admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-14T22:00:24.923439+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-14 22:00:28 +00:00
parent 248a9e7852
commit b14e8d702e
105 changed files with 5057 additions and 297 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
CVE-2021/CVE-2021-420xx/CVE-2021-42079.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-42079",
"sourceIdentifier": "csirt@divd.nl",
"published": "2023-07-10T16:15:47.467",
"lastModified": "2023-07-10T16:27:17.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T18:13:24.080",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "csirt@divd.nl",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
},
{
"source": "csirt@divd.nl",
"type": "Secondary",
@ -46,22 +76,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:osnexus:quantastor:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.0.355",
"matchCriteriaId": "5E101217-36C7-4C28-8C61-7744481D2D0E"
}
]
}
]
}
],
"references": [
{
"url": "https://csirt.divd.nl/CVE-2021-42079",
"source": "csirt@divd.nl"
"source": "csirt@divd.nl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.divd.nl/DIVD-2021-00020",
"source": "csirt@divd.nl"
"source": "csirt@divd.nl",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.osnexus.com/products/software-defined-storage",
"source": "csirt@divd.nl"
"source": "csirt@divd.nl",
"tags": [
"Product"
]
},
{
"url": "https://www.wbsec.nl/osnexus",
"source": "csirt@divd.nl"
"source": "csirt@divd.nl",
"tags": [
"Third Party Advisory"
]
}
]
}

14
CVE-2022/CVE-2022-234xx/CVE-2022-23465.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-23465",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-12-02T23:15:16.617",
"lastModified": "2022-12-06T19:48:27.053",
"lastModified": "2023-07-14T19:10:22.170",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -56,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",

4
CVE-2022/CVE-2022-234xx/CVE-2022-23486.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-23486",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-12-07T21:15:10.183",
"lastModified": "2022-12-10T03:04:53.393",
"lastModified": "2023-07-14T19:10:15.620",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -61,7 +61,7 @@
"description": [
{
"lang": "en",
"value": "CWE-400"
"value": "CWE-770"
}
]
},

14
CVE-2022/CVE-2022-234xx/CVE-2022-23487.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-23487",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-12-07T21:15:10.260",
"lastModified": "2022-12-10T03:04:20.023",
"lastModified": "2023-07-14T19:10:09.987",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -56,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",

14
CVE-2022/CVE-2022-234xx/CVE-2022-23492.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-23492",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-12-08T01:15:09.697",
"lastModified": "2022-12-10T03:04:08.080",
"lastModified": "2023-07-14T19:22:48.140",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -56,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",

14
CVE-2022/CVE-2022-234xx/CVE-2022-23498.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-23498",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-02-03T22:15:09.463",
"lastModified": "2023-02-14T02:01:21.000",
"lastModified": "2023-07-14T19:34:08.633",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -56,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",

4
CVE-2022/CVE-2022-235xx/CVE-2022-23505.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-23505",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-12-13T08:15:09.067",
"lastModified": "2022-12-15T21:05:23.493",
"lastModified": "2023-07-14T19:22:51.697",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -61,7 +61,7 @@
"description": [
{
"lang": "en",
"value": "CWE-287"
"value": "NVD-CWE-Other"
}
]
},

6
CVE-2022/CVE-2022-235xx/CVE-2022-23538.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-23538",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-01-17T21:15:11.827",
"lastModified": "2023-01-30T18:26:17.897",
"lastModified": "2023-07-14T19:34:05.157",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -62,10 +62,6 @@
{
"lang": "en",
"value": "CWE-522"
},
{
"lang": "en",
"value": "CWE-601"
}
]
},

4
CVE-2022/CVE-2022-235xx/CVE-2022-23540.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-23540",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-12-22T19:15:08.967",
"lastModified": "2023-02-27T19:56:08.387",
"lastModified": "2023-07-14T19:22:55.547",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -61,7 +61,7 @@
"description": [
{
"lang": "en",
"value": "CWE-327"
"value": "CWE-347"
}
]
},

18
CVE-2022/CVE-2022-23xx/CVE-2022-2350.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-2350",
"sourceIdentifier": "contact@wpscan.com",
"published": "2022-10-10T21:15:10.550",
"lastModified": "2022-10-11T18:58:57.357",
"lastModified": "2023-07-14T18:16:42.230",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "contact@wpscan.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -52,6 +52,20 @@
"value": "CWE-862"
}
]
},
{
"source": "contact@wpscan.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
},
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [

16
CVE-2022/CVE-2022-385xx/CVE-2022-38533.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-38533",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-08-26T00:15:09.317",
"lastModified": "2022-12-08T03:46:39.747",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-14T18:15:09.367",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -89,6 +89,10 @@
}
],
"references": [
{
"url": "https://github.com/bminor/binutils-gdb/commit/45d92439aebd0386ef8af76e1796d08cfe457e1d",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6AKZ2DTS3ATVN5PANNVLKLE5OP4OF25Q/",
"source": "cve@mitre.org",
@ -129,6 +133,14 @@
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29495",
"source": "cve@mitre.org"
},
{
"url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=45d92439aebd0386ef8af76e1796d08cfe457e1d",
"source": "cve@mitre.org"
}
]
}

4
CVE-2022/CVE-2022-392xx/CVE-2022-39233.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39233",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-10-19T11:15:11.160",
"lastModified": "2022-10-21T16:57:54.080",
"lastModified": "2023-07-14T18:17:43.380",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -65,7 +65,7 @@
"description": [
{
"lang": "en",
"value": "CWE-863"
"value": "CWE-862"
}
]
},

14
CVE-2022/CVE-2022-392xx/CVE-2022-39271.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39271",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-10-11T14:15:09.883",
"lastModified": "2022-10-13T16:39:32.590",
"lastModified": "2023-07-14T18:17:00.723",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -60,8 +60,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-755"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",

4
CVE-2022/CVE-2022-392xx/CVE-2022-39272.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39272",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-10-22T00:15:09.310",
"lastModified": "2022-10-24T16:51:21.127",
"lastModified": "2023-07-14T18:17:49.903",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -65,7 +65,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "CWE-1284"
}
]
},

36
CVE-2022/CVE-2022-392xx/CVE-2022-39286.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-39286",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-10-26T20:15:10.490",
"lastModified": "2023-06-09T20:15:09.533",
"vulnStatus": "Modified",
"lastModified": "2023-07-14T18:59:47.950",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -60,8 +60,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -72,16 +82,6 @@
"value": "CWE-269"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [
@ -111,6 +111,11 @@
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
@ -186,7 +191,10 @@
},
{
"url": "https://www.debian.org/security/2023/dsa-5422",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

14
CVE-2022/CVE-2022-392xx/CVE-2022-39289.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39289",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-10-07T21:15:11.553",
"lastModified": "2022-10-11T13:52:40.540",
"lastModified": "2023-07-14T18:13:15.957",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -60,8 +60,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2022/CVE-2022-393xx/CVE-2022-39307.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39307",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-11-09T23:15:12.617",
"lastModified": "2023-02-16T03:15:30.060",
"lastModified": "2023-07-14T19:10:25.977",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -56,22 +56,22 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
"value": "CWE-209"
}
]
},
{
"source": "nvd@nist.gov",
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "CWE-200"
}
]
}

4
CVE-2022/CVE-2022-393xx/CVE-2022-39308.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39308",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-10-14T19:15:18.310",
"lastModified": "2022-10-18T19:44:23.687",
"lastModified": "2023-07-14T18:17:05.123",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -65,7 +65,7 @@
"description": [
{
"lang": "en",
"value": "CWE-203"
"value": "CWE-697"
}
]
},

4
CVE-2022/CVE-2022-393xx/CVE-2022-39313.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39313",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-10-24T14:15:51.333",
"lastModified": "2022-10-24T18:26:33.530",
"lastModified": "2023-07-14T19:01:41.983",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -65,7 +65,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "CWE-1284"
}
]
},

4
CVE-2022/CVE-2022-393xx/CVE-2022-39315.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39315",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-10-25T17:15:55.887",
"lastModified": "2022-10-26T00:50:20.573",
"lastModified": "2023-07-14T18:59:52.990",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -65,7 +65,7 @@
"description": [
{
"lang": "en",
"value": "CWE-668"
"value": "CWE-209"
}
]
},

4
CVE-2022/CVE-2022-393xx/CVE-2022-39329.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39329",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-10-27T14:15:11.390",
"lastModified": "2022-10-31T17:37:42.867",
"lastModified": "2023-07-14T18:53:30.793",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -61,7 +61,7 @@
"description": [
{
"lang": "en",
"value": "CWE-863"
"value": "CWE-862"
}
]
},

4
CVE-2022/CVE-2022-398xx/CVE-2022-39878.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39878",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2022-10-07T15:15:23.963",
"lastModified": "2022-10-11T17:04:40.597",
"lastModified": "2023-07-14T18:13:08.473",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -65,7 +65,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "NVD-CWE-Other"
}
]
},

14
CVE-2022/CVE-2022-39xx/CVE-2022-3923.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3923",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-09T23:15:26.997",
"lastModified": "2023-01-13T06:51:45.560",
"lastModified": "2023-07-14T19:23:05.777",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -36,8 +36,18 @@
},
"weaknesses": [
{
"source": "contact@wpscan.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "contact@wpscan.com",
"type": "Secondary",
"description": [
{
"lang": "en",

14
CVE-2022/CVE-2022-39xx/CVE-2022-3994.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3994",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:15.760",
"lastModified": "2023-01-09T18:23:11.887",
"lastModified": "2023-07-14T19:22:58.840",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -36,8 +36,18 @@
},
"weaknesses": [
{
"source": "contact@wpscan.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "contact@wpscan.com",
"type": "Secondary",
"description": [
{
"lang": "en",

14
CVE-2022/CVE-2022-40xx/CVE-2022-4057.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4057",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-02T22:15:15.890",
"lastModified": "2023-01-09T18:18:26.730",
"lastModified": "2023-07-14T19:23:02.393",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -36,8 +36,18 @@
},
"weaknesses": [
{
"source": "contact@wpscan.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-425"
}
]
},
{
"source": "contact@wpscan.com",
"type": "Secondary",
"description": [
{
"lang": "en",

325
CVE-2023/CVE-2023-12xx/CVE-2023-1298.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1298",
"sourceIdentifier": "psirt@servicenow.com",
"published": "2023-07-06T18:15:10.497",
"lastModified": "2023-07-07T18:15:09.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T19:51:07.543",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "psirt@servicenow.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "psirt@servicenow.com",
"type": "Secondary",
@ -46,14 +76,295 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "71A44062-D94F-4246-A218-33AD4C43C7FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "6A4ABAF4-C84B-4E7B-A156-24640B7D56EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "2855AE65-1B96-4537-BB6E-7659114955EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "63725CBE-34A5-4B9E-BA8E-32E66B89C646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "8B2DC45C-17A0-4D92-AB29-3497DA43707E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "F2822278-2089-4F78-86EE-D63A9516B5A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "49444E5E-0AB7-4083-8663-089955134AA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "8B5E2C3D-F838-48E0-8135-455AF964221D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "2494C288-83E1-48DF-9661-540B26C9137E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "815997A7-39CB-4C78-B776-54DECE294AA1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "DE7FDD4B-163B-462A-A80C-454F5040FF90"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "FB55D9E6-FD9C-48A8-800D-10C665120792"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4a:*:*:*:*:*:*",
"matchCriteriaId": "D481F300-EDF4-4E22-B865-F3AAFCE27692"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4b:*:*:*:*:*:*",
"matchCriteriaId": "311B0413-3771-4CAF-9A14-0726B2923A76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "E74913AB-25EE-4F18-B2FA-5C261D7ADE25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "5C99222F-B676-471F-8E44-707024B2B097"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7:*:*:*:*:*:*",
"matchCriteriaId": "276A7ABE-2437-455C-9C5B-C05CAAC183A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "5719FE4C-B14A-4A68-8C0F-D9BBA8123056"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "2FDD5B2E-8FFF-45A4-BAF4-2091F59ED199"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7_hottix_3:*:*:*:*:*:*",
"matchCriteriaId": "6DA812CC-CF9F-4642-873F-8C0F8DEF9534"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7a:*:*:*:*:*:*",
"matchCriteriaId": "05C37C8D-C08F-49E4-BD57-03B61DA4D3BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7b:*:*:*:*:*:*",
"matchCriteriaId": "F2371A53-1D57-4508-B18A-4FBA0288CF7B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_8:*:*:*:*:*:*",
"matchCriteriaId": "BB9E765B-C094-4FC4-B9E3-0732F24C10D8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_8_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "406329D1-A894-4D98-BCC0-DFAF25B811DC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_8_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "BD9DC522-29A8-457F-AC76-9DD53DCDE80E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_9:*:*:*:*:*:*",
"matchCriteriaId": "9D6F99C1-F264-4592-AD5F-9A7B04F9D7F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_9a:*:*:*:*:*:*",
"matchCriteriaId": "3CD6BD0F-4AC7-4F01-A29C-C94B50BE3B4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_9a_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "379C71B7-CEB3-43B0-B48E-062C6622B19C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_9b:*:*:*:*:*:*",
"matchCriteriaId": "FE62CA6A-14A9-4FB8-80A3-BE8EFF14587B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:-:*:*:*:*:*:*",
"matchCriteriaId": "4332BE18-DA60-4921-A9DF-C434AB32839B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "09179BB2-B8D4-4FF9-925E-B5B259EFDF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "B328AB49-9C8F-4A0E-86C7-76071156EDAA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_1a:*:*:*:*:*:*",
"matchCriteriaId": "25F6EDF2-EC52-4821-80A7-1B7DB55CD5FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_1b:*:*:*:*:*:*",
"matchCriteriaId": "634CC5CF-5883-44A9-86D9-7DFEADCB4AC0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "F5DD8964-4A2D-4CE8-9C45-58E20DB30964"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "5A964834-0D6A-4E63-8A7A-F4B5DF2C1AAD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_2_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "EFEE723D-8418-448A-9005-212B8BDB2C05"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_2_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "487E9543-6417-4915-A884-20C4BF457543"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_2_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "E9338643-E8E2-494E-841D-A2756A4A8EAB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "FDDF1F29-9BF2-4F82-B375-8BC4E38E6D2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "853308FF-6FE0-480E-8B7A-05C4723FB08A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_3_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "2AE7A9ED-6C15-436D-8CB5-A557BE6064D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_3_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "9972BE30-D7DE-4687-BC1D-867790D281A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_3_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "E26FD8E6-C762-4CE1-8B90-7BCBBC372ADA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "F76C3CB6-D1DF-433B-ADA8-E1751DCA4FE7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_4_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "C93D663E-D0B4-4EC0-AD81-4932F96E4621"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_4_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "38A222AD-CBCC-4AF5-B9F1-ABA8447BE504"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_4a:*:*:*:*:*:*",
"matchCriteriaId": "C3B9F3D7-B59B-489F-B3E2-F003F57A07B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_4a_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "4BB5A2D5-2556-4C7E-BE38-1DD27AF64433"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "5536AF08-999A-44DC-B9FB-C3FE19D7FA82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_5_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "4F3AAC35-A807-4F74-AB08-727DF5AA3AA2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_5_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "AA79BA86-1A6D-4A59-85CB-9E5A807E220D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_5_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "7F5A0D4A-2D44-428D-B571-D224029C77EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch1:*:*:*:*:*:*",
"matchCriteriaId": "A2D3CBD5-6241-4DA1-9D98-FA6076ACD696"
}
]
}
]
}
],
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1310230",
"source": "psirt@servicenow.com"
},
{
"url": "https://www.linkedin.com/in/osamay/",
"source": "psirt@servicenow.com"
"source": "psirt@servicenow.com",
"tags": [
"Vendor Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-20xx/CVE-2023-2029.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-2029",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-10T16:15:50.930",
"lastModified": "2023-07-10T16:27:17.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T18:50:07.637",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The PrePost SEO WordPress plugin through 3.0 does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting (XSS) attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:enzipe:prepost_seo:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.0",
"matchCriteriaId": "05D9F264-CBB4-4A73-A083-6F0B53280346"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/4889ad5a-c8c4-4958-b176-64560490497b",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-214xx/CVE-2023-21400.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-21400",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:24.340",
"lastModified": "2023-07-13T08:32:09.673",
"lastModified": "2023-07-14T21:15:08.753",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -12,6 +12,10 @@
],
"metrics": {},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/14/2",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/pixel/2023-07-01",
"source": "security@android.com"

43
CVE-2023/CVE-2023-248xx/CVE-2023-24896.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-24896",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-14T18:15:09.477",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Dynamics 365 Finance Spoofing Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24896",
"source": "secure@microsoft.com"
}
]
}

4
CVE-2023/CVE-2023-289xx/CVE-2023-28985.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28985",
"sourceIdentifier": "sirt@juniper.net",
"published": "2023-07-14T17:15:09.050",
"lastModified": "2023-07-14T17:15:09.050",
"vulnStatus": "Received",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

53
CVE-2023/CVE-2023-29xx/CVE-2023-2964.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-2964",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-10T16:15:51.700",
"lastModified": "2023-07-10T16:27:17.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T18:24:05.810",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Simple Iframe WordPress plugin before 1.2.0 does not properly validate one of its WordPress block attribute's content, which may allow users whose role is at least that of a contributor to conduct Stored Cross-Site Scripting attacks."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:simple_iframe_project:simple_iframe:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.2.0",
"matchCriteriaId": "D7C53502-FFD5-405C-8D6B-31FA232A551E"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/97aac334-5323-41bb-90f0-d180bcc9162f",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

196
CVE-2023/CVE-2023-306xx/CVE-2023-30671.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30671",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-07-06T03:15:11.840",
"lastModified": "2023-07-06T11:55:38.310",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T19:23:58.567",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -46,10 +76,170 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=07",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-306xx/CVE-2023-30672.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30672",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-07-06T03:15:11.923",
"lastModified": "2023-07-06T11:55:38.310",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T19:57:27.223",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samsung:smart_switch_pc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.23043_3",
"matchCriteriaId": "F9C70742-6A8D-4DDB-BADF-DF57D5A805C2"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=07",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-306xx/CVE-2023-30673.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30673",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-07-06T03:15:12.003",
"lastModified": "2023-07-06T11:55:38.310",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T19:57:46.030",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-354"
}
]
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samsung:smart_switch_pc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.23052_1",
"matchCriteriaId": "03424214-C0FA-44B9-9DF7-4F5C772B778D"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=07",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-320xx/CVE-2023-32052.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-32052",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:13.607",
"lastModified": "2023-07-13T19:59:35.150",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-14T18:15:09.590",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Power Apps Spoofing Vulnerability"
"value": "Microsoft Power Apps (online) Spoofing Vulnerability"
}
],
"metrics": {

6
CVE-2023/CVE-2023-325xx/CVE-2023-32569.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-32569",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-10T05:15:12.103",
"lastModified": "2023-05-16T20:13:37.477",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-14T19:15:09.007",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. The InfoScale VIOM web application is vulnerable to SQL Injection in some of the areas of the application. This allows attackers to submit arbitrary SQL commands on the back-end database to create, read, update, or delete any sensitive data stored in the database."
"value": "An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. The InfoScale VIOM web application is vulnerable to SQL Injection in some of the areas of the application. This allows attackers (who must have admin credentials) to submit arbitrary SQL commands on the back-end database to create, read, update, or delete any sensitive data stored in the database."
}
],
"metrics": {

47
CVE-2023/CVE-2023-327xx/CVE-2023-32759.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-32759",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-14T18:15:09.700",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue in Archer Platform before v.6.13 and fixed in 6.12.0.6 and 6.13.0 allows an authenticated attacker to obtain sensitive information via a crafted URL."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.archerirm.community/t5/product-advisories/archer-announces-availability-of-archer-release-6-13/ta-p/697821",
"source": "cve@mitre.org"
},
{
"url": "https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/702362",
"source": "cve@mitre.org"
}
]
}

47
CVE-2023/CVE-2023-327xx/CVE-2023-32760.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-32760",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-14T18:15:09.787",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to obtain sensitive information via API calls related to data feeds and data publication."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.8
}
]
},
"references": [
{
"url": "https://www.archerirm.community/t5/product-advisories/archer-announces-availability-of-archer-release-6-13/ta-p/697821",
"source": "cve@mitre.org"
},
{
"url": "https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/702362",
"source": "cve@mitre.org"
}
]
}

47
CVE-2023/CVE-2023-327xx/CVE-2023-32761.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-32761",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-14T18:15:09.897",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Request Forgery (CSRF) vulnerability in Archer Platform before v.6.13 and fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to execute arbitrary code via a crafted request."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"references": [
{
"url": "https://www.archerirm.community/t5/product-advisories/archer-announces-availability-of-archer-release-6-13/ta-p/697821",
"source": "cve@mitre.org"
},
{
"url": "https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/702362",
"source": "cve@mitre.org"
}
]
}

4
CVE-2023/CVE-2023-34xx/CVE-2023-3433.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3433",
"sourceIdentifier": "cves@blacklanternsecurity.com",
"published": "2023-07-14T13:15:09.253",
"lastModified": "2023-07-14T13:15:09.253",
"vulnStatus": "Received",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-34xx/CVE-2023-3434.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3434",
"sourceIdentifier": "cves@blacklanternsecurity.com",
"published": "2023-07-14T13:15:09.363",
"lastModified": "2023-07-14T13:15:09.363",
"vulnStatus": "Received",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-351xx/CVE-2023-35116.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-35116",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T14:15:10.960",
"lastModified": "2023-07-13T16:45:46.763",
"lastModified": "2023-07-14T18:52:52.437",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -41,7 +41,7 @@
"description": [
{
"lang": "en",
"value": "CWE-502"
"value": "CWE-770"
}
]
}

133
CVE-2023/CVE-2023-353xx/CVE-2023-35318.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35318",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:17.577",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:42:40.967",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -31,13 +31,138 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20048",
"matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6085",
"matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4645",
"matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3208",
"matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3208",
"matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2176",
"matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.1992",
"matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35318",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

133
CVE-2023/CVE-2023-353xx/CVE-2023-35319.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35319",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:17.633",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:42:45.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -31,13 +31,138 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20048",
"matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6085",
"matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4645",
"matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3208",
"matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3208",
"matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2176",
"matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.1992",
"matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35319",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

85
CVE-2023/CVE-2023-353xx/CVE-2023-35320.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35320",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:17.690",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:42:22.277",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,89 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6085",
"matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4645",
"matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3208",
"matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3208",
"matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2176",
"matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.1992",
"matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35320",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

91
CVE-2023/CVE-2023-353xx/CVE-2023-35321.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35321",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:17.747",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:42:13.183",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -31,13 +31,96 @@
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35321",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-353xx/CVE-2023-35322.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35322",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:17.797",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:41:54.460",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,73 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35322",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

45
CVE-2023/CVE-2023-353xx/CVE-2023-35323.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35323",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:17.857",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:41:47.193",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,49 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2176",
"matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35323",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

101
CVE-2023/CVE-2023-353xx/CVE-2023-35324.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35324",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:17.907",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:41:35.210",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,105 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20048",
"matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6085",
"matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4645",
"matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3208",
"matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3208",
"matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2176",
"matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.1992",
"matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35324",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

101
CVE-2023/CVE-2023-353xx/CVE-2023-35325.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35325",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:17.967",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:41:24.810",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,105 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20048",
"matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6085",
"matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4645",
"matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3208",
"matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3208",
"matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2176",
"matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.1992",
"matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35325",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-353xx/CVE-2023-35326.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35326",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:18.023",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:41:09.940",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,78 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4645",
"matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3208",
"matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3208",
"matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2176",
"matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.1992",
"matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35326",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

111
CVE-2023/CVE-2023-353xx/CVE-2023-35328.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35328",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:18.083",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:40:47.063",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,115 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20048",
"matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6085",
"matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4645",
"matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3208",
"matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3208",
"matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2176",
"matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.1992",
"matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35328",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

101
CVE-2023/CVE-2023-353xx/CVE-2023-35329.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35329",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:18.140",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:40:57.750",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,105 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20048",
"matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6085",
"matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4645",
"matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3208",
"matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3208",
"matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2176",
"matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.1992",
"matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35329",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

106
CVE-2023/CVE-2023-353xx/CVE-2023-35330.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35330",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:18.193",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:40:26.077",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,110 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20048",
"matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6085",
"matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4645",
"matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3208",
"matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3208",
"matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2176",
"matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.1992",
"matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35330",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-353xx/CVE-2023-35331.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35331",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:18.250",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:40:16.377",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,63 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35331",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

106
CVE-2023/CVE-2023-353xx/CVE-2023-35332.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35332",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:18.307",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:40:10.260",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,110 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20048",
"matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6085",
"matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4645",
"matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3208",
"matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3208",
"matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2176",
"matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.1992",
"matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35332",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-353xx/CVE-2023-35333.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35333",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:18.360",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:40:01.480",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
@ -34,10 +54,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:pandocupload:*:*:*:*:*:mediawiki:*:*",
"versionEndExcluding": "1.0.1",
"matchCriteriaId": "DAD6EF21-122B-4077-A09F-0063D1BB2551"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35333",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

48
CVE-2023/CVE-2023-353xx/CVE-2023-35335.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35335",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:18.417",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:39:50.220",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,52 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:dynamics_365:*:*:*:*:on-premises:*:*:*",
"versionStartIncluding": "9.0",
"versionEndExcluding": "9.0.47.08",
"matchCriteriaId": "B2B2E5CF-A3F4-4CA5-9B4E-295E723B3148"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:dynamics_365:*:*:*:*:on-premises:*:*:*",
"versionStartIncluding": "9.1",
"versionEndExcluding": "9.1.18.22",
"matchCriteriaId": "1D09C206-3776-4051-A907-6B8DD79213D5"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35335",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

118
CVE-2023/CVE-2023-353xx/CVE-2023-35336.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35336",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:18.470",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:39:41.190",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
@ -34,10 +54,100 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20048",
"matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6085",
"matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4645",
"matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3208",
"matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3208",
"matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2176",
"matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.1992",
"matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35336",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-353xx/CVE-2023-35337.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35337",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:18.523",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:39:30.837",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,67 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3208",
"matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3208",
"matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2176",
"matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.1992",
"matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35337",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

111
CVE-2023/CVE-2023-353xx/CVE-2023-35338.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35338",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:18.583",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:39:22.753",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,115 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20048",
"matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6085",
"matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4645",
"matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3208",
"matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3208",
"matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2176",
"matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.1992",
"matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35338",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

91
CVE-2023/CVE-2023-353xx/CVE-2023-35339.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35339",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:18.637",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:39:16.953",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,95 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20048",
"matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6085",
"matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4645",
"matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3208",
"matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3208",
"matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2176",
"matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.1992",
"matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35339",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

111
CVE-2023/CVE-2023-353xx/CVE-2023-35340.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35340",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:18.687",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:46:52.787",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,115 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20048",
"matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6085",
"matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4645",
"matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3208",
"matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3208",
"matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2176",
"matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.1992",
"matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35340",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

128
CVE-2023/CVE-2023-353xx/CVE-2023-35341.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35341",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:18.743",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:47:05.550",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
@ -34,10 +54,110 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20048",
"matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6085",
"matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4645",
"matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3208",
"matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3208",
"matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2176",
"matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.1992",
"matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35341",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-353xx/CVE-2023-35346.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35346",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:19.017",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:46:36.847",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,73 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35346",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-353xx/CVE-2023-35347.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35347",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:19.073",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:46:19.077",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,67 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3208",
"matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3208",
"matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2176",
"matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.1992",
"matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35347",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-353xx/CVE-2023-35348.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35348",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:19.137",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:46:08.043",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,27 +17,70 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35348",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-353xx/CVE-2023-35350.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35350",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:19.197",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T21:43:59.697",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,73 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35350",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-356xx/CVE-2023-35692.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35692",
"sourceIdentifier": "security@android.com",
"published": "2023-07-14T16:15:14.160",
"lastModified": "2023-07-14T16:15:14.160",
"vulnStatus": "Received",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

47
CVE-2023/CVE-2023-357xx/CVE-2023-35774.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35774",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-11T09:15:09.783",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T18:51:49.877",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lws:lws_tools:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.4.2",
"matchCriteriaId": "C023683B-CE56-4904-903C-58FB9E5C2D62"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/lws-tools/wordpress-lws-tools-plugin-2-4-1-multiple-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-357xx/CVE-2023-35781.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35781",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-11T08:15:10.900",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T19:01:44.697",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lws:lws_cleaner:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.3.1",
"matchCriteriaId": "4B1D24AB-21AB-4F9B-AD01-8A63E8B4ED0F"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/lws-cleaner/wordpress-lws-cleaner-plugin-2-3-0-multiple-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-359xx/CVE-2023-35913.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35913",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-11T09:15:09.847",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T18:53:49.027",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oopspam:oopspam_anti-spam:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.1.45",
"matchCriteriaId": "0B0B43DF-DF81-47E0-BD8B-FBCAD9EFB692"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/oopspam-anti-spam/wordpress-oopspam-anti-spam-plugin-1-1-44-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-35xx/CVE-2023-3528.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3528",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-06T18:15:17.877",
"lastModified": "2023-07-07T12:50:30.110",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T19:50:35.807",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,14 +93,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:thinutech:thinu-cms:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "403A6EB1-58FA-4F4A-9D85-E1CCFC189BE6"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.233252",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.233252",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-361xx/CVE-2023-36119.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36119",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-14T15:15:08.853",
"lastModified": "2023-07-14T15:15:08.853",
"vulnStatus": "Received",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

69
CVE-2023/CVE-2023-363xx/CVE-2023-36376.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-36376",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-10T16:15:53.307",
"lastModified": "2023-07-10T16:27:17.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T18:03:54.167",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Scripting (XSS) vulnerability in Hostel Management System v.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the add course section."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hostel_management_system_project:hostel_management_system:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC64E15A-2ECC-4930-8FDB-20AC554E3336"
}
]
}
]
}
],
"references": [
{
"url": "https://medium.com/@ridheshgohil1092/cve-2023-36376-xss-on-hostel-management-system-c6891993527",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://packetstormsecurity.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
}
]
}

88
CVE-2023/CVE-2023-364xx/CVE-2023-36459.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36459",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-06T19:15:10.727",
"lastModified": "2023-07-07T12:50:30.110",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T19:33:36.027",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,30 +66,82 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.3",
"versionEndExcluding": "3.5.9",
"matchCriteriaId": "B812C873-88F0-4897-B42C-A67FA6EBB394"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndExcluding": "4.0.5",
"matchCriteriaId": "51150E6A-F99E-4905-A464-2BAC2B1C36C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.1.0",
"versionEndExcluding": "4.1.3",
"matchCriteriaId": "8AB4CC5C-A9AE-4CD1-8912-B570E2F6E170"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/06/5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://github.com/mastodon/mastodon/commit/6d8e0fae3e96f3cf4febe03fa7fcf5b95ff761b2",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/mastodon/mastodon/releases/tag/v3.5.9",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/mastodon/mastodon/releases/tag/v4.0.5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/mastodon/mastodon/releases/tag/v4.1.3",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/mastodon/mastodon/security/advisories/GHSA-ccm4-vgcc-73hp",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

88
CVE-2023/CVE-2023-364xx/CVE-2023-36460.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36460",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-06T19:15:10.807",
"lastModified": "2023-07-07T12:50:30.110",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T19:31:52.857",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,30 +66,82 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.5.0",
"versionEndExcluding": "3.5.9",
"matchCriteriaId": "7641D969-D695-41AF-B533-1847CAE25B35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndExcluding": "4.0.5",
"matchCriteriaId": "51150E6A-F99E-4905-A464-2BAC2B1C36C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.1.0",
"versionEndExcluding": "4.1.3",
"matchCriteriaId": "8AB4CC5C-A9AE-4CD1-8912-B570E2F6E170"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/06/4",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://github.com/mastodon/mastodon/commit/dc8f1fbd976ae544720a4e07120d9a91b2722440",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/mastodon/mastodon/releases/tag/v3.5.9",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/mastodon/mastodon/releases/tag/v4.0.5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/mastodon/mastodon/releases/tag/v4.1.3",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/mastodon/mastodon/security/advisories/GHSA-9928-3cp5-93fm",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

87
CVE-2023/CVE-2023-364xx/CVE-2023-36461.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36461",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-06T19:15:10.880",
"lastModified": "2023-07-07T12:50:30.110",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-14T19:25:23.220",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,30 +66,81 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.9",
"matchCriteriaId": "CDD53D86-018D-4C06-94B3-36E2FDE03963"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndExcluding": "4.0.5",
"matchCriteriaId": "51150E6A-F99E-4905-A464-2BAC2B1C36C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.1.0",
"versionEndExcluding": "4.1.3",
"matchCriteriaId": "8AB4CC5C-A9AE-4CD1-8912-B570E2F6E170"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/06/7",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://github.com/mastodon/mastodon/commit/c5929798bf7e56cc2c79b15bed0c4692ded3dcb6",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/mastodon/mastodon/releases/tag/v3.5.9",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/mastodon/mastodon/releases/tag/v4.0.5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/mastodon/mastodon/releases/tag/v4.1.3",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/mastodon/mastodon/security/advisories/GHSA-9pxv-6qvf-pjwc",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-368xx/CVE-2023-36831.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36831",
"sourceIdentifier": "sirt@juniper.net",
"published": "2023-07-14T15:15:08.913",
"lastModified": "2023-07-14T15:15:08.913",
"vulnStatus": "Received",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-368xx/CVE-2023-36832.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36832",
"sourceIdentifier": "sirt@juniper.net",
"published": "2023-07-14T16:15:14.237",
"lastModified": "2023-07-14T16:15:14.237",
"vulnStatus": "Received",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-368xx/CVE-2023-36833.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36833",
"sourceIdentifier": "sirt@juniper.net",
"published": "2023-07-14T17:15:09.133",
"lastModified": "2023-07-14T17:15:09.133",
"vulnStatus": "Received",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-368xx/CVE-2023-36834.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-36834",
"sourceIdentifier": "sirt@juniper.net",
"published": "2023-07-14T18:15:10.057",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An Incomplete Internal State Distinction vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX 4600 and SRX 5000 Series allows an adjacent attacker to cause a Denial of Service (DoS).\n\nIf an SRX is configured in L2 transparent mode the receipt of a specific genuine packet can cause a single Packet Processing Engines (PPE) component of the PFE to run into a loop, which in turn will render the PPE unavailable. Each packet will cause one PPE to get into a loop, leading to a gradual performance degradation until all PPEs are unavailable and all traffic processing stops. To recover the affected FPC need to be restarted.\n\nThis issue affects Juniper Networks Junos OS on SRX 4600 and SRX 5000 Series:\n20.1 version 20.1R1 and later versions;\n20.2 versions prior to 20.2R3-S7;\n20.3 version 20.3R1 and later versions;\n20.4 versions prior to 20.4R3-S7;\n21.1 versions prior to 21.1R3-S5;\n21.2 versions prior to 21.2R3-S3;\n21.3 versions prior to 21.3R3-S3;\n21.4 versions prior to 21.4R3-S1;\n22.1 versions prior to 22.1R3;\n22.2 versions prior to 22.2R2;\n22.3 versions prior to 22.3R1-S1, 22.3R2.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sirt@juniper.net",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "sirt@juniper.net",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-372"
}
]
}
],
"references": [
{
"url": "https://supportportal.juniper.net/JSA71641",
"source": "sirt@juniper.net"
}
]
}

55
CVE-2023/CVE-2023-368xx/CVE-2023-36835.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-36835",
"sourceIdentifier": "sirt@juniper.net",
"published": "2023-07-14T18:15:10.133",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX10000 Series allows a network based attacker to cause a Denial of Service (DoS).\n\nIf a specific valid IP packet is received and that packet needs to be routed over a VXLAN tunnel, this will result in a PFE wedge condition due to which traffic gets impacted. As this is not a crash and restart scenario, this condition will persist until the system is rebooted to recover.\n\nThis issue affects Juniper Networks Junos OS on QFX10000:\n20.3 version 20.3R1 and later versions;\n20.4 versions prior to 20.4R3-S5;\n21.1 versions prior to 21.1R3-S5;\n21.2 versions prior to 21.2R3-S5;\n21.3 versions prior to 21.3R3-S4;\n21.4 versions prior to 21.4R3-S1;\n22.1 versions prior to 22.1R3;\n22.2 versions prior to 22.2R2;\n22.3 versions prior to 22.3R1-S2, 22.3R2.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sirt@juniper.net",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "sirt@juniper.net",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
}
],
"references": [
{
"url": "https://supportportal.juniper.net/JSA71642",
"source": "sirt@juniper.net"
}
]
}

55
CVE-2023/CVE-2023-368xx/CVE-2023-36836.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-36836",
"sourceIdentifier": "sirt@juniper.net",
"published": "2023-07-14T18:15:10.213",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A Use of an Uninitialized Resource vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with low privileges to cause a Denial of Service (DoS).\n\nOn all Junos OS and Junos OS Evolved platforms, in a Multicast only Fast Reroute (MoFRR) scenario, the rpd process can crash when a a specific low privileged CLI command is executed. The rpd crash will impact all routing protocols until the process has automatically been restarted. As the operational state which makes this issue exploitable is outside the attackers control, this issue is considered difficult to exploit. Continued execution of this command will lead to a sustained DoS.\n\nThis issue affects:\nJuniper Networks Junos OS\n19.4 version 19.4R3-S5 and later versions prior to 19.4R3-S9;\n20.1 version 20.1R2 and later versions;\n20.2 versions prior to 20.2R3-S7;\n20.3 versions prior to 20.3R3-S5;\n20.4 versions prior to 20.4R3-S6;\n21.1 versions prior to 21.1R3-S4;\n21.2 versions prior to 21.2R3-S2;\n21.3 versions prior to 21.3R3-S1;\n21.4 versions prior to 21.4R3;\n22.1 versions prior to 22.1R1-S2, 22.1R2;\n22.2 versions prior to 22.2R2.\n\nJuniper Networks Junos OS Evolved\nAll versions prior to 20.4R3-S6-EVO;\n21.1-EVO version 21.1R1-EVO and later versions;\n21.2-EVO version 21.2R1-EVO and later versions;\n21.3-EVO versions prior to 21.3R3-S1-EVO;\n21.4-EVO versions prior to 21.4R3-EVO;\n22.1-EVO versions prior to 22.1R1-S2-EVO, 22.1R2-EVO;\n22.2-EVO versions prior to 22.2R2-EVO.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sirt@juniper.net",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "sirt@juniper.net",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-908"
}
]
}
],
"references": [
{
"url": "https://supportportal.juniper.net/JSA71643",
"source": "sirt@juniper.net"
}
]
}

4
CVE-2023/CVE-2023-368xx/CVE-2023-36838.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36838",
"sourceIdentifier": "sirt@juniper.net",
"published": "2023-07-14T17:15:09.210",
"lastModified": "2023-07-14T17:15:09.210",
"vulnStatus": "Received",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-368xx/CVE-2023-36840.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-36840",
"sourceIdentifier": "sirt@juniper.net",
"published": "2023-07-14T18:15:10.290",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A Reachable Assertion vulnerability in Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows a locally-based, low-privileged attacker to cause a Denial of Service (DoS).\n\nOn all Junos OS and Junos OS Evolved, when a specific L2VPN command is run, RPD will crash and restart. Continued execution of this specific command will create a sustained Denial of Service (DoS) condition.\n\nThis issue affects:\nJuniper Networks Junos OS\nAll versions prior to 19.3R3-S10;\n20.1 versions prior to 20.1R3-S4;\n20.2 versions prior to 20.2R3-S6;\n20.3 versions prior to 20.3R3-S6;\n20.4 versions prior to 20.4R3-S5;\n21.1 versions prior to 21.1R3-S4;\n21.2 versions prior to 21.2R3-S3;\n21.3 versions prior to 21.3R3-S2;\n21.4 versions prior to 21.4R3;\n22.1 versions prior to 22.1R3;\n22.2 versions prior to 22.2R2;\n22.3 versions prior to 22.3R2;\n\nJuniper Networks Junos OS Evolved\nAll versions prior to 20.4R3-S7-EVO;\n21.1 versions prior to 21.1R3-S3-EVO;\n21.2 versions prior to 21.2R3-S5-EVO;\n21.3 versions prior to 21.3R3-S4-EVO;\n21.4 versions prior to 21.4R3-EVO;\n22.1 versions prior to 22.1R3-EVO;\n22.2 versions prior to 22.2R2-EVO;\n22.3 versions prior to 22.3R2-EVO;\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sirt@juniper.net",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "sirt@juniper.net",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-617"
}
]
}
],
"references": [
{
"url": "https://supportportal.juniper.net/JSA71647",
"source": "sirt@juniper.net"
}
]
}

55
CVE-2023/CVE-2023-368xx/CVE-2023-36848.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-36848",
"sourceIdentifier": "sirt@juniper.net",
"published": "2023-07-14T18:15:10.370",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An Improper Handling of Undefined Values vulnerability in the periodic packet management daemon (PPMD) of Juniper Networks Junos OS on MX Series(except MPC10, MPC11 and LC9600) allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS).\n\nWhen a malformed CFM packet is received, it leads to an FPC crash. Continued receipt of these packets causes a sustained denial of service. This vulnerability occurs only when CFM has been configured on the interface.\n\nThis issue affects Juniper Networks Junos OS:\nversions prior to 19.1R3-S10 on MX Series;\n19.2 versions prior to 19.2R3-S7 on MX Series;\n19.3 versions prior to 19.3R3-S8 on MX Series;\n19.4 versions prior to 19.4R3-S12 on MX Series;\n20.1 version 20.1R1 and later versions on MX Series;\n20.2 versions prior to 20.2R3-S8 on MX Series;\n20.3 version 20.3R1 and later versions on MX Series;\n20.4 versions prior to 20.4R3-S7 on MX Series;\n21.1 versions prior to 21.1R3-S5 on MX Series;\n21.2 versions prior to 21.2R3-S5 on MX Series;\n21.3 versions prior to 21.3R3-S4 on MX Series;\n21.4 versions prior to 21.4R3-S4 on MX Series;\n22.1 versions prior to 22.1R3-S3 on MX Series;\n22.2 versions prior to 22.2R3-S1 on MX Series;\n22.3 versions prior to 22.3R3 on MX Series;\n22.4 versions prior to 22.4R1-S2, 22.4R2 on MX Series.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sirt@juniper.net",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "sirt@juniper.net",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-232"
}
]
}
],
"references": [
{
"url": "https://supportportal.juniper.net/JSA71659",
"source": "sirt@juniper.net"
}
]
}

55
CVE-2023/CVE-2023-368xx/CVE-2023-36849.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-36849",
"sourceIdentifier": "sirt@juniper.net",
"published": "2023-07-14T18:15:10.503",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An Improper Check or Handling of Exceptional Conditions vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS).\n\nWhen a malformed LLDP packet is received, l2cpd will crash and restart. The impact of the l2cpd crash is reinitialization of STP protocols (RSTP, MSTP or VSTP), and MVRP and ERP. Also, if any services depend on LLDP state (like PoE or VoIP device recognition), then these will also be affected. Continued receipt of such packets will lead to a sustained Denial of Service.\n\nThis issue affects:\nJuniper Networks Junos OS\n21.4 versions prior to 21.4R3-S3;\n22.1 versions prior to 22.1R3-S3;\n22.2 versions prior to 22.2R2-S1, 22.2R3;\n22.3 versions prior to 22.3R2.\n\nJuniper Networks Junos OS Evolved\n21.4-EVO versions prior to 21.4R3-S2-EVO;\n22.1-EVO versions prior to 22.1R3-S3-EVO;\n22.2-EVO versions prior to 22.2R2-S1-EVO, 22.2R3-EVO;\n22.3-EVO versions prior to 22.3R2-EVO.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sirt@juniper.net",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "sirt@juniper.net",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-703"
}
]
}
],
"references": [
{
"url": "https://supportportal.juniper.net/JSA71660",
"source": "sirt@juniper.net"
}
]
}

55
CVE-2023/CVE-2023-368xx/CVE-2023-36850.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-36850",
"sourceIdentifier": "sirt@juniper.net",
"published": "2023-07-14T19:15:09.093",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Connectivity Fault Management(CFM) module of Juniper Networks Junos OS on MX Series(except MPC10, MPC11 and LC9600) allows an adjacent attacker on the local broadcast domain to cause a Denial of Service(DoS).\n\nUpon receiving a malformed CFM packet, the MPC crashes. Continued receipt of these packets causes a sustained denial of service. This issue can only be triggered when CFM hasn't been configured.\n\nThis issue affects:\nJuniper Networks Junos OS\nAll versions prior to 19.1R3-S10 on MX Series;\n19.2 versions prior to 19.2R3-S7 on MX Series;\n19.3 versions prior to 19.3R3-S8 on MX Series;\n19.4 versions prior to 19.4R3-S12 on MX Series;\n20.1 version 20.1R1 and later versions on MX Series;\n20.2 versions prior to 20.2R3-S7 on MX Series;\n20.3 version 20.3R1 and later versions on MX Series;\n20.4 versions prior to 20.4R3-S7 on MX Series;\n21.1 versions prior to 21.1R3-S5 on MX Series;\n21.2 versions prior to 21.2R3-S4 on MX Series;\n21.3 versions prior to 21.3R3-S4 on MX Series;\n21.4 versions prior to 21.4R3-S3 on MX Series;\n22.1 versions prior to 22.1R3-S2 on MX Series;\n22.2 versions prior to 22.2R3 on MX Series;\n22.3 versions prior to 22.3R2, 22.3R3 on MX Series;\n22.4 versions prior to 22.4R2 on MX Series.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sirt@juniper.net",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "sirt@juniper.net",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1285"
}
]
}
],
"references": [
{
"url": "https://supportportal.juniper.net/JSA71661",
"source": "sirt@juniper.net"
}
]
}

43
CVE-2023/CVE-2023-368xx/CVE-2023-36883.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36883",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-14T18:15:10.627",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Edge for iOS Spoofing Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36883",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-368xx/CVE-2023-36887.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36887",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-14T18:15:10.690",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36887",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-368xx/CVE-2023-36888.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36888",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-14T18:15:10.750",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Edge for Android (Chromium-based) Tampering Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36888",
"source": "secure@microsoft.com"
}
]
}

55
CVE-2023/CVE-2023-36xx/CVE-2023-3633.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-3633",
"sourceIdentifier": "cve-requests@bitdefender.com",
"published": "2023-07-14T20:15:09.220",
"lastModified": "2023-07-14T20:15:09.220",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write\u00a0vulnerability in Bitdefender Engines on Windows causes the engine to crash.\u00a0This issue affects Bitdefender Engines version 7.94791 and lower."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-requests@bitdefender.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cve-requests@bitdefender.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://www.bitdefender.com/support/security-advisories/out-of-bounds-memory-corruption-issue-in-ceva-engine-va-11010",
"source": "cve-requests@bitdefender.com"
}
]
}

4
CVE-2023/CVE-2023-36xx/CVE-2023-3673.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3673",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-07-14T13:15:09.437",
"lastModified": "2023-07-14T13:15:09.437",
"vulnStatus": "Received",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

47
CVE-2023/CVE-2023-372xx/CVE-2023-37223.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-37223",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-14T18:15:10.847",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in Archer Platform before v.6.13 and fixed in v.6.12.0.6 and v.6.13.0 allows a remote authenticated attacker to execute arbitrary code via a crafted malicious script."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"references": [
{
"url": "https://archerirm.com",
"source": "cve@mitre.org"
},
{
"url": "https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/702362",
"source": "cve@mitre.org"
}
]
}

47
CVE-2023/CVE-2023-372xx/CVE-2023-37224.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-37224",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-14T18:15:10.920",
"lastModified": "2023-07-14T19:46:52.880",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to obtain sensitive information via the log files."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.5,
"impactScore": 4.0
}
]
},
"references": [
{
"url": "https://archerirm.com",
"source": "cve@mitre.org"
},
{
"url": "https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/702362",
"source": "cve@mitre.org"
}
]
}

67
CVE-2023/CVE-2023-374xx/CVE-2023-37462.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-37462",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-14T21:15:08.820",
"lastModified": "2023-07-14T21:15:08.820",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Improper escaping in the document `SkinsCode.XWikiSkinsSheet` leads to an injection vector from view right on that document to programming rights, or in other words, it is possible to execute arbitrary script macros including Groovy and Python macros that allow remote code execution including unrestricted read and write access to all wiki contents. The attack works by opening a non-existing page with a name crafted to contain a dangerous payload. It is possible to check if an existing installation is vulnerable. See the linked GHSA for instructions on testing an installation. This issue has been patched in XWiki 14.4.8, 14.10.4 and 15.0-rc-1. Users are advised to upgrade. The fix commit `d9c88ddc` can also be applied manually to the impacted document `SkinsCode.XWikiSkinsSheet` and users unable to upgrade are advised to manually patch their installations."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-95"
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/commit/d9c88ddc4c0c78fa534bd33237e95dea66003d29",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-h4vp-69r8-gvjg",
"source": "security-advisories@github.com"
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20457",
"source": "security-advisories@github.com"
}
]
}

67
CVE-2023/CVE-2023-374xx/CVE-2023-37464.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-37464",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-14T21:15:08.903",
"lastModified": "2023-07-14T21:15:08.903",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "OpenIDC/cjose is a C library implementing the Javascript Object Signing and Encryption (JOSE). The AES GCM decryption routine incorrectly uses the Tag length from the actual Authentication Tag provided in the JWE. The spec says that a fixed length of 16 octets must be applied. Therefore this bug allows an attacker to provide a truncated Authentication Tag and to modify the JWE accordingly. Users should upgrade to a version >= 0.6.2.2. Users unable to upgrade should avoid using AES GCM encryption and replace it with another encryption algorithm (e.g. AES CBC)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
}
],
"references": [
{
"url": "https://datatracker.ietf.org/doc/html/rfc7518#section-4.7",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/OpenIDC/cjose/commit/7325e9a5e71e2fc0e350487ecac7d84acdf0ed5e",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/OpenIDC/cjose/releases/tag/v0.6.2.2",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/OpenIDC/cjose/security/advisories/GHSA-3rhg-3gf2-6xgj",
"source": "security-advisories@github.com"
}
]
}

55
CVE-2023/CVE-2023-374xx/CVE-2023-37472.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-37472",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-14T21:15:08.980",
"lastModified": "2023-07-14T21:15:08.980",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Knowage is an open source suite for business analytics. The application often use user supplied data to create HQL queries without prior sanitization. An attacker can create specially crafted HQL queries that will break subsequent SQL queries generated by the Hibernate engine. The endpoint `_/knowage/restful-services/2.0/documents/listDocument_` calls the `_countBIObjects_` method of the `_BIObjectDAOHibImpl_` object with the user supplied `_label_` parameter without prior sanitization. This can lead to SQL injection in the backing database. Other injections have been identified in the application as well. An authenticated attacker with low privileges could leverage this vulnerability in order to retrieve sensitive information from the database, such as account credentials or business information. This issue has been addressed in version 8.1.8. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-2j3f-f696-7rgj",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-374xx/CVE-2023-37473.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-37473",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-14T21:15:09.047",
"lastModified": "2023-07-14T21:15:09.047",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "zenstruck/collections is a set of helpers for iterating/paginating/filtering collections. Passing _callable strings_ (ie `system`) caused the function to be executed. This would result in a limited subset of specific user input being executed as if it were code. This issue has been addressed in commit `f4b1c48820` and included in release version 0.2.1. Users are advised to upgrade. Users unable to upgrade should ensure that user input is not passed to either `EntityRepository::find()` or `query()`."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"references": [
{
"url": "https://github.com/zenstruck/collection/commit/f4b1c488206e1b1581b06fcd331686846f13f19c",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/zenstruck/collection/releases/tag/v0.2.1",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/zenstruck/collection/security/advisories/GHSA-7xr2-8ff7-6fjq",
"source": "security-advisories@github.com"
}
]
}

Some files were not shown because too many files have changed in this diff Show More