diff --git a/CVE-2020/CVE-2020-184xx/CVE-2020-18432.json b/CVE-2020/CVE-2020-184xx/CVE-2020-18432.json new file mode 100644 index 00000000000..56c8e02d0e6 --- /dev/null +++ b/CVE-2020/CVE-2020-184xx/CVE-2020-18432.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-18432", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-30T02:15:08.623", + "lastModified": "2023-06-30T02:15:08.623", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "File Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers to upload arbitrary files and gain escalated privileges." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://vorders.me/2019/03/05/semcms-vulnerablity-before-php-v3-7/#admin-upload-webshell-in-SEMCMS-Upfile-php", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-471xx/CVE-2022-47184.json b/CVE-2022/CVE-2022-471xx/CVE-2022-47184.json index 0cb4880a318..aba577d620f 100644 --- a/CVE-2022/CVE-2022-471xx/CVE-2022-47184.json +++ b/CVE-2022/CVE-2022-471xx/CVE-2022-47184.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47184", "sourceIdentifier": "security@apache.org", "published": "2023-06-14T08:15:08.633", - "lastModified": "2023-06-23T03:15:08.847", + "lastModified": "2023-06-30T02:15:08.723", "vulnStatus": "Modified", "descriptions": [ { @@ -110,6 +110,10 @@ "Mailing List" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html", + "source": "security@apache.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/", "source": "security@apache.org" diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2828.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2828.json index 549edb0b010..d85c761ab47 100644 --- a/CVE-2023/CVE-2023-28xx/CVE-2023-2828.json +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2828.json @@ -2,7 +2,7 @@ "id": "CVE-2023-2828", "sourceIdentifier": "security-officer@isc.org", "published": "2023-06-21T17:15:47.703", - "lastModified": "2023-06-26T08:15:09.213", + "lastModified": "2023-06-30T03:15:09.077", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -43,6 +43,10 @@ "url": "https://kb.isc.org/docs/cve-2023-2828", "source": "security-officer@isc.org" }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/", + "source": "security-officer@isc.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/", "source": "security-officer@isc.org" diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2834.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2834.json new file mode 100644 index 00000000000..04a9ec9e210 --- /dev/null +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2834.json @@ -0,0 +1,79 @@ +{ + "id": "CVE-2023-2834", + "sourceIdentifier": "security@wordfence.com", + "published": "2023-06-30T02:15:08.820", + "lastModified": "2023-06-30T02:15:08.820", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The BookIt plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.3.7. This is due to insufficient verification on the user being supplied during booking an appointment through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-288" + } + ] + } + ], + "references": [ + { + "url": "https://lana.codes/lanavdb/0dea1346-fd60-4338-8af6-6f89c29075d4/", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/bookit/tags/2.3.6/includes/classes/CustomerController.php#L27", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/bookit/tags/2.3.6/includes/classes/database/Customers.php#L63", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2919529/bookit", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2925153/bookit", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/blog/2023/06/stylemixthemes-addresses-authentication-bypass-vulnerability-in-bookit-wordpress-plugin/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cfd32e46-a4fc-4c10-b546-9f9da75db791?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-29xx/CVE-2023-2911.json b/CVE-2023/CVE-2023-29xx/CVE-2023-2911.json index 3d67b928c5f..5a794972ba5 100644 --- a/CVE-2023/CVE-2023-29xx/CVE-2023-2911.json +++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2911.json @@ -2,7 +2,7 @@ "id": "CVE-2023-2911", "sourceIdentifier": "security-officer@isc.org", "published": "2023-06-21T17:15:47.827", - "lastModified": "2023-06-26T08:15:09.293", + "lastModified": "2023-06-30T03:15:09.160", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -43,6 +43,10 @@ "url": "https://kb.isc.org/docs/cve-2023-2911", "source": "security-officer@isc.org" }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/", + "source": "security-officer@isc.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/", "source": "security-officer@isc.org" diff --git a/CVE-2023/CVE-2023-306xx/CVE-2023-30631.json b/CVE-2023/CVE-2023-306xx/CVE-2023-30631.json index 9524efe703d..3be1a322059 100644 --- a/CVE-2023/CVE-2023-306xx/CVE-2023-30631.json +++ b/CVE-2023/CVE-2023-306xx/CVE-2023-30631.json @@ -2,7 +2,7 @@ "id": "CVE-2023-30631", "sourceIdentifier": "security@apache.org", "published": "2023-06-14T08:15:09.257", - "lastModified": "2023-06-23T03:15:08.977", + "lastModified": "2023-06-30T02:15:08.917", "vulnStatus": "Modified", "descriptions": [ { @@ -90,6 +90,10 @@ "Mailing List" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html", + "source": "security@apache.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/", "source": "security@apache.org" diff --git a/CVE-2023/CVE-2023-30xx/CVE-2023-3063.json b/CVE-2023/CVE-2023-30xx/CVE-2023-3063.json new file mode 100644 index 00000000000..203973f8127 --- /dev/null +++ b/CVE-2023/CVE-2023-30xx/CVE-2023-3063.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-3063", + "sourceIdentifier": "security@wordfence.com", + "published": "2023-06-30T02:15:09.457", + "lastModified": "2023-06-30T02:15:09.457", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The SP Project & Document Manager plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.67. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers with subscriber privileges or above, to change user passwords and potentially take over administrator accounts." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/sp-client-document-manager/trunk/classes/ajax.php#L149", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6dc2e720-85d9-42d9-94ef-eb172425993d?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-326xx/CVE-2023-32607.json b/CVE-2023/CVE-2023-326xx/CVE-2023-32607.json new file mode 100644 index 00000000000..35c1a7c990d --- /dev/null +++ b/CVE-2023/CVE-2023-326xx/CVE-2023-32607.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-32607", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2023-06-30T03:15:09.237", + "lastModified": "2023-06-30T03:15:09.237", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Stored cross-site scripting vulnerability in Pleasanter (Community Edition and Enterprise Edition) 1.3.39.2 and earlier versions allows a remote authenticated attacker to inject an arbitrary script." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://jvn.jp/en/jp/JVN97818024/", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://pleasanter.org/archives/vulnerability-update-202306", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-326xx/CVE-2023-32608.json b/CVE-2023/CVE-2023-326xx/CVE-2023-32608.json new file mode 100644 index 00000000000..facc97c7436 --- /dev/null +++ b/CVE-2023/CVE-2023-326xx/CVE-2023-32608.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-32608", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2023-06-30T03:15:09.297", + "lastModified": "2023-06-30T03:15:09.297", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Directory traversal vulnerability in Pleasanter (Community Edition and Enterprise Edition) 1.3.39.2 and earlier versions allows a remote authenticated attacker to alter an arbitrary file on the server." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://jvn.jp/en/jp/JVN97818024/", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://pleasanter.org/archives/vulnerability-update-202306", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3249.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3249.json new file mode 100644 index 00000000000..09cc52cfdc9 --- /dev/null +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3249.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-3249", + "sourceIdentifier": "security@wordfence.com", + "published": "2023-06-30T02:15:09.543", + "lastModified": "2023-06-30T02:15:09.543", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Web3 \u2013 Crypto wallet Login & NFT token gating plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.6.0. This is due to incorrect authentication checking in the 'hidden_form_data' function. This makes it possible for authenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-288" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/web3-authentication/tags/2.6.0/classes/common/Web3/controller/class-moweb3flowhandler.php#L198", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e30b62de-7280-4c29-b882-dfa83e65966b?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-333xx/CVE-2023-33336.json b/CVE-2023/CVE-2023-333xx/CVE-2023-33336.json new file mode 100644 index 00000000000..04d1ff98ec4 --- /dev/null +++ b/CVE-2023/CVE-2023-333xx/CVE-2023-33336.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-33336", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-30T02:15:09.000", + "lastModified": "2023-06-30T02:15:09.000", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Reflected cross site scripting (XSS) vulnerability was discovered in Sophos Web Appliance v4.3.9.1 that allows for arbitrary code to be inputted via the double quotes." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://inf0seq.github.io/cve/2023/04/30/Cross-site-scripting-(XSS)-in-Sophos-Web-Appliance-4.1.1-0.9.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-337xx/CVE-2023-33733.json b/CVE-2023/CVE-2023-337xx/CVE-2023-33733.json index 4844a127f0e..c25caa0d9f8 100644 --- a/CVE-2023/CVE-2023-337xx/CVE-2023-33733.json +++ b/CVE-2023/CVE-2023-337xx/CVE-2023-33733.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33733", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-05T16:15:09.550", - "lastModified": "2023-06-09T22:58:22.683", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-30T03:15:09.353", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -72,6 +72,10 @@ "Exploit", "Third Party Advisory" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6ALE727IRACYBTTOFIFG57RS4OA2SHIJ/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-339xx/CVE-2023-33933.json b/CVE-2023/CVE-2023-339xx/CVE-2023-33933.json index e8ff7be2ac5..12b014ac8d6 100644 --- a/CVE-2023/CVE-2023-339xx/CVE-2023-33933.json +++ b/CVE-2023/CVE-2023-339xx/CVE-2023-33933.json @@ -2,7 +2,7 @@ "id": "CVE-2023-33933", "sourceIdentifier": "security@apache.org", "published": "2023-06-14T08:15:09.323", - "lastModified": "2023-06-23T03:15:09.067", + "lastModified": "2023-06-30T02:15:09.060", "vulnStatus": "Modified", "descriptions": [ { @@ -90,6 +90,10 @@ "Mailing List" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html", + "source": "security@apache.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/", "source": "security@apache.org" diff --git a/CVE-2023/CVE-2023-342xx/CVE-2023-34241.json b/CVE-2023/CVE-2023-342xx/CVE-2023-34241.json index 986284f7973..ef04d24726f 100644 --- a/CVE-2023/CVE-2023-342xx/CVE-2023-34241.json +++ b/CVE-2023/CVE-2023-342xx/CVE-2023-34241.json @@ -2,7 +2,7 @@ "id": "CVE-2023-34241", "sourceIdentifier": "security-advisories@github.com", "published": "2023-06-22T23:15:09.493", - "lastModified": "2023-06-26T15:15:09.760", + "lastModified": "2023-06-30T03:15:09.433", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -66,6 +66,10 @@ { "url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-qjgh-5hcq-5f25", "source": "security-advisories@github.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TBIYKDS3UG3W4Z7YOHTR2AWFNBRYPNYY/", + "source": "security-advisories@github.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35131.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35131.json index 5d915e88fdf..8ecdcbb873c 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35131.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35131.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35131", "sourceIdentifier": "patrick@puiterwijk.org", "published": "2023-06-22T21:15:09.413", - "lastModified": "2023-06-29T20:37:43.530", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-30T03:15:09.527", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -95,6 +95,14 @@ } ], "references": [ + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC/", + "source": "patrick@puiterwijk.org" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT/", + "source": "patrick@puiterwijk.org" + }, { "url": "https://moodle.org/mod/forum/discuss.php?d=447829", "source": "patrick@puiterwijk.org", diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35132.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35132.json index cb583c350b8..f49cf4234f8 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35132.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35132.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35132", "sourceIdentifier": "patrick@puiterwijk.org", "published": "2023-06-22T21:15:09.470", - "lastModified": "2023-06-29T20:36:59.997", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-30T03:15:09.590", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -101,6 +101,14 @@ } ], "references": [ + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC/", + "source": "patrick@puiterwijk.org" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT/", + "source": "patrick@puiterwijk.org" + }, { "url": "https://moodle.org/mod/forum/discuss.php?d=447830", "source": "patrick@puiterwijk.org", diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35133.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35133.json index dc9b4b242a7..56af99001f4 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35133.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35133.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35133", "sourceIdentifier": "patrick@puiterwijk.org", "published": "2023-06-22T21:15:09.520", - "lastModified": "2023-06-29T20:27:24.947", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-30T03:15:09.667", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -101,6 +101,14 @@ } ], "references": [ + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC/", + "source": "patrick@puiterwijk.org" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT/", + "source": "patrick@puiterwijk.org" + }, { "url": "https://moodle.org/mod/forum/discuss.php?d=447831", "source": "patrick@puiterwijk.org", diff --git a/CVE-2023/CVE-2023-363xx/CVE-2023-36345.json b/CVE-2023/CVE-2023-363xx/CVE-2023-36345.json index 0017263467d..40b9edf02d1 100644 --- a/CVE-2023/CVE-2023-363xx/CVE-2023-36345.json +++ b/CVE-2023/CVE-2023-363xx/CVE-2023-36345.json @@ -2,7 +2,7 @@ "id": "CVE-2023-36345", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-23T20:15:09.427", - "lastModified": "2023-06-24T12:41:30.800", + "lastModified": "2023-06-30T02:15:09.180", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -15,6 +15,10 @@ { "url": "https://youtu.be/KxjsEqNWU9E", "source": "cve@mitre.org" + }, + { + "url": "https://yuyudhn.github.io/pos-codekop-vulnerability/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-363xx/CVE-2023-36346.json b/CVE-2023/CVE-2023-363xx/CVE-2023-36346.json index c606dc1580e..e39d5c2532c 100644 --- a/CVE-2023/CVE-2023-363xx/CVE-2023-36346.json +++ b/CVE-2023/CVE-2023-363xx/CVE-2023-36346.json @@ -2,7 +2,7 @@ "id": "CVE-2023-36346", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-23T20:15:09.473", - "lastModified": "2023-06-24T12:41:30.800", + "lastModified": "2023-06-30T02:15:09.280", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -15,6 +15,10 @@ { "url": "https://www.youtube.com/watch?v=bbbA-q1syrA", "source": "cve@mitre.org" + }, + { + "url": "https://yuyudhn.github.io/pos-codekop-vulnerability/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-363xx/CVE-2023-36347.json b/CVE-2023/CVE-2023-363xx/CVE-2023-36347.json new file mode 100644 index 00000000000..5eccbfdc2cc --- /dev/null +++ b/CVE-2023/CVE-2023-363xx/CVE-2023-36347.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-36347", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-30T02:15:09.347", + "lastModified": "2023-06-30T02:15:09.347", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.youtube.com/watch?v=7qaIeE2cyO4", + "source": "cve@mitre.org" + }, + { + "url": "https://yuyudhn.github.io/pos-codekop-vulnerability/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-363xx/CVE-2023-36348.json b/CVE-2023/CVE-2023-363xx/CVE-2023-36348.json index 99480a40e25..fc45155d6cb 100644 --- a/CVE-2023/CVE-2023-363xx/CVE-2023-36348.json +++ b/CVE-2023/CVE-2023-363xx/CVE-2023-36348.json @@ -2,7 +2,7 @@ "id": "CVE-2023-36348", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-23T20:15:09.517", - "lastModified": "2023-06-24T12:41:30.800", + "lastModified": "2023-06-30T02:15:09.400", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -15,6 +15,10 @@ { "url": "https://www.youtube.com/watch?v=Ge0zqY0sGiQ", "source": "cve@mitre.org" + }, + { + "url": "https://yuyudhn.github.io/pos-codekop-vulnerability/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-365xx/CVE-2023-36539.json b/CVE-2023/CVE-2023-365xx/CVE-2023-36539.json new file mode 100644 index 00000000000..2c288c29572 --- /dev/null +++ b/CVE-2023/CVE-2023-365xx/CVE-2023-36539.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-36539", + "sourceIdentifier": "security@zoom.us", + "published": "2023-06-30T03:15:09.747", + "lastModified": "2023-06-30T03:15:09.747", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nExposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@zoom.us", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://explore.zoom.us/en/trust/security/security-bulletin/", + "source": "security@zoom.us" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 9cddcafd3b7..b0003f87d1d 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-06-30T02:00:27.355272+00:00 +2023-06-30T04:00:27.053994+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-06-30T01:15:08.880000+00:00 +2023-06-30T03:15:09.747000+00:00 ``` ### Last Data Feed Release @@ -29,47 +29,41 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -218918 +218927 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `9` -* [CVE-2023-36143](CVE-2023/CVE-2023-361xx/CVE-2023-36143.json) (`2023-06-30T01:15:08.767`) -* [CVE-2023-36146](CVE-2023/CVE-2023-361xx/CVE-2023-36146.json) (`2023-06-30T01:15:08.823`) -* [CVE-2023-3469](CVE-2023/CVE-2023-34xx/CVE-2023-3469.json) (`2023-06-30T01:15:08.880`) +* [CVE-2020-18432](CVE-2020/CVE-2020-184xx/CVE-2020-18432.json) (`2023-06-30T02:15:08.623`) +* [CVE-2023-2834](CVE-2023/CVE-2023-28xx/CVE-2023-2834.json) (`2023-06-30T02:15:08.820`) +* [CVE-2023-33336](CVE-2023/CVE-2023-333xx/CVE-2023-33336.json) (`2023-06-30T02:15:09.000`) +* [CVE-2023-36347](CVE-2023/CVE-2023-363xx/CVE-2023-36347.json) (`2023-06-30T02:15:09.347`) +* [CVE-2023-3063](CVE-2023/CVE-2023-30xx/CVE-2023-3063.json) (`2023-06-30T02:15:09.457`) +* [CVE-2023-3249](CVE-2023/CVE-2023-32xx/CVE-2023-3249.json) (`2023-06-30T02:15:09.543`) +* [CVE-2023-32607](CVE-2023/CVE-2023-326xx/CVE-2023-32607.json) (`2023-06-30T03:15:09.237`) +* [CVE-2023-32608](CVE-2023/CVE-2023-326xx/CVE-2023-32608.json) (`2023-06-30T03:15:09.297`) +* [CVE-2023-36539](CVE-2023/CVE-2023-365xx/CVE-2023-36539.json) (`2023-06-30T03:15:09.747`) ### CVEs modified in the last Commit -Recently modified CVEs: `32` +Recently modified CVEs: `13` -* [CVE-2022-31642](CVE-2022/CVE-2022-316xx/CVE-2022-31642.json) (`2023-06-30T00:06:38.553`) -* [CVE-2022-31644](CVE-2022/CVE-2022-316xx/CVE-2022-31644.json) (`2023-06-30T00:07:03.547`) -* [CVE-2022-31645](CVE-2022/CVE-2022-316xx/CVE-2022-31645.json) (`2023-06-30T00:07:19.013`) -* [CVE-2022-31646](CVE-2022/CVE-2022-316xx/CVE-2022-31646.json) (`2023-06-30T00:07:28.433`) -* [CVE-2022-4149](CVE-2022/CVE-2022-41xx/CVE-2022-4149.json) (`2023-06-30T00:08:31.660`) -* [CVE-2023-30946](CVE-2023/CVE-2023-309xx/CVE-2023-30946.json) (`2023-06-29T23:57:54.363`) -* [CVE-2023-30955](CVE-2023/CVE-2023-309xx/CVE-2023-30955.json) (`2023-06-29T23:57:54.363`) -* [CVE-2023-33190](CVE-2023/CVE-2023-331xx/CVE-2023-33190.json) (`2023-06-29T23:57:54.363`) -* [CVE-2023-36484](CVE-2023/CVE-2023-364xx/CVE-2023-36484.json) (`2023-06-29T23:57:54.363`) -* [CVE-2023-25433](CVE-2023/CVE-2023-254xx/CVE-2023-25433.json) (`2023-06-29T23:57:54.363`) -* [CVE-2023-26966](CVE-2023/CVE-2023-269xx/CVE-2023-26966.json) (`2023-06-29T23:57:54.363`) -* [CVE-2023-35938](CVE-2023/CVE-2023-359xx/CVE-2023-35938.json) (`2023-06-29T23:57:54.363`) -* [CVE-2023-36471](CVE-2023/CVE-2023-364xx/CVE-2023-36471.json) (`2023-06-29T23:57:54.363`) -* [CVE-2023-36468](CVE-2023/CVE-2023-364xx/CVE-2023-36468.json) (`2023-06-29T23:57:54.363`) -* [CVE-2023-36469](CVE-2023/CVE-2023-364xx/CVE-2023-36469.json) (`2023-06-29T23:57:54.363`) -* [CVE-2023-36470](CVE-2023/CVE-2023-364xx/CVE-2023-36470.json) (`2023-06-29T23:57:54.363`) -* [CVE-2023-36607](CVE-2023/CVE-2023-366xx/CVE-2023-36607.json) (`2023-06-29T23:57:54.363`) -* [CVE-2023-3464](CVE-2023/CVE-2023-34xx/CVE-2023-3464.json) (`2023-06-29T23:57:54.363`) -* [CVE-2023-3465](CVE-2023/CVE-2023-34xx/CVE-2023-3465.json) (`2023-06-29T23:57:54.363`) -* [CVE-2023-1707](CVE-2023/CVE-2023-17xx/CVE-2023-1707.json) (`2023-06-30T00:03:45.170`) -* [CVE-2023-2270](CVE-2023/CVE-2023-22xx/CVE-2023-2270.json) (`2023-06-30T00:08:10.847`) -* [CVE-2023-28809](CVE-2023/CVE-2023-288xx/CVE-2023-28809.json) (`2023-06-30T00:08:59.093`) -* [CVE-2023-2686](CVE-2023/CVE-2023-26xx/CVE-2023-2686.json) (`2023-06-30T00:09:12.553`) -* [CVE-2023-2747](CVE-2023/CVE-2023-27xx/CVE-2023-2747.json) (`2023-06-30T00:09:44.927`) -* [CVE-2023-34641](CVE-2023/CVE-2023-346xx/CVE-2023-34641.json) (`2023-06-30T01:15:08.693`) +* [CVE-2022-47184](CVE-2022/CVE-2022-471xx/CVE-2022-47184.json) (`2023-06-30T02:15:08.723`) +* [CVE-2023-30631](CVE-2023/CVE-2023-306xx/CVE-2023-30631.json) (`2023-06-30T02:15:08.917`) +* [CVE-2023-33933](CVE-2023/CVE-2023-339xx/CVE-2023-33933.json) (`2023-06-30T02:15:09.060`) +* [CVE-2023-36345](CVE-2023/CVE-2023-363xx/CVE-2023-36345.json) (`2023-06-30T02:15:09.180`) +* [CVE-2023-36346](CVE-2023/CVE-2023-363xx/CVE-2023-36346.json) (`2023-06-30T02:15:09.280`) +* [CVE-2023-36348](CVE-2023/CVE-2023-363xx/CVE-2023-36348.json) (`2023-06-30T02:15:09.400`) +* [CVE-2023-2828](CVE-2023/CVE-2023-28xx/CVE-2023-2828.json) (`2023-06-30T03:15:09.077`) +* [CVE-2023-2911](CVE-2023/CVE-2023-29xx/CVE-2023-2911.json) (`2023-06-30T03:15:09.160`) +* [CVE-2023-33733](CVE-2023/CVE-2023-337xx/CVE-2023-33733.json) (`2023-06-30T03:15:09.353`) +* [CVE-2023-34241](CVE-2023/CVE-2023-342xx/CVE-2023-34241.json) (`2023-06-30T03:15:09.433`) +* [CVE-2023-35131](CVE-2023/CVE-2023-351xx/CVE-2023-35131.json) (`2023-06-30T03:15:09.527`) +* [CVE-2023-35132](CVE-2023/CVE-2023-351xx/CVE-2023-35132.json) (`2023-06-30T03:15:09.590`) +* [CVE-2023-35133](CVE-2023/CVE-2023-351xx/CVE-2023-35133.json) (`2023-06-30T03:15:09.667`) ## Download and Usage