admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-08-23T18:00:33.936001+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-08-23 18:00:37 +00:00
parent 43c1512276
commit ae4ec670af
77 changed files with 9809 additions and 328 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
CVE-2022/CVE-2022-37xx/CVE-2022-3703.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-3703",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2022-11-10T22:15:14.647",
"lastModified": "2022-11-16T14:58:27.967",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-23T16:15:07.927",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior\u2019s web portal is vulnerable to accepting malicious firmware packages that could provide a backdoor to an attacker and provide privilege escalation to the device."
"value": "All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior\u2019s web portal is vulnerable to accepting malicious firmware packages that could provide a backdoor to an attacker and provide privilege escalation to the device.\n\n"
}
],
"metrics": {
@ -37,19 +37,19 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL"
"baseScore": 7.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"exploitabilityScore": 1.0,
"impactScore": 6.0
}
]

18
CVE-2022/CVE-2022-409xx/CVE-2022-40981.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-40981",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2022-11-10T22:15:15.113",
"lastModified": "2022-11-16T15:05:52.287",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-23T17:15:43.097",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior is vulnerable to malicious file upload. An attacker could take advantage of this to store malicious files on the server, which could override sensitive and useful existing files on the filesystem, fill the hard disk to full capacity, or compromise the affected device or computers with administrator level privileges connected to the affected device."
"value": "All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior is vulnerable to malicious file upload. An attacker could take advantage of this to store malicious files on the server, which could override sensitive and useful existing files on the filesystem, fill the hard disk to full capacity, or compromise the affected device or computers with administrator level privileges connected to the affected device.\n\n"
}
],
"metrics": {
@ -37,19 +37,19 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH"
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]

18
CVE-2022/CVE-2022-416xx/CVE-2022-41607.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41607",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2022-11-10T22:15:15.323",
"lastModified": "2022-11-16T15:07:51.100",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-23T17:15:43.577",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior\u2019s application programmable interface (API) is vulnerable to directory traversal through several different methods. This could allow an attacker to read sensitive files from the server, including SSH private keys, passwords, scripts, python objects, database files, and more."
"value": "All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior\u2019s application programmable interface (API) is vulnerable to directory traversal through several different methods. This could allow an attacker to read sensitive files from the server, including SSH private keys, passwords, scripts, python objects, database files, and more.\n\n"
}
],
"metrics": {
@ -37,19 +37,19 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH"
"baseScore": 6.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"exploitabilityScore": 1.7,
"impactScore": 4.0
}
]

59
CVE-2023/CVE-2023-14xx/CVE-2023-1409.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-1409",
"sourceIdentifier": "cna@mongodb.com",
"published": "2023-08-23T16:15:08.167",
"lastModified": "2023-08-23T16:33:41.620",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "If the MongoDB Server running on Windows or macOS is configured to use TLS with a specific set of configuration options that are already known to work securely in other platforms (e.g. Linux), it is possible that client certificate validation may not be in effect, potentially allowing client to establish a TLS connection with the server that supplies any certificate.\n\nThis issue affect all MongoDB Server v6.3 versions, MongoDB Server v5.0 versions v5.0.0 to v5.0.14 and all MongoDB Server v4.4 versions.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@mongodb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "cna@mongodb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-73662",
"source": "cna@mongodb.com"
},
{
"url": "https://jira.mongodb.org/browse/SERVER-77028",
"source": "cna@mongodb.com"
}
]
}

87
CVE-2023/CVE-2023-205xx/CVE-2023-20560.json
View File

@ -2,19 +2,98 @@
"id": "CVE-2023-20560",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-08-15T22:15:09.827",
"lastModified": "2023-08-16T12:02:41.873",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:40:28.757",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\n\n\n\n\nInsufficient validation of the IOCTL (Input Output Control) input buffer in AMD Ryzen\u2122 Master may allow a privileged attacker to provide a null value potentially resulting in a Windows crash leading to denial of service.\n\n\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amd:ryzen_master:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.11.2.2659",
"matchCriteriaId": "CF01BC28-75D3-42EB-A19B-93FEFEFF6D74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amd:ryzen_master_monitoring_sdk:*:*:*:*:*:*:*:*",
"versionEndExcluding": "august_2023",
"matchCriteriaId": "81E85F29-C67E-479D-8DED-4327B37EF3F2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5200AF17-0458-4315-A9D6-06C8DF67C05B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7004",
"source": "psirt@amd.com"
"source": "psirt@amd.com",
"tags": [
"Vendor Advisory"
]
}
]
}

87
CVE-2023/CVE-2023-205xx/CVE-2023-20564.json
View File

@ -2,19 +2,98 @@
"id": "CVE-2023-20564",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-08-15T22:15:11.597",
"lastModified": "2023-08-16T12:02:41.873",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:40:10.780",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\n\n\nInsufficient validation in the IOCTL (Input Output Control) input buffer in AMD Ryzen\u2122 Master may permit a privileged attacker to perform memory reads/writes potentially leading to a loss of confidentiality or arbitrary kernel execution.\n\n\n\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amd:ryzen_master:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.11.2.2659",
"matchCriteriaId": "CF01BC28-75D3-42EB-A19B-93FEFEFF6D74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amd:ryzen_master_monitoring_sdk:*:*:*:*:*:*:*:*",
"versionEndExcluding": "august_2023",
"matchCriteriaId": "81E85F29-C67E-479D-8DED-4327B37EF3F2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5200AF17-0458-4315-A9D6-06C8DF67C05B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7004",
"source": "psirt@amd.com"
"source": "psirt@amd.com",
"tags": [
"Vendor Advisory"
]
}
]
}

75
CVE-2023/CVE-2023-264xx/CVE-2023-26469.json
View File

@ -2,27 +2,90 @@
"id": "CVE-2023-26469",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-17T19:15:12.143",
"lastModified": "2023-08-21T19:15:08.140",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:00:54.657",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In Jorani 1.0.0, an attacker could leverage path traversal to access files and execute code on the server."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jorani:jorani:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8B2D2D-7CCC-4688-9C1C-5C2512F140E6"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/174248/Jorani-Remote-Code-Execution.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://github.com/Orange-Cyberdefense/CVE-repository/tree/master",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://jorani.org/security-features-in-lms.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

69
CVE-2023/CVE-2023-275xx/CVE-2023-27576.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-27576",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-18T15:15:09.723",
"lastModified": "2023-08-18T16:39:17.773",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T17:00:20.757",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in phpList 3.6.12. Due to an access error, it was possible to manipulate and edit data of the system's super admin, allowing one to perform an account takeover of the user with super-admin permission."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en phpList v3.6.12. Debido a un error de acceso, era posible manipular y editar datos del superadministrador del sistema, lo que permit\u00eda realizar una toma de control de la cuneta del usuario con permiso de superadministrador."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phplist:phplist:3.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1C39BCF7-4D92-48E6-8AB6-3A03422C2A73"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cupc4k3.lol/cve-2023-27576-hacking-phplist-how-i-gained-super-admin-access-44c7c90d82da",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-289xx/CVE-2023-28994.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28994",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-23T15:15:07.890",
"lastModified": "2023-08-23T15:15:07.890",
"vulnStatus": "Received",
"lastModified": "2023-08-23T16:33:41.620",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

47
CVE-2023/CVE-2023-308xx/CVE-2023-30875.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30875",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-18T08:15:08.653",
"lastModified": "2023-08-18T12:43:51.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:49:32.817",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:allmywebneeds:logo_scheduler:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.2.2",
"matchCriteriaId": "F843E3E9-C9B1-4595-8025-A07F786A91FC"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/logo-scheduler-great-for-holidays-events-and-more/wordpress-logo-scheduler-great-for-holidays-events-and-more-plugin-1-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-310xx/CVE-2023-31094.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31094",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-18T13:15:09.593",
"lastModified": "2023-08-18T15:06:49.560",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:45:37.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wptrio:stock_sync_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.4.1",
"matchCriteriaId": "6C47EAF9-F077-4465-9068-C6B05AEDB804"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/stock-sync-for-woocommerce/wordpress-stock-sync-for-woocommerce-plugin-2-4-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-312xx/CVE-2023-31228.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31228",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-18T13:15:09.743",
"lastModified": "2023-08-18T15:06:49.560",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:45:30.187",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cminds:cm_on_demand_search_and_replace:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.1",
"matchCriteriaId": "A1923E24-3456-4839-AA3B-9E51A3EE8BD0"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/cm-on-demand-search-and-replace/wordpress-cm-on-demand-search-and-replace-plugin-1-3-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-321xx/CVE-2023-32107.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32107",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-18T14:15:23.347",
"lastModified": "2023-08-18T15:06:49.560",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T17:08:29.897",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ays-pro:photo_gallery:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "5.1.4",
"matchCriteriaId": "84577339-F289-4969-A480-C22F15819F93"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/gallery-photo-gallery/wordpress-photo-gallery-by-ays-responsive-image-gallery-plugin-5-1-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-321xx/CVE-2023-32130.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32130",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-18T16:15:10.850",
"lastModified": "2023-08-18T16:39:17.773",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:59:45.130",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:danielpowney:multi_rating:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "5.0.6",
"matchCriteriaId": "7D572B01-6EEF-4CE8-94F9-62107145B273"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/multi-rating/wordpress-multi-rating-plugin-5-0-6-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-322xx/CVE-2023-32236.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32236",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-23T14:15:07.967",
"lastModified": "2023-08-23T14:15:07.967",
"vulnStatus": "Received",
"lastModified": "2023-08-23T16:33:41.620",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-323xx/CVE-2023-32300.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32300",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-23T15:15:08.117",
"lastModified": "2023-08-23T15:15:08.117",
"vulnStatus": "Received",
"lastModified": "2023-08-23T16:33:41.620",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

3139
CVE-2023/CVE-2023-324xx/CVE-2023-32453.json
View File

File diff suppressed because it is too large Load Diff

4
CVE-2023/CVE-2023-324xx/CVE-2023-32496.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32496",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-23T14:15:08.350",
"lastModified": "2023-08-23T14:15:08.350",
"vulnStatus": "Received",
"lastModified": "2023-08-23T16:33:41.620",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-324xx/CVE-2023-32497.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32497",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-23T14:15:08.693",
"lastModified": "2023-08-23T14:15:08.693",
"vulnStatus": "Received",
"lastModified": "2023-08-23T16:33:41.620",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-324xx/CVE-2023-32498.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32498",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-23T14:15:08.887",
"lastModified": "2023-08-23T14:15:08.887",
"vulnStatus": "Received",
"lastModified": "2023-08-23T16:33:41.620",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-324xx/CVE-2023-32499.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32499",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-23T14:15:09.047",
"lastModified": "2023-08-23T14:15:09.047",
"vulnStatus": "Received",
"lastModified": "2023-08-23T16:33:41.620",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-325xx/CVE-2023-32505.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32505",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-23T15:15:08.253",
"lastModified": "2023-08-23T15:15:08.253",
"vulnStatus": "Received",
"lastModified": "2023-08-23T16:33:41.620",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-325xx/CVE-2023-32509.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32509",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-23T15:15:08.403",
"lastModified": "2023-08-23T15:15:08.403",
"vulnStatus": "Received",
"lastModified": "2023-08-23T16:33:41.620",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

107
CVE-2023/CVE-2023-326xx/CVE-2023-32626.json
View File

@ -2,23 +2,120 @@
"id": "CVE-2023-32626",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-08-18T10:15:09.617",
"lastModified": "2023-08-18T12:43:51.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:49:06.603",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Hidden functionality vulnerability in LAN-W300N/RS all versions, and LAN-W300N/PR5 all versions allows an unauthenticated attacker to log in to the product's certain management console and execute arbitrary OS commands."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:lan-w300n\\/rs_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16CDE23E-1661-4D85-813F-5D41930FC2F0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:elecom:lan-w300n\\/rs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0032270C-53E3-4A46-95A8-FDE5DEFDC75C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:lan-w300n\\/pr5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13CD45FC-53E8-42EF-AADF-529F306E8114"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:elecom:lan-w300n\\/pr5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC25404-D088-4140-A90A-F7CFA0C0A8BC"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU91630351/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.elecom.co.jp/news/security/20230810-01/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
}
]
}

98
CVE-2023/CVE-2023-342xx/CVE-2023-34217.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34217",
"sourceIdentifier": "psirt@moxa.com",
"published": "2023-08-17T07:15:43.383",
"lastModified": "2023-08-17T12:53:44.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:41:43.143",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "psirt@moxa.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "psirt@moxa.com",
"type": "Secondary",
@ -46,10 +76,72 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:moxa:tn-5900_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3",
"matchCriteriaId": "ABA65A45-A850-440B-8B4B-191D46059E71"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:moxa:tn-5900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1E9F45-0ED4-4223-BC9B-D2E01A583DCA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:moxa:tn-4900_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.2.4",
"matchCriteriaId": "442E0C68-A369-4079-86CC-0E63408C48E7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:moxa:tn-4900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56CD9ADD-E963-42F4-A2E5-175A0D2EE8D0"
}
]
}
]
}
],
"references": [
{
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230402-tn-5900-and-tn-4900-series-web-server-multiple-vulnerabilities",
"source": "psirt@moxa.com"
"source": "psirt@moxa.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-358xx/CVE-2023-35808.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-35808",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-17T22:15:09.477",
"lastModified": "2023-08-23T14:15:09.297",
"lastModified": "2023-08-23T16:15:08.313",
"vulnStatus": "Modified",
"descriptions": [
{
@ -115,6 +115,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/174300/SugarCRM-12.2.0-Shell-Upload.html",
"source": "cve@mitre.org"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/26",
"source": "cve@mitre.org"

6
CVE-2023/CVE-2023-358xx/CVE-2023-35809.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-35809",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-17T22:15:09.517",
"lastModified": "2023-08-23T14:15:10.210",
"lastModified": "2023-08-23T16:15:08.407",
"vulnStatus": "Modified",
"descriptions": [
{
@ -115,6 +115,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/174301/SugarCRM-12.2.0-Bean-Manipulation.html",
"source": "cve@mitre.org"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/27",
"source": "cve@mitre.org"

6
CVE-2023/CVE-2023-358xx/CVE-2023-35810.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-35810",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-17T22:15:09.553",
"lastModified": "2023-08-23T14:15:10.430",
"lastModified": "2023-08-23T16:15:08.490",
"vulnStatus": "Modified",
"descriptions": [
{
@ -115,6 +115,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/174302/SugarCRM-12.2.0-PHP-Object-Injection.html",
"source": "cve@mitre.org"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/28",
"source": "cve@mitre.org"

6
CVE-2023/CVE-2023-358xx/CVE-2023-35811.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-35811",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-17T22:15:09.590",
"lastModified": "2023-08-23T14:15:10.707",
"lastModified": "2023-08-23T16:15:08.927",
"vulnStatus": "Modified",
"descriptions": [
{
@ -119,6 +119,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/174303/SugarCRM-12.2.0-SQL-Injection.html",
"source": "cve@mitre.org"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/29",
"source": "cve@mitre.org"

65
CVE-2023/CVE-2023-36xx/CVE-2023-3697.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3697",
"sourceIdentifier": "security@asustor.com",
"published": "2023-08-17T10:15:10.880",
"lastModified": "2023-08-17T12:53:44.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:56:50.377",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@asustor.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "security@asustor.com",
"type": "Secondary",
@ -46,10 +76,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:asustor:data_master:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0.rib4",
"versionEndIncluding": "4.0.6.ris1",
"matchCriteriaId": "52E98421-79B4-4483-ABC6-C01289B5C028"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:asustor:data_master:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.1.0.rhu2",
"versionEndExcluding": "4.2.3.rk91",
"matchCriteriaId": "8A135ABF-52BD-43B0-AD0D-0B92FF20B9F5"
}
]
}
]
}
],
"references": [
{
"url": "https://www.asustor.com/security/security_advisory_detail?id=28",
"source": "security@asustor.com"
"source": "security@asustor.com",
"tags": [
"Vendor Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-36xx/CVE-2023-3698.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3698",
"sourceIdentifier": "security@asustor.com",
"published": "2023-08-17T10:15:10.953",
"lastModified": "2023-08-17T12:53:44.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:55:57.390",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "security@asustor.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "security@asustor.com",
"type": "Secondary",
@ -46,10 +76,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:asustor:data_master:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0.rib4",
"versionEndIncluding": "4.0.6.ris1",
"matchCriteriaId": "52E98421-79B4-4483-ABC6-C01289B5C028"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:asustor:data_master:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.1.0.rhu2",
"versionEndExcluding": "4.2.3.rk91",
"matchCriteriaId": "8A135ABF-52BD-43B0-AD0D-0B92FF20B9F5"
}
]
}
]
}
],
"references": [
{
"url": "https://www.asustor.com/security/security_advisory_detail?id=28",
"source": "security@asustor.com"
"source": "security@asustor.com",
"tags": [
"Vendor Advisory"
]
}
]
}

44
CVE-2023/CVE-2023-373xx/CVE-2023-37379.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2023-37379",
"sourceIdentifier": "security@apache.org",
"published": "2023-08-23T16:15:09.330",
"lastModified": "2023-08-23T16:33:41.620",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Apache Airflow, in versions prior to 2.7.0, contains a security vulnerability that can be exploited by an authenticated user possessing Connection edit privileges. This vulnerability allows the user to access connection information and exploit the test connection feature by sending many requests, leading to a denial of service (DoS) condition on the server. Furthermore, malicious actors can leverage this vulnerability to establish harmful connections with the server.\n\nUsers of Apache Airflow are strongly advised to upgrade to version 2.7.0 or newer to mitigate the risk associated with this vulnerability. Additionally, administrators are encouraged to review and adjust user permissions to restrict access to sensitive functionalities, reducing the attack surface.\n\n"
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
},
{
"lang": "en",
"value": "CWE-400"
},
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://github.com/apache/airflow/pull/32052",
"source": "security@apache.org"
},
{
"url": "https://lists.apache.org/thread/g5c9vcn27lr14go48thrjpo6f4vw571r",
"source": "security@apache.org"
}
]
}

71
CVE-2023/CVE-2023-384xx/CVE-2023-38401.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38401",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-08-15T19:15:10.377",
"lastModified": "2023-08-15T20:01:42.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:50:35.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +54,55 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hp:aruba_virtual_intranet_access:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0",
"matchCriteriaId": "5985F387-86D2-4DF3-A7E3-948B843D85E5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-011.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-384xx/CVE-2023-38402.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38402",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-08-15T19:15:10.490",
"lastModified": "2023-08-15T20:01:42.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:51:57.520",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +54,55 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hp:aruba_virtual_intranet_access:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0",
"matchCriteriaId": "5985F387-86D2-4DF3-A7E3-948B843D85E5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-011.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

78
CVE-2023/CVE-2023-387xx/CVE-2023-38721.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38721",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-08-14T18:15:11.013",
"lastModified": "2023-08-14T18:59:33.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:43:40.517",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,14 +76,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:i:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BD871157-2BB3-4641-B84E-3EA13D24D35A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:i:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9A49E8C5-7967-42AE-A787-C533D24A63D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:i:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "92D03306-B6C9-403E-99A2-CE9D8DC3B482"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:i:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F7CCB5BF-08EF-472F-A663-5DE270234F10"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/262173",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7023423",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-388xx/CVE-2023-38831.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-38831",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-23T17:15:43.863",
"lastModified": "2023-08-23T17:15:43.863",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through August 2023."
}
],
"metrics": {},
"references": [
{
"url": "https://www.bleepingcomputer.com/news/security/winrar-zero-day-exploited-since-april-to-hack-trading-accounts/",
"source": "cve@mitre.org"
},
{
"url": "https://www.group-ib.com/blog/cve-2023-38831-winrar-zero-day/",
"source": "cve@mitre.org"
}
]
}

68
CVE-2023/CVE-2023-388xx/CVE-2023-38839.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-38839",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-18T22:15:09.803",
"lastModified": "2023-08-20T00:48:59.350",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:59:30.407",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in Kidus Minimati v.1.0.0 allows a remote attacker to obtain sensitive information via theID parameter in the fulldelete.php component."
},
{
"lang": "es",
"value": "Una vulnerabilidad de inyecci\u00f3n SQL en Kidus Minimati v1.0.0 permite a un atacante remoto obtener informaci\u00f3n sensible a trav\u00e9s del par\u00e1metro \"ID\" en el componente \"fulldelete.php\". "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kidus:minimati:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0690143A-0A04-4A8E-BEDE-E95DE3FE3982"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/kiduswb/minimati/issues/2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

68
CVE-2023/CVE-2023-388xx/CVE-2023-38843.json
View File

@ -2,23 +2,81 @@
"id": "CVE-2023-38843",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-17T19:15:12.800",
"lastModified": "2023-08-18T12:43:51.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:52:08.800",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in Atlos v.1.0 allows an authenticated attacker to execute arbitrary code via a crafted payload into the description field in the incident function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1236"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlos:atlos:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF8C312A-82FA-4E6E-8545-4D66B38E9222"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/senzee1984/ff30f0914db39d2741ab17332f0fc6e1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/atlosdotorg/atlos",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

2641
CVE-2023/CVE-2023-389xx/CVE-2023-38902.json
View File

File diff suppressed because it is too large Load Diff

71
CVE-2023/CVE-2023-389xx/CVE-2023-38905.json
View File

@ -2,23 +2,84 @@
"id": "CVE-2023-38905",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-17T19:15:12.873",
"lastModified": "2023-08-18T12:43:51.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:57:38.907",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local attacker to cause a denial of service via the Benchmark, PG_Sleep, DBMS_Lock.Sleep, Waitfor, DECODE, and DBMS_PIPE.RECEIVE_MESSAGE functions."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jeecg:jeecg_boot:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.5.0",
"matchCriteriaId": "7CCC4761-FDE8-4C1D-99BA-74DB3DEB267A"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/wealeson1/e24fc8575f4e051320d69e9a75080642",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/jeecgboot/jeecg-boot/issues/4737",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

92
CVE-2023/CVE-2023-394xx/CVE-2023-39415.json
View File

@ -2,27 +2,107 @@
"id": "CVE-2023-39415",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-08-18T10:15:11.620",
"lastModified": "2023-08-18T12:43:51.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:48:55.417",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper authentication vulnerability in Proself Enterprise/Standard Edition Ver5.61 and earlier, Proself Gateway Edition Ver1.62 and earlier, and Proself Mail Sanitize Edition Ver1.07 and earlier allow a remote unauthenticated attacker to log in to the product's Control Panel and perform an unintended operation."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:northgrid:proself:*:*:*:*:mail_sanitize:*:*:*",
"versionEndIncluding": "1.07",
"matchCriteriaId": "08080859-2BE8-4E98-A71F-55B05FFF34CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:northgrid:proself:*:*:*:*:gateway:*:*:*",
"versionEndIncluding": "1.62",
"matchCriteriaId": "62F99405-78A1-4911-8731-AF45ACCEC028"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:northgrid:proself:*:*:*:*:enterprise:*:*:*",
"versionEndIncluding": "5.61",
"matchCriteriaId": "FFCCF32A-D960-4A11-BAE5-253BDED708E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:northgrid:proself:*:*:*:*:standard:*:*:*",
"versionEndIncluding": "5.61",
"matchCriteriaId": "EDA2D322-61CB-4252-912E-2DAA674DF9B6"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN19661362/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.proself.jp/information/149/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.proself.jp/information/150/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
}
]
}

92
CVE-2023/CVE-2023-394xx/CVE-2023-39416.json
View File

@ -2,27 +2,107 @@
"id": "CVE-2023-39416",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-08-18T10:15:11.887",
"lastModified": "2023-08-18T12:43:51.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:48:22.340",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Proself Enterprise/Standard Edition Ver5.61 and earlier, Proself Gateway Edition Ver1.62 and earlier, and Proself Mail Sanitize Edition Ver1.07 and earlier allow a remote authenticated attacker with an administrative privilege to execute arbitrary OS commands."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:northgrid:proself:*:*:*:*:mail_sanitize:*:*:*",
"versionEndIncluding": "1.07",
"matchCriteriaId": "08080859-2BE8-4E98-A71F-55B05FFF34CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:northgrid:proself:*:*:*:*:gateway:*:*:*",
"versionEndIncluding": "1.62",
"matchCriteriaId": "62F99405-78A1-4911-8731-AF45ACCEC028"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:northgrid:proself:*:*:*:*:enterprise:*:*:*",
"versionEndIncluding": "5.61",
"matchCriteriaId": "FFCCF32A-D960-4A11-BAE5-253BDED708E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:northgrid:proself:*:*:*:*:standard:*:*:*",
"versionEndIncluding": "5.61",
"matchCriteriaId": "EDA2D322-61CB-4252-912E-2DAA674DF9B6"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN19661362/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.proself.jp/information/149/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.proself.jp/information/150/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
}
]
}

44
CVE-2023/CVE-2023-394xx/CVE-2023-39441.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2023-39441",
"sourceIdentifier": "security@apache.org",
"published": "2023-08-23T16:15:09.617",
"lastModified": "2023-08-23T16:33:41.620",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Apache Airflow SMTP Provider before 1.3.0, Apache Airflow IMAP Provider before 3.3.0, and\u00a0Apache Airflow before 2.7.0 are affected by the\u00a0Validation of OpenSSL Certificate vulnerability.\n\nThe default SSL context with SSL library did not check a server's X.509\u00a0certificate.\u00a0 Instead, the code accepted any certificate, which could\u00a0result in the disclosure of mail server credentials or mail contents\u00a0when the client connects to an attacker in a MITM position.\n\nUsers are strongly advised to upgrade to Apache Airflow version 2.7.0 or newer, Apache Airflow IMAP Provider version 3.3.0 or newer, and Apache Airflow SMTP Provider version 1.3.0 or newer to mitigate the risk associated with this vulnerability"
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"references": [
{
"url": "https://github.com/apache/airflow/pull/33070",
"source": "security@apache.org"
},
{
"url": "https://github.com/apache/airflow/pull/33075",
"source": "security@apache.org"
},
{
"url": "https://github.com/apache/airflow/pull/33108",
"source": "security@apache.org"
},
{
"url": "https://lists.apache.org/thread/xzp4wgjg2b1o6ylk2595df8bstlbo1lb",
"source": "security@apache.org"
}
]
}

137
CVE-2023/CVE-2023-394xx/CVE-2023-39454.json
View File

@ -2,23 +2,150 @@
"id": "CVE-2023-39454",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-08-18T10:15:12.280",
"lastModified": "2023-08-18T12:43:51.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:48:10.200",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow vulnerability in WRC-X1800GS-B v1.13 and earlier, WRC-X1800GSA-B v1.13 and earlier, and WRC-X1800GSH-B v1.13 and earlier allows an unauthenticated attacker to execute arbitrary code."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:wrc-x1800gs-b_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.13",
"matchCriteriaId": "180230C8-AC98-43BA-8FB9-D32D75B5D004"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:elecom:wrc-x1800gs-b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95667B22-5F8C-4774-9E69-2F4B9AF595AC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:wrc-x1800gsa-b_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.13",
"matchCriteriaId": "09B2B059-11E9-4D03-A162-B06E56649167"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:elecom:wrc-x1800gsa-b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3842FA46-4CA2-4ECE-8632-2C74E8D97CDB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:wrc-x1800gsh-b_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.13",
"matchCriteriaId": "5DD8EAED-69F6-47ED-B521-E675AD501B38"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:elecom:wrc-x1800gsh-b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20EA8B33-784F-44E8-B215-DC2554709100"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU91630351/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.elecom.co.jp/news/security/20230711-01/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
}
]
}

242
CVE-2023/CVE-2023-394xx/CVE-2023-39455.json
View File

@ -2,23 +2,255 @@
"id": "CVE-2023-39455",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-08-18T10:15:12.337",
"lastModified": "2023-08-18T12:43:51.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:48:02.820",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "OS command injection vulnerability in ELECOM wireless LAN routers allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request. Affected products and versions are as follows: WRC-600GHBK-A all versions, WRC-1467GHBK-A all versions, WRC-1900GHBK-A all versions, WRC-733FEBK2-A all versions, WRC-F1167ACF2 all versions, WRC-1467GHBK-S all versions, and WRC-1900GHBK-S all versions."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:wrc-600ghbk-a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59693326-E999-4115-BB4D-67C6B6A6FC4F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:elecom:wrc-600ghbk-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FEEDBD-C39E-46C4-87E7-B59967845A42"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:wrc-1467ghbk-a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC533672-D149-4A6B-A60F-E5888A4D0866"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:elecom:wrc-1467ghbk-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE63634-3DBE-4B5F-B871-F076238BC4C1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:wrc-1900ghbk-a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6924154-8795-4E5D-8DA3-6EB49EEA2EC0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:elecom:wrc-1900ghbk-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9EEA205-6C7C-4AB3-BAEF-30249B176DE8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:wrc-733febk2-a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3ADFE2B7-2D1A-42A1-9BB5-BEB940464D53"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:elecom:wrc-733febk2-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2468934-2A7D-4DD7-8145-7F3E86F12BB1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:wrc-f1167acf2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7236FA68-7625-427E-AD31-995EE0CAD0F9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:elecom:wrc-f1167acf2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A01DD657-E35F-434C-B9D1-6EFA4C69A0CF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:wrc-1467ghbk-s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F19CD96A-4C04-4BFA-9E4D-8FC5E9E5E234"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:elecom:wrc-1467ghbk-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "376A8656-1F77-4F34-B644-5DB95CEE1FD8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:wrc-1900ghbk-s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A0420E3E-E12A-471E-8EE1-67E2BC70D3CA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:elecom:wrc-1900ghbk-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20D26F24-2789-4111-983D-F3CF358E5B19"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU91630351/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.elecom.co.jp/news/security/20230810-01/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
}
]
}

15
CVE-2023/CVE-2023-395xx/CVE-2023-39583.json Normal file
View File

@ -0,0 +1,15 @@
{
"id": "CVE-2023-39583",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-23T17:15:44.063",
"lastModified": "2023-08-23T17:15:44.063",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-38831. Reason: This candidate is a reservation duplicate of CVE-2023-38831. Notes: All CVE users should reference CVE-2023-38831 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
],
"metrics": {},
"references": []
}

80
CVE-2023/CVE-2023-396xx/CVE-2023-39672.json
View File

@ -2,23 +2,93 @@
"id": "CVE-2023-39672",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-18T03:15:23.857",
"lastModified": "2023-08-18T12:43:51.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T17:47:51.137",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Tenda WH450 v1.0.0.18 was discovered to contain a buffer overflow via the function fgets."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:wh450a_firmware:1.0.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A906A1-2943-4288-9370-2F61372B5C44"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:wh450a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A19D0B75-7D80-486E-98A4-403468E3435C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Davidteeri/Bug-Report/blob/main/Tenda/WH450%20buffer%20overflow.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.tendacn.com/download/list-3.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

69
CVE-2023/CVE-2023-397xx/CVE-2023-39741.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-39741",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-17T19:15:12.977",
"lastModified": "2023-08-18T12:43:51.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T17:08:59.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "lrzip v0.651 was discovered to contain a heap overflow via the libzpaq::PostProcessor::write(int) function at /libzpaq/libzpaq.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:long_range_zip_project:long_range_zip:0.651:*:*:*:*:*:*:*",
"matchCriteriaId": "052FD35D-AAF5-4D09-8F2A-E56F6C3B63D7"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ckolivas/lrzip/issues/246",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://github.com/huanglei3/lrzip_poc/tree/main/lrzip_heap_overflow",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

69
CVE-2023/CVE-2023-397xx/CVE-2023-39743.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-39743",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-17T19:15:13.077",
"lastModified": "2023-08-18T12:43:51.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T17:27:27.507",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "lrzip-next LZMA v23.01 was discovered to contain an access violation via the component /bz3_decode_block src/libbz3.c."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pete4abw:lzma_software_development_kit:23.01:*:*:*:*:*:*:*",
"matchCriteriaId": "7E666D44-321E-4DDC-9A5E-522B7809C86B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/huanglei3/lrzip-next-poc/tree/main",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Technical Description"
]
},
{
"url": "https://github.com/pete4abw/lrzip-next/issues/132",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

107
CVE-2023/CVE-2023-399xx/CVE-2023-39944.json
View File

@ -2,23 +2,120 @@
"id": "CVE-2023-39944",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-08-18T10:15:12.403",
"lastModified": "2023-08-18T12:43:51.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:47:51.790",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "OS command injection vulnerability in WRC-F1167ACF all versions, and WRC-1750GHBK all versions allows an attacker who can access the product to execute an arbitrary OS command by sending a specially crafted request."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:wrc-f1167acf_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0233A6C1-4F74-4347-B204-899F0504E713"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:elecom:wrc-f1167acf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C244EA13-D45C-4968-A330-3AD80F588537"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:wrc-1750ghbk_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E00CABDD-B213-4DAA-9FC4-D907AC465134"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:elecom:wrc-1750ghbk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D1F1675-60C1-4150-8306-1592F88D3DAC"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU91630351/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.elecom.co.jp/news/security/20230810-01/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-399xx/CVE-2023-39970.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-39970",
"sourceIdentifier": "security@joomla.org",
"published": "2023-08-17T21:15:09.243",
"lastModified": "2023-08-18T12:43:51.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T17:39:56.180",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in AcyMailing component for Joomla. It allows remote code execution."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
},
{
"source": "security@joomla.org",
"type": "Secondary",
@ -23,10 +56,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acyba:acymailing_starter:*:*:*:*:*:joomla\\!:*:*",
"versionStartIncluding": "6.7.0",
"versionEndIncluding": "8.5.0",
"matchCriteriaId": "CE33CFC3-0BCF-443E-8991-D4C6F42E1AD5"
}
]
}
]
}
],
"references": [
{
"url": "https://extensions.joomla.org/extension/acymailing-starter/",
"source": "security@joomla.org"
"source": "security@joomla.org",
"tags": [
"Product"
]
}
]
}

76
CVE-2023/CVE-2023-400xx/CVE-2023-40037.json
View File

@ -2,19 +2,52 @@
"id": "CVE-2023-40037",
"sourceIdentifier": "security@apache.org",
"published": "2023-08-18T22:15:10.690",
"lastModified": "2023-08-20T00:48:59.350",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:59:00.893",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Apache NiFi 1.21.0 through 1.23.0 support JDBC and JNDI JMS access in several Processors and Controller Services with connection URL validation that does not provide sufficient protection against crafted inputs. An authenticated and authorized user can bypass connection URL validation using custom input formatting. The resolution enhances connection URL validation and introduces validation for additional related properties. Upgrading to Apache NiFi 1.23.1 is the recommended mitigation.\n"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-697"
}
]
},
{
"source": "security@apache.org",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -23,18 +56,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:nifi:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.21.0",
"versionEndExcluding": "1.23.1",
"matchCriteriaId": "9812B522-56BA-4506-BFBA-D2108DCAC64E"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/08/18/2",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread/bqbjlrs2p5ghh8sbk5nsxb8xpf9l687q",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://nifi.apache.org/security.html#CVE-2023-40037",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
]
}
]
}

188
CVE-2023/CVE-2023-400xx/CVE-2023-40069.json
View File

@ -2,23 +2,201 @@
"id": "CVE-2023-40069",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-08-18T10:15:12.653",
"lastModified": "2023-08-18T12:43:51.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:46:05.750",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "OS command injection vulnerability in ELECOM wireless LAN routers allows an attacker who can access the product to execute an arbitrary OS command by sending a specially crafted request. Affected products and versions are as follows: WRC-F1167ACF all versions, WRC-1750GHBK all versions, WRC-1167GHBK2 all versions, WRC-1750GHBK2-I all versions, and WRC-1750GHBK-E all versions."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:wrc-f1167acf_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0233A6C1-4F74-4347-B204-899F0504E713"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:elecom:wrc-f1167acf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C244EA13-D45C-4968-A330-3AD80F588537"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:wrc-1750ghbk_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E00CABDD-B213-4DAA-9FC4-D907AC465134"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:elecom:wrc-1750ghbk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D1F1675-60C1-4150-8306-1592F88D3DAC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:wrc-1167ghbk2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07F1B061-C150-4DED-B3DE-B6DDB67AF1C4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:elecom:wrc-1167ghbk2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DF1D75E-EF09-4BF7-AC5C-F6CDC5B6ED8E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:wrc-1750ghbk2-i_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "491E938A-060D-4A3E-B466-F2BC12DEF9F1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:elecom:wrc-1750ghbk2-i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1EAF366-E7EB-4864-BB1C-16D828141CFD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:wrc-1750ghbk-e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "680D6E21-6065-4FCA-A8E6-DF53BD2E4927"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:elecom:wrc-1750ghbk-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDB8292C-ABDA-4F61-8EF1-D498AE3BF66C"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU91630351/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.elecom.co.jp/news/security/20230810-01/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
}
]
}

107
CVE-2023/CVE-2023-400xx/CVE-2023-40072.json
View File

@ -2,23 +2,120 @@
"id": "CVE-2023-40072",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-08-18T10:15:12.847",
"lastModified": "2023-08-18T12:43:51.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:45:51.827",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "OS command injection vulnerability in WAB-S600-PS all versions, and WAB-S300 all versions allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:wab-s600-ps_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "638B37F3-076A-44C0-83A4-DDAACC669376"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:elecom:wab-s600-ps:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6C5979C-DE63-4B06-B540-EB734082204A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:wab-s300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59EFC7CC-3A9D-4B54-A887-29160C11EE6D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:elecom:wab-s300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCEE7563-FEA0-45D1-AD65-1B78DAF0ED4D"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU91630351/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.elecom.co.jp/news/security/20230810-01/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
}
]
}

36
CVE-2023/CVE-2023-402xx/CVE-2023-40273.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-40273",
"sourceIdentifier": "security@apache.org",
"published": "2023-08-23T16:15:09.803",
"lastModified": "2023-08-23T16:33:41.620",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The session fixation vulnerability allowed the authenticated user to continue accessing Airflow webserver even after the password of the user has been reset by the admin - up until the expiry of the session of the user. Other than manually cleaning the session database (for database\u00a0session backend), or changing the secure_key and restarting the webserver, there were no mechanisms to force-logout the user (and all other users with that).\n\nWith this fix implemented, when using the\u00a0database\u00a0session backend, the existing sessions of the user are invalidated when the password of the user is reset. When using the securecookie\u00a0session backend, the sessions are NOT invalidated and still require changing the secure key and restarting the webserver (and logging out all other users), but the user resetting the password is informed about it with a flash message warning displayed in the UI. Documentation is also updated explaining this behaviour.\n\nUsers of Apache Airflow are advised to upgrade to version 2.7.0 or newer to mitigate the risk associated with this vulnerability.\n"
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-384"
}
]
}
],
"references": [
{
"url": "https://github.com/apache/airflow/pull/33347",
"source": "security@apache.org"
},
{
"url": "https://lists.apache.org/thread/9rdmv8ln4y4ncbyrlmjrsj903x4l80nj",
"source": "security@apache.org"
}
]
}

90
CVE-2023/CVE-2023-403xx/CVE-2023-40311.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40311",
"sourceIdentifier": "security@opennms.com",
"published": "2023-08-14T18:15:11.247",
"lastModified": "2023-08-14T18:59:33.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T17:04:28.627",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "security@opennms.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@opennms.com",
"type": "Secondary",
@ -46,18 +76,68 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opennms:horizon:*:*:*:*:*:*:*:*",
"versionStartIncluding": "31.0.8",
"versionEndExcluding": "32.0.2",
"matchCriteriaId": "62C4B0BB-21CA-40FC-8A39-26B86AA35FD9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opennms:meridian:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2020.1.38",
"matchCriteriaId": "B2D5D1D2-CF1D-4F19-AEAF-FFCFC79776FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opennms:meridian:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022.1.0",
"versionEndExcluding": "2022.1.19",
"matchCriteriaId": "036E7C54-677A-4656-89E0-CC0134F51642"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opennms:meridian:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023.1.0",
"versionEndExcluding": "2023.1.6",
"matchCriteriaId": "CA718877-9AB1-43FF-B1E5-9A47992EC1EC"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/OpenNMS/opennms",
"source": "security@opennms.com"
"source": "security@opennms.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/OpenNMS/opennms/pull/6365",
"source": "security@opennms.com"
"source": "security@opennms.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://github.com/OpenNMS/opennms/pull/6366",
"source": "security@opennms.com"
"source": "security@opennms.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

84
CVE-2023/CVE-2023-403xx/CVE-2023-40312.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40312",
"sourceIdentifier": "security@opennms.com",
"published": "2023-08-14T18:15:11.420",
"lastModified": "2023-08-14T18:59:33.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:58:38.697",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 2.7
},
{
"source": "security@opennms.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@opennms.com",
"type": "Secondary",
@ -46,14 +76,60 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opennms:horizon:*:*:*:*:*:*:*:*",
"versionStartIncluding": "31.0.8",
"versionEndExcluding": "32.0.2",
"matchCriteriaId": "62C4B0BB-21CA-40FC-8A39-26B86AA35FD9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opennms:meridian:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2020.1.38",
"matchCriteriaId": "B2D5D1D2-CF1D-4F19-AEAF-FFCFC79776FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opennms:meridian:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022.1.0",
"versionEndExcluding": "2022.1.19",
"matchCriteriaId": "036E7C54-677A-4656-89E0-CC0134F51642"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opennms:meridian:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023.1.0",
"versionEndExcluding": "2023.1.6",
"matchCriteriaId": "CA718877-9AB1-43FF-B1E5-9A47992EC1EC"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.opennms.com/horizon/32/releasenotes/changelog.html",
"source": "security@opennms.com"
"source": "security@opennms.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/OpenNMS/opennms/pull/6356",
"source": "security@opennms.com"
"source": "security@opennms.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

92
CVE-2023/CVE-2023-403xx/CVE-2023-40313.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40313",
"sourceIdentifier": "security@opennms.com",
"published": "2023-08-17T19:15:13.220",
"lastModified": "2023-08-18T12:43:51.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T17:31:52.053",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@opennms.com",
"type": "Secondary",
@ -34,14 +54,78 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opennms:horizon:*:*:*:*:*:*:*:*",
"versionEndExcluding": "32.0.2",
"matchCriteriaId": "B1F43487-53A1-4CB8-8771-46E4F904D3AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opennms:meridian:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2020.1.38",
"matchCriteriaId": "B2D5D1D2-CF1D-4F19-AEAF-FFCFC79776FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opennms:meridian:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021.1.0",
"versionEndExcluding": "2021.1.30",
"matchCriteriaId": "996A419A-2DC1-4F83-B0D7-EE97031F8A59"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opennms:meridian:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022.1.0",
"versionEndExcluding": "2022.1.19",
"matchCriteriaId": "036E7C54-677A-4656-89E0-CC0134F51642"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opennms:meridian:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023.1.0",
"versionEndExcluding": "2023.1.6",
"matchCriteriaId": "CA718877-9AB1-43FF-B1E5-9A47992EC1EC"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.opennms.com/horizon/32/releasenotes/changelog.html",
"source": "security@opennms.com"
"source": "security@opennms.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/OpenNMS/opennms/pull/6368",
"source": "security@opennms.com"
"source": "security@opennms.com",
"tags": [
"Issue Tracking",
"Patch"
]
}
]
}

32
CVE-2023/CVE-2023-40xx/CVE-2023-4040.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4040",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-08-18T07:15:09.117",
"lastModified": "2023-08-18T12:43:51.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:50:59.697",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,14 +46,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webtoffee:stripe_payment_plugin_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.8.0",
"matchCriteriaId": "5CFA9F5E-5F6D-49BB-B2AD-6401ABC5AE6B"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/2954934/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ef543c61-2acc-4b72-81ff-883960d4c7c3?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-41xx/CVE-2023-4136.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-4136",
"sourceIdentifier": "security@craftersoftware.com",
"published": "2023-08-03T15:15:34.167",
"lastModified": "2023-08-23T15:15:09.143",
"lastModified": "2023-08-23T16:15:10.050",
"vulnStatus": "Modified",
"descriptions": [
{
@ -155,6 +155,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/174304/CrafterCMS-4.0.2-Cross-Site-Scripting.html",
"source": "security@craftersoftware.com"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/30",
"source": "security@craftersoftware.com"

54
CVE-2023/CVE-2023-43xx/CVE-2023-4371.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4371",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-08-15T15:15:09.710",
"lastModified": "2023-08-15T16:06:01.557",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:11:14.620",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,14 +93,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phprecdb:phprecdb:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56F69DA9-4B43-4259-8348-46C68D7880CE"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.237194",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.237194",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

72
CVE-2023/CVE-2023-43xx/CVE-2023-4383.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4383",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-08-16T20:15:09.740",
"lastModified": "2023-08-17T12:53:44.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:36:09.520",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -61,8 +83,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -71,18 +103,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:escanav:escan_anti-virus:7.0.32:*:*:*:*:linux:*:*",
"matchCriteriaId": "E68B4EB3-10EC-4AAC-A956-BEBEDD93D250"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/dmknght/ac489cf3605ded09b3925521afee3003",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.237315",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.237315",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

61
CVE-2023/CVE-2023-43xx/CVE-2023-4384.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4384",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-08-16T20:15:09.827",
"lastModified": "2023-08-17T12:53:44.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:55:06.780",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:maximatech:portal_executivo:21.9.1.140:*:*:*:*:*:*:*",
"matchCriteriaId": "8553089B-B07D-4143-BF83-679E8C860FCC"
}
]
}
]
}
],
"references": [
{
"url": "https://l6x.notion.site/PoC-7041cf9625554273b17148de85705d06?pvs=4",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.237316",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.237316",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

74
CVE-2023/CVE-2023-44xx/CVE-2023-4411.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4411",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-08-18T14:15:35.227",
"lastModified": "2023-08-18T15:06:49.560",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T17:00:44.090",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,60 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:ex1200l_firmware:9.3.5u.6146_b20201023:*:*:*:*:*:*:*",
"matchCriteriaId": "F2A5A448-0444-4DA7-8C74-66AA5300D40D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:ex1200l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4BC1501-2EAC-43B7-83E0-04FBA874D29D"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/dmknght/02a29e1c5ae18b45eacc2085d22068e8",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.237514",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.237514",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

72
CVE-2023/CVE-2023-44xx/CVE-2023-4412.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4412",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-08-18T15:15:10.240",
"lastModified": "2023-08-18T16:39:17.773",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T17:00:02.093",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,58 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:ex1200l_firmware:9.3.5u.6146_b20201023:*:*:*:*:*:*:*",
"matchCriteriaId": "F2A5A448-0444-4DA7-8C74-66AA5300D40D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:ex1200l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4BC1501-2EAC-43B7-83E0-04FBA874D29D"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/dmknght/02a29e1c5ae18b45eacc2085d22068e8",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.237515",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.237515",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-44xx/CVE-2023-4432.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4432",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-08-19T01:15:09.290",
"lastModified": "2023-08-20T00:48:59.350",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:58:29.763",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:agentejo:cockpit:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.6.3",
"matchCriteriaId": "DB13440F-5FAF-437B-A4EF-47CA96DB8FC4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/cockpit-hq/cockpit/commit/2a93d391fbd2dd9e730f65d43b29beb65903d195",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/69684663-6822-41ff-aa05-afbdb8f5268f",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-44xx/CVE-2023-4433.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4433",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-08-19T01:15:09.573",
"lastModified": "2023-08-20T00:48:59.350",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T16:58:12.130",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:agentejo:cockpit:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.6.3",
"matchCriteriaId": "DB13440F-5FAF-437B-A4EF-47CA96DB8FC4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/cockpit-hq/cockpit/commit/36d1d4d256cbbab028342ba10cc493e5c119172c",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/64f3253d-6852-4b9f-b870-85e896007b1a",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-44xx/CVE-2023-4437.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4437",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-08-20T22:15:11.027",
"lastModified": "2023-08-21T12:47:13.573",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T17:07:08.507",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:inventory_management_system_project:inventory_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BE3D9475-43F9-4544-973D-E5B41DDB2695"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/E1CHO/cve_hub/blob/main/PUBLIC%20CVE%20HUB/Free%20and%20Open%20Source%20inventory%20management%20system%20-%20vuln%202.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.237558",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.237558",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

62
CVE-2023/CVE-2023-44xx/CVE-2023-4438.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4438",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-08-20T23:15:09.493",
"lastModified": "2023-08-21T12:47:13.573",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T17:06:39.757",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:inventory_management_system_project:inventory_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BE3D9475-43F9-4544-973D-E5B41DDB2695"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/E1CHO/cve_hub/blob/main/PUBLIC%20CVE%20HUB/Free%20and%20Open%20Source%20inventory%20management%20system%20-%20vuln%203.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.237559",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.237559",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

57
CVE-2023/CVE-2023-44xx/CVE-2023-4439.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4439",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-08-20T23:15:10.440",
"lastModified": "2023-08-21T12:47:13.573",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T17:29:18.960",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,14 +93,41 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:card_holder_management_system_project:card_holder_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37F7FC19-00E6-4F29-B0A7-C9DD38AE6718"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.237560",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.237560",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

61
CVE-2023/CVE-2023-44xx/CVE-2023-4440.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4440",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-08-20T23:15:10.693",
"lastModified": "2023-08-21T12:47:13.573",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T17:04:47.187",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:free_hospital_management_system_for_small_practices_project:free_hospital_management_system_for_small_practices:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6628AA15-4E5F-423E-A548-44D1300F8AD8"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/CookedMelon/cve/tree/master/hospital/patient",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.237561",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Press/Media Coverage",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.237561",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

56
CVE-2023/CVE-2023-44xx/CVE-2023-4441.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4441",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-08-21T00:15:09.457",
"lastModified": "2023-08-21T12:47:13.573",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T17:04:25.183",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,14 +93,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:free_hospital_management_system_for_small_practices_project:free_hospital_management_system_for_small_practices:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6628AA15-4E5F-423E-A548-44D1300F8AD8"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.237562",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.237562",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

61
CVE-2023/CVE-2023-44xx/CVE-2023-4442.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4442",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-08-21T00:15:09.860",
"lastModified": "2023-08-21T12:47:13.573",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T17:04:01.710",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:free_hospital_management_system_for_small_practices_project:free_hospital_management_system_for_small_practices:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6628AA15-4E5F-423E-A548-44D1300F8AD8"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/CookedMelon/cve/tree/master/hospital/patient-book",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.237563",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.237563",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

61
CVE-2023/CVE-2023-44xx/CVE-2023-4443.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4443",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-08-21T01:15:10.013",
"lastModified": "2023-08-21T12:47:13.573",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T17:03:37.750",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:free_hospital_management_system_for_small_practices_project:free_hospital_management_system_for_small_practices:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6628AA15-4E5F-423E-A548-44D1300F8AD8"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/CookedMelon/cve/tree/master/hospital/doctor-edit",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.237564",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.237564",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

74
CVE-2023/CVE-2023-44xx/CVE-2023-4444.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4444",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-08-21T01:15:10.117",
"lastModified": "2023-08-21T12:47:13.573",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T17:02:58.503",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -61,7 +83,7 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -69,20 +91,60 @@
"value": "CWE-89"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:free_hospital_management_system_for_small_practices_project:free_hospital_management_system_for_small_practices:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6628AA15-4E5F-423E-A548-44D1300F8AD8"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/CookedMelon/cve/tree/master/hospital/patient-edit",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.237565",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.237565",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

62
CVE-2023/CVE-2023-44xx/CVE-2023-4449.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4449",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-08-21T02:15:10.370",
"lastModified": "2023-08-21T12:47:08.843",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T17:02:04.030",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:inventory_management_system_project:inventory_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BE3D9475-43F9-4544-973D-E5B41DDB2695"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Jacky-Y/vuls/blob/main/README.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.237570",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.237570",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

79
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-08-23T16:00:28.413249+00:00
2023-08-23T18:00:33.936001+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-08-23T15:56:46.197000+00:00
2023-08-23T17:47:51.137000+00:00
```
### Last Data Feed Release
@ -29,57 +29,50 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
223313
223319
```
### CVEs added in the last Commit
Recently added CVEs: `14`
Recently added CVEs: `6`
* [CVE-2023-32236](CVE-2023/CVE-2023-322xx/CVE-2023-32236.json) (`2023-08-23T14:15:07.967`)
* [CVE-2023-32496](CVE-2023/CVE-2023-324xx/CVE-2023-32496.json) (`2023-08-23T14:15:08.350`)
* [CVE-2023-32497](CVE-2023/CVE-2023-324xx/CVE-2023-32497.json) (`2023-08-23T14:15:08.693`)
* [CVE-2023-32498](CVE-2023/CVE-2023-324xx/CVE-2023-32498.json) (`2023-08-23T14:15:08.887`)
* [CVE-2023-32499](CVE-2023/CVE-2023-324xx/CVE-2023-32499.json) (`2023-08-23T14:15:09.047`)
* [CVE-2023-28994](CVE-2023/CVE-2023-289xx/CVE-2023-28994.json) (`2023-08-23T15:15:07.890`)
* [CVE-2023-32300](CVE-2023/CVE-2023-323xx/CVE-2023-32300.json) (`2023-08-23T15:15:08.117`)
* [CVE-2023-32505](CVE-2023/CVE-2023-325xx/CVE-2023-32505.json) (`2023-08-23T15:15:08.253`)
* [CVE-2023-32509](CVE-2023/CVE-2023-325xx/CVE-2023-32509.json) (`2023-08-23T15:15:08.403`)
* [CVE-2023-41122](CVE-2023/CVE-2023-411xx/CVE-2023-41122.json) (`2023-08-23T15:15:08.557`)
* [CVE-2023-41123](CVE-2023/CVE-2023-411xx/CVE-2023-41123.json) (`2023-08-23T15:15:08.657`)
* [CVE-2023-41124](CVE-2023/CVE-2023-411xx/CVE-2023-41124.json) (`2023-08-23T15:15:08.750`)
* [CVE-2023-41125](CVE-2023/CVE-2023-411xx/CVE-2023-41125.json) (`2023-08-23T15:15:08.850`)
* [CVE-2023-41126](CVE-2023/CVE-2023-411xx/CVE-2023-41126.json) (`2023-08-23T15:15:08.947`)
* [CVE-2023-1409](CVE-2023/CVE-2023-14xx/CVE-2023-1409.json) (`2023-08-23T16:15:08.167`)
* [CVE-2023-37379](CVE-2023/CVE-2023-373xx/CVE-2023-37379.json) (`2023-08-23T16:15:09.330`)
* [CVE-2023-39441](CVE-2023/CVE-2023-394xx/CVE-2023-39441.json) (`2023-08-23T16:15:09.617`)
* [CVE-2023-40273](CVE-2023/CVE-2023-402xx/CVE-2023-40273.json) (`2023-08-23T16:15:09.803`)
* [CVE-2023-38831](CVE-2023/CVE-2023-388xx/CVE-2023-38831.json) (`2023-08-23T17:15:43.863`)
* [CVE-2023-39583](CVE-2023/CVE-2023-395xx/CVE-2023-39583.json) (`2023-08-23T17:15:44.063`)
### CVEs modified in the last Commit
Recently modified CVEs: `24`
Recently modified CVEs: `70`
* [CVE-2022-4894](CVE-2022/CVE-2022-48xx/CVE-2022-4894.json) (`2023-08-23T15:29:31.687`)
* [CVE-2023-35808](CVE-2023/CVE-2023-358xx/CVE-2023-35808.json) (`2023-08-23T14:15:09.297`)
* [CVE-2023-35809](CVE-2023/CVE-2023-358xx/CVE-2023-35809.json) (`2023-08-23T14:15:10.210`)
* [CVE-2023-35810](CVE-2023/CVE-2023-358xx/CVE-2023-35810.json) (`2023-08-23T14:15:10.430`)
* [CVE-2023-35811](CVE-2023/CVE-2023-358xx/CVE-2023-35811.json) (`2023-08-23T14:15:10.707`)
* [CVE-2023-3244](CVE-2023/CVE-2023-32xx/CVE-2023-3244.json) (`2023-08-23T14:30:37.027`)
* [CVE-2023-36106](CVE-2023/CVE-2023-361xx/CVE-2023-36106.json) (`2023-08-23T14:33:07.907`)
* [CVE-2023-28690](CVE-2023/CVE-2023-286xx/CVE-2023-28690.json) (`2023-08-23T14:37:43.853`)
* [CVE-2023-40251](CVE-2023/CVE-2023-402xx/CVE-2023-40251.json) (`2023-08-23T14:43:45.137`)
* [CVE-2023-29151](CVE-2023/CVE-2023-291xx/CVE-2023-29151.json) (`2023-08-23T15:00:10.933`)
* [CVE-2023-2910](CVE-2023/CVE-2023-29xx/CVE-2023-2910.json) (`2023-08-23T15:03:06.753`)
* [CVE-2023-34216](CVE-2023/CVE-2023-342xx/CVE-2023-34216.json) (`2023-08-23T15:08:57.020`)
* [CVE-2023-34215](CVE-2023/CVE-2023-342xx/CVE-2023-34215.json) (`2023-08-23T15:11:31.647`)
* [CVE-2023-40252](CVE-2023/CVE-2023-402xx/CVE-2023-40252.json) (`2023-08-23T15:13:24.897`)
* [CVE-2023-20242](CVE-2023/CVE-2023-202xx/CVE-2023-20242.json) (`2023-08-23T15:14:06.183`)
* [CVE-2023-4136](CVE-2023/CVE-2023-41xx/CVE-2023-4136.json) (`2023-08-23T15:15:09.143`)
* [CVE-2023-40216](CVE-2023/CVE-2023-402xx/CVE-2023-40216.json) (`2023-08-23T15:21:05.607`)
* [CVE-2023-40281](CVE-2023/CVE-2023-402xx/CVE-2023-40281.json) (`2023-08-23T15:27:41.540`)
* [CVE-2023-29182](CVE-2023/CVE-2023-291xx/CVE-2023-29182.json) (`2023-08-23T15:36:23.923`)
* [CVE-2023-23577](CVE-2023/CVE-2023-235xx/CVE-2023-23577.json) (`2023-08-23T15:45:18.317`)
* [CVE-2023-22841](CVE-2023/CVE-2023-228xx/CVE-2023-22841.json) (`2023-08-23T15:45:27.533`)
* [CVE-2023-2914](CVE-2023/CVE-2023-29xx/CVE-2023-2914.json) (`2023-08-23T15:46:19.610`)
* [CVE-2023-2915](CVE-2023/CVE-2023-29xx/CVE-2023-2915.json) (`2023-08-23T15:49:03.143`)
* [CVE-2023-2917](CVE-2023/CVE-2023-29xx/CVE-2023-2917.json) (`2023-08-23T15:56:46.197`)
* [CVE-2023-4433](CVE-2023/CVE-2023-44xx/CVE-2023-4433.json) (`2023-08-23T16:58:12.130`)
* [CVE-2023-4432](CVE-2023/CVE-2023-44xx/CVE-2023-4432.json) (`2023-08-23T16:58:29.763`)
* [CVE-2023-40312](CVE-2023/CVE-2023-403xx/CVE-2023-40312.json) (`2023-08-23T16:58:38.697`)
* [CVE-2023-40037](CVE-2023/CVE-2023-400xx/CVE-2023-40037.json) (`2023-08-23T16:59:00.893`)
* [CVE-2023-38839](CVE-2023/CVE-2023-388xx/CVE-2023-38839.json) (`2023-08-23T16:59:30.407`)
* [CVE-2023-32130](CVE-2023/CVE-2023-321xx/CVE-2023-32130.json) (`2023-08-23T16:59:45.130`)
* [CVE-2023-4412](CVE-2023/CVE-2023-44xx/CVE-2023-4412.json) (`2023-08-23T17:00:02.093`)
* [CVE-2023-27576](CVE-2023/CVE-2023-275xx/CVE-2023-27576.json) (`2023-08-23T17:00:20.757`)
* [CVE-2023-4411](CVE-2023/CVE-2023-44xx/CVE-2023-4411.json) (`2023-08-23T17:00:44.090`)
* [CVE-2023-4449](CVE-2023/CVE-2023-44xx/CVE-2023-4449.json) (`2023-08-23T17:02:04.030`)
* [CVE-2023-4444](CVE-2023/CVE-2023-44xx/CVE-2023-4444.json) (`2023-08-23T17:02:58.503`)
* [CVE-2023-4443](CVE-2023/CVE-2023-44xx/CVE-2023-4443.json) (`2023-08-23T17:03:37.750`)
* [CVE-2023-4442](CVE-2023/CVE-2023-44xx/CVE-2023-4442.json) (`2023-08-23T17:04:01.710`)
* [CVE-2023-4441](CVE-2023/CVE-2023-44xx/CVE-2023-4441.json) (`2023-08-23T17:04:25.183`)
* [CVE-2023-40311](CVE-2023/CVE-2023-403xx/CVE-2023-40311.json) (`2023-08-23T17:04:28.627`)
* [CVE-2023-4440](CVE-2023/CVE-2023-44xx/CVE-2023-4440.json) (`2023-08-23T17:04:47.187`)
* [CVE-2023-4438](CVE-2023/CVE-2023-44xx/CVE-2023-4438.json) (`2023-08-23T17:06:39.757`)
* [CVE-2023-4437](CVE-2023/CVE-2023-44xx/CVE-2023-4437.json) (`2023-08-23T17:07:08.507`)
* [CVE-2023-32107](CVE-2023/CVE-2023-321xx/CVE-2023-32107.json) (`2023-08-23T17:08:29.897`)
* [CVE-2023-39741](CVE-2023/CVE-2023-397xx/CVE-2023-39741.json) (`2023-08-23T17:08:59.037`)
* [CVE-2023-39743](CVE-2023/CVE-2023-397xx/CVE-2023-39743.json) (`2023-08-23T17:27:27.507`)
* [CVE-2023-4439](CVE-2023/CVE-2023-44xx/CVE-2023-4439.json) (`2023-08-23T17:29:18.960`)
* [CVE-2023-40313](CVE-2023/CVE-2023-403xx/CVE-2023-40313.json) (`2023-08-23T17:31:52.053`)
* [CVE-2023-39970](CVE-2023/CVE-2023-399xx/CVE-2023-39970.json) (`2023-08-23T17:39:56.180`)
* [CVE-2023-39672](CVE-2023/CVE-2023-396xx/CVE-2023-39672.json) (`2023-08-23T17:47:51.137`)
## Download and Usage