diff --git a/CVE-2021/CVE-2021-420xx/CVE-2021-42079.json b/CVE-2021/CVE-2021-420xx/CVE-2021-42079.json index 4ede7c40b15..862f43829f1 100644 --- a/CVE-2021/CVE-2021-420xx/CVE-2021-42079.json +++ b/CVE-2021/CVE-2021-420xx/CVE-2021-42079.json @@ -2,8 +2,8 @@ "id": "CVE-2021-42079", "sourceIdentifier": "csirt@divd.nl", "published": "2023-07-10T16:15:47.467", - "lastModified": "2023-07-10T16:27:17.833", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T18:13:24.080", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + }, { "source": "csirt@divd.nl", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + }, { "source": "csirt@divd.nl", "type": "Secondary", @@ -46,22 +76,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:osnexus:quantastor:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.0.0.355", + "matchCriteriaId": "5E101217-36C7-4C28-8C61-7744481D2D0E" + } + ] + } + ] + } + ], "references": [ { "url": "https://csirt.divd.nl/CVE-2021-42079", - "source": "csirt@divd.nl" + "source": "csirt@divd.nl", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.divd.nl/DIVD-2021-00020", - "source": "csirt@divd.nl" + "source": "csirt@divd.nl", + "tags": [ + "Broken Link" + ] }, { "url": "https://www.osnexus.com/products/software-defined-storage", - "source": "csirt@divd.nl" + "source": "csirt@divd.nl", + "tags": [ + "Product" + ] }, { "url": "https://www.wbsec.nl/osnexus", - "source": "csirt@divd.nl" + "source": "csirt@divd.nl", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-234xx/CVE-2022-23465.json b/CVE-2022/CVE-2022-234xx/CVE-2022-23465.json index f2f9f35bb48..f48d1f7b3d6 100644 --- a/CVE-2022/CVE-2022-234xx/CVE-2022-23465.json +++ b/CVE-2022/CVE-2022-234xx/CVE-2022-23465.json @@ -2,7 +2,7 @@ "id": "CVE-2022-23465", "sourceIdentifier": "security-advisories@github.com", "published": "2022-12-02T23:15:16.617", - "lastModified": "2022-12-06T19:48:27.053", + "lastModified": "2023-07-14T19:10:22.170", "vulnStatus": "Analyzed", "descriptions": [ { @@ -56,8 +56,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-234xx/CVE-2022-23486.json b/CVE-2022/CVE-2022-234xx/CVE-2022-23486.json index a101dbb050b..06b7457d375 100644 --- a/CVE-2022/CVE-2022-234xx/CVE-2022-23486.json +++ b/CVE-2022/CVE-2022-234xx/CVE-2022-23486.json @@ -2,7 +2,7 @@ "id": "CVE-2022-23486", "sourceIdentifier": "security-advisories@github.com", "published": "2022-12-07T21:15:10.183", - "lastModified": "2022-12-10T03:04:53.393", + "lastModified": "2023-07-14T19:10:15.620", "vulnStatus": "Analyzed", "descriptions": [ { @@ -61,7 +61,7 @@ "description": [ { "lang": "en", - "value": "CWE-400" + "value": "CWE-770" } ] }, diff --git a/CVE-2022/CVE-2022-234xx/CVE-2022-23487.json b/CVE-2022/CVE-2022-234xx/CVE-2022-23487.json index 0c4db2d3205..f83c219acfe 100644 --- a/CVE-2022/CVE-2022-234xx/CVE-2022-23487.json +++ b/CVE-2022/CVE-2022-234xx/CVE-2022-23487.json @@ -2,7 +2,7 @@ "id": "CVE-2022-23487", "sourceIdentifier": "security-advisories@github.com", "published": "2022-12-07T21:15:10.260", - "lastModified": "2022-12-10T03:04:20.023", + "lastModified": "2023-07-14T19:10:09.987", "vulnStatus": "Analyzed", "descriptions": [ { @@ -56,8 +56,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-770" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-234xx/CVE-2022-23492.json b/CVE-2022/CVE-2022-234xx/CVE-2022-23492.json index 0ca5992c870..f8436127959 100644 --- a/CVE-2022/CVE-2022-234xx/CVE-2022-23492.json +++ b/CVE-2022/CVE-2022-234xx/CVE-2022-23492.json @@ -2,7 +2,7 @@ "id": "CVE-2022-23492", "sourceIdentifier": "security-advisories@github.com", "published": "2022-12-08T01:15:09.697", - "lastModified": "2022-12-10T03:04:08.080", + "lastModified": "2023-07-14T19:22:48.140", "vulnStatus": "Analyzed", "descriptions": [ { @@ -56,8 +56,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-770" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-234xx/CVE-2022-23498.json b/CVE-2022/CVE-2022-234xx/CVE-2022-23498.json index aa6b0cc8b15..c5856bfe066 100644 --- a/CVE-2022/CVE-2022-234xx/CVE-2022-23498.json +++ b/CVE-2022/CVE-2022-234xx/CVE-2022-23498.json @@ -2,7 +2,7 @@ "id": "CVE-2022-23498", "sourceIdentifier": "security-advisories@github.com", "published": "2023-02-03T22:15:09.463", - "lastModified": "2023-02-14T02:01:21.000", + "lastModified": "2023-07-14T19:34:08.633", "vulnStatus": "Analyzed", "descriptions": [ { @@ -56,8 +56,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-235xx/CVE-2022-23505.json b/CVE-2022/CVE-2022-235xx/CVE-2022-23505.json index 4f07fb1016d..579cd68ac5a 100644 --- a/CVE-2022/CVE-2022-235xx/CVE-2022-23505.json +++ b/CVE-2022/CVE-2022-235xx/CVE-2022-23505.json @@ -2,7 +2,7 @@ "id": "CVE-2022-23505", "sourceIdentifier": "security-advisories@github.com", "published": "2022-12-13T08:15:09.067", - "lastModified": "2022-12-15T21:05:23.493", + "lastModified": "2023-07-14T19:22:51.697", "vulnStatus": "Analyzed", "descriptions": [ { @@ -61,7 +61,7 @@ "description": [ { "lang": "en", - "value": "CWE-287" + "value": "NVD-CWE-Other" } ] }, diff --git a/CVE-2022/CVE-2022-235xx/CVE-2022-23538.json b/CVE-2022/CVE-2022-235xx/CVE-2022-23538.json index bf490852dba..16e396e7a55 100644 --- a/CVE-2022/CVE-2022-235xx/CVE-2022-23538.json +++ b/CVE-2022/CVE-2022-235xx/CVE-2022-23538.json @@ -2,7 +2,7 @@ "id": "CVE-2022-23538", "sourceIdentifier": "security-advisories@github.com", "published": "2023-01-17T21:15:11.827", - "lastModified": "2023-01-30T18:26:17.897", + "lastModified": "2023-07-14T19:34:05.157", "vulnStatus": "Analyzed", "descriptions": [ { @@ -62,10 +62,6 @@ { "lang": "en", "value": "CWE-522" - }, - { - "lang": "en", - "value": "CWE-601" } ] }, diff --git a/CVE-2022/CVE-2022-235xx/CVE-2022-23540.json b/CVE-2022/CVE-2022-235xx/CVE-2022-23540.json index eaac24397ac..9993e96f636 100644 --- a/CVE-2022/CVE-2022-235xx/CVE-2022-23540.json +++ b/CVE-2022/CVE-2022-235xx/CVE-2022-23540.json @@ -2,7 +2,7 @@ "id": "CVE-2022-23540", "sourceIdentifier": "security-advisories@github.com", "published": "2022-12-22T19:15:08.967", - "lastModified": "2023-02-27T19:56:08.387", + "lastModified": "2023-07-14T19:22:55.547", "vulnStatus": "Analyzed", "descriptions": [ { @@ -61,7 +61,7 @@ "description": [ { "lang": "en", - "value": "CWE-327" + "value": "CWE-347" } ] }, diff --git a/CVE-2022/CVE-2022-23xx/CVE-2022-2350.json b/CVE-2022/CVE-2022-23xx/CVE-2022-2350.json index b463ee8f0e7..5d4c09e66ca 100644 --- a/CVE-2022/CVE-2022-23xx/CVE-2022-2350.json +++ b/CVE-2022/CVE-2022-23xx/CVE-2022-2350.json @@ -2,7 +2,7 @@ "id": "CVE-2022-2350", "sourceIdentifier": "contact@wpscan.com", "published": "2022-10-10T21:15:10.550", - "lastModified": "2022-10-11T18:58:57.357", + "lastModified": "2023-07-14T18:16:42.230", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,7 +40,7 @@ }, "weaknesses": [ { - "source": "contact@wpscan.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -52,6 +52,20 @@ "value": "CWE-862" } ] + }, + { + "source": "contact@wpscan.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + }, + { + "lang": "en", + "value": "CWE-862" + } + ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-385xx/CVE-2022-38533.json b/CVE-2022/CVE-2022-385xx/CVE-2022-38533.json index 2ca48ece11b..45c5666c0df 100644 --- a/CVE-2022/CVE-2022-385xx/CVE-2022-38533.json +++ b/CVE-2022/CVE-2022-385xx/CVE-2022-38533.json @@ -2,8 +2,8 @@ "id": "CVE-2022-38533", "sourceIdentifier": "cve@mitre.org", "published": "2022-08-26T00:15:09.317", - "lastModified": "2022-12-08T03:46:39.747", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-14T18:15:09.367", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -89,6 +89,10 @@ } ], "references": [ + { + "url": "https://github.com/bminor/binutils-gdb/commit/45d92439aebd0386ef8af76e1796d08cfe457e1d", + "source": "cve@mitre.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6AKZ2DTS3ATVN5PANNVLKLE5OP4OF25Q/", "source": "cve@mitre.org", @@ -129,6 +133,14 @@ "Patch", "Third Party Advisory" ] + }, + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29495", + "source": "cve@mitre.org" + }, + { + "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=45d92439aebd0386ef8af76e1796d08cfe457e1d", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-392xx/CVE-2022-39233.json b/CVE-2022/CVE-2022-392xx/CVE-2022-39233.json index fe4415f8a26..cd6e0eec23b 100644 --- a/CVE-2022/CVE-2022-392xx/CVE-2022-39233.json +++ b/CVE-2022/CVE-2022-392xx/CVE-2022-39233.json @@ -2,7 +2,7 @@ "id": "CVE-2022-39233", "sourceIdentifier": "security-advisories@github.com", "published": "2022-10-19T11:15:11.160", - "lastModified": "2022-10-21T16:57:54.080", + "lastModified": "2023-07-14T18:17:43.380", "vulnStatus": "Analyzed", "descriptions": [ { @@ -65,7 +65,7 @@ "description": [ { "lang": "en", - "value": "CWE-863" + "value": "CWE-862" } ] }, diff --git a/CVE-2022/CVE-2022-392xx/CVE-2022-39271.json b/CVE-2022/CVE-2022-392xx/CVE-2022-39271.json index 4cc519c8509..c65aaf44103 100644 --- a/CVE-2022/CVE-2022-392xx/CVE-2022-39271.json +++ b/CVE-2022/CVE-2022-392xx/CVE-2022-39271.json @@ -2,7 +2,7 @@ "id": "CVE-2022-39271", "sourceIdentifier": "security-advisories@github.com", "published": "2022-10-11T14:15:09.883", - "lastModified": "2022-10-13T16:39:32.590", + "lastModified": "2023-07-14T18:17:00.723", "vulnStatus": "Analyzed", "descriptions": [ { @@ -60,8 +60,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-755" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-392xx/CVE-2022-39272.json b/CVE-2022/CVE-2022-392xx/CVE-2022-39272.json index 9ac7e35b2fd..00f94d6946d 100644 --- a/CVE-2022/CVE-2022-392xx/CVE-2022-39272.json +++ b/CVE-2022/CVE-2022-392xx/CVE-2022-39272.json @@ -2,7 +2,7 @@ "id": "CVE-2022-39272", "sourceIdentifier": "security-advisories@github.com", "published": "2022-10-22T00:15:09.310", - "lastModified": "2022-10-24T16:51:21.127", + "lastModified": "2023-07-14T18:17:49.903", "vulnStatus": "Analyzed", "descriptions": [ { @@ -65,7 +65,7 @@ "description": [ { "lang": "en", - "value": "CWE-20" + "value": "CWE-1284" } ] }, diff --git a/CVE-2022/CVE-2022-392xx/CVE-2022-39286.json b/CVE-2022/CVE-2022-392xx/CVE-2022-39286.json index ccbc19da060..5fb51260217 100644 --- a/CVE-2022/CVE-2022-392xx/CVE-2022-39286.json +++ b/CVE-2022/CVE-2022-392xx/CVE-2022-39286.json @@ -2,8 +2,8 @@ "id": "CVE-2022-39286", "sourceIdentifier": "security-advisories@github.com", "published": "2022-10-26T20:15:10.490", - "lastModified": "2023-06-09T20:15:09.533", - "vulnStatus": "Modified", + "lastModified": "2023-07-14T18:59:47.950", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -60,8 +60,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-427" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -72,16 +82,6 @@ "value": "CWE-269" } ] - }, - { - "source": "nvd@nist.gov", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-269" - } - ] } ], "configurations": [ @@ -111,6 +111,11 @@ "vulnerable": true, "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED" } ] } @@ -186,7 +191,10 @@ }, { "url": "https://www.debian.org/security/2023/dsa-5422", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-392xx/CVE-2022-39289.json b/CVE-2022/CVE-2022-392xx/CVE-2022-39289.json index 126a3760643..b5293a88f98 100644 --- a/CVE-2022/CVE-2022-392xx/CVE-2022-39289.json +++ b/CVE-2022/CVE-2022-392xx/CVE-2022-39289.json @@ -2,7 +2,7 @@ "id": "CVE-2022-39289", "sourceIdentifier": "security-advisories@github.com", "published": "2022-10-07T21:15:11.553", - "lastModified": "2022-10-11T13:52:40.540", + "lastModified": "2023-07-14T18:13:15.957", "vulnStatus": "Analyzed", "descriptions": [ { @@ -60,8 +60,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-393xx/CVE-2022-39307.json b/CVE-2022/CVE-2022-393xx/CVE-2022-39307.json index 65dc58c27b9..e5b7e489ecb 100644 --- a/CVE-2022/CVE-2022-393xx/CVE-2022-39307.json +++ b/CVE-2022/CVE-2022-393xx/CVE-2022-39307.json @@ -2,7 +2,7 @@ "id": "CVE-2022-39307", "sourceIdentifier": "security-advisories@github.com", "published": "2022-11-09T23:15:12.617", - "lastModified": "2023-02-16T03:15:30.060", + "lastModified": "2023-07-14T19:10:25.977", "vulnStatus": "Analyzed", "descriptions": [ { @@ -56,22 +56,22 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-200" + "value": "CWE-209" } ] }, { - "source": "nvd@nist.gov", + "source": "security-advisories@github.com", "type": "Secondary", "description": [ { "lang": "en", - "value": "NVD-CWE-noinfo" + "value": "CWE-200" } ] } diff --git a/CVE-2022/CVE-2022-393xx/CVE-2022-39308.json b/CVE-2022/CVE-2022-393xx/CVE-2022-39308.json index efe65b7835d..bb360d7d411 100644 --- a/CVE-2022/CVE-2022-393xx/CVE-2022-39308.json +++ b/CVE-2022/CVE-2022-393xx/CVE-2022-39308.json @@ -2,7 +2,7 @@ "id": "CVE-2022-39308", "sourceIdentifier": "security-advisories@github.com", "published": "2022-10-14T19:15:18.310", - "lastModified": "2022-10-18T19:44:23.687", + "lastModified": "2023-07-14T18:17:05.123", "vulnStatus": "Analyzed", "descriptions": [ { @@ -65,7 +65,7 @@ "description": [ { "lang": "en", - "value": "CWE-203" + "value": "CWE-697" } ] }, diff --git a/CVE-2022/CVE-2022-393xx/CVE-2022-39313.json b/CVE-2022/CVE-2022-393xx/CVE-2022-39313.json index a5c037a34e0..028d4712970 100644 --- a/CVE-2022/CVE-2022-393xx/CVE-2022-39313.json +++ b/CVE-2022/CVE-2022-393xx/CVE-2022-39313.json @@ -2,7 +2,7 @@ "id": "CVE-2022-39313", "sourceIdentifier": "security-advisories@github.com", "published": "2022-10-24T14:15:51.333", - "lastModified": "2022-10-24T18:26:33.530", + "lastModified": "2023-07-14T19:01:41.983", "vulnStatus": "Analyzed", "descriptions": [ { @@ -65,7 +65,7 @@ "description": [ { "lang": "en", - "value": "CWE-20" + "value": "CWE-1284" } ] }, diff --git a/CVE-2022/CVE-2022-393xx/CVE-2022-39315.json b/CVE-2022/CVE-2022-393xx/CVE-2022-39315.json index 3e3951b633d..e080c810526 100644 --- a/CVE-2022/CVE-2022-393xx/CVE-2022-39315.json +++ b/CVE-2022/CVE-2022-393xx/CVE-2022-39315.json @@ -2,7 +2,7 @@ "id": "CVE-2022-39315", "sourceIdentifier": "security-advisories@github.com", "published": "2022-10-25T17:15:55.887", - "lastModified": "2022-10-26T00:50:20.573", + "lastModified": "2023-07-14T18:59:52.990", "vulnStatus": "Analyzed", "descriptions": [ { @@ -65,7 +65,7 @@ "description": [ { "lang": "en", - "value": "CWE-668" + "value": "CWE-209" } ] }, diff --git a/CVE-2022/CVE-2022-393xx/CVE-2022-39329.json b/CVE-2022/CVE-2022-393xx/CVE-2022-39329.json index f206c946012..b2c3f480315 100644 --- a/CVE-2022/CVE-2022-393xx/CVE-2022-39329.json +++ b/CVE-2022/CVE-2022-393xx/CVE-2022-39329.json @@ -2,7 +2,7 @@ "id": "CVE-2022-39329", "sourceIdentifier": "security-advisories@github.com", "published": "2022-10-27T14:15:11.390", - "lastModified": "2022-10-31T17:37:42.867", + "lastModified": "2023-07-14T18:53:30.793", "vulnStatus": "Analyzed", "descriptions": [ { @@ -61,7 +61,7 @@ "description": [ { "lang": "en", - "value": "CWE-863" + "value": "CWE-862" } ] }, diff --git a/CVE-2022/CVE-2022-398xx/CVE-2022-39878.json b/CVE-2022/CVE-2022-398xx/CVE-2022-39878.json index a3a35d46602..0727289d79d 100644 --- a/CVE-2022/CVE-2022-398xx/CVE-2022-39878.json +++ b/CVE-2022/CVE-2022-398xx/CVE-2022-39878.json @@ -2,7 +2,7 @@ "id": "CVE-2022-39878", "sourceIdentifier": "mobile.security@samsung.com", "published": "2022-10-07T15:15:23.963", - "lastModified": "2022-10-11T17:04:40.597", + "lastModified": "2023-07-14T18:13:08.473", "vulnStatus": "Analyzed", "descriptions": [ { @@ -65,7 +65,7 @@ "description": [ { "lang": "en", - "value": "NVD-CWE-noinfo" + "value": "NVD-CWE-Other" } ] }, diff --git a/CVE-2022/CVE-2022-39xx/CVE-2022-3923.json b/CVE-2022/CVE-2022-39xx/CVE-2022-3923.json index 4a8ff9aca75..75e01150704 100644 --- a/CVE-2022/CVE-2022-39xx/CVE-2022-3923.json +++ b/CVE-2022/CVE-2022-39xx/CVE-2022-3923.json @@ -2,7 +2,7 @@ "id": "CVE-2022-3923", "sourceIdentifier": "contact@wpscan.com", "published": "2023-01-09T23:15:26.997", - "lastModified": "2023-01-13T06:51:45.560", + "lastModified": "2023-07-14T19:23:05.777", "vulnStatus": "Analyzed", "descriptions": [ { @@ -36,8 +36,18 @@ }, "weaknesses": [ { - "source": "contact@wpscan.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + }, + { + "source": "contact@wpscan.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-39xx/CVE-2022-3994.json b/CVE-2022/CVE-2022-39xx/CVE-2022-3994.json index 0783f8a033f..6649fca52e1 100644 --- a/CVE-2022/CVE-2022-39xx/CVE-2022-3994.json +++ b/CVE-2022/CVE-2022-39xx/CVE-2022-3994.json @@ -2,7 +2,7 @@ "id": "CVE-2022-3994", "sourceIdentifier": "contact@wpscan.com", "published": "2023-01-02T22:15:15.760", - "lastModified": "2023-01-09T18:23:11.887", + "lastModified": "2023-07-14T19:22:58.840", "vulnStatus": "Analyzed", "descriptions": [ { @@ -36,8 +36,18 @@ }, "weaknesses": [ { - "source": "contact@wpscan.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, + { + "source": "contact@wpscan.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-40xx/CVE-2022-4057.json b/CVE-2022/CVE-2022-40xx/CVE-2022-4057.json index 12288a7dab1..1c121f40241 100644 --- a/CVE-2022/CVE-2022-40xx/CVE-2022-4057.json +++ b/CVE-2022/CVE-2022-40xx/CVE-2022-4057.json @@ -2,7 +2,7 @@ "id": "CVE-2022-4057", "sourceIdentifier": "contact@wpscan.com", "published": "2023-01-02T22:15:15.890", - "lastModified": "2023-01-09T18:18:26.730", + "lastModified": "2023-07-14T19:23:02.393", "vulnStatus": "Analyzed", "descriptions": [ { @@ -36,8 +36,18 @@ }, "weaknesses": [ { - "source": "contact@wpscan.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-425" + } + ] + }, + { + "source": "contact@wpscan.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-12xx/CVE-2023-1298.json b/CVE-2023/CVE-2023-12xx/CVE-2023-1298.json index 62c922bbfaa..3b95040abcf 100644 --- a/CVE-2023/CVE-2023-12xx/CVE-2023-1298.json +++ b/CVE-2023/CVE-2023-12xx/CVE-2023-1298.json @@ -2,8 +2,8 @@ "id": "CVE-2023-1298", "sourceIdentifier": "psirt@servicenow.com", "published": "2023-07-06T18:15:10.497", - "lastModified": "2023-07-07T18:15:09.607", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T19:51:07.543", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "psirt@servicenow.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "psirt@servicenow.com", "type": "Secondary", @@ -46,14 +76,295 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1:*:*:*:*:*:*", + "matchCriteriaId": "71A44062-D94F-4246-A218-33AD4C43C7FF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1:*:*:*:*:*:*", + "matchCriteriaId": "6A4ABAF4-C84B-4E7B-A156-24640B7D56EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1a:*:*:*:*:*:*", + "matchCriteriaId": "2855AE65-1B96-4537-BB6E-7659114955EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1b:*:*:*:*:*:*", + "matchCriteriaId": "63725CBE-34A5-4B9E-BA8E-32E66B89C646" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_2:*:*:*:*:*:*", + "matchCriteriaId": "8B2DC45C-17A0-4D92-AB29-3497DA43707E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_2_hotfix_1:*:*:*:*:*:*", + "matchCriteriaId": "F2822278-2089-4F78-86EE-D63A9516B5A5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3:*:*:*:*:*:*", + "matchCriteriaId": "49444E5E-0AB7-4083-8663-089955134AA7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_1:*:*:*:*:*:*", + "matchCriteriaId": "8B5E2C3D-F838-48E0-8135-455AF964221D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_2:*:*:*:*:*:*", + "matchCriteriaId": "2494C288-83E1-48DF-9661-540B26C9137E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_3:*:*:*:*:*:*", + "matchCriteriaId": "815997A7-39CB-4C78-B776-54DECE294AA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_4:*:*:*:*:*:*", + "matchCriteriaId": "DE7FDD4B-163B-462A-A80C-454F5040FF90" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4:*:*:*:*:*:*", + "matchCriteriaId": "FB55D9E6-FD9C-48A8-800D-10C665120792" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4a:*:*:*:*:*:*", + "matchCriteriaId": "D481F300-EDF4-4E22-B865-F3AAFCE27692" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4b:*:*:*:*:*:*", + "matchCriteriaId": "311B0413-3771-4CAF-9A14-0726B2923A76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_5:*:*:*:*:*:*", + "matchCriteriaId": "E74913AB-25EE-4F18-B2FA-5C261D7ADE25" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_6:*:*:*:*:*:*", + "matchCriteriaId": "5C99222F-B676-471F-8E44-707024B2B097" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7:*:*:*:*:*:*", + "matchCriteriaId": "276A7ABE-2437-455C-9C5B-C05CAAC183A5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7_hotfix_1:*:*:*:*:*:*", + "matchCriteriaId": "5719FE4C-B14A-4A68-8C0F-D9BBA8123056" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7_hotfix_2:*:*:*:*:*:*", + "matchCriteriaId": "2FDD5B2E-8FFF-45A4-BAF4-2091F59ED199" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7_hottix_3:*:*:*:*:*:*", + "matchCriteriaId": "6DA812CC-CF9F-4642-873F-8C0F8DEF9534" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7a:*:*:*:*:*:*", + "matchCriteriaId": "05C37C8D-C08F-49E4-BD57-03B61DA4D3BD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7b:*:*:*:*:*:*", + "matchCriteriaId": "F2371A53-1D57-4508-B18A-4FBA0288CF7B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_8:*:*:*:*:*:*", + "matchCriteriaId": "BB9E765B-C094-4FC4-B9E3-0732F24C10D8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_8_hotfix_1:*:*:*:*:*:*", + "matchCriteriaId": "406329D1-A894-4D98-BCC0-DFAF25B811DC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_8_hotfix_2:*:*:*:*:*:*", + "matchCriteriaId": "BD9DC522-29A8-457F-AC76-9DD53DCDE80E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_9:*:*:*:*:*:*", + "matchCriteriaId": "9D6F99C1-F264-4592-AD5F-9A7B04F9D7F3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_9a:*:*:*:*:*:*", + "matchCriteriaId": "3CD6BD0F-4AC7-4F01-A29C-C94B50BE3B4C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_9a_hotfix_1:*:*:*:*:*:*", + "matchCriteriaId": "379C71B7-CEB3-43B0-B48E-062C6622B19C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_9b:*:*:*:*:*:*", + "matchCriteriaId": "FE62CA6A-14A9-4FB8-80A3-BE8EFF14587B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:-:*:*:*:*:*:*", + "matchCriteriaId": "4332BE18-DA60-4921-A9DF-C434AB32839B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_1:*:*:*:*:*:*", + "matchCriteriaId": "09179BB2-B8D4-4FF9-925E-B5B259EFDF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_1_hotfix_1:*:*:*:*:*:*", + "matchCriteriaId": "B328AB49-9C8F-4A0E-86C7-76071156EDAA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_1a:*:*:*:*:*:*", + "matchCriteriaId": "25F6EDF2-EC52-4821-80A7-1B7DB55CD5FC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_1b:*:*:*:*:*:*", + "matchCriteriaId": "634CC5CF-5883-44A9-86D9-7DFEADCB4AC0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_2:*:*:*:*:*:*", + "matchCriteriaId": "F5DD8964-4A2D-4CE8-9C45-58E20DB30964" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_2_hotfix_1:*:*:*:*:*:*", + "matchCriteriaId": "5A964834-0D6A-4E63-8A7A-F4B5DF2C1AAD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_2_hotfix_2:*:*:*:*:*:*", + "matchCriteriaId": "EFEE723D-8418-448A-9005-212B8BDB2C05" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_2_hotfix_3:*:*:*:*:*:*", + "matchCriteriaId": "487E9543-6417-4915-A884-20C4BF457543" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_2_hotfix_4:*:*:*:*:*:*", + "matchCriteriaId": "E9338643-E8E2-494E-841D-A2756A4A8EAB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_3:*:*:*:*:*:*", + "matchCriteriaId": "FDDF1F29-9BF2-4F82-B375-8BC4E38E6D2D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_3_hotfix_1:*:*:*:*:*:*", + "matchCriteriaId": "853308FF-6FE0-480E-8B7A-05C4723FB08A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_3_hotfix_2:*:*:*:*:*:*", + "matchCriteriaId": "2AE7A9ED-6C15-436D-8CB5-A557BE6064D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_3_hotfix_3:*:*:*:*:*:*", + "matchCriteriaId": "9972BE30-D7DE-4687-BC1D-867790D281A8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_3_hotfix_4:*:*:*:*:*:*", + "matchCriteriaId": "E26FD8E6-C762-4CE1-8B90-7BCBBC372ADA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_4:*:*:*:*:*:*", + "matchCriteriaId": "F76C3CB6-D1DF-433B-ADA8-E1751DCA4FE7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_4_hotfix_2:*:*:*:*:*:*", + "matchCriteriaId": "C93D663E-D0B4-4EC0-AD81-4932F96E4621" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_4_hotfix_3:*:*:*:*:*:*", + "matchCriteriaId": "38A222AD-CBCC-4AF5-B9F1-ABA8447BE504" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_4a:*:*:*:*:*:*", + "matchCriteriaId": "C3B9F3D7-B59B-489F-B3E2-F003F57A07B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_4a_hotfix_1:*:*:*:*:*:*", + "matchCriteriaId": "4BB5A2D5-2556-4C7E-BE38-1DD27AF64433" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_5:*:*:*:*:*:*", + "matchCriteriaId": "5536AF08-999A-44DC-B9FB-C3FE19D7FA82" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_5_hotfix_1:*:*:*:*:*:*", + "matchCriteriaId": "4F3AAC35-A807-4F74-AB08-727DF5AA3AA2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_5_hotfix_2:*:*:*:*:*:*", + "matchCriteriaId": "AA79BA86-1A6D-4A59-85CB-9E5A807E220D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_5_hotfix_3:*:*:*:*:*:*", + "matchCriteriaId": "7F5A0D4A-2D44-428D-B571-D224029C77EB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch1:*:*:*:*:*:*", + "matchCriteriaId": "A2D3CBD5-6241-4DA1-9D98-FA6076ACD696" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1310230", - "source": "psirt@servicenow.com" - }, - { - "url": "https://www.linkedin.com/in/osamay/", - "source": "psirt@servicenow.com" + "source": "psirt@servicenow.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-20xx/CVE-2023-2029.json b/CVE-2023/CVE-2023-20xx/CVE-2023-2029.json index 85cd3d3dc5e..a31146770b8 100644 --- a/CVE-2023/CVE-2023-20xx/CVE-2023-2029.json +++ b/CVE-2023/CVE-2023-20xx/CVE-2023-2029.json @@ -2,15 +2,38 @@ "id": "CVE-2023-2029", "sourceIdentifier": "contact@wpscan.com", "published": "2023-07-10T16:15:50.930", - "lastModified": "2023-07-10T16:27:17.833", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T18:50:07.637", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The PrePost SEO WordPress plugin through 3.0 does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting (XSS) attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,10 +46,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:enzipe:prepost_seo:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.0", + "matchCriteriaId": "05D9F264-CBB4-4A73-A083-6F0B53280346" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/4889ad5a-c8c4-4958-b176-64560490497b", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-214xx/CVE-2023-21400.json b/CVE-2023/CVE-2023-214xx/CVE-2023-21400.json index d24dd84c11a..6074b1b1f22 100644 --- a/CVE-2023/CVE-2023-214xx/CVE-2023-21400.json +++ b/CVE-2023/CVE-2023-214xx/CVE-2023-21400.json @@ -2,7 +2,7 @@ "id": "CVE-2023-21400", "sourceIdentifier": "security@android.com", "published": "2023-07-13T00:15:24.340", - "lastModified": "2023-07-13T08:32:09.673", + "lastModified": "2023-07-14T21:15:08.753", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -12,6 +12,10 @@ ], "metrics": {}, "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/07/14/2", + "source": "security@android.com" + }, { "url": "https://source.android.com/security/bulletin/pixel/2023-07-01", "source": "security@android.com" diff --git a/CVE-2023/CVE-2023-248xx/CVE-2023-24896.json b/CVE-2023/CVE-2023-248xx/CVE-2023-24896.json new file mode 100644 index 00000000000..a61d2859944 --- /dev/null +++ b/CVE-2023/CVE-2023-248xx/CVE-2023-24896.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-24896", + "sourceIdentifier": "secure@microsoft.com", + "published": "2023-07-14T18:15:09.477", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Dynamics 365 Finance Spoofing Vulnerability" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@microsoft.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24896", + "source": "secure@microsoft.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-289xx/CVE-2023-28985.json b/CVE-2023/CVE-2023-289xx/CVE-2023-28985.json index 5f3ba00da77..3d60019954e 100644 --- a/CVE-2023/CVE-2023-289xx/CVE-2023-28985.json +++ b/CVE-2023/CVE-2023-289xx/CVE-2023-28985.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28985", "sourceIdentifier": "sirt@juniper.net", "published": "2023-07-14T17:15:09.050", - "lastModified": "2023-07-14T17:15:09.050", - "vulnStatus": "Received", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-29xx/CVE-2023-2964.json b/CVE-2023/CVE-2023-29xx/CVE-2023-2964.json index 1aee53758f7..644d3d9db78 100644 --- a/CVE-2023/CVE-2023-29xx/CVE-2023-2964.json +++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2964.json @@ -2,15 +2,38 @@ "id": "CVE-2023-2964", "sourceIdentifier": "contact@wpscan.com", "published": "2023-07-10T16:15:51.700", - "lastModified": "2023-07-10T16:27:17.833", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T18:24:05.810", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Simple Iframe WordPress plugin before 1.2.0 does not properly validate one of its WordPress block attribute's content, which may allow users whose role is at least that of a contributor to conduct Stored Cross-Site Scripting attacks." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,10 +46,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:simple_iframe_project:simple_iframe:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.2.0", + "matchCriteriaId": "D7C53502-FFD5-405C-8D6B-31FA232A551E" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/97aac334-5323-41bb-90f0-d180bcc9162f", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-306xx/CVE-2023-30671.json b/CVE-2023/CVE-2023-306xx/CVE-2023-30671.json index 813b095f75a..28cc86dfbd0 100644 --- a/CVE-2023/CVE-2023-306xx/CVE-2023-30671.json +++ b/CVE-2023/CVE-2023-306xx/CVE-2023-30671.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30671", "sourceIdentifier": "mobile.security@samsung.com", "published": "2023-07-06T03:15:11.840", - "lastModified": "2023-07-06T11:55:38.310", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T19:23:58.567", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -46,10 +76,170 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12" + } + ] + } + ] + } + ], "references": [ { "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=07", - "source": "mobile.security@samsung.com" + "source": "mobile.security@samsung.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-306xx/CVE-2023-30672.json b/CVE-2023/CVE-2023-306xx/CVE-2023-30672.json index 3c4bafc4033..cd2937ca2f6 100644 --- a/CVE-2023/CVE-2023-306xx/CVE-2023-30672.json +++ b/CVE-2023/CVE-2023-306xx/CVE-2023-30672.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30672", "sourceIdentifier": "mobile.security@samsung.com", "published": "2023-07-06T03:15:11.923", - "lastModified": "2023-07-06T11:55:38.310", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T19:57:27.223", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:samsung:smart_switch_pc:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.3.23043_3", + "matchCriteriaId": "F9C70742-6A8D-4DDB-BADF-DF57D5A805C2" + } + ] + } + ] + } + ], "references": [ { "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=07", - "source": "mobile.security@samsung.com" + "source": "mobile.security@samsung.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-306xx/CVE-2023-30673.json b/CVE-2023/CVE-2023-306xx/CVE-2023-30673.json index 9a77185ee63..2a1099b9755 100644 --- a/CVE-2023/CVE-2023-306xx/CVE-2023-30673.json +++ b/CVE-2023/CVE-2023-306xx/CVE-2023-30673.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30673", "sourceIdentifier": "mobile.security@samsung.com", "published": "2023-07-06T03:15:12.003", - "lastModified": "2023-07-06T11:55:38.310", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T19:57:46.030", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-354" + } + ] + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:samsung:smart_switch_pc:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.3.23052_1", + "matchCriteriaId": "03424214-C0FA-44B9-9DF7-4F5C772B778D" + } + ] + } + ] + } + ], "references": [ { "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=07", - "source": "mobile.security@samsung.com" + "source": "mobile.security@samsung.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-320xx/CVE-2023-32052.json b/CVE-2023/CVE-2023-320xx/CVE-2023-32052.json index 0e6ab561463..f9eeda525a6 100644 --- a/CVE-2023/CVE-2023-320xx/CVE-2023-32052.json +++ b/CVE-2023/CVE-2023-320xx/CVE-2023-32052.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32052", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:13.607", - "lastModified": "2023-07-13T19:59:35.150", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-14T18:15:09.590", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Microsoft Power Apps Spoofing Vulnerability" + "value": "Microsoft Power Apps (online) Spoofing Vulnerability" } ], "metrics": { diff --git a/CVE-2023/CVE-2023-325xx/CVE-2023-32569.json b/CVE-2023/CVE-2023-325xx/CVE-2023-32569.json index eba54853951..ca0d895bf4f 100644 --- a/CVE-2023/CVE-2023-325xx/CVE-2023-32569.json +++ b/CVE-2023/CVE-2023-325xx/CVE-2023-32569.json @@ -2,12 +2,12 @@ "id": "CVE-2023-32569", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-10T05:15:12.103", - "lastModified": "2023-05-16T20:13:37.477", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-14T19:15:09.007", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. The InfoScale VIOM web application is vulnerable to SQL Injection in some of the areas of the application. This allows attackers to submit arbitrary SQL commands on the back-end database to create, read, update, or delete any sensitive data stored in the database." + "value": "An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. The InfoScale VIOM web application is vulnerable to SQL Injection in some of the areas of the application. This allows attackers (who must have admin credentials) to submit arbitrary SQL commands on the back-end database to create, read, update, or delete any sensitive data stored in the database." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-327xx/CVE-2023-32759.json b/CVE-2023/CVE-2023-327xx/CVE-2023-32759.json new file mode 100644 index 00000000000..2a1659103c6 --- /dev/null +++ b/CVE-2023/CVE-2023-327xx/CVE-2023-32759.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-32759", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-14T18:15:09.700", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue in Archer Platform before v.6.13 and fixed in 6.12.0.6 and 6.13.0 allows an authenticated attacker to obtain sensitive information via a crafted URL." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://www.archerirm.community/t5/product-advisories/archer-announces-availability-of-archer-release-6-13/ta-p/697821", + "source": "cve@mitre.org" + }, + { + "url": "https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/702362", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-327xx/CVE-2023-32760.json b/CVE-2023/CVE-2023-327xx/CVE-2023-32760.json new file mode 100644 index 00000000000..20484eda046 --- /dev/null +++ b/CVE-2023/CVE-2023-327xx/CVE-2023-32760.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-32760", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-14T18:15:09.787", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to obtain sensitive information via API calls related to data feeds and data publication." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.7, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.3, + "impactScore": 5.8 + } + ] + }, + "references": [ + { + "url": "https://www.archerirm.community/t5/product-advisories/archer-announces-availability-of-archer-release-6-13/ta-p/697821", + "source": "cve@mitre.org" + }, + { + "url": "https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/702362", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-327xx/CVE-2023-32761.json b/CVE-2023/CVE-2023-327xx/CVE-2023-32761.json new file mode 100644 index 00000000000..48a461a1044 --- /dev/null +++ b/CVE-2023/CVE-2023-327xx/CVE-2023-32761.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-32761", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-14T18:15:09.897", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Request Forgery (CSRF) vulnerability in Archer Platform before v.6.13 and fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to execute arbitrary code via a crafted request." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + } + ] + }, + "references": [ + { + "url": "https://www.archerirm.community/t5/product-advisories/archer-announces-availability-of-archer-release-6-13/ta-p/697821", + "source": "cve@mitre.org" + }, + { + "url": "https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/702362", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3433.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3433.json index 90068e54364..8e282d45acc 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3433.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3433.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3433", "sourceIdentifier": "cves@blacklanternsecurity.com", "published": "2023-07-14T13:15:09.253", - "lastModified": "2023-07-14T13:15:09.253", - "vulnStatus": "Received", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3434.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3434.json index cbffe216cc6..79a38d7649e 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3434.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3434.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3434", "sourceIdentifier": "cves@blacklanternsecurity.com", "published": "2023-07-14T13:15:09.363", - "lastModified": "2023-07-14T13:15:09.363", - "vulnStatus": "Received", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35116.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35116.json index 2f309be3f07..b21249f0ea3 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35116.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35116.json @@ -2,7 +2,7 @@ "id": "CVE-2023-35116", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-14T14:15:10.960", - "lastModified": "2023-07-13T16:45:46.763", + "lastModified": "2023-07-14T18:52:52.437", "vulnStatus": "Analyzed", "descriptions": [ { @@ -41,7 +41,7 @@ "description": [ { "lang": "en", - "value": "CWE-502" + "value": "CWE-770" } ] } diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35318.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35318.json index 6b706ebe778..cc883650949 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35318.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35318.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35318", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:17.577", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:42:40.967", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -31,13 +31,138 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.6 + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20048", + "matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6085", + "matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4645", + "matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19041.3208", + "matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3208", + "matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2176", + "matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.1992", + "matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35318", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35319.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35319.json index cb7a230699e..c75b2143bb7 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35319.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35319.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35319", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:17.633", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:42:45.677", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -31,13 +31,138 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.6 + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20048", + "matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6085", + "matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4645", + "matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19041.3208", + "matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3208", + "matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2176", + "matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.1992", + "matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35319", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35320.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35320.json index 2a8bb2233d1..181cbde7fdc 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35320.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35320.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35320", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:17.690", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:42:22.277", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,89 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6085", + "matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4645", + "matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19041.3208", + "matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3208", + "matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2176", + "matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.1992", + "matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35320", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35321.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35321.json index c4cc35b61a9..836a7e9cf04 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35321.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35321.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35321", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:17.747", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:42:13.183", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -31,13 +31,96 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.6 + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35321", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35322.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35322.json index 5d91826e8e6..65b469c6651 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35322.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35322.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35322", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:17.797", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:41:54.460", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,73 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35322", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35323.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35323.json index 5b9798b4266..39a362d0744 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35323.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35323.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35323", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:17.857", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:41:47.193", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,49 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2176", + "matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35323", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35324.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35324.json index c0e4ff74f90..eeea8d56d3d 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35324.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35324.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35324", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:17.907", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:41:35.210", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,105 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20048", + "matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6085", + "matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4645", + "matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19041.3208", + "matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3208", + "matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2176", + "matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.1992", + "matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35324", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35325.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35325.json index 1e225f47e78..94e30475b4d 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35325.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35325.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35325", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:17.967", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:41:24.810", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,105 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20048", + "matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6085", + "matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4645", + "matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19041.3208", + "matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3208", + "matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2176", + "matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.1992", + "matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35325", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35326.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35326.json index 89f2d98d599..78cbff3ad09 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35326.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35326.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35326", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:18.023", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:41:09.940", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,78 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4645", + "matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19041.3208", + "matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3208", + "matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2176", + "matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.1992", + "matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35326", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35328.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35328.json index fe8e4712979..d13d504ced1 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35328.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35328.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35328", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:18.083", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:40:47.063", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,115 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20048", + "matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6085", + "matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4645", + "matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19041.3208", + "matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3208", + "matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2176", + "matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.1992", + "matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35328", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35329.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35329.json index d2d029a2094..1e2c413dacb 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35329.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35329.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35329", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:18.140", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:40:57.750", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,105 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20048", + "matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6085", + "matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4645", + "matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19041.3208", + "matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3208", + "matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2176", + "matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.1992", + "matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35329", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35330.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35330.json index 755fda65d5a..dac5f10ae6d 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35330.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35330.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35330", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:18.193", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:40:26.077", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,110 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20048", + "matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6085", + "matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4645", + "matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19041.3208", + "matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3208", + "matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2176", + "matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.1992", + "matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35330", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35331.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35331.json index ce5a7c5960f..bbc91a5e3e1 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35331.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35331.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35331", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:18.250", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:40:16.377", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,63 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35331", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35332.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35332.json index dc33670857e..d79fe2f1fa2 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35332.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35332.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35332", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:18.307", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:40:10.260", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,110 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20048", + "matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6085", + "matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4645", + "matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19041.3208", + "matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3208", + "matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2176", + "matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.1992", + "matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35332", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35333.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35333.json index 8b27da01b49..9b3d36ac185 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35333.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35333.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35333", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:18.360", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:40:01.480", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", @@ -34,10 +54,44 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:pandocupload:*:*:*:*:*:mediawiki:*:*", + "versionEndExcluding": "1.0.1", + "matchCriteriaId": "DAD6EF21-122B-4077-A09F-0063D1BB2551" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35333", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35335.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35335.json index b0daf3d77df..773d32e46c7 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35335.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35335.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35335", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:18.417", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:39:50.220", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,52 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:dynamics_365:*:*:*:*:on-premises:*:*:*", + "versionStartIncluding": "9.0", + "versionEndExcluding": "9.0.47.08", + "matchCriteriaId": "B2B2E5CF-A3F4-4CA5-9B4E-295E723B3148" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:dynamics_365:*:*:*:*:on-premises:*:*:*", + "versionStartIncluding": "9.1", + "versionEndExcluding": "9.1.18.22", + "matchCriteriaId": "1D09C206-3776-4051-A907-6B8DD79213D5" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35335", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35336.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35336.json index ef91e46f9b9..20b8965f930 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35336.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35336.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35336", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:18.470", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:39:41.190", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", @@ -34,10 +54,100 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20048", + "matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6085", + "matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4645", + "matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19041.3208", + "matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3208", + "matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2176", + "matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.1992", + "matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35336", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35337.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35337.json index cdee5b6bd51..ea59e72120e 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35337.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35337.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35337", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:18.523", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:39:30.837", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,67 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19041.3208", + "matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3208", + "matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2176", + "matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.1992", + "matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35337", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35338.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35338.json index 924b1335705..372a68846e2 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35338.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35338.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35338", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:18.583", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:39:22.753", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,115 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20048", + "matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6085", + "matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4645", + "matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19041.3208", + "matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3208", + "matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2176", + "matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.1992", + "matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35338", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35339.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35339.json index 40d9d814dd5..f2754972f4b 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35339.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35339.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35339", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:18.637", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:39:16.953", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,95 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20048", + "matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6085", + "matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4645", + "matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19041.3208", + "matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3208", + "matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2176", + "matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.1992", + "matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35339", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35340.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35340.json index 0919c26221e..c10b05c2194 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35340.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35340.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35340", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:18.687", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:46:52.787", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,115 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20048", + "matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6085", + "matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4645", + "matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19041.3208", + "matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3208", + "matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2176", + "matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.1992", + "matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35340", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35341.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35341.json index 996e1838169..08c6e94919f 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35341.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35341.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35341", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:18.743", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:47:05.550", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", @@ -34,10 +54,110 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20048", + "matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6085", + "matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4645", + "matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19041.3208", + "matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3208", + "matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2176", + "matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.1992", + "matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35341", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35346.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35346.json index ea2a60693d6..85936890c7b 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35346.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35346.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35346", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:19.017", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:46:36.847", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,73 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-362" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35346", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35347.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35347.json index 681bbb641af..a31b9df41e3 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35347.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35347.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35347", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:19.073", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:46:19.077", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,67 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19041.3208", + "matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3208", + "matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2176", + "matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.1992", + "matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35347", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35348.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35348.json index 2330328da08..93194135391 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35348.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35348.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35348", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:19.137", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:46:08.043", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -17,27 +17,70 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", - "attackVector": "LOCAL", - "attackComplexity": "HIGH", - "privilegesRequired": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.5, - "baseSeverity": "HIGH" + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" }, - "exploitabilityScore": 0.8, - "impactScore": 6.0 + "exploitabilityScore": 2.8, + "impactScore": 3.6 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35348", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35350.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35350.json index dbb825b47d2..e0ae81b5bca 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35350.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35350.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35350", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:19.197", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T21:43:59.697", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,73 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35350", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-356xx/CVE-2023-35692.json b/CVE-2023/CVE-2023-356xx/CVE-2023-35692.json index 3b648a2b949..a076ca9526d 100644 --- a/CVE-2023/CVE-2023-356xx/CVE-2023-35692.json +++ b/CVE-2023/CVE-2023-356xx/CVE-2023-35692.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35692", "sourceIdentifier": "security@android.com", "published": "2023-07-14T16:15:14.160", - "lastModified": "2023-07-14T16:15:14.160", - "vulnStatus": "Received", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35774.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35774.json index 808149be795..d79836ec981 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35774.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35774.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35774", "sourceIdentifier": "audit@patchstack.com", "published": "2023-07-11T09:15:09.783", - "lastModified": "2023-07-11T12:43:16.387", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T18:51:49.877", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lws:lws_tools:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.4.2", + "matchCriteriaId": "C023683B-CE56-4904-903C-58FB9E5C2D62" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/lws-tools/wordpress-lws-tools-plugin-2-4-1-multiple-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35781.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35781.json index 7f54a2d5c09..af70ec29369 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35781.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35781.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35781", "sourceIdentifier": "audit@patchstack.com", "published": "2023-07-11T08:15:10.900", - "lastModified": "2023-07-11T12:43:16.387", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T19:01:44.697", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lws:lws_cleaner:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.3.1", + "matchCriteriaId": "4B1D24AB-21AB-4F9B-AD01-8A63E8B4ED0F" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/lws-cleaner/wordpress-lws-cleaner-plugin-2-3-0-multiple-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-359xx/CVE-2023-35913.json b/CVE-2023/CVE-2023-359xx/CVE-2023-35913.json index 5f797dd126e..6020fe0f928 100644 --- a/CVE-2023/CVE-2023-359xx/CVE-2023-35913.json +++ b/CVE-2023/CVE-2023-359xx/CVE-2023-35913.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35913", "sourceIdentifier": "audit@patchstack.com", "published": "2023-07-11T09:15:09.847", - "lastModified": "2023-07-11T12:43:16.387", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T18:53:49.027", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oopspam:oopspam_anti-spam:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.1.45", + "matchCriteriaId": "0B0B43DF-DF81-47E0-BD8B-FBCAD9EFB692" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/oopspam-anti-spam/wordpress-oopspam-anti-spam-plugin-1-1-44-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-35xx/CVE-2023-3528.json b/CVE-2023/CVE-2023-35xx/CVE-2023-3528.json index 9d88c05cc68..1d046ade2f5 100644 --- a/CVE-2023/CVE-2023-35xx/CVE-2023-3528.json +++ b/CVE-2023/CVE-2023-35xx/CVE-2023-3528.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3528", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-06T18:15:17.877", - "lastModified": "2023-07-07T12:50:30.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T19:50:35.807", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,14 +93,37 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:thinutech:thinu-cms:1.5:*:*:*:*:*:*:*", + "matchCriteriaId": "403A6EB1-58FA-4F4A-9D85-E1CCFC189BE6" + } + ] + } + ] + } + ], "references": [ { "url": "https://vuldb.com/?ctiid.233252", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.233252", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-361xx/CVE-2023-36119.json b/CVE-2023/CVE-2023-361xx/CVE-2023-36119.json index 083033b1d4e..5cda97fd438 100644 --- a/CVE-2023/CVE-2023-361xx/CVE-2023-36119.json +++ b/CVE-2023/CVE-2023-361xx/CVE-2023-36119.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36119", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-14T15:15:08.853", - "lastModified": "2023-07-14T15:15:08.853", - "vulnStatus": "Received", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-363xx/CVE-2023-36376.json b/CVE-2023/CVE-2023-363xx/CVE-2023-36376.json index 632589bb2b3..7b1361314cd 100644 --- a/CVE-2023/CVE-2023-363xx/CVE-2023-36376.json +++ b/CVE-2023/CVE-2023-363xx/CVE-2023-36376.json @@ -2,23 +2,82 @@ "id": "CVE-2023-36376", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-10T16:15:53.307", - "lastModified": "2023-07-10T16:27:17.833", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T18:03:54.167", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Scripting (XSS) vulnerability in Hostel Management System v.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the add course section." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hostel_management_system_project:hostel_management_system:2.1:*:*:*:*:*:*:*", + "matchCriteriaId": "FC64E15A-2ECC-4930-8FDB-20AC554E3336" + } + ] + } + ] + } + ], "references": [ { "url": "https://medium.com/@ridheshgohil1092/cve-2023-36376-xss-on-hostel-management-system-c6891993527", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://packetstormsecurity.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Not Applicable" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-364xx/CVE-2023-36459.json b/CVE-2023/CVE-2023-364xx/CVE-2023-36459.json index 0a6194192a7..86f29cc8e62 100644 --- a/CVE-2023/CVE-2023-364xx/CVE-2023-36459.json +++ b/CVE-2023/CVE-2023-364xx/CVE-2023-36459.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36459", "sourceIdentifier": "security-advisories@github.com", "published": "2023-07-06T19:15:10.727", - "lastModified": "2023-07-07T12:50:30.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T19:33:36.027", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,30 +66,82 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.3", + "versionEndExcluding": "3.5.9", + "matchCriteriaId": "B812C873-88F0-4897-B42C-A67FA6EBB394" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.0.0", + "versionEndExcluding": "4.0.5", + "matchCriteriaId": "51150E6A-F99E-4905-A464-2BAC2B1C36C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.1.0", + "versionEndExcluding": "4.1.3", + "matchCriteriaId": "8AB4CC5C-A9AE-4CD1-8912-B570E2F6E170" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/07/06/5", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://github.com/mastodon/mastodon/commit/6d8e0fae3e96f3cf4febe03fa7fcf5b95ff761b2", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch", + "Third Party Advisory" + ] }, { "url": "https://github.com/mastodon/mastodon/releases/tag/v3.5.9", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://github.com/mastodon/mastodon/releases/tag/v4.0.5", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://github.com/mastodon/mastodon/releases/tag/v4.1.3", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://github.com/mastodon/mastodon/security/advisories/GHSA-ccm4-vgcc-73hp", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-364xx/CVE-2023-36460.json b/CVE-2023/CVE-2023-364xx/CVE-2023-36460.json index 2915239e813..578bdb030f2 100644 --- a/CVE-2023/CVE-2023-364xx/CVE-2023-36460.json +++ b/CVE-2023/CVE-2023-364xx/CVE-2023-36460.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36460", "sourceIdentifier": "security-advisories@github.com", "published": "2023-07-06T19:15:10.807", - "lastModified": "2023-07-07T12:50:30.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T19:31:52.857", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.9, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.1, + "impactScore": 6.0 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,30 +66,82 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.5.0", + "versionEndExcluding": "3.5.9", + "matchCriteriaId": "7641D969-D695-41AF-B533-1847CAE25B35" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.0.0", + "versionEndExcluding": "4.0.5", + "matchCriteriaId": "51150E6A-F99E-4905-A464-2BAC2B1C36C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.1.0", + "versionEndExcluding": "4.1.3", + "matchCriteriaId": "8AB4CC5C-A9AE-4CD1-8912-B570E2F6E170" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/07/06/4", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://github.com/mastodon/mastodon/commit/dc8f1fbd976ae544720a4e07120d9a91b2722440", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch", + "Third Party Advisory" + ] }, { "url": "https://github.com/mastodon/mastodon/releases/tag/v3.5.9", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://github.com/mastodon/mastodon/releases/tag/v4.0.5", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://github.com/mastodon/mastodon/releases/tag/v4.1.3", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://github.com/mastodon/mastodon/security/advisories/GHSA-9928-3cp5-93fm", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-364xx/CVE-2023-36461.json b/CVE-2023/CVE-2023-364xx/CVE-2023-36461.json index b9e44ac52c8..901660e1a03 100644 --- a/CVE-2023/CVE-2023-364xx/CVE-2023-36461.json +++ b/CVE-2023/CVE-2023-364xx/CVE-2023-36461.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36461", "sourceIdentifier": "security-advisories@github.com", "published": "2023-07-06T19:15:10.880", - "lastModified": "2023-07-07T12:50:30.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-14T19:25:23.220", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,30 +66,81 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.5.9", + "matchCriteriaId": "CDD53D86-018D-4C06-94B3-36E2FDE03963" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.0.0", + "versionEndExcluding": "4.0.5", + "matchCriteriaId": "51150E6A-F99E-4905-A464-2BAC2B1C36C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.1.0", + "versionEndExcluding": "4.1.3", + "matchCriteriaId": "8AB4CC5C-A9AE-4CD1-8912-B570E2F6E170" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/07/06/7", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://github.com/mastodon/mastodon/commit/c5929798bf7e56cc2c79b15bed0c4692ded3dcb6", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch", + "Third Party Advisory" + ] }, { "url": "https://github.com/mastodon/mastodon/releases/tag/v3.5.9", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://github.com/mastodon/mastodon/releases/tag/v4.0.5", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://github.com/mastodon/mastodon/releases/tag/v4.1.3", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://github.com/mastodon/mastodon/security/advisories/GHSA-9pxv-6qvf-pjwc", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36831.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36831.json index 1db9d3db378..fc08f8ec075 100644 --- a/CVE-2023/CVE-2023-368xx/CVE-2023-36831.json +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36831.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36831", "sourceIdentifier": "sirt@juniper.net", "published": "2023-07-14T15:15:08.913", - "lastModified": "2023-07-14T15:15:08.913", - "vulnStatus": "Received", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36832.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36832.json index fe7d0fd8082..347866ee08c 100644 --- a/CVE-2023/CVE-2023-368xx/CVE-2023-36832.json +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36832.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36832", "sourceIdentifier": "sirt@juniper.net", "published": "2023-07-14T16:15:14.237", - "lastModified": "2023-07-14T16:15:14.237", - "vulnStatus": "Received", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36833.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36833.json index 352bfc9e791..17b490766d5 100644 --- a/CVE-2023/CVE-2023-368xx/CVE-2023-36833.json +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36833.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36833", "sourceIdentifier": "sirt@juniper.net", "published": "2023-07-14T17:15:09.133", - "lastModified": "2023-07-14T17:15:09.133", - "vulnStatus": "Received", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36834.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36834.json new file mode 100644 index 00000000000..93b7f890cc0 --- /dev/null +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36834.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-36834", + "sourceIdentifier": "sirt@juniper.net", + "published": "2023-07-14T18:15:10.057", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An Incomplete Internal State Distinction vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX 4600 and SRX 5000 Series allows an adjacent attacker to cause a Denial of Service (DoS).\n\nIf an SRX is configured in L2 transparent mode the receipt of a specific genuine packet can cause a single Packet Processing Engines (PPE) component of the PFE to run into a loop, which in turn will render the PPE unavailable. Each packet will cause one PPE to get into a loop, leading to a gradual performance degradation until all PPEs are unavailable and all traffic processing stops. To recover the affected FPC need to be restarted.\n\nThis issue affects Juniper Networks Junos OS on SRX 4600 and SRX 5000 Series:\n20.1 version 20.1R1 and later versions;\n20.2 versions prior to 20.2R3-S7;\n20.3 version 20.3R1 and later versions;\n20.4 versions prior to 20.4R3-S7;\n21.1 versions prior to 21.1R3-S5;\n21.2 versions prior to 21.2R3-S3;\n21.3 versions prior to 21.3R3-S3;\n21.4 versions prior to 21.4R3-S1;\n22.1 versions prior to 22.1R3;\n22.2 versions prior to 22.2R2;\n22.3 versions prior to 22.3R1-S1, 22.3R2.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "sirt@juniper.net", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "sirt@juniper.net", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-372" + } + ] + } + ], + "references": [ + { + "url": "https://supportportal.juniper.net/JSA71641", + "source": "sirt@juniper.net" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36835.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36835.json new file mode 100644 index 00000000000..86ec4e8ce1a --- /dev/null +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36835.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-36835", + "sourceIdentifier": "sirt@juniper.net", + "published": "2023-07-14T18:15:10.133", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX10000 Series allows a network based attacker to cause a Denial of Service (DoS).\n\nIf a specific valid IP packet is received and that packet needs to be routed over a VXLAN tunnel, this will result in a PFE wedge condition due to which traffic gets impacted. As this is not a crash and restart scenario, this condition will persist until the system is rebooted to recover.\n\nThis issue affects Juniper Networks Junos OS on QFX10000:\n20.3 version 20.3R1 and later versions;\n20.4 versions prior to 20.4R3-S5;\n21.1 versions prior to 21.1R3-S5;\n21.2 versions prior to 21.2R3-S5;\n21.3 versions prior to 21.3R3-S4;\n21.4 versions prior to 21.4R3-S1;\n22.1 versions prior to 22.1R3;\n22.2 versions prior to 22.2R2;\n22.3 versions prior to 22.3R1-S2, 22.3R2.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "sirt@juniper.net", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "sirt@juniper.net", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-754" + } + ] + } + ], + "references": [ + { + "url": "https://supportportal.juniper.net/JSA71642", + "source": "sirt@juniper.net" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36836.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36836.json new file mode 100644 index 00000000000..11055521c57 --- /dev/null +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36836.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-36836", + "sourceIdentifier": "sirt@juniper.net", + "published": "2023-07-14T18:15:10.213", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A Use of an Uninitialized Resource vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with low privileges to cause a Denial of Service (DoS).\n\nOn all Junos OS and Junos OS Evolved platforms, in a Multicast only Fast Reroute (MoFRR) scenario, the rpd process can crash when a a specific low privileged CLI command is executed. The rpd crash will impact all routing protocols until the process has automatically been restarted. As the operational state which makes this issue exploitable is outside the attackers control, this issue is considered difficult to exploit. Continued execution of this command will lead to a sustained DoS.\n\nThis issue affects:\nJuniper Networks Junos OS\n19.4 version 19.4R3-S5 and later versions prior to 19.4R3-S9;\n20.1 version 20.1R2 and later versions;\n20.2 versions prior to 20.2R3-S7;\n20.3 versions prior to 20.3R3-S5;\n20.4 versions prior to 20.4R3-S6;\n21.1 versions prior to 21.1R3-S4;\n21.2 versions prior to 21.2R3-S2;\n21.3 versions prior to 21.3R3-S1;\n21.4 versions prior to 21.4R3;\n22.1 versions prior to 22.1R1-S2, 22.1R2;\n22.2 versions prior to 22.2R2.\n\nJuniper Networks Junos OS Evolved\nAll versions prior to 20.4R3-S6-EVO;\n21.1-EVO version 21.1R1-EVO and later versions;\n21.2-EVO version 21.2R1-EVO and later versions;\n21.3-EVO versions prior to 21.3R3-S1-EVO;\n21.4-EVO versions prior to 21.4R3-EVO;\n22.1-EVO versions prior to 22.1R1-S2-EVO, 22.1R2-EVO;\n22.2-EVO versions prior to 22.2R2-EVO.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "sirt@juniper.net", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.0, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "sirt@juniper.net", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-908" + } + ] + } + ], + "references": [ + { + "url": "https://supportportal.juniper.net/JSA71643", + "source": "sirt@juniper.net" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36838.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36838.json index 425f707ae53..c8298ab0a0b 100644 --- a/CVE-2023/CVE-2023-368xx/CVE-2023-36838.json +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36838.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36838", "sourceIdentifier": "sirt@juniper.net", "published": "2023-07-14T17:15:09.210", - "lastModified": "2023-07-14T17:15:09.210", - "vulnStatus": "Received", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36840.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36840.json new file mode 100644 index 00000000000..53f349b6499 --- /dev/null +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36840.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-36840", + "sourceIdentifier": "sirt@juniper.net", + "published": "2023-07-14T18:15:10.290", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A Reachable Assertion vulnerability in Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows a locally-based, low-privileged attacker to cause a Denial of Service (DoS).\n\nOn all Junos OS and Junos OS Evolved, when a specific L2VPN command is run, RPD will crash and restart. Continued execution of this specific command will create a sustained Denial of Service (DoS) condition.\n\nThis issue affects:\nJuniper Networks Junos OS\nAll versions prior to 19.3R3-S10;\n20.1 versions prior to 20.1R3-S4;\n20.2 versions prior to 20.2R3-S6;\n20.3 versions prior to 20.3R3-S6;\n20.4 versions prior to 20.4R3-S5;\n21.1 versions prior to 21.1R3-S4;\n21.2 versions prior to 21.2R3-S3;\n21.3 versions prior to 21.3R3-S2;\n21.4 versions prior to 21.4R3;\n22.1 versions prior to 22.1R3;\n22.2 versions prior to 22.2R2;\n22.3 versions prior to 22.3R2;\n\nJuniper Networks Junos OS Evolved\nAll versions prior to 20.4R3-S7-EVO;\n21.1 versions prior to 21.1R3-S3-EVO;\n21.2 versions prior to 21.2R3-S5-EVO;\n21.3 versions prior to 21.3R3-S4-EVO;\n21.4 versions prior to 21.4R3-EVO;\n22.1 versions prior to 22.1R3-EVO;\n22.2 versions prior to 22.2R2-EVO;\n22.3 versions prior to 22.3R2-EVO;\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "sirt@juniper.net", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "sirt@juniper.net", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-617" + } + ] + } + ], + "references": [ + { + "url": "https://supportportal.juniper.net/JSA71647", + "source": "sirt@juniper.net" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36848.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36848.json new file mode 100644 index 00000000000..fbab0543bbf --- /dev/null +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36848.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-36848", + "sourceIdentifier": "sirt@juniper.net", + "published": "2023-07-14T18:15:10.370", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An Improper Handling of Undefined Values vulnerability in the periodic packet management daemon (PPMD) of Juniper Networks Junos OS on MX Series(except MPC10, MPC11 and LC9600) allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS).\n\nWhen a malformed CFM packet is received, it leads to an FPC crash. Continued receipt of these packets causes a sustained denial of service. This vulnerability occurs only when CFM has been configured on the interface.\n\nThis issue affects Juniper Networks Junos OS:\nversions prior to 19.1R3-S10 on MX Series;\n19.2 versions prior to 19.2R3-S7 on MX Series;\n19.3 versions prior to 19.3R3-S8 on MX Series;\n19.4 versions prior to 19.4R3-S12 on MX Series;\n20.1 version 20.1R1 and later versions on MX Series;\n20.2 versions prior to 20.2R3-S8 on MX Series;\n20.3 version 20.3R1 and later versions on MX Series;\n20.4 versions prior to 20.4R3-S7 on MX Series;\n21.1 versions prior to 21.1R3-S5 on MX Series;\n21.2 versions prior to 21.2R3-S5 on MX Series;\n21.3 versions prior to 21.3R3-S4 on MX Series;\n21.4 versions prior to 21.4R3-S4 on MX Series;\n22.1 versions prior to 22.1R3-S3 on MX Series;\n22.2 versions prior to 22.2R3-S1 on MX Series;\n22.3 versions prior to 22.3R3 on MX Series;\n22.4 versions prior to 22.4R1-S2, 22.4R2 on MX Series.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "sirt@juniper.net", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "sirt@juniper.net", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-232" + } + ] + } + ], + "references": [ + { + "url": "https://supportportal.juniper.net/JSA71659", + "source": "sirt@juniper.net" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36849.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36849.json new file mode 100644 index 00000000000..b7bc5f9eab6 --- /dev/null +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36849.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-36849", + "sourceIdentifier": "sirt@juniper.net", + "published": "2023-07-14T18:15:10.503", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An Improper Check or Handling of Exceptional Conditions vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS).\n\nWhen a malformed LLDP packet is received, l2cpd will crash and restart. The impact of the l2cpd crash is reinitialization of STP protocols (RSTP, MSTP or VSTP), and MVRP and ERP. Also, if any services depend on LLDP state (like PoE or VoIP device recognition), then these will also be affected. Continued receipt of such packets will lead to a sustained Denial of Service.\n\nThis issue affects:\nJuniper Networks Junos OS\n21.4 versions prior to 21.4R3-S3;\n22.1 versions prior to 22.1R3-S3;\n22.2 versions prior to 22.2R2-S1, 22.2R3;\n22.3 versions prior to 22.3R2.\n\nJuniper Networks Junos OS Evolved\n21.4-EVO versions prior to 21.4R3-S2-EVO;\n22.1-EVO versions prior to 22.1R3-S3-EVO;\n22.2-EVO versions prior to 22.2R2-S1-EVO, 22.2R3-EVO;\n22.3-EVO versions prior to 22.3R2-EVO.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "sirt@juniper.net", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "sirt@juniper.net", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-703" + } + ] + } + ], + "references": [ + { + "url": "https://supportportal.juniper.net/JSA71660", + "source": "sirt@juniper.net" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36850.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36850.json new file mode 100644 index 00000000000..832fe793bdf --- /dev/null +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36850.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-36850", + "sourceIdentifier": "sirt@juniper.net", + "published": "2023-07-14T19:15:09.093", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Connectivity Fault Management(CFM) module of Juniper Networks Junos OS on MX Series(except MPC10, MPC11 and LC9600) allows an adjacent attacker on the local broadcast domain to cause a Denial of Service(DoS).\n\nUpon receiving a malformed CFM packet, the MPC crashes. Continued receipt of these packets causes a sustained denial of service. This issue can only be triggered when CFM hasn't been configured.\n\nThis issue affects:\nJuniper Networks Junos OS\nAll versions prior to 19.1R3-S10 on MX Series;\n19.2 versions prior to 19.2R3-S7 on MX Series;\n19.3 versions prior to 19.3R3-S8 on MX Series;\n19.4 versions prior to 19.4R3-S12 on MX Series;\n20.1 version 20.1R1 and later versions on MX Series;\n20.2 versions prior to 20.2R3-S7 on MX Series;\n20.3 version 20.3R1 and later versions on MX Series;\n20.4 versions prior to 20.4R3-S7 on MX Series;\n21.1 versions prior to 21.1R3-S5 on MX Series;\n21.2 versions prior to 21.2R3-S4 on MX Series;\n21.3 versions prior to 21.3R3-S4 on MX Series;\n21.4 versions prior to 21.4R3-S3 on MX Series;\n22.1 versions prior to 22.1R3-S2 on MX Series;\n22.2 versions prior to 22.2R3 on MX Series;\n22.3 versions prior to 22.3R2, 22.3R3 on MX Series;\n22.4 versions prior to 22.4R2 on MX Series.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "sirt@juniper.net", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "sirt@juniper.net", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-1285" + } + ] + } + ], + "references": [ + { + "url": "https://supportportal.juniper.net/JSA71661", + "source": "sirt@juniper.net" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36883.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36883.json new file mode 100644 index 00000000000..24face4f82b --- /dev/null +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36883.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-36883", + "sourceIdentifier": "secure@microsoft.com", + "published": "2023-07-14T18:15:10.627", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Microsoft Edge for iOS Spoofing Vulnerability" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@microsoft.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36883", + "source": "secure@microsoft.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36887.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36887.json new file mode 100644 index 00000000000..d52b3caf605 --- /dev/null +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36887.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-36887", + "sourceIdentifier": "secure@microsoft.com", + "published": "2023-07-14T18:15:10.690", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@microsoft.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36887", + "source": "secure@microsoft.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36888.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36888.json new file mode 100644 index 00000000000..2bbd05a0efc --- /dev/null +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36888.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-36888", + "sourceIdentifier": "secure@microsoft.com", + "published": "2023-07-14T18:15:10.750", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Microsoft Edge for Android (Chromium-based) Tampering Vulnerability" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@microsoft.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ] + }, + "references": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36888", + "source": "secure@microsoft.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3633.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3633.json new file mode 100644 index 00000000000..5c93b6ee61d --- /dev/null +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3633.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-3633", + "sourceIdentifier": "cve-requests@bitdefender.com", + "published": "2023-07-14T20:15:09.220", + "lastModified": "2023-07-14T20:15:09.220", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An out-of-bounds write\u00a0vulnerability in Bitdefender Engines on Windows causes the engine to crash.\u00a0This issue affects Bitdefender Engines version 7.94791 and lower." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-requests@bitdefender.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cve-requests@bitdefender.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://www.bitdefender.com/support/security-advisories/out-of-bounds-memory-corruption-issue-in-ceva-engine-va-11010", + "source": "cve-requests@bitdefender.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3673.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3673.json index 24c8a636ce7..eaf39ee994b 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3673.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3673.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3673", "sourceIdentifier": "security@huntr.dev", "published": "2023-07-14T13:15:09.437", - "lastModified": "2023-07-14T13:15:09.437", - "vulnStatus": "Received", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-372xx/CVE-2023-37223.json b/CVE-2023/CVE-2023-372xx/CVE-2023-37223.json new file mode 100644 index 00000000000..207579a60ff --- /dev/null +++ b/CVE-2023/CVE-2023-372xx/CVE-2023-37223.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-37223", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-14T18:15:10.847", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Scripting (XSS) vulnerability in Archer Platform before v.6.13 and fixed in v.6.12.0.6 and v.6.13.0 allows a remote authenticated attacker to execute arbitrary code via a crafted malicious script." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "references": [ + { + "url": "https://archerirm.com", + "source": "cve@mitre.org" + }, + { + "url": "https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/702362", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-372xx/CVE-2023-37224.json b/CVE-2023/CVE-2023-372xx/CVE-2023-37224.json new file mode 100644 index 00000000000..b0a472a7189 --- /dev/null +++ b/CVE-2023/CVE-2023-372xx/CVE-2023-37224.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-37224", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-14T18:15:10.920", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to obtain sensitive information via the log files." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.0, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.5, + "impactScore": 4.0 + } + ] + }, + "references": [ + { + "url": "https://archerirm.com", + "source": "cve@mitre.org" + }, + { + "url": "https://www.archerirm.community/t5/security-advisories/archer-update-for-multiple-vulnerabilities/ta-p/702362", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37462.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37462.json new file mode 100644 index 00000000000..e40b7a02595 --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37462.json @@ -0,0 +1,67 @@ +{ + "id": "CVE-2023-37462", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-07-14T21:15:08.820", + "lastModified": "2023-07-14T21:15:08.820", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Improper escaping in the document `SkinsCode.XWikiSkinsSheet` leads to an injection vector from view right on that document to programming rights, or in other words, it is possible to execute arbitrary script macros including Groovy and Python macros that allow remote code execution including unrestricted read and write access to all wiki contents. The attack works by opening a non-existing page with a name crafted to contain a dangerous payload. It is possible to check if an existing installation is vulnerable. See the linked GHSA for instructions on testing an installation. This issue has been patched in XWiki 14.4.8, 14.10.4 and 15.0-rc-1. Users are advised to upgrade. The fix commit `d9c88ddc` can also be applied manually to the impacted document `SkinsCode.XWikiSkinsSheet` and users unable to upgrade are advised to manually patch their installations." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.9, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.1, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-95" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/xwiki/xwiki-platform/commit/d9c88ddc4c0c78fa534bd33237e95dea66003d29", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-h4vp-69r8-gvjg", + "source": "security-advisories@github.com" + }, + { + "url": "https://jira.xwiki.org/browse/XWIKI-20457", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37464.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37464.json new file mode 100644 index 00000000000..de0bb4fbd6f --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37464.json @@ -0,0 +1,67 @@ +{ + "id": "CVE-2023-37464", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-07-14T21:15:08.903", + "lastModified": "2023-07-14T21:15:08.903", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "OpenIDC/cjose is a C library implementing the Javascript Object Signing and Encryption (JOSE). The AES GCM decryption routine incorrectly uses the Tag length from the actual Authentication Tag provided in the JWE. The spec says that a fixed length of 16 octets must be applied. Therefore this bug allows an attacker to provide a truncated Authentication Tag and to modify the JWE accordingly. Users should upgrade to a version >= 0.6.2.2. Users unable to upgrade should avoid using AES GCM encryption and replace it with another encryption algorithm (e.g. AES CBC)." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-327" + } + ] + } + ], + "references": [ + { + "url": "https://datatracker.ietf.org/doc/html/rfc7518#section-4.7", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/OpenIDC/cjose/commit/7325e9a5e71e2fc0e350487ecac7d84acdf0ed5e", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/OpenIDC/cjose/releases/tag/v0.6.2.2", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/OpenIDC/cjose/security/advisories/GHSA-3rhg-3gf2-6xgj", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37472.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37472.json new file mode 100644 index 00000000000..102b57c7153 --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37472.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-37472", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-07-14T21:15:08.980", + "lastModified": "2023-07-14T21:15:08.980", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Knowage is an open source suite for business analytics. The application often use user supplied data to create HQL queries without prior sanitization. An attacker can create specially crafted HQL queries that will break subsequent SQL queries generated by the Hibernate engine. The endpoint `_/knowage/restful-services/2.0/documents/listDocument_` calls the `_countBIObjects_` method of the `_BIObjectDAOHibImpl_` object with the user supplied `_label_` parameter without prior sanitization. This can lead to SQL injection in the backing database. Other injections have been identified in the application as well. An authenticated attacker with low privileges could leverage this vulnerability in order to retrieve sensitive information from the database, such as account credentials or business information. This issue has been addressed in version 8.1.8. Users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.7, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-2j3f-f696-7rgj", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37473.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37473.json new file mode 100644 index 00000000000..298c9a9d2b2 --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37473.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2023-37473", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-07-14T21:15:09.047", + "lastModified": "2023-07-14T21:15:09.047", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "zenstruck/collections is a set of helpers for iterating/paginating/filtering collections. Passing _callable strings_ (ie `system`) caused the function to be executed. This would result in a limited subset of specific user input being executed as if it were code. This issue has been addressed in commit `f4b1c48820` and included in release version 0.2.1. Users are advised to upgrade. Users unable to upgrade should ensure that user input is not passed to either `EntityRepository::find()` or `query()`." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/zenstruck/collection/commit/f4b1c488206e1b1581b06fcd331686846f13f19c", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zenstruck/collection/releases/tag/v0.2.1", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/zenstruck/collection/security/advisories/GHSA-7xr2-8ff7-6fjq", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37474.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37474.json new file mode 100644 index 00000000000..ffcfd8fabc0 --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37474.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-37474", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-07-14T20:15:09.083", + "lastModified": "2023-07-14T20:15:09.083", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Copyparty is a portable file server. Versions prior to 1.8.2 are subject to a path traversal vulnerability detected in the `.cpr` subfolder. The Path Traversal attack technique allows an attacker access to files, directories, and commands that reside outside the web document root directory. This issue has been addressed in commit `043e3c7d` which has been included in release 1.8.2. Users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/9001/copyparty/commit/043e3c7dd683113e2b1c15cacb9c8e68f76513ff", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/9001/copyparty/security/advisories/GHSA-pxfv-7rr3-2qjg", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-382xx/CVE-2023-38252.json b/CVE-2023/CVE-2023-382xx/CVE-2023-38252.json new file mode 100644 index 00000000000..8c1fc600b3c --- /dev/null +++ b/CVE-2023/CVE-2023-382xx/CVE-2023-38252.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-38252", + "sourceIdentifier": "secalert@redhat.com", + "published": "2023-07-14T18:15:10.990", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.0, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2023-38252", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222775", + "source": "secalert@redhat.com" + }, + { + "url": "https://github.com/tats/w3m/issues/270", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-382xx/CVE-2023-38253.json b/CVE-2023/CVE-2023-382xx/CVE-2023-38253.json new file mode 100644 index 00000000000..1ef0d6d892b --- /dev/null +++ b/CVE-2023/CVE-2023-382xx/CVE-2023-38253.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-38253", + "sourceIdentifier": "secalert@redhat.com", + "published": "2023-07-14T18:15:11.047", + "lastModified": "2023-07-14T19:46:52.880", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.0, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2023-38253", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222779", + "source": "secalert@redhat.com" + }, + { + "url": "https://github.com/tats/w3m/issues/271", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-383xx/CVE-2023-38325.json b/CVE-2023/CVE-2023-383xx/CVE-2023-38325.json new file mode 100644 index 00000000000..0450257d9e7 --- /dev/null +++ b/CVE-2023/CVE-2023-383xx/CVE-2023-38325.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-38325", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-14T20:15:09.157", + "lastModified": "2023-07-14T20:15:09.157", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The cryptography package before 41.0.2 for Python mishandles SSH certificates that have critical options." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/pyca/cryptography/compare/41.0.1...41.0.2", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/pyca/cryptography/issues/9207", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/pyca/cryptography/pull/9208", + "source": "cve@mitre.org" + }, + { + "url": "https://pypi.org/project/cryptography/#history", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 58469079c49..a212d1e9072 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-07-14T18:00:46.147750+00:00 +2023-07-14T22:00:24.923439+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-07-14T17:59:53.733000+00:00 +2023-07-14T21:47:05.550000+00:00 ``` ### Last Data Feed Release @@ -29,49 +29,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -220310 +220335 ``` ### CVEs added in the last Commit -Recently added CVEs: `5` +Recently added CVEs: `25` -* [CVE-2023-35692](CVE-2023/CVE-2023-356xx/CVE-2023-35692.json) (`2023-07-14T16:15:14.160`) -* [CVE-2023-36832](CVE-2023/CVE-2023-368xx/CVE-2023-36832.json) (`2023-07-14T16:15:14.237`) -* [CVE-2023-28985](CVE-2023/CVE-2023-289xx/CVE-2023-28985.json) (`2023-07-14T17:15:09.050`) -* [CVE-2023-36833](CVE-2023/CVE-2023-368xx/CVE-2023-36833.json) (`2023-07-14T17:15:09.133`) -* [CVE-2023-36838](CVE-2023/CVE-2023-368xx/CVE-2023-36838.json) (`2023-07-14T17:15:09.210`) +* [CVE-2023-24896](CVE-2023/CVE-2023-248xx/CVE-2023-24896.json) (`2023-07-14T18:15:09.477`) +* [CVE-2023-32759](CVE-2023/CVE-2023-327xx/CVE-2023-32759.json) (`2023-07-14T18:15:09.700`) +* [CVE-2023-32760](CVE-2023/CVE-2023-327xx/CVE-2023-32760.json) (`2023-07-14T18:15:09.787`) +* [CVE-2023-32761](CVE-2023/CVE-2023-327xx/CVE-2023-32761.json) (`2023-07-14T18:15:09.897`) +* [CVE-2023-36834](CVE-2023/CVE-2023-368xx/CVE-2023-36834.json) (`2023-07-14T18:15:10.057`) +* [CVE-2023-36835](CVE-2023/CVE-2023-368xx/CVE-2023-36835.json) (`2023-07-14T18:15:10.133`) +* [CVE-2023-36836](CVE-2023/CVE-2023-368xx/CVE-2023-36836.json) (`2023-07-14T18:15:10.213`) +* [CVE-2023-36840](CVE-2023/CVE-2023-368xx/CVE-2023-36840.json) (`2023-07-14T18:15:10.290`) +* [CVE-2023-36848](CVE-2023/CVE-2023-368xx/CVE-2023-36848.json) (`2023-07-14T18:15:10.370`) +* [CVE-2023-36849](CVE-2023/CVE-2023-368xx/CVE-2023-36849.json) (`2023-07-14T18:15:10.503`) +* [CVE-2023-36883](CVE-2023/CVE-2023-368xx/CVE-2023-36883.json) (`2023-07-14T18:15:10.627`) +* [CVE-2023-36887](CVE-2023/CVE-2023-368xx/CVE-2023-36887.json) (`2023-07-14T18:15:10.690`) +* [CVE-2023-36888](CVE-2023/CVE-2023-368xx/CVE-2023-36888.json) (`2023-07-14T18:15:10.750`) +* [CVE-2023-37223](CVE-2023/CVE-2023-372xx/CVE-2023-37223.json) (`2023-07-14T18:15:10.847`) +* [CVE-2023-37224](CVE-2023/CVE-2023-372xx/CVE-2023-37224.json) (`2023-07-14T18:15:10.920`) +* [CVE-2023-38252](CVE-2023/CVE-2023-382xx/CVE-2023-38252.json) (`2023-07-14T18:15:10.990`) +* [CVE-2023-38253](CVE-2023/CVE-2023-382xx/CVE-2023-38253.json) (`2023-07-14T18:15:11.047`) +* [CVE-2023-36850](CVE-2023/CVE-2023-368xx/CVE-2023-36850.json) (`2023-07-14T19:15:09.093`) +* [CVE-2023-37474](CVE-2023/CVE-2023-374xx/CVE-2023-37474.json) (`2023-07-14T20:15:09.083`) +* [CVE-2023-38325](CVE-2023/CVE-2023-383xx/CVE-2023-38325.json) (`2023-07-14T20:15:09.157`) +* [CVE-2023-3633](CVE-2023/CVE-2023-36xx/CVE-2023-3633.json) (`2023-07-14T20:15:09.220`) +* [CVE-2023-37462](CVE-2023/CVE-2023-374xx/CVE-2023-37462.json) (`2023-07-14T21:15:08.820`) +* [CVE-2023-37464](CVE-2023/CVE-2023-374xx/CVE-2023-37464.json) (`2023-07-14T21:15:08.903`) +* [CVE-2023-37472](CVE-2023/CVE-2023-374xx/CVE-2023-37472.json) (`2023-07-14T21:15:08.980`) +* [CVE-2023-37473](CVE-2023/CVE-2023-374xx/CVE-2023-37473.json) (`2023-07-14T21:15:09.047`) ### CVEs modified in the last Commit -Recently modified CVEs: `37` +Recently modified CVEs: `79` -* [CVE-2023-2028](CVE-2023/CVE-2023-20xx/CVE-2023-2028.json) (`2023-07-14T16:12:19.860`) -* [CVE-2023-30667](CVE-2023/CVE-2023-306xx/CVE-2023-30667.json) (`2023-07-14T16:20:47.367`) -* [CVE-2023-30666](CVE-2023/CVE-2023-306xx/CVE-2023-30666.json) (`2023-07-14T16:21:38.163`) -* [CVE-2023-30665](CVE-2023/CVE-2023-306xx/CVE-2023-30665.json) (`2023-07-14T16:22:01.117`) -* [CVE-2023-30670](CVE-2023/CVE-2023-306xx/CVE-2023-30670.json) (`2023-07-14T16:35:23.967`) -* [CVE-2023-30669](CVE-2023/CVE-2023-306xx/CVE-2023-30669.json) (`2023-07-14T16:35:58.727`) -* [CVE-2023-30668](CVE-2023/CVE-2023-306xx/CVE-2023-30668.json) (`2023-07-14T16:36:08.477`) -* [CVE-2023-37270](CVE-2023/CVE-2023-372xx/CVE-2023-37270.json) (`2023-07-14T16:47:38.063`) -* [CVE-2023-1901](CVE-2023/CVE-2023-19xx/CVE-2023-1901.json) (`2023-07-14T16:48:07.930`) -* [CVE-2023-33156](CVE-2023/CVE-2023-331xx/CVE-2023-33156.json) (`2023-07-14T16:55:46.187`) -* [CVE-2023-33008](CVE-2023/CVE-2023-330xx/CVE-2023-33008.json) (`2023-07-14T17:00:04.467`) -* [CVE-2023-33158](CVE-2023/CVE-2023-331xx/CVE-2023-33158.json) (`2023-07-14T17:05:11.867`) -* [CVE-2023-33161](CVE-2023/CVE-2023-331xx/CVE-2023-33161.json) (`2023-07-14T17:06:45.770`) -* [CVE-2023-33162](CVE-2023/CVE-2023-331xx/CVE-2023-33162.json) (`2023-07-14T17:09:11.457`) -* [CVE-2023-33155](CVE-2023/CVE-2023-331xx/CVE-2023-33155.json) (`2023-07-14T17:10:01.080`) -* [CVE-2023-33163](CVE-2023/CVE-2023-331xx/CVE-2023-33163.json) (`2023-07-14T17:10:22.130`) -* [CVE-2023-33164](CVE-2023/CVE-2023-331xx/CVE-2023-33164.json) (`2023-07-14T17:15:50.133`) -* [CVE-2023-37269](CVE-2023/CVE-2023-372xx/CVE-2023-37269.json) (`2023-07-14T17:37:47.167`) -* [CVE-2023-2709](CVE-2023/CVE-2023-27xx/CVE-2023-2709.json) (`2023-07-14T17:43:37.783`) -* [CVE-2023-2852](CVE-2023/CVE-2023-28xx/CVE-2023-2852.json) (`2023-07-14T17:46:14.223`) -* [CVE-2023-2046](CVE-2023/CVE-2023-20xx/CVE-2023-2046.json) (`2023-07-14T17:48:59.447`) -* [CVE-2023-2853](CVE-2023/CVE-2023-28xx/CVE-2023-2853.json) (`2023-07-14T17:51:26.893`) -* [CVE-2023-35912](CVE-2023/CVE-2023-359xx/CVE-2023-35912.json) (`2023-07-14T17:57:49.633`) -* [CVE-2023-34433](CVE-2023/CVE-2023-344xx/CVE-2023-34433.json) (`2023-07-14T17:58:46.747`) -* [CVE-2023-2796](CVE-2023/CVE-2023-27xx/CVE-2023-2796.json) (`2023-07-14T17:59:53.733`) +* [CVE-2023-35338](CVE-2023/CVE-2023-353xx/CVE-2023-35338.json) (`2023-07-14T21:39:22.753`) +* [CVE-2023-35337](CVE-2023/CVE-2023-353xx/CVE-2023-35337.json) (`2023-07-14T21:39:30.837`) +* [CVE-2023-35336](CVE-2023/CVE-2023-353xx/CVE-2023-35336.json) (`2023-07-14T21:39:41.190`) +* [CVE-2023-35335](CVE-2023/CVE-2023-353xx/CVE-2023-35335.json) (`2023-07-14T21:39:50.220`) +* [CVE-2023-35333](CVE-2023/CVE-2023-353xx/CVE-2023-35333.json) (`2023-07-14T21:40:01.480`) +* [CVE-2023-35332](CVE-2023/CVE-2023-353xx/CVE-2023-35332.json) (`2023-07-14T21:40:10.260`) +* [CVE-2023-35331](CVE-2023/CVE-2023-353xx/CVE-2023-35331.json) (`2023-07-14T21:40:16.377`) +* [CVE-2023-35330](CVE-2023/CVE-2023-353xx/CVE-2023-35330.json) (`2023-07-14T21:40:26.077`) +* [CVE-2023-35328](CVE-2023/CVE-2023-353xx/CVE-2023-35328.json) (`2023-07-14T21:40:47.063`) +* [CVE-2023-35329](CVE-2023/CVE-2023-353xx/CVE-2023-35329.json) (`2023-07-14T21:40:57.750`) +* [CVE-2023-35326](CVE-2023/CVE-2023-353xx/CVE-2023-35326.json) (`2023-07-14T21:41:09.940`) +* [CVE-2023-35325](CVE-2023/CVE-2023-353xx/CVE-2023-35325.json) (`2023-07-14T21:41:24.810`) +* [CVE-2023-35324](CVE-2023/CVE-2023-353xx/CVE-2023-35324.json) (`2023-07-14T21:41:35.210`) +* [CVE-2023-35323](CVE-2023/CVE-2023-353xx/CVE-2023-35323.json) (`2023-07-14T21:41:47.193`) +* [CVE-2023-35322](CVE-2023/CVE-2023-353xx/CVE-2023-35322.json) (`2023-07-14T21:41:54.460`) +* [CVE-2023-35321](CVE-2023/CVE-2023-353xx/CVE-2023-35321.json) (`2023-07-14T21:42:13.183`) +* [CVE-2023-35320](CVE-2023/CVE-2023-353xx/CVE-2023-35320.json) (`2023-07-14T21:42:22.277`) +* [CVE-2023-35318](CVE-2023/CVE-2023-353xx/CVE-2023-35318.json) (`2023-07-14T21:42:40.967`) +* [CVE-2023-35319](CVE-2023/CVE-2023-353xx/CVE-2023-35319.json) (`2023-07-14T21:42:45.677`) +* [CVE-2023-35350](CVE-2023/CVE-2023-353xx/CVE-2023-35350.json) (`2023-07-14T21:43:59.697`) +* [CVE-2023-35348](CVE-2023/CVE-2023-353xx/CVE-2023-35348.json) (`2023-07-14T21:46:08.043`) +* [CVE-2023-35347](CVE-2023/CVE-2023-353xx/CVE-2023-35347.json) (`2023-07-14T21:46:19.077`) +* [CVE-2023-35346](CVE-2023/CVE-2023-353xx/CVE-2023-35346.json) (`2023-07-14T21:46:36.847`) +* [CVE-2023-35340](CVE-2023/CVE-2023-353xx/CVE-2023-35340.json) (`2023-07-14T21:46:52.787`) +* [CVE-2023-35341](CVE-2023/CVE-2023-353xx/CVE-2023-35341.json) (`2023-07-14T21:47:05.550`) ## Download and Usage