86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023.1.0",
"versionEndExcluding": "2023.1.6715",
"matchCriteriaId": "DA67C8DF-FBD9-4BD1-8CB2-93E98843EBA9"
}
]
}
]
}
],
"references": [
{
"url": "https://advisories.octopus.com/post/2023/sa2023-06/",
"source": "security@octopus.com"
"source": "security@octopus.com",
"tags": [
"Vendor Advisory"
]
}
]
}

47
CVE-2022/CVE-2022-417xx/CVE-2022-41736.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2022-41736",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-04-29T03:15:07.580",
"lastModified": "2023-04-29T03:15:07.580",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "IBM Spectrum Scale Container Native Storage Access \n\n5.1.2.1 through 5.1.6.0\n\ncontains an unspecified vulnerability that could allow a local user to obtain root privileges. IBM X-Force ID: 237810."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/237810",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/6964564",
"source": "psirt@us.ibm.com"
}
]
}

59
CVE-2022/CVE-2022-438xx/CVE-2022-43871.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2022-43871",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-04-29T03:15:07.953",
"lastModified": "2023-04-29T03:15:07.953",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "IBM Financial Transaction Manager for SWIFT Services 3.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 239707."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/239707",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/6857799",
"source": "psirt@us.ibm.com"
}
]
}

57
CVE-2022/CVE-2022-43xx/CVE-2022-4308.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-4308",
"sourceIdentifier": "VulnerabilityReporting@secomea.com",
"published": "2023-04-19T12:15:07.833",
"lastModified": "2023-04-19T12:39:28.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T02:14:14.507",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
},
{
"source": "VulnerabilityReporting@secomea.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
},
{
"source": "VulnerabilityReporting@secomea.com",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:secomea:gatemanager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.622425017",
"matchCriteriaId": "8852B6D4-560A-4D2E-85FA-34DE8DC890AA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.secomea.com/support/cybersecurity-advisory/",
"source": "VulnerabilityReporting@secomea.com"
"source": "VulnerabilityReporting@secomea.com",
"tags": [
"Vendor Advisory"
]
}
]
}

65
CVE-2022/CVE-2022-49xx/CVE-2022-4942.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-4942",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-20T06:15:07.440",
"lastModified": "2023-04-20T13:15:05.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T02:52:40.117",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,22 +93,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eslint-detailed-reporter_project:eslint-detailed-reporter:*:*:*:*:*:node.js:*:*",
"versionEndIncluding": "0.9.0",
"matchCriteriaId": "1F6B2E8F-9681-4AE4-A964-9D2E8377EBB6"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/mportuga/eslint-detailed-reporter/commit/505c190efd4905990db6207863bdcbd9b1d7e1bd",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/mportuga/eslint-detailed-reporter/pull/46",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Patch"
]
},
{
"url": "https://vuldb.com/?ctiid.226310",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.226310",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2022/CVE-2022-49xx/CVE-2022-4944.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-4944",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-22T18:15:07.133",
"lastModified": "2023-04-24T13:01:54.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T03:03:00.013",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,26 +93,60 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kodcloud:kodexplorer:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.49",
"matchCriteriaId": "C453D289-879D-40D0-BD98-A0A8E24E12B1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/kalcaddle/KodExplorer/issues/512",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://github.com/kalcaddle/KodExplorer/releases/tag/4.50",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://vuldb.com/?ctiid.227000",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.227000",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.mediafire.com/file/709i2vxybergtg7/poc.zip/file",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
}
]
}

69
CVE-2023/CVE-2023-02xx/CVE-2023-0200.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0200",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-04-22T03:15:09.057",
"lastModified": "2023-04-24T13:02:13.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T03:04:01.633",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +76,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nvidia:bmc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.08.00",
"matchCriteriaId": "F653F2DA-C492-4522-A99A-689C55DC7EC0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:dgx-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2578180E-CD9E-4D45-B092-CEFDC3653878"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5449",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-02xx/CVE-2023-0201.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0201",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-04-22T03:15:09.130",
"lastModified": "2023-04-24T13:02:13.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T03:04:23.277",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +76,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nvidia:bmc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.08.00",
"matchCriteriaId": "F653F2DA-C492-4522-A99A-689C55DC7EC0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:dgx-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2578180E-CD9E-4D45-B092-CEFDC3653878"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5449",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-02xx/CVE-2023-0207.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0207",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-04-22T03:15:09.497",
"lastModified": "2023-04-24T13:02:13.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T03:04:46.007",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +76,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nvidia:sbios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.33",
"matchCriteriaId": "BE8866CA-D6E6-4072-8B52-48169CECF33A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:dgx-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2578180E-CD9E-4D45-B092-CEFDC3653878"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5449",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-02xx/CVE-2023-0209.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0209",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-04-22T03:15:09.557",
"lastModified": "2023-04-24T13:02:13.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T03:06:02.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +76,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nvidia:sbios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "52w_3a13",
"matchCriteriaId": "59553149-0C7F-4AF7-9598-2DB25AACD5A2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:dgx-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B88743-AF2B-4EB6-B991-85D58C654678"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5458",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-03xx/CVE-2023-0383.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0383",
"sourceIdentifier": "security@m-files.com",
"published": "2023-04-20T09:15:08.333",
"lastModified": "2023-04-20T13:15:05.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T02:55:28.667",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security@m-files.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
},
{
"source": "security@m-files.com",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:m-files:m-files_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "23.4.12528.1",
"matchCriteriaId": "03195A81-08F5-4937-B73E-FBCA8AC5EC5B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.m-files.com/about/trust-center/security-advisories/cve-2023-0383/",
"source": "security@m-files.com"
"source": "security@m-files.com",
"tags": [
"Broken Link"
]
}
]
}

57
CVE-2023/CVE-2023-03xx/CVE-2023-0384.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0384",
"sourceIdentifier": "security@m-files.com",
"published": "2023-04-20T09:15:08.433",
"lastModified": "2023-04-20T13:15:05.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T02:58:48.810",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security@m-files.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
},
{
"source": "security@m-files.com",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:m-files:m-files_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "23.4.12528.1",
"matchCriteriaId": "03195A81-08F5-4937-B73E-FBCA8AC5EC5B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.m-files.com/about/trust-center/security-advisories/cve-2023-0384/",
"source": "security@m-files.com"
"source": "security@m-files.com",
"tags": [
"Broken Link"
]
}
]
}

77
CVE-2023/CVE-2023-15xx/CVE-2023-1587.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1587",
"sourceIdentifier": "security@nortonlifelock.com",
"published": "2023-04-19T19:15:07.030",
"lastModified": "2023-04-19T19:52:18.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T02:20:07.100",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "security@nortonlifelock.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
},
{
"source": "security@nortonlifelock.com",
"type": "Secondary",
@ -46,10 +76,51 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:avast:antivirus:*:*:*:*:*:*:*:*",
"versionStartIncluding": "22.5",
"versionEndExcluding": "22.11",
"matchCriteriaId": "041E50BD-12AB-47A1-98FF-5A9DAFC82247"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:avg:anti-virus:*:*:*:*:*:*:*:*",
"versionStartIncluding": "22.5",
"versionEndExcluding": "22.11",
"matchCriteriaId": "E6C5599E-6B91-463D-B715-2962E9E98764"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://support.norton.com/sp/static/external/tools/security-advisories.html",
"source": "security@nortonlifelock.com"
"source": "security@nortonlifelock.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-19xx/CVE-2023-1900.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1900",
"sourceIdentifier": "security@nortonlifelock.com",
"published": "2023-04-19T19:15:07.190",
"lastModified": "2023-04-19T19:52:18.290",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T02:28:00.223",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "security@nortonlifelock.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
},
{
"source": "security@nortonlifelock.com",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:avira:antivirus:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "1.0.2303.633",
"matchCriteriaId": "57672959-5A5F-4B22-A76F-1726FCCA2C49"
}
]
}
]
}
],
"references": [
{
"url": "https://support.norton.com/sp/static/external/tools/security-advisories.html",
"source": "security@nortonlifelock.com"
"source": "security@nortonlifelock.com",
"tags": [
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-21xx/CVE-2023-2118.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-2118",
"sourceIdentifier": "security@devolutions.net",
"published": "2023-04-21T22:15:07.307",
"lastModified": "2023-04-24T13:02:13.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T03:06:26.340",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Insufficient access control\u00a0in support ticket feature in Devolutions Server\u00a02023.1.5.0 and below\u00a0allows an authenticated attacker to send support tickets and download diagnostic files via specific endpoints."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:devolutions:devolutions_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2023.1.6.0",
"matchCriteriaId": "0A3D4219-1D06-4464-963E-33D0E67D4B15"
}
]
}
]
}
],
"references": [
{
"url": "https://devolutions.net/security/advisories/DEVO-2023-0010",
"source": "security@devolutions.net"
"source": "security@devolutions.net",
"tags": [
"Vendor Advisory"
]
}
]
}

93
CVE-2023/CVE-2023-21xx/CVE-2023-2162.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-2162",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-04-19T20:15:12.307",
"lastModified": "2023-04-20T13:15:13.917",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T02:32:57.103",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -23,10 +56,62 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.2",
"matchCriteriaId": "108695B6-7133-4B6C-80AF-0F66880FE858"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:-:*:*:*:*:*:*",
"matchCriteriaId": "3ADCCCEE-143A-4B48-9B2A-0CB97BD385DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FF501633-2F44-4913-A8EE-B021929F49F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2BDA597B-CAC1-4DF0-86F0-42E142C654E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "725C78C9-12CE-406F-ABE8-0813A01D66E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:*",
"matchCriteriaId": "A127C155-689C-4F67-B146-44A57F4BFD85"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc5:*:*:*:*:*:*",
"matchCriteriaId": "D34127CC-68F5-4703-A5F6-5006F803E4AE"
}
]
}
]
}
],
"references": [
{
"url": "https://www.spinics.net/lists/linux-scsi/msg181542.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch"
]
}
]
}

108
CVE-2023/CVE-2023-21xx/CVE-2023-2166.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-2166",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-04-19T23:15:07.230",
"lastModified": "2023-04-20T13:15:05.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T03:08:30.843",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference issue was found in can protocol in net/can/af_can.c in the Linux before Linux. ml_priv may not be initialized in the receive path of CAN frames. A local user could use this flaw to crash the system or potentially cause a denial of service."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -23,10 +56,77 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1",
"matchCriteriaId": "9064B383-DD48-40A2-8947-F5BA6E6B6713"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:-:*:*:*:*:*:*",
"matchCriteriaId": "DE093B34-F4CD-4052-8122-730D6537A91A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*",
"matchCriteriaId": "21718AA4-4056-40F2-968E-BDAA465A7872"
}
]
}
]
}
],
"references": [
{
"url": "https://lore.kernel.org/lkml/CAO4mrfcV_07hbj8NUuZrA8FH-kaRsrFy-2metecpTuE5kKHn5w@mail.gmail.com/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch"
]
}
]
}

56
CVE-2023/CVE-2023-21xx/CVE-2023-2191.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2191",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-04-20T02:15:06.757",
"lastModified": "2023-04-20T13:15:05.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T02:48:44.317",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:azuracast:azuracast:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.18.0",
"matchCriteriaId": "820C3983-35D4-4942-AC2B-42FE4BD71EB7"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/azuracast/azuracast/commit/24276cb4166b2057de73569ec33046a80a8bb437",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/0814f5f9-8b58-40e5-b08c-7c488947cf31",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

48
CVE-2023/CVE-2023-226xx/CVE-2023-22645.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22645",
"sourceIdentifier": "meissner@suse.de",
"published": "2023-04-19T12:15:07.960",
"lastModified": "2023-04-19T13:15:07.150",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T02:15:41.093",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "meissner@suse.de",
"type": "Secondary",
@ -46,10 +66,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:linuxfoundation:kubewarden-controller:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.6.0",
"matchCriteriaId": "DF89B57B-ED7F-4FB4-A950-71F1E57AAAD4"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1210218",
"source": "meissner@suse.de"
"source": "meissner@suse.de",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-22xx/CVE-2023-2241.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2241",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-22T16:15:42.050",
"lastModified": "2023-04-24T13:01:54.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T03:03:33.527",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,26 +93,60 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:podofo_project:podofo:0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2B6FCB-1882-4BAA-B8BE-25E150D012D7"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/podofo/podofo/commit/535a786f124b739e3c857529cecc29e4eeb79778",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/podofo/podofo/files/11260976/poc-file.zip",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/podofo/podofo/issues/69",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.227226",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.227226",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

88
CVE-2023/CVE-2023-24xx/CVE-2023-2420.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2420",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-29T02:15:09.383",
"lastModified": "2023-04-29T02:15:09.383",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in MLECMS 3.0. It has been rated as critical. This issue affects the function get_url in the library /upload/inc/lib/admin of the file upload\\inc\\include\\common.func.php. The manipulation of the argument $_SERVER['REQUEST_URI'] leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-227717 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/VG00000/elecms/blob/main/README.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.227717",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.227717",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-24xx/CVE-2023-2421.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2421",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-29T02:15:09.450",
"lastModified": "2023-04-29T02:15:09.450",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in Control iD RHiD 23.3.19.0. Affected is an unknown function of the file /v2/#/add/department. The manipulation of the argument Name leads to cross site scripting. It is possible to launch the attack remotely. VDB-227718 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.227718",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.227718",
"source": "cna@vuldb.com"
},
{
"url": "https://youtu.be/4JOLhAuoizE",
"source": "cna@vuldb.com"
}
]
}

69
CVE-2023/CVE-2023-255xx/CVE-2023-25505.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25505",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-04-22T03:15:10.043",
"lastModified": "2023-04-24T13:02:13.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T03:05:24.277",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +76,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nvidia:bmc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.39.30",
"matchCriteriaId": "44CE27BE-6741-415D-9AEB-A2D16FC55782"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:dgx-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B88743-AF2B-4EB6-B991-85D58C654678"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5458",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-255xx/CVE-2023-25506.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25506",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-04-22T03:15:10.107",
"lastModified": "2023-04-24T13:02:13.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T03:05:54.553",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +76,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nvidia:sbios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "52w_3a13",
"matchCriteriaId": "59553149-0C7F-4AF7-9598-2DB25AACD5A2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:dgx-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B88743-AF2B-4EB6-B991-85D58C654678"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5458",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-255xx/CVE-2023-25507.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25507",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-04-22T03:15:10.167",
"lastModified": "2023-04-24T13:01:54.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T03:04:58.850",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +76,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nvidia:bmc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.39.30",
"matchCriteriaId": "44CE27BE-6741-415D-9AEB-A2D16FC55782"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:dgx-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B88743-AF2B-4EB6-B991-85D58C654678"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5458",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-255xx/CVE-2023-25508.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25508",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-04-22T03:15:10.230",
"lastModified": "2023-04-24T13:01:54.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T03:05:11.070",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +76,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nvidia:bmc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.39.30",
"matchCriteriaId": "44CE27BE-6741-415D-9AEB-A2D16FC55782"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:dgx-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B88743-AF2B-4EB6-B991-85D58C654678"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5458",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-255xx/CVE-2023-25509.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25509",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-04-22T03:15:10.293",
"lastModified": "2023-04-24T13:01:54.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T03:05:34.413",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +76,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nvidia:sbios:*:*:*:*:*:*:*:*",
"versionEndExcluding": "52w_3a13",
"matchCriteriaId": "59553149-0C7F-4AF7-9598-2DB25AACD5A2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:dgx-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B88743-AF2B-4EB6-B991-85D58C654678"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5458",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

48
CVE-2023/CVE-2023-280xx/CVE-2023-28047.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28047",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-04-20T07:15:07.220",
"lastModified": "2023-04-20T13:15:05.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T03:14:08.177",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "security_alert@emc.com",
"type": "Secondary",
@ -46,10 +66,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:display_manager:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.1.0",
"matchCriteriaId": "3032AF92-97A1-4693-96D3-59595D1D3CEB"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-uk/000211727/dsa-2023",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

83
CVE-2023/CVE-2023-283xx/CVE-2023-28327.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-28327",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-04-19T23:15:07.027",
"lastModified": "2023-04-20T13:15:05.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T03:12:41.973",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unix_diag_get_exact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows a local user to crash or potentially cause a denial of service."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -23,10 +56,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0",
"matchCriteriaId": "87B81C9D-7173-4FFB-97BC-9C41AB20A53C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177382",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch"
]
}
]
}

78
CVE-2023/CVE-2023-283xx/CVE-2023-28328.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-28328",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-04-19T23:15:07.163",
"lastModified": "2023-04-20T13:15:05.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T03:09:16.777",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of service."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -23,10 +56,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.2",
"matchCriteriaId": "108695B6-7133-4B6C-80AF-0F66880FE858"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177389",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch"
]
}
]
}

60
CVE-2023/CVE-2023-305xx/CVE-2023-30558.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30558",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-19T00:15:09.780",
"lastModified": "2023-04-19T12:39:38.607",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-04-29T02:17:46.363",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +64,44 @@
"value": "CWE-89"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:archerydms:archery:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE3AAB2-FAE8-440E-8BD4-3367BF3639D5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/hhyo/Archery/security/advisories/GHSA-jwjj-jgfv-x66q",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-306xx/CVE-2023-30605.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30605",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-19T00:15:09.843",
"lastModified": "2023-04-19T12:39:38.607",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-04-29T02:11:21.987",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +66,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:archerydms:archery:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE3AAB2-FAE8-440E-8BD4-3367BF3639D5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/hhyo/Archery/blob/bc86cda4c3b7d59f759d0d23bb63a54f52616752/sql/instance.py#L161-L202",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/hhyo/Archery/security/advisories/GHSA-6mqc-w2qp-fvhp",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-306xx/CVE-2023-30620.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30620",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-21T21:15:08.053",
"lastModified": "2023-04-24T13:02:13.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T03:06:57.767",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +66,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mindsdb:mindsdb:*:*:*:*:*:*:*:*",
"versionEndIncluding": "23.1.5.0",
"matchCriteriaId": "501BDCF9-A4E3-40F3-8408-1D1CA91B6D51"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/mindsdb/mindsdb/commit/4419b0f0019c000db390b54d8b9d06e1d3670039",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/mindsdb/mindsdb/releases/tag/v23.2.1.0",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/mindsdb/mindsdb/security/advisories/GHSA-2g5w-29q9-w6hx",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-306xx/CVE-2023-30621.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30621",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-21T21:15:08.147",
"lastModified": "2023-04-24T13:02:13.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T03:07:05.277",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +66,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gipsy_project:gipsy:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.3",
"matchCriteriaId": "BE36F980-BC02-4443-9FE1-2B1DE81E4934"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Curiosity-org/Gipsy/security/advisories/GHSA-6cw6-r8pg-j7wh",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/Gunivers/Gipsy/pull/24",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/Gunivers/Gipsy/pull/24/commits/716818e967069f144aae66d51464b237c22b6cdf",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
}
]
}

32
CVE-2023/CVE-2023-307xx/CVE-2023-30792.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-30792",
"sourceIdentifier": "cve-assign@fb.com",
"published": "2023-04-29T03:15:08.347",
"lastModified": "2023-04-29T03:15:08.347",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Anchor tag hrefs in Lexical prior to v0.10.0 would render javascript: URLs, allowing for cross-site scripting on link clicks in cases where input was being parsed from untrusted sources."
}
],
"metrics": {},
"weaknesses": [
{
"source": "cve-assign@fb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/facebook/lexical/releases/tag/v0.10.0",
"source": "cve-assign@fb.com"
}
]
}

85
CVE-2023/CVE-2023-310xx/CVE-2023-31056.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31056",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-24T03:15:07.267",
"lastModified": "2023-04-24T13:01:43.960",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-29T03:06:14.197",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "cve@mitre.org",
"type": "Secondary",
@ -34,10 +54,69 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cloverdx:cloverdx:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.14.0",
"versionEndIncluding": "5.14.3",
"matchCriteriaId": "B07C9FA5-3488-4022-A89A-1A96809FCCD7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cloverdx:cloverdx:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15.0",
"versionEndIncluding": "5.15.3",
"matchCriteriaId": "76148B6A-026F-419B-8175-1AF6D5E33589"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cloverdx:cloverdx:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.17.0",
"versionEndExcluding": "5.17.3",
"matchCriteriaId": "05AC6E67-91A2-413D-B850-1077D17E9EE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cloverdx:cloverdx:5.16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF870A6-8F71-4AE0-9C3B-5AB095618428"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cloverdx:cloverdx:5.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B816D3-F735-4A6C-A606-ECFC640FE1AB"
}
]
}
]
}
],
"references": [
{
"url": "https://support1.cloverdx.com/hc/en-us/articles/8484869595164-Security-advisory-April-2023",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

70
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-04-29T02:00:23.436102+00:00
2023-04-29T04:00:24.285600+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-04-29T01:58:12.903000+00:00
2023-04-29T03:24:38.453000+00:00
```
### Last Data Feed Release
@ -29,36 +29,62 @@ Download and Changelog: [Click](releases/latest)
### Total Number of included CVEs
```plain
213825
213830
```
### CVEs added in the last Commit
Recently added CVEs: `8`
Recently added CVEs: `5`
* [CVE-2023-2412](CVE-2023/CVE-2023-24xx/CVE-2023-2412.json) (`2023-04-29T00:15:08.857`)
* [CVE-2023-2413](CVE-2023/CVE-2023-24xx/CVE-2023-2413.json) (`2023-04-29T00:15:08.937`)
* [CVE-2023-2417](CVE-2023/CVE-2023-24xx/CVE-2023-2417.json) (`2023-04-29T01:15:08.867`)
* [CVE-2023-2418](CVE-2023/CVE-2023-24xx/CVE-2023-2418.json) (`2023-04-29T01:15:08.980`)
* [CVE-2023-2419](CVE-2023/CVE-2023-24xx/CVE-2023-2419.json) (`2023-04-29T01:15:09.063`)
* [CVE-2023-31484](CVE-2023/CVE-2023-314xx/CVE-2023-31484.json) (`2023-04-29T00:15:09.000`)
* [CVE-2023-31485](CVE-2023/CVE-2023-314xx/CVE-2023-31485.json) (`2023-04-29T00:15:09.043`)
* [CVE-2023-31486](CVE-2023/CVE-2023-314xx/CVE-2023-31486.json) (`2023-04-29T00:15:09.083`)
* [CVE-2022-41736](CVE-2022/CVE-2022-417xx/CVE-2022-41736.json) (`2023-04-29T03:15:07.580`)
* [CVE-2022-43871](CVE-2022/CVE-2022-438xx/CVE-2022-43871.json) (`2023-04-29T03:15:07.953`)
* [CVE-2023-2420](CVE-2023/CVE-2023-24xx/CVE-2023-2420.json) (`2023-04-29T02:15:09.383`)
* [CVE-2023-2421](CVE-2023/CVE-2023-24xx/CVE-2023-2421.json) (`2023-04-29T02:15:09.450`)
* [CVE-2023-30792](CVE-2023/CVE-2023-307xx/CVE-2023-30792.json) (`2023-04-29T03:15:08.347`)
### CVEs modified in the last Commit
Recently modified CVEs: `9`
Recently modified CVEs: `38`
* [CVE-2023-20941](CVE-2023/CVE-2023-209xx/CVE-2023-20941.json) (`2023-04-29T01:50:52.760`)
* [CVE-2023-21082](CVE-2023/CVE-2023-210xx/CVE-2023-21082.json) (`2023-04-29T01:52:02.443`)
* [CVE-2023-21083](CVE-2023/CVE-2023-210xx/CVE-2023-21083.json) (`2023-04-29T01:52:38.117`)
* [CVE-2023-21084](CVE-2023/CVE-2023-210xx/CVE-2023-21084.json) (`2023-04-29T01:53:20.123`)
* [CVE-2023-21092](CVE-2023/CVE-2023-210xx/CVE-2023-21092.json) (`2023-04-29T01:54:37.017`)
* [CVE-2023-21093](CVE-2023/CVE-2023-210xx/CVE-2023-21093.json) (`2023-04-29T01:55:20.210`)
* [CVE-2023-21097](CVE-2023/CVE-2023-210xx/CVE-2023-21097.json) (`2023-04-29T01:57:29.637`)
* [CVE-2023-21100](CVE-2023/CVE-2023-211xx/CVE-2023-21100.json) (`2023-04-29T01:58:12.903`)
* [CVE-2023-28759](CVE-2023/CVE-2023-287xx/CVE-2023-28759.json) (`2023-04-29T01:15:08.770`)
* [CVE-2014-125099](CVE-2014/CVE-2014-1250xx/CVE-2014-125099.json) (`2023-04-29T02:54:19.860`)
* [CVE-2021-0880](CVE-2021/CVE-2021-08xx/CVE-2021-0880.json) (`2023-04-29T02:28:49.327`)
* [CVE-2021-0885](CVE-2021/CVE-2021-08xx/CVE-2021-0885.json) (`2023-04-29T02:29:25.257`)
* [CVE-2021-33970](CVE-2021/CVE-2021-339xx/CVE-2021-33970.json) (`2023-04-29T03:24:38.453`)
* [CVE-2021-33972](CVE-2021/CVE-2021-339xx/CVE-2021-33972.json) (`2023-04-29T02:38:23.727`)
* [CVE-2021-33973](CVE-2021/CVE-2021-339xx/CVE-2021-33973.json) (`2023-04-29T02:40:06.307`)
* [CVE-2021-33975](CVE-2021/CVE-2021-339xx/CVE-2021-33975.json) (`2023-04-29T03:20:33.717`)
* [CVE-2022-2507](CVE-2022/CVE-2022-25xx/CVE-2022-2507.json) (`2023-04-29T02:06:32.460`)
* [CVE-2022-4308](CVE-2022/CVE-2022-43xx/CVE-2022-4308.json) (`2023-04-29T02:14:14.507`)
* [CVE-2022-4942](CVE-2022/CVE-2022-49xx/CVE-2022-4942.json) (`2023-04-29T02:52:40.117`)
* [CVE-2022-4944](CVE-2022/CVE-2022-49xx/CVE-2022-4944.json) (`2023-04-29T03:03:00.013`)
* [CVE-2023-0200](CVE-2023/CVE-2023-02xx/CVE-2023-0200.json) (`2023-04-29T03:04:01.633`)
* [CVE-2023-0201](CVE-2023/CVE-2023-02xx/CVE-2023-0201.json) (`2023-04-29T03:04:23.277`)
* [CVE-2023-0207](CVE-2023/CVE-2023-02xx/CVE-2023-0207.json) (`2023-04-29T03:04:46.007`)
* [CVE-2023-0209](CVE-2023/CVE-2023-02xx/CVE-2023-0209.json) (`2023-04-29T03:06:02.147`)
* [CVE-2023-0383](CVE-2023/CVE-2023-03xx/CVE-2023-0383.json) (`2023-04-29T02:55:28.667`)
* [CVE-2023-0384](CVE-2023/CVE-2023-03xx/CVE-2023-0384.json) (`2023-04-29T02:58:48.810`)
* [CVE-2023-1587](CVE-2023/CVE-2023-15xx/CVE-2023-1587.json) (`2023-04-29T02:20:07.100`)
* [CVE-2023-1900](CVE-2023/CVE-2023-19xx/CVE-2023-1900.json) (`2023-04-29T02:28:00.223`)
* [CVE-2023-2118](CVE-2023/CVE-2023-21xx/CVE-2023-2118.json) (`2023-04-29T03:06:26.340`)
* [CVE-2023-2162](CVE-2023/CVE-2023-21xx/CVE-2023-2162.json) (`2023-04-29T02:32:57.103`)
* [CVE-2023-2166](CVE-2023/CVE-2023-21xx/CVE-2023-2166.json) (`2023-04-29T03:08:30.843`)
* [CVE-2023-2191](CVE-2023/CVE-2023-21xx/CVE-2023-2191.json) (`2023-04-29T02:48:44.317`)
* [CVE-2023-2241](CVE-2023/CVE-2023-22xx/CVE-2023-2241.json) (`2023-04-29T03:03:33.527`)
* [CVE-2023-22645](CVE-2023/CVE-2023-226xx/CVE-2023-22645.json) (`2023-04-29T02:15:41.093`)
* [CVE-2023-25505](CVE-2023/CVE-2023-255xx/CVE-2023-25505.json) (`2023-04-29T03:05:24.277`)
* [CVE-2023-25506](CVE-2023/CVE-2023-255xx/CVE-2023-25506.json) (`2023-04-29T03:05:54.553`)
* [CVE-2023-25507](CVE-2023/CVE-2023-255xx/CVE-2023-25507.json) (`2023-04-29T03:04:58.850`)
* [CVE-2023-25508](CVE-2023/CVE-2023-255xx/CVE-2023-25508.json) (`2023-04-29T03:05:11.070`)
* [CVE-2023-25509](CVE-2023/CVE-2023-255xx/CVE-2023-25509.json) (`2023-04-29T03:05:34.413`)
* [CVE-2023-28047](CVE-2023/CVE-2023-280xx/CVE-2023-28047.json) (`2023-04-29T03:14:08.177`)
* [CVE-2023-28327](CVE-2023/CVE-2023-283xx/CVE-2023-28327.json) (`2023-04-29T03:12:41.973`)
* [CVE-2023-28328](CVE-2023/CVE-2023-283xx/CVE-2023-28328.json) (`2023-04-29T03:09:16.777`)
* [CVE-2023-30558](CVE-2023/CVE-2023-305xx/CVE-2023-30558.json) (`2023-04-29T02:17:46.363`)
* [CVE-2023-30605](CVE-2023/CVE-2023-306xx/CVE-2023-30605.json) (`2023-04-29T02:11:21.987`)
* [CVE-2023-30620](CVE-2023/CVE-2023-306xx/CVE-2023-30620.json) (`2023-04-29T03:06:57.767`)
* [CVE-2023-30621](CVE-2023/CVE-2023-306xx/CVE-2023-30621.json) (`2023-04-29T03:07:05.277`)
* [CVE-2023-31056](CVE-2023/CVE-2023-310xx/CVE-2023-31056.json) (`2023-04-29T03:06:14.197`)
## Download and Usage