diff --git a/CVE-2021/CVE-2021-43xx/CVE-2021-4372.json b/CVE-2021/CVE-2021-43xx/CVE-2021-4372.json index 82a4f9501f3..49997f78d73 100644 --- a/CVE-2021/CVE-2021-43xx/CVE-2021-4372.json +++ b/CVE-2021/CVE-2021-43xx/CVE-2021-4372.json @@ -2,8 +2,8 @@ "id": "CVE-2021-4372", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-07T02:15:15.023", - "lastModified": "2023-06-07T02:44:48.507", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-13T02:08:38.943", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -46,14 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:rightpress:woocommerce_dynamic_pricing_and_discounts:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.4.1", + "matchCriteriaId": "99FB2230-2931-4006-9E18-953B7865E9D3" + } + ] + } + ] + } + ], "references": [ { "url": "https://blog.nintechnet.com/woocommerce-dynamic-pricing-and-discounts-plugin-fixed-multiple-vulnerabilities/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bcaa5d0e-b764-4566-bd46-2d41dc391c36?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-43xx/CVE-2021-4373.json b/CVE-2021/CVE-2021-43xx/CVE-2021-4373.json index f38850ea102..c8496eead10 100644 --- a/CVE-2021/CVE-2021-43xx/CVE-2021-4373.json +++ b/CVE-2021/CVE-2021-43xx/CVE-2021-4373.json @@ -2,8 +2,8 @@ "id": "CVE-2021-4373", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-07T02:15:15.083", - "lastModified": "2023-06-07T02:44:48.507", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-13T02:08:22.460", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -46,18 +76,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:webberzone:better_search:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.5.2", + "matchCriteriaId": "50A863C7-85E4-4678-BA94-37379FC27FE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/2473344", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cfc6c595-dad2-4abc-8187-ed72355273b8?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-43xx/CVE-2021-4374.json b/CVE-2021/CVE-2021-43xx/CVE-2021-4374.json index 4e0006d9fe3..2bbad853c19 100644 --- a/CVE-2021/CVE-2021-43xx/CVE-2021-4374.json +++ b/CVE-2021/CVE-2021-43xx/CVE-2021-4374.json @@ -2,8 +2,8 @@ "id": "CVE-2021-4374", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-07T02:15:15.147", - "lastModified": "2023-06-07T02:44:48.507", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-13T02:05:58.907", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -46,14 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:valvepress:wordpress_automatic_plugin:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.53.2", + "matchCriteriaId": "88AC61E1-351D-4A52-A7B7-EF80DF7618F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://blog.nintechnet.com/critical-vulnerability-fixed-in-wordpress-automatic-plugin/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d0567dc8-7a4c-42f4-bf45-f31a8efaa354?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-43xx/CVE-2021-4375.json b/CVE-2021/CVE-2021-43xx/CVE-2021-4375.json index ba77248b091..fefd9c2b38d 100644 --- a/CVE-2021/CVE-2021-43xx/CVE-2021-4375.json +++ b/CVE-2021/CVE-2021-43xx/CVE-2021-4375.json @@ -2,8 +2,8 @@ "id": "CVE-2021-4375", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-07T02:15:15.207", - "lastModified": "2023-06-07T02:44:48.507", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-13T02:05:45.717", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -46,14 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:collne:welcart_e-commerce:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.2.7", + "matchCriteriaId": "E0001C32-A260-43BD-8522-79783AC06CC9" + } + ] + } + ] + } + ], "references": [ { "url": "https://blog.nintechnet.com/wordpress-welcart-e-commerce-plugin-fixed-vulnerabilities/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d82e856b-c8c9-4139-ad54-89368e3b7125?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-43xx/CVE-2021-4376.json b/CVE-2021/CVE-2021-43xx/CVE-2021-4376.json index f9e0777fea3..7b331f5189b 100644 --- a/CVE-2021/CVE-2021-43xx/CVE-2021-4376.json +++ b/CVE-2021/CVE-2021-43xx/CVE-2021-4376.json @@ -2,16 +2,40 @@ "id": "CVE-2021-4376", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-07T02:15:15.277", - "lastModified": "2023-06-07T02:44:48.507", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-13T02:05:33.037", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The WooCommerce Multi Currency plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.1.17. This makes it possible for authenticated attackers to change the price of a product to an arbitrary value." + }, + { + "lang": "es", + "value": "El plugin WooCommerce Multi Currency para WordPress es vulnerable a una falta de autorizaci\u00f3n en versiones hasta la v2.1.17 inclusive. Esto hace posible que atacantes autenticados cambien el precio de un producto a un valor arbitrario. " } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -46,22 +80,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:palscode:woocommerce_multi_currency:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.1.17", + "matchCriteriaId": "D6D7C538-84BC-4A9A-9672-C4A1A5ACCAC4" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2734576%40woo-multi-currency&new=2734576%40woo-multi-currency&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://wordpress.org/plugins/woo-multi-currency/#developers", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://wpscan.com/vulnerability/480125bc-bab3-45b8-9325-a4d406655a61", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d8a490c6-14c1-4c71-b44c-1e362cc892a8?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-43xx/CVE-2021-4377.json b/CVE-2021/CVE-2021-43xx/CVE-2021-4377.json index aa709c51bb0..a820340a2ab 100644 --- a/CVE-2021/CVE-2021-43xx/CVE-2021-4377.json +++ b/CVE-2021/CVE-2021-43xx/CVE-2021-4377.json @@ -2,16 +2,40 @@ "id": "CVE-2021-4377", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-07T02:15:15.340", - "lastModified": "2023-06-07T02:44:48.507", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-13T02:05:08.623", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Doneren met Mollie plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.8.5 via the dmm_export_donations() function which is called via the admin_post_dmm_export hook due to missing capability checks. This can allow authenticated attackers to extract a CSV file that contains sensitive information about the donors." + }, + { + "lang": "es", + "value": "El plugin Doneren met Mollie para WordPress es vulnerable a la exposici\u00f3n de datos sensibles en versiones hasta la v2.8.5 inclusive, a trav\u00e9s de la funci\u00f3n \"dmm_export_donations()\" que se llama a trav\u00e9s del hook \"admin_post_dmm_export\" debido a la falta de comprobaciones de capacidad. Esto puede permitir a atacantes autenticados extraer un archivo CSV que contiene informaci\u00f3n sensible sobre los donantes." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -46,22 +80,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wobbie:doneren_met_mollie:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.8.5", + "matchCriteriaId": "4C363B38-B1CF-4305-90F8-DA3068DDAF1A" + } + ] + } + ] + } + ], "references": [ { "url": "https://blog.nintechnet.com/information-disclosure-vulnerability-fixed-in-wordpress-doneren-met-mollie-plugin/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/2459548", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://wpscan.com/vulnerability/36afc442-9634-498e-961e-4c935880cd2b", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ed99a056-42c6-4540-950e-12f8b547b64d?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-22xx/CVE-2023-2277.json b/CVE-2023/CVE-2023-22xx/CVE-2023-2277.json new file mode 100644 index 00000000000..2237297857a --- /dev/null +++ b/CVE-2023/CVE-2023-22xx/CVE-2023-2277.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2023-2277", + "sourceIdentifier": "security@wordfence.com", + "published": "2023-06-13T02:15:09.330", + "lastModified": "2023-06-13T02:15:09.330", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The WP Directory Kit plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.9. This is due to missing or incorrect nonce validation on the 'insert' function. This makes it possible for unauthenticated attackers to update the plugin's settings and inject malicious JavaScript via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/wpdirectorykit/tags/1.1.8/application/views/wdk_resultitem/resultitem_edit.php#L34", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2904689/wpdirectorykit/trunk/application/controllers/Wdk_resultitem.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/82c6ed2f-20e8-46d1-a460-16d32b7536cd?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-22xx/CVE-2023-2278.json b/CVE-2023/CVE-2023-22xx/CVE-2023-2278.json new file mode 100644 index 00000000000..4ea6c03d332 --- /dev/null +++ b/CVE-2023/CVE-2023-22xx/CVE-2023-2278.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2023-2278", + "sourceIdentifier": "security@wordfence.com", + "published": "2023-06-13T02:15:09.433", + "lastModified": "2023-06-13T02:15:09.433", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The WP Directory Kit plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.1.9 via the 'wdk_public_action' function. This allows unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other \u201csafe\u201d file types can be uploaded and included." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/wpdirectorykit/tags/1.1.8/vendor/Winter_MVC/core/mvc_loader.php#L91", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2904689/wpdirectorykit/trunk/vendor/Winter_MVC/core/mvc_loader.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/87399a07-d2d8-42cd-81f0-9060f6cfff48?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2351.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2351.json new file mode 100644 index 00000000000..ae016bf2d75 --- /dev/null +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2351.json @@ -0,0 +1,75 @@ +{ + "id": "CVE-2023-2351", + "sourceIdentifier": "security@wordfence.com", + "published": "2023-06-13T02:15:09.507", + "lastModified": "2023-06-13T02:15:09.507", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The WP Directory Kit plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'ajax_admin' function in versions up to, and including, 1.2.3. This makes it possible for authenticated attackers with subscriber-level permissions or above to delete or change plugin settings, import demo data, delete Directory Kit related posts and terms, and install arbitrary plugins. A partial patch was introduced in version 1.2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/wpdirectorykit/tags/1.1.8/public/class-wpdirectorykit-public.php#L249", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2905046%40wpdirectorykit&new=2905046%40wpdirectorykit&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2905795%40wpdirectorykit&new=2905795%40wpdirectorykit&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2907164%40wpdirectorykit&new=2907164%40wpdirectorykit&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2917413%40wpdirectorykit&new=2917413%40wpdirectorykit&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/50c5154c-1573-4c2b-85a1-a89bdb22dc7d?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-25xx/CVE-2023-2563.json b/CVE-2023/CVE-2023-25xx/CVE-2023-2563.json new file mode 100644 index 00000000000..8792aad6cfa --- /dev/null +++ b/CVE-2023/CVE-2023-25xx/CVE-2023-2563.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2023-2563", + "sourceIdentifier": "security@wordfence.com", + "published": "2023-06-13T02:15:09.620", + "lastModified": "2023-06-13T02:15:09.620", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The WordPress Contact Forms by Cimatti plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.7. This is due to missing or incorrect nonce validation on the function _accua_forms_form_edit_action. This makes it possible for unauthenticated attackers to delete forms created with this plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/contact-forms/trunk/accua-forms.php#L738", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2924628%40contact-forms&new=2924628%40contact-forms&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f80a1f13-c1b9-4259-8d96-71a3cbcaf4ca?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2827.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2827.json new file mode 100644 index 00000000000..f263831d7a6 --- /dev/null +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2827.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-2827", + "sourceIdentifier": "cna@sap.com", + "published": "2023-06-13T03:15:09.223", + "lastModified": "2023-06-13T03:15:09.223", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SAP Plant Connectivity - version 15.5 (PCo) or the Production Connector for SAP Digital Manufacturing - version 1.0, do not validate the signature of the JSON Web Token (JWT) in the HTTP request sent from SAP Digital Manufacturing. Therefore, unauthorized callers from the internal network could send service requests to PCo or the Production Connector, which could have an impact on the integrity of the integration with SAP Digital Manufacturing.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@sap.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.9, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.3, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "cna@sap.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], + "references": [ + { + "url": "https://launchpad.support.sap.com/#/notes/3301942", + "source": "cna@sap.com" + }, + { + "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", + "source": "cna@sap.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-310xx/CVE-2023-31084.json b/CVE-2023/CVE-2023-310xx/CVE-2023-31084.json index 50cd935144c..6429d877ca8 100644 --- a/CVE-2023/CVE-2023-310xx/CVE-2023-31084.json +++ b/CVE-2023/CVE-2023-310xx/CVE-2023-31084.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31084", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-24T06:15:07.997", - "lastModified": "2023-05-02T14:17:32.120", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-13T03:15:09.317", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -64,6 +64,14 @@ } ], "references": [ + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HIEOLEOURP4BJZMIL7UGGPYRRB44UDN/", + "source": "cve@mitre.org" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AOATNX5UFL7V7W2QDIQKOHFFHYKWFP4W/", + "source": "cve@mitre.org" + }, { "url": "https://lore.kernel.org/all/CA+UBctCu7fXn4q41O_3=id1+OdyQ85tZY1x+TkT-6OVBL6KAUw@mail.gmail.com/", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32114.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32114.json new file mode 100644 index 00000000000..aa2f4011e3e --- /dev/null +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32114.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-32114", + "sourceIdentifier": "cna@sap.com", + "published": "2023-06-13T03:15:09.393", + "lastModified": "2023-06-13T03:15:09.393", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead to a limited impact on Availability with No impact on Confidentiality and Integrity of the application.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@sap.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 2.7, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.2, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "cna@sap.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + } + ], + "references": [ + { + "url": "https://launchpad.support.sap.com/#/notes/3325642", + "source": "cna@sap.com" + }, + { + "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", + "source": "cna@sap.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32115.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32115.json new file mode 100644 index 00000000000..4a38ed4dabb --- /dev/null +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32115.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-32115", + "sourceIdentifier": "cna@sap.com", + "published": "2023-06-13T03:15:09.473", + "lastModified": "2023-06-13T03:15:09.473", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An attacker can exploit MDS COMPARE TOOL and use specially crafted inputs to read and modify database commands, resulting in the retrieval of additional information persisted by the system.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@sap.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.2, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "cna@sap.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://launchpad.support.sap.com/#/notes/1794761", + "source": "cna@sap.com" + }, + { + "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", + "source": "cna@sap.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-339xx/CVE-2023-33984.json b/CVE-2023/CVE-2023-339xx/CVE-2023-33984.json new file mode 100644 index 00000000000..bdd9566e98c --- /dev/null +++ b/CVE-2023/CVE-2023-339xx/CVE-2023-33984.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-33984", + "sourceIdentifier": "cna@sap.com", + "published": "2023-06-13T03:15:09.567", + "lastModified": "2023-06-13T03:15:09.567", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SAP NetWeaver (Design Time Repository) - version 7.50, returns an unfavorable content type for some versioned files, which could allow an authorized attacker to create a file with a malicious content and send a link to a victim in an email or instant message. Under certain circumstances, this could lead to Cross-Site Scripting vulnerability.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@sap.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "cna@sap.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://launchpad.support.sap.com/#/notes/3318657", + "source": "cna@sap.com" + }, + { + "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", + "source": "cna@sap.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-339xx/CVE-2023-33985.json b/CVE-2023/CVE-2023-339xx/CVE-2023-33985.json new file mode 100644 index 00000000000..2f8ac70dbe5 --- /dev/null +++ b/CVE-2023/CVE-2023-339xx/CVE-2023-33985.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-33985", + "sourceIdentifier": "cna@sap.com", + "published": "2023-06-13T03:15:09.667", + "lastModified": "2023-06-13T03:15:09.667", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SAP NetWeaver Enterprise Portal - version 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@sap.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "cna@sap.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://launchpad.support.sap.com/#/notes/3331627", + "source": "cna@sap.com" + }, + { + "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", + "source": "cna@sap.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-339xx/CVE-2023-33986.json b/CVE-2023/CVE-2023-339xx/CVE-2023-33986.json new file mode 100644 index 00000000000..de48267b351 --- /dev/null +++ b/CVE-2023/CVE-2023-339xx/CVE-2023-33986.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-33986", + "sourceIdentifier": "cna@sap.com", + "published": "2023-06-13T03:15:09.760", + "lastModified": "2023-06-13T03:15:09.760", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SAP CRM ABAP (Grantor Management) - versions 700, 701, 702, 712, 713, 714, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. After successful exploitation, an attacker can cause limited impact on confidentiality and integrity of the application.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@sap.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "cna@sap.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://launchpad.support.sap.com/#/notes/2826092", + "source": "cna@sap.com" + }, + { + "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", + "source": "cna@sap.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-339xx/CVE-2023-33991.json b/CVE-2023/CVE-2023-339xx/CVE-2023-33991.json new file mode 100644 index 00000000000..60851fca637 --- /dev/null +++ b/CVE-2023/CVE-2023-339xx/CVE-2023-33991.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-33991", + "sourceIdentifier": "cna@sap.com", + "published": "2023-06-13T03:15:09.837", + "lastModified": "2023-06-13T03:15:09.837", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SAP UI5 Variant Management - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, UI_700 200, does not sufficiently encode user-controlled inputs on reading data from the server, resulting in Stored Cross-Site Scripting (Stored XSS) vulnerability. After successful exploitation, an attacker with user level access can cause high impact on confidentiality, modify some information and can cause unavailability of the application at user level.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@sap.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 8.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.3, + "impactScore": 5.3 + } + ] + }, + "weaknesses": [ + { + "source": "cna@sap.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://launchpad.support.sap.com/#/notes/3324285", + "source": "cna@sap.com" + }, + { + "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", + "source": "cna@sap.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 20579742eac..bd33ce8b689 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-06-12T23:55:24.028980+00:00 +2023-06-13T04:00:25.580218+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-06-12T22:15:10.077000+00:00 +2023-06-13T03:15:09.837000+00:00 ``` ### Last Data Feed Release @@ -23,32 +23,43 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2023-06-12T00:00:13.604926+00:00 +2023-06-13T00:00:13.574050+00:00 ``` ### Total Number of included CVEs ```plain -217486 +217497 ``` ### CVEs added in the last Commit -Recently added CVEs: `7` +Recently added CVEs: `11` -* [CVE-2023-26294](CVE-2023/CVE-2023-262xx/CVE-2023-26294.json) (`2023-06-12T22:15:09.780`) -* [CVE-2023-26295](CVE-2023/CVE-2023-262xx/CVE-2023-26295.json) (`2023-06-12T22:15:09.847`) -* [CVE-2023-26296](CVE-2023/CVE-2023-262xx/CVE-2023-26296.json) (`2023-06-12T22:15:09.897`) -* [CVE-2023-26297](CVE-2023/CVE-2023-262xx/CVE-2023-26297.json) (`2023-06-12T22:15:09.947`) -* [CVE-2023-26298](CVE-2023/CVE-2023-262xx/CVE-2023-26298.json) (`2023-06-12T22:15:09.987`) -* [CVE-2023-32673](CVE-2023/CVE-2023-326xx/CVE-2023-32673.json) (`2023-06-12T22:15:10.033`) -* [CVE-2023-32674](CVE-2023/CVE-2023-326xx/CVE-2023-32674.json) (`2023-06-12T22:15:10.077`) +* [CVE-2023-2277](CVE-2023/CVE-2023-22xx/CVE-2023-2277.json) (`2023-06-13T02:15:09.330`) +* [CVE-2023-2278](CVE-2023/CVE-2023-22xx/CVE-2023-2278.json) (`2023-06-13T02:15:09.433`) +* [CVE-2023-2351](CVE-2023/CVE-2023-23xx/CVE-2023-2351.json) (`2023-06-13T02:15:09.507`) +* [CVE-2023-2563](CVE-2023/CVE-2023-25xx/CVE-2023-2563.json) (`2023-06-13T02:15:09.620`) +* [CVE-2023-2827](CVE-2023/CVE-2023-28xx/CVE-2023-2827.json) (`2023-06-13T03:15:09.223`) +* [CVE-2023-32114](CVE-2023/CVE-2023-321xx/CVE-2023-32114.json) (`2023-06-13T03:15:09.393`) +* [CVE-2023-32115](CVE-2023/CVE-2023-321xx/CVE-2023-32115.json) (`2023-06-13T03:15:09.473`) +* [CVE-2023-33984](CVE-2023/CVE-2023-339xx/CVE-2023-33984.json) (`2023-06-13T03:15:09.567`) +* [CVE-2023-33985](CVE-2023/CVE-2023-339xx/CVE-2023-33985.json) (`2023-06-13T03:15:09.667`) +* [CVE-2023-33986](CVE-2023/CVE-2023-339xx/CVE-2023-33986.json) (`2023-06-13T03:15:09.760`) +* [CVE-2023-33991](CVE-2023/CVE-2023-339xx/CVE-2023-33991.json) (`2023-06-13T03:15:09.837`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `7` +* [CVE-2021-4377](CVE-2021/CVE-2021-43xx/CVE-2021-4377.json) (`2023-06-13T02:05:08.623`) +* [CVE-2021-4376](CVE-2021/CVE-2021-43xx/CVE-2021-4376.json) (`2023-06-13T02:05:33.037`) +* [CVE-2021-4375](CVE-2021/CVE-2021-43xx/CVE-2021-4375.json) (`2023-06-13T02:05:45.717`) +* [CVE-2021-4374](CVE-2021/CVE-2021-43xx/CVE-2021-4374.json) (`2023-06-13T02:05:58.907`) +* [CVE-2021-4373](CVE-2021/CVE-2021-43xx/CVE-2021-4373.json) (`2023-06-13T02:08:22.460`) +* [CVE-2021-4372](CVE-2021/CVE-2021-43xx/CVE-2021-4372.json) (`2023-06-13T02:08:38.943`) +* [CVE-2023-31084](CVE-2023/CVE-2023-310xx/CVE-2023-31084.json) (`2023-06-13T03:15:09.317`) ## Download and Usage