admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 10:42:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-07T02:00:28.548768+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-07 02:00:32 +00:00
parent 1291cf32af
commit b07720f3cb
15 changed files with 368 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2019/CVE-2019-205xx/CVE-2019-20503.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-20503",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-03-06T20:15:12.470",
"lastModified": "2020-06-11T15:15:11.287",
"lastModified": "2023-07-07T01:15:08.717",
"vulnStatus": "Modified",
"descriptions": [
{
@ -175,6 +175,10 @@
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00023.html",
"source": "cve@mitre.org"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00003.html",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DDNOAGIX5D77TTHT6YPMVJ5WTXTCQEI/",
"source": "cve@mitre.org"

6
CVE-2023/CVE-2023-27xx/CVE-2023-2727.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2727",
"sourceIdentifier": "jordan@liggitt.net",
"published": "2023-07-03T21:15:09.480",
"lastModified": "2023-07-05T13:00:47.037",
"lastModified": "2023-07-07T00:15:09.533",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -47,6 +47,10 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/06/2",
"source": "jordan@liggitt.net"
},
{
"url": "https://github.com/kubernetes/kubernetes/issues/118640",
"source": "jordan@liggitt.net"

6
CVE-2023/CVE-2023-27xx/CVE-2023-2728.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2728",
"sourceIdentifier": "jordan@liggitt.net",
"published": "2023-07-03T21:15:09.557",
"lastModified": "2023-07-05T13:00:47.037",
"lastModified": "2023-07-07T00:15:09.610",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -47,6 +47,10 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/06/3",
"source": "jordan@liggitt.net"
},
{
"url": "https://github.com/kubernetes/kubernetes/issues/118640",
"source": "jordan@liggitt.net"

16
CVE-2023/CVE-2023-288xx/CVE-2023-28853.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28853",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-04T22:15:08.087",
"lastModified": "2023-04-10T18:19:26.097",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-07T00:15:09.367",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -56,22 +56,22 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
"value": "CWE-90"
}
]
},
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-90"
"value": "CWE-74"
}
]
}
@ -110,6 +110,10 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/06/6",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/mastodon/mastodon/blob/94cbd808b5b3e7999c7e77dc724b7e8c9dd2bdec/app/models/concerns/ldap_authenticable.rb#L7-L14",
"source": "security-advisories@github.com",

8
CVE-2023/CVE-2023-316xx/CVE-2023-31606.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31606",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-06T17:15:14.843",
"lastModified": "2023-06-12T16:32:16.480",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-07T01:15:08.920",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -89,6 +89,10 @@
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00002.html",
"source": "cve@mitre.org"
}
]
}

55
CVE-2023/CVE-2023-326xx/CVE-2023-32652.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-32652",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-07-07T00:15:09.680",
"lastModified": "2023-07-07T00:15:09.680",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\n\n\n\n\nPiiGAB M-Bus\u00a0does not validate identification strings before processing, which could make it vulnerable to cross-site scripting attacks.\n\n\n\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-187-01",
"source": "ics-cert@hq.dhs.gov"
}
]
}

55
CVE-2023/CVE-2023-344xx/CVE-2023-34433.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34433",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-07-07T00:15:09.760",
"lastModified": "2023-07-07T00:15:09.760",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\n\n\n\n\n\n\n\n\nPiiGAB M-Bus stores passwords using a weak hash algorithm.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-916"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-187-01",
"source": "ics-cert@hq.dhs.gov"
}
]
}

55
CVE-2023/CVE-2023-349xx/CVE-2023-34995.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34995",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-07-07T00:15:09.840",
"lastModified": "2023-07-07T00:15:09.840",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\n\n\n\n\n\n\n\n\n\n\nThere are no requirements for setting a complex password\u00a0for PiiGAB M-Bus, which could contribute to a successful brute force attack if the password is inline with recommended password guidelines.\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-521"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-187-01",
"source": "ics-cert@hq.dhs.gov"
}
]
}

55
CVE-2023/CVE-2023-351xx/CVE-2023-35120.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-35120",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-07-07T00:15:09.913",
"lastModified": "2023-07-07T00:15:09.913",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nPiiGAB M-Bus is vulnerable to cross-site request forgery. An attacker who wants to execute a certain command could send a phishing mail to the owner of the device and hope that the owner clicks on the link. If the owner of the device has a cookie stored that allows the owner to be logged in, then the device could execute the GET or POST link request.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-187-01",
"source": "ics-cert@hq.dhs.gov"
}
]
}

55
CVE-2023/CVE-2023-357xx/CVE-2023-35765.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-35765",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-07-07T00:15:09.987",
"lastModified": "2023-07-07T00:15:09.987",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\n\n\n\n\nPiiGAB M-Bus stores credentials in a plaintext file, which could allow a low-level user to gain admin credentials.\n\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-256"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-187-01",
"source": "ics-cert@hq.dhs.gov"
}
]
}

6
CVE-2023/CVE-2023-364xx/CVE-2023-36459.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-36459",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-06T19:15:10.727",
"lastModified": "2023-07-06T19:15:10.727",
"lastModified": "2023-07-07T00:15:10.060",
"vulnStatus": "Received",
"descriptions": [
{
@ -47,6 +47,10 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/06/5",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/mastodon/mastodon/commit/6d8e0fae3e96f3cf4febe03fa7fcf5b95ff761b2",
"source": "security-advisories@github.com"

6
CVE-2023/CVE-2023-364xx/CVE-2023-36460.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-36460",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-06T19:15:10.807",
"lastModified": "2023-07-06T19:15:10.807",
"lastModified": "2023-07-07T00:15:10.143",
"vulnStatus": "Received",
"descriptions": [
{
@ -47,6 +47,10 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/06/4",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/mastodon/mastodon/commit/dc8f1fbd976ae544720a4e07120d9a91b2722440",
"source": "security-advisories@github.com"

6
CVE-2023/CVE-2023-364xx/CVE-2023-36461.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-36461",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-06T19:15:10.880",
"lastModified": "2023-07-06T19:15:10.880",
"lastModified": "2023-07-07T00:15:10.220",
"vulnStatus": "Received",
"descriptions": [
{
@ -47,6 +47,10 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/06/7",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/mastodon/mastodon/commit/c5929798bf7e56cc2c79b15bed0c4692ded3dcb6",
"source": "security-advisories@github.com"

28
CVE-2023/CVE-2023-371xx/CVE-2023-37192.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-37192",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-07T00:15:10.297",
"lastModified": "2023-07-07T00:15:10.297",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory management and protection issues in Bitcoin Core v22 allows attackers to modify the stored sending address within the app's memory, potentially allowing them to redirect Bitcoin transactions to wallets of their own choosing."
}
],
"metrics": {},
"references": [
{
"url": "https://bitcoin.org/en/bitcoin-core/",
"source": "cve@mitre.org"
},
{
"url": "https://satoshihunter1.blogspot.com/2023/06/the-bitcoin-app-is-vulnerable-to-hackers.html",
"source": "cve@mitre.org"
},
{
"url": "https://www.youtube.com/watch?v=oEl4M1oZim0",
"source": "cve@mitre.org"
}
]
}

39
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-07-06T23:55:25.620723+00:00
2023-07-07T02:00:28.548768+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-07-06T23:42:40.587000+00:00
2023-07-07T01:15:08.920000+00:00
```
### Last Data Feed Release
@ -23,40 +23,39 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain
2023-07-06T00:00:13.551397+00:00
2023-07-07T00:00:13.528944+00:00
```
### Total Number of included CVEs
```plain
219429
219435
```
### CVEs added in the last Commit
Recently added CVEs: `6`
* [CVE-2023-20899](CVE-2023/CVE-2023-208xx/CVE-2023-20899.json) (`2023-07-06T23:15:09.280`)
* [CVE-2023-31277](CVE-2023/CVE-2023-312xx/CVE-2023-31277.json) (`2023-07-06T23:15:09.367`)
* [CVE-2023-33868](CVE-2023/CVE-2023-338xx/CVE-2023-33868.json) (`2023-07-06T23:15:09.467`)
* [CVE-2023-35987](CVE-2023/CVE-2023-359xx/CVE-2023-35987.json) (`2023-07-06T23:15:09.550`)
* [CVE-2023-36829](CVE-2023/CVE-2023-368xx/CVE-2023-36829.json) (`2023-07-06T23:15:09.620`)
* [CVE-2023-36859](CVE-2023/CVE-2023-368xx/CVE-2023-36859.json) (`2023-07-06T23:15:09.707`)
* [CVE-2023-32652](CVE-2023/CVE-2023-326xx/CVE-2023-32652.json) (`2023-07-07T00:15:09.680`)
* [CVE-2023-34433](CVE-2023/CVE-2023-344xx/CVE-2023-34433.json) (`2023-07-07T00:15:09.760`)
* [CVE-2023-34995](CVE-2023/CVE-2023-349xx/CVE-2023-34995.json) (`2023-07-07T00:15:09.840`)
* [CVE-2023-35120](CVE-2023/CVE-2023-351xx/CVE-2023-35120.json) (`2023-07-07T00:15:09.913`)
* [CVE-2023-35765](CVE-2023/CVE-2023-357xx/CVE-2023-35765.json) (`2023-07-07T00:15:09.987`)
* [CVE-2023-37192](CVE-2023/CVE-2023-371xx/CVE-2023-37192.json) (`2023-07-07T00:15:10.297`)
### CVEs modified in the last Commit
Recently modified CVEs: `9`
Recently modified CVEs: `8`
* [CVE-2020-26710](CVE-2020/CVE-2020-267xx/CVE-2020-26710.json) (`2023-07-06T23:36:41.450`)
* [CVE-2023-3490](CVE-2023/CVE-2023-34xx/CVE-2023-3490.json) (`2023-07-06T23:34:29.743`)
* [CVE-2023-32612](CVE-2023/CVE-2023-326xx/CVE-2023-32612.json) (`2023-07-06T23:37:22.313`)
* [CVE-2023-32613](CVE-2023/CVE-2023-326xx/CVE-2023-32613.json) (`2023-07-06T23:38:05.257`)
* [CVE-2023-32620](CVE-2023/CVE-2023-326xx/CVE-2023-32620.json) (`2023-07-06T23:39:14.747`)
* [CVE-2023-32621](CVE-2023/CVE-2023-326xx/CVE-2023-32621.json) (`2023-07-06T23:39:27.227`)
* [CVE-2023-32622](CVE-2023/CVE-2023-326xx/CVE-2023-32622.json) (`2023-07-06T23:39:37.940`)
* [CVE-2023-3493](CVE-2023/CVE-2023-34xx/CVE-2023-3493.json) (`2023-07-06T23:42:13.627`)
* [CVE-2023-37300](CVE-2023/CVE-2023-373xx/CVE-2023-37300.json) (`2023-07-06T23:42:40.587`)
* [CVE-2019-20503](CVE-2019/CVE-2019-205xx/CVE-2019-20503.json) (`2023-07-07T01:15:08.717`)
* [CVE-2023-28853](CVE-2023/CVE-2023-288xx/CVE-2023-28853.json) (`2023-07-07T00:15:09.367`)
* [CVE-2023-2727](CVE-2023/CVE-2023-27xx/CVE-2023-2727.json) (`2023-07-07T00:15:09.533`)
* [CVE-2023-2728](CVE-2023/CVE-2023-27xx/CVE-2023-2728.json) (`2023-07-07T00:15:09.610`)
* [CVE-2023-36459](CVE-2023/CVE-2023-364xx/CVE-2023-36459.json) (`2023-07-07T00:15:10.060`)
* [CVE-2023-36460](CVE-2023/CVE-2023-364xx/CVE-2023-36460.json) (`2023-07-07T00:15:10.143`)
* [CVE-2023-36461](CVE-2023/CVE-2023-364xx/CVE-2023-36461.json) (`2023-07-07T00:15:10.220`)
* [CVE-2023-31606](CVE-2023/CVE-2023-316xx/CVE-2023-31606.json) (`2023-07-07T01:15:08.920`)
## Download and Usage