admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-10-02T23:55:24.052218+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-10-02 23:55:27 +00:00
parent 43a8f47733
commit afab870c40
10 changed files with 267 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
CVE-2023/CVE-2023-283xx/CVE-2023-28372.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-28372",
"sourceIdentifier": "psirt@purestorage.com",
"published": "2023-10-02T23:15:12.293",
"lastModified": "2023-10-02T23:15:12.293",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A flaw exists in FlashBlade Purity (OE) Version 4.1.0 whereby a user with privileges to extend an object\u2019s retention period can affect the availability of the object lock.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@purestorage.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
]
},
"references": [
{
"url": "https://support.purestorage.com/Pure_Storage_Technical_Services/Field_Bulletins/Security_Bulletins/Security_Bulletin_for_FlashBlade_Object_Store_Privileged_Access_Vulnerability_CVE-2023-28372",
"source": "psirt@purestorage.com"
}
]
}

43
CVE-2023/CVE-2023-310xx/CVE-2023-31042.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-31042",
"sourceIdentifier": "psirt@purestorage.com",
"published": "2023-10-02T23:15:12.397",
"lastModified": "2023-10-02T23:15:12.397",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A flaw exists in FlashBlade Purity whereby an authenticated user with access to FlashBlade\u2019s object store protocol can impact the availability of the system\u2019s data access and replication protocols. \n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@purestorage.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0
}
]
},
"references": [
{
"url": "https://support.purestorage.com/Employee_Handbooks/Technical_Services/PSIRT/Security_Bulletin_for_FlashBlade_Object_Store_Protocol_CVE-2023-31042",
"source": "psirt@purestorage.com"
}
]
}

43
CVE-2023/CVE-2023-366xx/CVE-2023-36627.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36627",
"sourceIdentifier": "psirt@purestorage.com",
"published": "2023-10-02T23:15:12.470",
"lastModified": "2023-10-02T23:15:12.470",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A flaw exists in FlashBlade Purity whereby a user with access to an administrative account on a FlashBlade that is configured with timezone-dependent snapshot schedules can configure a timezone to prevent the schedule from functioning properly. \n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@purestorage.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0
}
]
},
"references": [
{
"url": "https://support.purestorage.com/Pure_Storage_Technical_Services/Field_Bulletins/Security_Bulletins/Security_Bulletin_for_FlashBlade_Snapshot_Scheduler_CVE-2023-36627",
"source": "psirt@purestorage.com"
}
]
}

20
CVE-2023/CVE-2023-438xx/CVE-2023-43891.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-43891",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-02T22:15:09.933",
"lastModified": "2023-10-02T22:15:09.933",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the Changing Username and Password function. This vulnerability is exploited via a crafted payload."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/adhikara13/CVE/blob/main/netis_N3/command%20injection%20in%20changing%20password%20feature.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-438xx/CVE-2023-43892.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-43892",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-02T22:15:10.137",
"lastModified": "2023-10-02T22:15:10.137",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the Hostname parameter within the WAN settings. This vulnerability is exploited via a crafted payload."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/adhikara13/CVE/blob/main/netis_N3/blind%20command%20injection%20in%20hostname%20parameter%20in%20wan%20settings.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-438xx/CVE-2023-43893.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-43893",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-02T22:15:10.187",
"lastModified": "2023-10-02T22:15:10.187",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the wakeup_mac parameter in the Wake-On-LAN (WoL) function. This vulnerability is exploited via a crafted payload."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/adhikara13/CVE/blob/main/netis_N3/blind%20command%20injection%20in%20wake%20on%20lan%20functionality%20in%20wakeup_mac%20parameter.md",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-439xx/CVE-2023-43980.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-43980",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-02T23:15:12.533",
"lastModified": "2023-10-02T23:15:12.533",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Presto Changeo testsitecreator up to v1.1.1 was discovered to contain a SQL injection vulnerability via the component disable_json.php."
}
],
"metrics": {},
"references": [
{
"url": "https://security.friendsofpresta.org/modules/2023/09/28/testsitecreator-89.html",
"source": "cve@mitre.org"
},
{
"url": "https://www.presto-changeo.com/prestashop/home/158-test-site-creator.html",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-440xx/CVE-2023-44011.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-44011",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-02T22:15:10.233",
"lastModified": "2023-10-02T22:15:10.233",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the layout.master skin file at the Skin management component."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Vietsunshine-Electronic-Solution-JSC/Vulnerability-Disclosures/tree/main/2023/CVE-2023-44011",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-440xx/CVE-2023-44012.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-44012",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-02T22:15:10.280",
"lastModified": "2023-10-02T22:15:10.280",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the helpkey parameter in the Help.aspx component."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Vietsunshine-Electronic-Solution-JSC/Vulnerability-Disclosures/tree/main/2023/CVE-2023-44012",
"source": "cve@mitre.org"
}
]
}

56
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-10-02T22:00:24.615811+00:00 2023-10-02T23:55:24.052218+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-10-02T21:15:34.663000+00:00 2023-10-02T23:15:12.533000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,56 +29,28 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
226770 226779
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `12` Recently added CVEs: `9`
* [CVE-2023-3592](CVE-2023/CVE-2023-35xx/CVE-2023-3592.json) (`2023-10-02T20:15:10.123`) * [CVE-2023-43891](CVE-2023/CVE-2023-438xx/CVE-2023-43891.json) (`2023-10-02T22:15:09.933`)
* [CVE-2023-43835](CVE-2023/CVE-2023-438xx/CVE-2023-43835.json) (`2023-10-02T20:15:10.187`) * [CVE-2023-43892](CVE-2023/CVE-2023-438xx/CVE-2023-43892.json) (`2023-10-02T22:15:10.137`)
* [CVE-2023-43890](CVE-2023/CVE-2023-438xx/CVE-2023-43890.json) (`2023-10-02T20:15:10.233`) * [CVE-2023-43893](CVE-2023/CVE-2023-438xx/CVE-2023-43893.json) (`2023-10-02T22:15:10.187`)
* [CVE-2023-44463](CVE-2023/CVE-2023-444xx/CVE-2023-44463.json) (`2023-10-02T20:15:10.277`) * [CVE-2023-44011](CVE-2023/CVE-2023-440xx/CVE-2023-44011.json) (`2023-10-02T22:15:10.233`)
* [CVE-2023-5344](CVE-2023/CVE-2023-53xx/CVE-2023-5344.json) (`2023-10-02T20:15:10.327`) * [CVE-2023-44012](CVE-2023/CVE-2023-440xx/CVE-2023-44012.json) (`2023-10-02T22:15:10.280`)
* [CVE-2023-43267](CVE-2023/CVE-2023-432xx/CVE-2023-43267.json) (`2023-10-02T21:15:34.377`) * [CVE-2023-28372](CVE-2023/CVE-2023-283xx/CVE-2023-28372.json) (`2023-10-02T23:15:12.293`)
* [CVE-2023-43268](CVE-2023/CVE-2023-432xx/CVE-2023-43268.json) (`2023-10-02T21:15:34.430`) * [CVE-2023-31042](CVE-2023/CVE-2023-310xx/CVE-2023-31042.json) (`2023-10-02T23:15:12.397`)
* [CVE-2023-43297](CVE-2023/CVE-2023-432xx/CVE-2023-43297.json) (`2023-10-02T21:15:34.480`) * [CVE-2023-36627](CVE-2023/CVE-2023-366xx/CVE-2023-36627.json) (`2023-10-02T23:15:12.470`)
* [CVE-2023-43361](CVE-2023/CVE-2023-433xx/CVE-2023-43361.json) (`2023-10-02T21:15:34.520`) * [CVE-2023-43980](CVE-2023/CVE-2023-439xx/CVE-2023-43980.json) (`2023-10-02T23:15:12.533`)
* [CVE-2023-43836](CVE-2023/CVE-2023-438xx/CVE-2023-43836.json) (`2023-10-02T21:15:34.567`)
* [CVE-2023-44008](CVE-2023/CVE-2023-440xx/CVE-2023-44008.json) (`2023-10-02T21:15:34.617`)
* [CVE-2023-44009](CVE-2023/CVE-2023-440xx/CVE-2023-44009.json) (`2023-10-02T21:15:34.663`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `73` Recently modified CVEs: `0`
* [CVE-2023-43727](CVE-2023/CVE-2023-437xx/CVE-2023-43727.json) (`2023-10-02T20:23:35.937`)
* [CVE-2023-43726](CVE-2023/CVE-2023-437xx/CVE-2023-43726.json) (`2023-10-02T20:23:42.153`)
* [CVE-2023-43725](CVE-2023/CVE-2023-437xx/CVE-2023-43725.json) (`2023-10-02T20:23:49.507`)
* [CVE-2023-43724](CVE-2023/CVE-2023-437xx/CVE-2023-43724.json) (`2023-10-02T20:23:55.357`)
* [CVE-2023-43723](CVE-2023/CVE-2023-437xx/CVE-2023-43723.json) (`2023-10-02T20:24:01.857`)
* [CVE-2023-43722](CVE-2023/CVE-2023-437xx/CVE-2023-43722.json) (`2023-10-02T20:24:07.800`)
* [CVE-2023-43721](CVE-2023/CVE-2023-437xx/CVE-2023-43721.json) (`2023-10-02T20:24:12.980`)
* [CVE-2023-43720](CVE-2023/CVE-2023-437xx/CVE-2023-43720.json) (`2023-10-02T20:24:18.953`)
* [CVE-2023-43735](CVE-2023/CVE-2023-437xx/CVE-2023-43735.json) (`2023-10-02T20:24:51.227`)
* [CVE-2023-43734](CVE-2023/CVE-2023-437xx/CVE-2023-43734.json) (`2023-10-02T20:24:59.287`)
* [CVE-2023-43733](CVE-2023/CVE-2023-437xx/CVE-2023-43733.json) (`2023-10-02T20:25:05.513`)
* [CVE-2023-43730](CVE-2023/CVE-2023-437xx/CVE-2023-43730.json) (`2023-10-02T20:25:14.447`)
* [CVE-2023-43732](CVE-2023/CVE-2023-437xx/CVE-2023-43732.json) (`2023-10-02T20:25:22.140`)
* [CVE-2023-43731](CVE-2023/CVE-2023-437xx/CVE-2023-43731.json) (`2023-10-02T20:25:27.757`)
* [CVE-2023-43729](CVE-2023/CVE-2023-437xx/CVE-2023-43729.json) (`2023-10-02T20:25:31.980`)
* [CVE-2023-43728](CVE-2023/CVE-2023-437xx/CVE-2023-43728.json) (`2023-10-02T20:25:37.520`)
* [CVE-2023-5111](CVE-2023/CVE-2023-51xx/CVE-2023-5111.json) (`2023-10-02T20:25:54.513`)
* [CVE-2023-5323](CVE-2023/CVE-2023-53xx/CVE-2023-5323.json) (`2023-10-02T20:26:24.737`)
* [CVE-2023-5112](CVE-2023/CVE-2023-51xx/CVE-2023-5112.json) (`2023-10-02T20:26:32.583`)
* [CVE-2023-4659](CVE-2023/CVE-2023-46xx/CVE-2023-4659.json) (`2023-10-02T20:26:54.460`)
* [CVE-2023-0809](CVE-2023/CVE-2023-08xx/CVE-2023-0809.json) (`2023-10-02T20:26:54.460`)
* [CVE-2023-37605](CVE-2023/CVE-2023-376xx/CVE-2023-37605.json) (`2023-10-02T20:26:54.460`)
* [CVE-2023-44080](CVE-2023/CVE-2023-440xx/CVE-2023-44080.json) (`2023-10-02T20:30:36.210`)
* [CVE-2023-38873](CVE-2023/CVE-2023-388xx/CVE-2023-38873.json) (`2023-10-02T20:48:21.003`)
* [CVE-2023-44273](CVE-2023/CVE-2023-442xx/CVE-2023-44273.json) (`2023-10-02T21:06:10.147`)
## Download and Usage ## Download and Usage