From b52f3d6749d4e0181719cb60984af8b6a3023020 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sat, 30 Dec 2023 05:00:28 +0000 Subject: [PATCH] Auto-Update: 2023-12-30T05:00:25.020170+00:00 --- CVE-2022/CVE-2022-464xx/CVE-2022-46486.json | 28 ++++++++ CVE-2022/CVE-2022-464xx/CVE-2022-46487.json | 40 +++++++++++ CVE-2023/CVE-2023-327xx/CVE-2023-32747.json | 47 +++++++++++- CVE-2023/CVE-2023-327xx/CVE-2023-32799.json | 57 ++++++++++++++- CVE-2023/CVE-2023-380xx/CVE-2023-38021.json | 36 ++++++++++ CVE-2023/CVE-2023-380xx/CVE-2023-38022.json | 24 +++++++ CVE-2023/CVE-2023-380xx/CVE-2023-38023.json | 44 ++++++++++++ CVE-2023/CVE-2023-415xx/CVE-2023-41544.json | 20 ++++++ CVE-2023/CVE-2023-471xx/CVE-2023-47191.json | 47 +++++++++++- CVE-2023/CVE-2023-487xx/CVE-2023-48795.json | 14 +++- CVE-2023/CVE-2023-497xx/CVE-2023-49752.json | 51 ++++++++++++- CVE-2023/CVE-2023-497xx/CVE-2023-49765.json | 47 +++++++++++- CVE-2023/CVE-2023-498xx/CVE-2023-49812.json | 47 +++++++++++- CVE-2023/CVE-2023-508xx/CVE-2023-50832.json | 52 +++++++++++++- CVE-2023/CVE-2023-508xx/CVE-2023-50834.json | 47 +++++++++++- CVE-2023/CVE-2023-510xx/CVE-2023-51090.json | 80 +++++++++++++++++++-- CVE-2023/CVE-2023-510xx/CVE-2023-51091.json | 80 +++++++++++++++++++-- CVE-2023/CVE-2023-510xx/CVE-2023-51092.json | 80 +++++++++++++++++++-- CVE-2023/CVE-2023-510xx/CVE-2023-51093.json | 80 +++++++++++++++++++-- CVE-2023/CVE-2023-510xx/CVE-2023-51094.json | 80 +++++++++++++++++++-- CVE-2023/CVE-2023-510xx/CVE-2023-51095.json | 80 +++++++++++++++++++-- CVE-2023/CVE-2023-510xx/CVE-2023-51097.json | 80 +++++++++++++++++++-- CVE-2023/CVE-2023-510xx/CVE-2023-51098.json | 80 +++++++++++++++++++-- CVE-2023/CVE-2023-510xx/CVE-2023-51099.json | 80 +++++++++++++++++++-- CVE-2023/CVE-2023-511xx/CVE-2023-51100.json | 80 +++++++++++++++++++-- CVE-2023/CVE-2023-511xx/CVE-2023-51101.json | 80 +++++++++++++++++++-- CVE-2023/CVE-2023-511xx/CVE-2023-51102.json | 80 +++++++++++++++++++-- CVE-2023/CVE-2023-70xx/CVE-2023-7018.json | 60 ++++++++++++++-- CVE-2023/CVE-2023-70xx/CVE-2023-7040.json | 58 +++++++++++++-- CVE-2023/CVE-2023-70xx/CVE-2023-7091.json | 62 ++++++++++++++-- CVE-2023/CVE-2023-70xx/CVE-2023-7096.json | 62 ++++++++++++++-- CVE-2023/CVE-2023-70xx/CVE-2023-7097.json | 72 +++++++++++++++++-- CVE-2023/CVE-2023-71xx/CVE-2023-7111.json | 58 +++++++++++++-- README.md | 44 +++++++++--- 34 files changed, 1867 insertions(+), 110 deletions(-) create mode 100644 CVE-2022/CVE-2022-464xx/CVE-2022-46486.json create mode 100644 CVE-2022/CVE-2022-464xx/CVE-2022-46487.json create mode 100644 CVE-2023/CVE-2023-380xx/CVE-2023-38021.json create mode 100644 CVE-2023/CVE-2023-380xx/CVE-2023-38022.json create mode 100644 CVE-2023/CVE-2023-380xx/CVE-2023-38023.json create mode 100644 CVE-2023/CVE-2023-415xx/CVE-2023-41544.json diff --git a/CVE-2022/CVE-2022-464xx/CVE-2022-46486.json b/CVE-2022/CVE-2022-464xx/CVE-2022-46486.json new file mode 100644 index 00000000000..864c82c9a14 --- /dev/null +++ b/CVE-2022/CVE-2022-464xx/CVE-2022-46486.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2022-46486", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-12-30T03:15:08.173", + "lastModified": "2023-12-30T03:15:08.173", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A lack of pointer-validation logic in the __scone_dispatch component of SCONE before v5.8.0 for Intel SGX allows attackers to access sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://jovanbulck.github.io/files/ccs19-tale.pdf", + "source": "cve@mitre.org" + }, + { + "url": "https://jovanbulck.github.io/files/oakland24-pandora.pdf", + "source": "cve@mitre.org" + }, + { + "url": "https://sconedocs.github.io/release5.7/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-464xx/CVE-2022-46487.json b/CVE-2022/CVE-2022-464xx/CVE-2022-46487.json new file mode 100644 index 00000000000..37bd2a18b13 --- /dev/null +++ b/CVE-2022/CVE-2022-464xx/CVE-2022-46487.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2022-46487", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-12-30T03:15:08.233", + "lastModified": "2023-12-30T03:15:08.233", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper initialization of x87 and SSE floating-point configuration registers in the __scone_entry component of SCONE before 5.8.0 for Intel SGX allows a local attacker to compromise the execution integrity of floating-point operations in an enclave or access sensitive information via side-channel analysis." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://jovanbulck.github.io/files/acsac20-fpu.pdf", + "source": "cve@mitre.org" + }, + { + "url": "https://jovanbulck.github.io/files/oakland24-pandora.pdf", + "source": "cve@mitre.org" + }, + { + "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0561#vulnCurrentDescriptionTitle", + "source": "cve@mitre.org" + }, + { + "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15107", + "source": "cve@mitre.org" + }, + { + "url": "https://sconedocs.github.io/release5.7/", + "source": "cve@mitre.org" + }, + { + "url": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/best-practices/data-operand-independent-timing-isa-guidance.html#inpage-nav-3-3", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-327xx/CVE-2023-32747.json b/CVE-2023/CVE-2023-327xx/CVE-2023-32747.json index 32dfafbbe21..5be3f063725 100644 --- a/CVE-2023/CVE-2023-327xx/CVE-2023-32747.json +++ b/CVE-2023/CVE-2023-327xx/CVE-2023-32747.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32747", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-21T19:15:08.160", - "lastModified": "2023-12-22T12:18:32.690", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:14:43.520", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -50,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:automattic:woocommerce_bookings:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.15.78", + "matchCriteriaId": "C45515F9-14D5-43F7-A41C-0406E91E554A" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/woocommerce-bookings/wordpress-woocommerce-bookings-plugin-1-15-78-insecure-direct-object-references-idor-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-327xx/CVE-2023-32799.json b/CVE-2023/CVE-2023-327xx/CVE-2023-32799.json index f0eae4eb1d4..2bcecd3035a 100644 --- a/CVE-2023/CVE-2023-327xx/CVE-2023-32799.json +++ b/CVE-2023/CVE-2023-327xx/CVE-2023-32799.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32799", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-21T19:15:08.520", - "lastModified": "2023-12-22T12:18:32.690", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:15:10.643", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -50,10 +80,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:woocommerce:shipping_multiple_addresses:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.8.3", + "matchCriteriaId": "39660B5F-2F2F-4F7A-AEEA-272C2561E57A" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/woocommerce-shipping-multiple-addresses/wordpress-woocommerce-ship-to-multiple-addresses-plugin-3-8-3-insecure-direct-object-references-idor-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-380xx/CVE-2023-38021.json b/CVE-2023/CVE-2023-380xx/CVE-2023-38021.json new file mode 100644 index 00000000000..063c18c489f --- /dev/null +++ b/CVE-2023/CVE-2023-380xx/CVE-2023-38021.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2023-38021", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-12-30T03:15:08.303", + "lastModified": "2023-12-30T03:15:08.303", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in Fortanix EnclaveOS Confidential Computing Manager (CCM) Platform before 3.32 for Intel SGX. Lack of pointer-alignment validation logic in entry functions allows a local attacker to access unauthorized information. This relates to the enclave_ecall function and system call layer." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/openenclave/openenclave/security/advisories/GHSA-v3vm-9h66-wm76", + "source": "cve@mitre.org" + }, + { + "url": "https://jovanbulck.github.io/files/oakland24-pandora.pdf", + "source": "cve@mitre.org" + }, + { + "url": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/stale-data-read-from-xapic.html", + "source": "cve@mitre.org" + }, + { + "url": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/processor-mmio-stale-data-vulnerabilities.html#inpage-nav-3-2-2", + "source": "cve@mitre.org" + }, + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00657.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-380xx/CVE-2023-38022.json b/CVE-2023/CVE-2023-380xx/CVE-2023-38022.json new file mode 100644 index 00000000000..b1e97e261ad --- /dev/null +++ b/CVE-2023/CVE-2023-380xx/CVE-2023-38022.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-38022", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-12-30T03:15:08.360", + "lastModified": "2023-12-30T03:15:08.360", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in Fortanix EnclaveOS Confidential Computing Manager (CCM) Platform before 3.29 for Intel SGX. Insufficient pointer validation allows a local attacker to access unauthorized information. This relates to strlen and sgx_is_within_user." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://jovanbulck.github.io/files/ccs19-tale.pdf", + "source": "cve@mitre.org" + }, + { + "url": "https://jovanbulck.github.io/files/oakland24-pandora.pdf", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-380xx/CVE-2023-38023.json b/CVE-2023/CVE-2023-380xx/CVE-2023-38023.json new file mode 100644 index 00000000000..a73b9427e2d --- /dev/null +++ b/CVE-2023/CVE-2023-380xx/CVE-2023-38023.json @@ -0,0 +1,44 @@ +{ + "id": "CVE-2023-38023", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-12-30T03:15:08.413", + "lastModified": "2023-12-30T03:15:08.413", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in SCONE Confidential Computing Platform before 5.8.0 for Intel SGX. Lack of pointer-alignment logic in __scone_dispatch and other entry functions allows a local attacker to access unauthorized information, aka an \"AEPIC Leak.\"" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/openenclave/openenclave/security/advisories/GHSA-v3vm-9h66-wm76", + "source": "cve@mitre.org" + }, + { + "url": "https://jovanbulck.github.io/files/oakland24-pandora.pdf", + "source": "cve@mitre.org" + }, + { + "url": "https://sconedocs.github.io/release5.7/", + "source": "cve@mitre.org" + }, + { + "url": "https://sconedocs.github.io/release5.8/", + "source": "cve@mitre.org" + }, + { + "url": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/stale-data-read-from-xapic.html", + "source": "cve@mitre.org" + }, + { + "url": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/processor-mmio-stale-data-vulnerabilities.html#inpage-nav-3-2-2", + "source": "cve@mitre.org" + }, + { + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00657.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-415xx/CVE-2023-41544.json b/CVE-2023/CVE-2023-415xx/CVE-2023-41544.json new file mode 100644 index 00000000000..037652eab4e --- /dev/null +++ b/CVE-2023/CVE-2023-415xx/CVE-2023-41544.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-41544", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-12-30T04:15:08.250", + "lastModified": "2023-12-30T04:15:08.250", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SSTI injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to execute arbitrary code via crafted HTTP request to the /jmreport/loadTableData component." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://pho3n1x-web.github.io/2023/09/18/CVE-2023-41544%28JeecgBoot_SSTI%29/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-471xx/CVE-2023-47191.json b/CVE-2023/CVE-2023-471xx/CVE-2023-47191.json index 1d809df4aef..0543f11bfb9 100644 --- a/CVE-2023/CVE-2023-471xx/CVE-2023-47191.json +++ b/CVE-2023/CVE-2023-471xx/CVE-2023-47191.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47191", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-21T19:15:11.767", - "lastModified": "2023-12-22T12:18:32.690", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:20:37.497", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -50,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:kainelabs:youzify:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.2.3", + "matchCriteriaId": "A0E475DD-49AD-4029-B609-D7AEC9E1FB4E" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/youzify/wordpress-youzify-plugin-1-2-2-insecure-direct-object-reference-idor-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-487xx/CVE-2023-48795.json b/CVE-2023/CVE-2023-487xx/CVE-2023-48795.json index 1bac9473248..379d60fd2cf 100644 --- a/CVE-2023/CVE-2023-487xx/CVE-2023-48795.json +++ b/CVE-2023/CVE-2023-487xx/CVE-2023-48795.json @@ -2,7 +2,7 @@ "id": "CVE-2023-48795", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-18T16:15:10.897", - "lastModified": "2023-12-29T03:15:11.033", + "lastModified": "2023-12-30T03:15:08.467", "vulnStatus": "Modified", "descriptions": [ { @@ -1544,10 +1544,18 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/", "source": "cve@mitre.org" }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/", + "source": "cve@mitre.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/", "source": "cve@mitre.org" }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/", + "source": "cve@mitre.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/", "source": "cve@mitre.org", @@ -1555,6 +1563,10 @@ "Vendor Advisory" ] }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/", + "source": "cve@mitre.org" + }, { "url": "https://matt.ucc.asn.au/dropbear/CHANGES", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-497xx/CVE-2023-49752.json b/CVE-2023/CVE-2023-497xx/CVE-2023-49752.json index ac477c84b6b..7669a80c188 100644 --- a/CVE-2023/CVE-2023-497xx/CVE-2023-49752.json +++ b/CVE-2023/CVE-2023-497xx/CVE-2023-49752.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49752", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-20T18:15:13.460", - "lastModified": "2023-12-20T19:52:34.443", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:13:36.437", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spoon themes Adifier - Classified Ads WordPress Theme.This issue affects Adifier - Classified Ads WordPress Theme: from n/a before 3.1.4.\n\n" + }, + { + "lang": "es", + "value": "La neutralizaci\u00f3n incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL ('inyecci\u00f3n SQL') en Spoon themes Adifier - Classified Ads WordPress Theme. Este problema afecta a Adifier - Classified Ads WordPress Theme: desde n/a antes de 3.1.4." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:spoonthemes:adifier:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.1.4", + "matchCriteriaId": "FA8FC617-4A22-443D-AF0B-9BE2C62040FE" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/adifier/wordpress-adifier-classified-ads-wordpress-theme-theme-3-9-3-sql-injection-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-497xx/CVE-2023-49765.json b/CVE-2023/CVE-2023-497xx/CVE-2023-49765.json index 10ee1980446..770b0e70efc 100644 --- a/CVE-2023/CVE-2023-497xx/CVE-2023-49765.json +++ b/CVE-2023/CVE-2023-497xx/CVE-2023-49765.json @@ -2,8 +2,8 @@ "id": "CVE-2023-49765", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-21T19:15:12.173", - "lastModified": "2023-12-22T12:18:32.690", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:21:01.940", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -50,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:blazzdev:rate_my_post:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.4.2", + "matchCriteriaId": "8F9A458F-EA93-452F-9E27-8DEE6203738D" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/rate-my-post/wordpress-rate-my-post-wp-rating-system-plugin-3-4-1-insecure-direct-object-references-idor-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-498xx/CVE-2023-49812.json b/CVE-2023/CVE-2023-498xx/CVE-2023-49812.json index e48c6b23ad2..30b42303440 100644 --- a/CVE-2023/CVE-2023-498xx/CVE-2023-49812.json +++ b/CVE-2023/CVE-2023-498xx/CVE-2023-49812.json @@ -2,8 +2,8 @@ "id": "CVE-2023-49812", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-19T21:15:09.530", - "lastModified": "2023-12-20T13:50:37.240", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:09:49.700", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -50,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wppa:wp_photo_album_plus:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "8.5.02.005", + "matchCriteriaId": "AE94941E-749F-41C6-8EC8-B810E4355F91" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wp-photo-album-plus/wordpress-wp-photo-album-plus-plugin-8-5-02-005-insecure-direct-object-references-idor-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50832.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50832.json index 24c1302a3c2..c6cf2212f4e 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50832.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50832.json @@ -2,16 +2,40 @@ "id": "CVE-2023-50832", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-21T18:15:08.277", - "lastModified": "2023-12-21T18:15:28.593", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:14:20.717", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mondula GmbH Multi Step Form allows Stored XSS.This issue affects Multi Step Form: from n/a through 1.7.13.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Mondula GmbH Multi Step Form permite XSS almacenado. Este problema afecta a Multi Step Form: desde n/a hasta 1.7.13." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mondula:multi_step_form:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.7.13", + "matchCriteriaId": "E8304C95-A917-443B-AD53-E4A0CD79435E" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/multi-step-form/wordpress-multi-step-form-plugin-1-7-13-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50834.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50834.json index 463f46982ff..3f7da83f180 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50834.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50834.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50834", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-21T19:15:12.670", - "lastModified": "2023-12-22T12:18:32.690", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:23:31.073", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -50,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:augustinfotech:woocommerce_menu_extension:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.6.2", + "matchCriteriaId": "71781E8D-C946-44E0-8438-F2EF8C5663FB" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/woocommerce-menu-extension/wordpress-woocommerce-menu-extension-plugin-1-6-2-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51090.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51090.json index 043682e8c9e..154f69baeec 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51090.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51090.json @@ -2,19 +2,91 @@ "id": "CVE-2023-51090", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:08.073", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:18:55.947", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formGetWeiXinConfig." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Tenda M3 V1.0.0.12(4856) conten\u00eda un desbordamiento de pila a trav\u00e9s de la funci\u00f3n formGetWeiXinConfig." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:m3_firmware:1.0.0.12\\(4856\\):*:*:*:*:*:*:*", + "matchCriteriaId": "6E1E2C81-574C-4FBB-8DCD-72F62D7A32E9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:m3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E8543333-41FC-48B4-B14C-D763495A1017" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/GD008/TENDA/blob/main/M3/getWeiXinConfig/M3_getWeiXinConfig.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51091.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51091.json index 2ec34500106..97fb9683b10 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51091.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51091.json @@ -2,19 +2,91 @@ "id": "CVE-2023-51091", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:08.127", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:18:57.887", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function R7WebsSecurityHandler." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Tenda M3 V1.0.0.12(4856) conten\u00eda un desbordamiento de pila a trav\u00e9s de la funci\u00f3n R7WebsSecurityHandler." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:m3_firmware:1.0.0.12\\(4856\\):*:*:*:*:*:*:*", + "matchCriteriaId": "6E1E2C81-574C-4FBB-8DCD-72F62D7A32E9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:m3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E8543333-41FC-48B4-B14C-D763495A1017" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/GD008/TENDA/blob/main/M3/cookie/M3_cookie.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51092.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51092.json index 33a26d2b0cb..b4f80016190 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51092.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51092.json @@ -2,19 +2,91 @@ "id": "CVE-2023-51092", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:08.173", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:19:01.717", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function upgrade." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Tenda M3 V1.0.0.12(4856) conten\u00eda un desbordamiento de pila mediante la actualizaci\u00f3n de la funci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:m3_firmware:1.0.0.12\\(4856\\):*:*:*:*:*:*:*", + "matchCriteriaId": "6E1E2C81-574C-4FBB-8DCD-72F62D7A32E9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:m3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E8543333-41FC-48B4-B14C-D763495A1017" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/GD008/TENDA/blob/main/M3/upgrade/M3_upgrade.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51093.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51093.json index d774ee4cdc8..81a195af775 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51093.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51093.json @@ -2,19 +2,91 @@ "id": "CVE-2023-51093", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:08.217", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:19:03.393", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function fromSetLocalVlanInfo." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Tenda M3 V1.0.0.12(4856) conten\u00eda un desbordamiento de pila a trav\u00e9s de la funci\u00f3n fromSetLocalVlanInfo." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:m3_firmware:1.0.0.12\\(4856\\):*:*:*:*:*:*:*", + "matchCriteriaId": "6E1E2C81-574C-4FBB-8DCD-72F62D7A32E9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:m3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E8543333-41FC-48B4-B14C-D763495A1017" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/GD008/TENDA/blob/main/M3/setVlanInfo/M3_setVlanInfo.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51094.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51094.json index c9e22b8ef6c..97f643b98df 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51094.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51094.json @@ -2,19 +2,91 @@ "id": "CVE-2023-51094", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:08.267", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:19:05.307", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tenda M3 V1.0.0.12(4856) was discovered to contain a Command Execution vulnerability via the function TendaTelnet." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Tenda M3 V1.0.0.12(4856) contiene una vulnerabilidad de ejecuci\u00f3n de comandos a trav\u00e9s de la funci\u00f3n TendaTelnet." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:m3_firmware:1.0.0.12\\(4856\\):*:*:*:*:*:*:*", + "matchCriteriaId": "6E1E2C81-574C-4FBB-8DCD-72F62D7A32E9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:m3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E8543333-41FC-48B4-B14C-D763495A1017" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/GD008/TENDA/blob/main/M3/telnet/M3_telnet.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51095.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51095.json index 2dbb2fa40d8..4115969174a 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51095.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51095.json @@ -2,19 +2,91 @@ "id": "CVE-2023-51095", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T17:15:08.293", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:18:50.037", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formDelWlRfPolicy." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Tenda M3 V1.0.0.12(4856) conten\u00eda un desbordamiento de pila a trav\u00e9s de la funci\u00f3n formDelWlRfPolicy." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:m3_firmware:1.0.0.12\\(4856\\):*:*:*:*:*:*:*", + "matchCriteriaId": "6E1E2C81-574C-4FBB-8DCD-72F62D7A32E9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:m3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E8543333-41FC-48B4-B14C-D763495A1017" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/GD008/TENDA/blob/main/M3/delWlPolicyData/M3_delWlPolicyData.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51097.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51097.json index c3f58440a8d..fbaa628d9c2 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51097.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51097.json @@ -2,19 +2,91 @@ "id": "CVE-2023-51097", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:08.317", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:19:06.583", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formSetAutoPing." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Tenda W9 V1.0.0.7(4456)_CN conten\u00eda un desbordamiento de pila a trav\u00e9s de la funci\u00f3n formSetAutoPing." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:w9_firmware:1.0.0.7\\(4456\\)_cn:*:*:*:*:*:*:*", + "matchCriteriaId": "AA838176-0BF8-4BBA-93A8-E367251F27E2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:w9:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D015C5A3-DF6D-45B7-B669-9CCD50C5E704" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/GD008/TENDA/blob/main/W9/W9_setAutoPing/W9_setAutoPing.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51098.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51098.json index 3842fd50ac5..5722db300f4 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51098.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51098.json @@ -2,19 +2,91 @@ "id": "CVE-2023-51098", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:08.367", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:19:08.387", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the function formSetDiagnoseInfo ." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Tenda W9 V1.0.0.7(4456)_CN contiene una vulnerabilidad de inyecci\u00f3n de comandos a trav\u00e9s de la funci\u00f3n formSetDiagnoseInfo." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:w9_firmware:1.0.0.7\\(4456\\)_cn:*:*:*:*:*:*:*", + "matchCriteriaId": "AA838176-0BF8-4BBA-93A8-E367251F27E2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:w9:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D015C5A3-DF6D-45B7-B669-9CCD50C5E704" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/GD008/TENDA/blob/main/W9/W9_setDiagnoseInfo/W9_setDiagnoseInfo.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51099.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51099.json index 1db0ee94105..e4810d01ba6 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51099.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51099.json @@ -2,19 +2,91 @@ "id": "CVE-2023-51099", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:08.413", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:19:10.323", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the function formexeCommand ." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Tenda W9 V1.0.0.7(4456)_CN contiene una vulnerabilidad de inyecci\u00f3n de comandos a trav\u00e9s de la funci\u00f3n formexeCommand." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:w9_firmware:1.0.0.7\\(4456\\)_cn:*:*:*:*:*:*:*", + "matchCriteriaId": "AA838176-0BF8-4BBA-93A8-E367251F27E2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:w9:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D015C5A3-DF6D-45B7-B669-9CCD50C5E704" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/GD008/TENDA/blob/main/W9/W9_execommand/W9_execommand.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-511xx/CVE-2023-51100.json b/CVE-2023/CVE-2023-511xx/CVE-2023-51100.json index a4f5d9e1133..a5259e66443 100644 --- a/CVE-2023/CVE-2023-511xx/CVE-2023-51100.json +++ b/CVE-2023/CVE-2023-511xx/CVE-2023-51100.json @@ -2,19 +2,91 @@ "id": "CVE-2023-51100", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:08.460", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:19:12.080", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the function formGetDiagnoseInfo ." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Tenda W9 V1.0.0.7(4456)_CN contiene una vulnerabilidad de inyecci\u00f3n de comandos a trav\u00e9s de la funci\u00f3n formGetDiagnoseInfo." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:w9_firmware:1.0.0.7\\(4456\\)_cn:*:*:*:*:*:*:*", + "matchCriteriaId": "AA838176-0BF8-4BBA-93A8-E367251F27E2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:w9:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D015C5A3-DF6D-45B7-B669-9CCD50C5E704" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/GD008/TENDA/blob/main/W9/W9_getDiagnoseInfo/W9_getDiagnoseInfo.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-511xx/CVE-2023-51101.json b/CVE-2023/CVE-2023-511xx/CVE-2023-51101.json index 0e249b8ba3e..1a6557fb266 100644 --- a/CVE-2023/CVE-2023-511xx/CVE-2023-51101.json +++ b/CVE-2023/CVE-2023-511xx/CVE-2023-51101.json @@ -2,19 +2,91 @@ "id": "CVE-2023-51101", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:08.510", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:19:13.923", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formSetUplinkInfo." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Tenda W9 V1.0.0.7(4456)_CN conten\u00eda un desbordamiento de pila a trav\u00e9s de la funci\u00f3n formSetUplinkInfo." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:w9_firmware:1.0.0.7\\(4456\\)_cn:*:*:*:*:*:*:*", + "matchCriteriaId": "AA838176-0BF8-4BBA-93A8-E367251F27E2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:w9:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D015C5A3-DF6D-45B7-B669-9CCD50C5E704" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/GD008/TENDA/blob/main/W9/W9_setUplinkInfo/W9_setUplinkInfo.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-511xx/CVE-2023-51102.json b/CVE-2023/CVE-2023-511xx/CVE-2023-51102.json index 5ebc6a45029..71ca8c103b5 100644 --- a/CVE-2023/CVE-2023-511xx/CVE-2023-51102.json +++ b/CVE-2023/CVE-2023-511xx/CVE-2023-51102.json @@ -2,19 +2,91 @@ "id": "CVE-2023-51102", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:08.657", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:19:15.973", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formWifiMacFilterSet." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Tenda W9 V1.0.0.7(4456)_CN conten\u00eda un desbordamiento de pila a trav\u00e9s de la funci\u00f3n formWifiMacFilterSet." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:w9_firmware:1.0.0.7\\(4456\\)_cn:*:*:*:*:*:*:*", + "matchCriteriaId": "AA838176-0BF8-4BBA-93A8-E367251F27E2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:w9:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D015C5A3-DF6D-45B7-B669-9CCD50C5E704" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/GD008/TENDA/blob/main/W9/W9_WifiMacFilterSet/W9_WifiMacFilterSet.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7018.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7018.json index ac448e78cd5..48021b2d626 100644 --- a/CVE-2023/CVE-2023-70xx/CVE-2023-7018.json +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7018.json @@ -2,15 +2,41 @@ "id": "CVE-2023-7018", "sourceIdentifier": "security@huntr.dev", "published": "2023-12-20T17:15:08.823", - "lastModified": "2023-12-20T19:52:41.030", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:13:12.367", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36." + }, + { + "lang": "es", + "value": "Deserializaci\u00f3n de datos que no son de confianza en el repositorio de GitHub huggingface/transformers anteriores a 4.36." } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,14 +72,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:huggingface:transformers:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.36.0", + "matchCriteriaId": "A7A810D1-9219-4534-83E2-F3FC5402E521" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/huggingface/transformers/commit/1d63b0ec361e7a38f1339385e8a5a855085532ce", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.com/bounties/e1a3e548-e53a-48df-b708-9ee62140963c", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7040.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7040.json index 90ea459f7e1..2f36282ea27 100644 --- a/CVE-2023/CVE-2023-70xx/CVE-2023-7040.json +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7040.json @@ -2,8 +2,8 @@ "id": "CVE-2023-7040", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-21T20:15:08.553", - "lastModified": "2023-12-22T12:18:32.690", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:25:06.460", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -75,18 +95,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codelyfe:stupid_simple_cms:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.2.4", + "matchCriteriaId": "700DA84E-DA65-4B87-B847-E4C61E24F5D1" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/g1an123/POC/blob/main/Unauthorized%20file%20read.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.248689", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.248689", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7091.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7091.json index dd6f57f46b4..90a622324bc 100644 --- a/CVE-2023/CVE-2023-70xx/CVE-2023-7091.json +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7091.json @@ -2,16 +2,40 @@ "id": "CVE-2023-7091", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-24T21:15:25.530", - "lastModified": "2023-12-25T03:08:09.833", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:15:29.733", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Dreamer CMS 4.1.3. It has been declared as problematic. This vulnerability affects unknown code of the file /upload/uploadFile. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-248938 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en Dreamer CMS 4.1.3. Ha sido declarada problem\u00e1tica. Esta vulnerabilidad afecta a c\u00f3digo desconocido del archivo /upload/uploadFile. La manipulaci\u00f3n del archivo de argumentos conduce a una carga sin restricciones. El ataque se puede iniciar de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. VDB-248938 es el identificador asignado a esta vulnerabilidad. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna forma." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:iteachyou:dreamer_cms:4.1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "113EEBC1-2B91-4AE0-995F-E24A4AD607BC" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/sweatxi/BugHub/blob/main/Dreamer-CMS.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.248938", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.248938", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7096.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7096.json index 829d85cb7c4..98c3cf68eae 100644 --- a/CVE-2023/CVE-2023-70xx/CVE-2023-7096.json +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7096.json @@ -2,16 +2,40 @@ "id": "CVE-2023-7096", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-25T01:15:08.457", - "lastModified": "2023-12-25T03:08:09.833", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:16:06.620", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in code-projects Faculty Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/php/crud.php. The manipulation of the argument fieldname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248948." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en los proyectos de c\u00f3digo Faculty Management System 1.0. Ha sido calificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo /admin/php/crud.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento fieldname conduce a la inyecci\u00f3n de SQL. El ataque puede lanzarse de forma remota. La explotaci\u00f3n ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-248948." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:carmelogarcia:faculty_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "4EA917DA-4616-4066-91A4-AB48022B2D78" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Glunko/vulnerability/blob/main/Faculty-Management-System_sql.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.248948", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.248948", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7097.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7097.json index 6b7a7e1c720..e4b2778eb1b 100644 --- a/CVE-2023/CVE-2023-70xx/CVE-2023-7097.json +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7097.json @@ -2,16 +2,40 @@ "id": "CVE-2023-7097", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-25T02:15:44.337", - "lastModified": "2023-12-25T03:08:09.833", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:18:18.157", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical has been found in code-projects Water Billing System 1.0. This affects an unknown part of the file /addbill.php. The manipulation of the argument owners_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248949 was assigned to this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad ha sido encontrada en code-projects Water Billing System 1.0 y clasificada como cr\u00edtica. Esto afecta a una parte desconocida del archivo /addbill.php. La manipulaci\u00f3n del argumento owners_id conduce a la inyecci\u00f3n SQL. Es posible iniciar el ataque de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-248949." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -60,6 +84,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +105,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fabianros:water_billing_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "51D0A518-2E14-4B20-AE40-5B1F7564B4FA" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Glunko/vulnerability/blob/main/Water-Billing-System_sql.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.248949", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.248949", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-71xx/CVE-2023-7111.json b/CVE-2023/CVE-2023-71xx/CVE-2023-7111.json index a9c3c448235..32bb852c50d 100644 --- a/CVE-2023/CVE-2023-71xx/CVE-2023-7111.json +++ b/CVE-2023/CVE-2023-71xx/CVE-2023-7111.json @@ -2,8 +2,8 @@ "id": "CVE-2023-7111", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-26T03:15:09.040", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-30T03:18:29.320", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -75,18 +95,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fabianros:library_management_system:2.0:*:*:*:*:*:*:*", + "matchCriteriaId": "421B1EEE-61E9-48D8-BE67-A8346F3CC55E" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/h4md153v63n/CVEs/blob/main/Library-Management-System/Library-Management-System_SQL_Injection-3.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.249006", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.249006", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 52da73683e4..2b5ae32626b 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-12-30T03:00:24.750902+00:00 +2023-12-30T05:00:25.020170+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-12-30T02:15:08.447000+00:00 +2023-12-30T04:15:08.250000+00:00 ``` ### Last Data Feed Release @@ -29,22 +29,50 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -234541 +234547 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `6` -* [CVE-2023-41542](CVE-2023/CVE-2023-415xx/CVE-2023-41542.json) (`2023-12-30T02:15:08.393`) -* [CVE-2023-41543](CVE-2023/CVE-2023-415xx/CVE-2023-41543.json) (`2023-12-30T02:15:08.447`) +* [CVE-2022-46486](CVE-2022/CVE-2022-464xx/CVE-2022-46486.json) (`2023-12-30T03:15:08.173`) +* [CVE-2022-46487](CVE-2022/CVE-2022-464xx/CVE-2022-46487.json) (`2023-12-30T03:15:08.233`) +* [CVE-2023-38021](CVE-2023/CVE-2023-380xx/CVE-2023-38021.json) (`2023-12-30T03:15:08.303`) +* [CVE-2023-38022](CVE-2023/CVE-2023-380xx/CVE-2023-38022.json) (`2023-12-30T03:15:08.360`) +* [CVE-2023-38023](CVE-2023/CVE-2023-380xx/CVE-2023-38023.json) (`2023-12-30T03:15:08.413`) +* [CVE-2023-41544](CVE-2023/CVE-2023-415xx/CVE-2023-41544.json) (`2023-12-30T04:15:08.250`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `27` -* [CVE-2023-51765](CVE-2023/CVE-2023-517xx/CVE-2023-51765.json) (`2023-12-30T01:15:09.577`) +* [CVE-2023-49752](CVE-2023/CVE-2023-497xx/CVE-2023-49752.json) (`2023-12-30T03:13:36.437`) +* [CVE-2023-50832](CVE-2023/CVE-2023-508xx/CVE-2023-50832.json) (`2023-12-30T03:14:20.717`) +* [CVE-2023-32747](CVE-2023/CVE-2023-327xx/CVE-2023-32747.json) (`2023-12-30T03:14:43.520`) +* [CVE-2023-48795](CVE-2023/CVE-2023-487xx/CVE-2023-48795.json) (`2023-12-30T03:15:08.467`) +* [CVE-2023-32799](CVE-2023/CVE-2023-327xx/CVE-2023-32799.json) (`2023-12-30T03:15:10.643`) +* [CVE-2023-7091](CVE-2023/CVE-2023-70xx/CVE-2023-7091.json) (`2023-12-30T03:15:29.733`) +* [CVE-2023-7096](CVE-2023/CVE-2023-70xx/CVE-2023-7096.json) (`2023-12-30T03:16:06.620`) +* [CVE-2023-7097](CVE-2023/CVE-2023-70xx/CVE-2023-7097.json) (`2023-12-30T03:18:18.157`) +* [CVE-2023-7111](CVE-2023/CVE-2023-71xx/CVE-2023-7111.json) (`2023-12-30T03:18:29.320`) +* [CVE-2023-51095](CVE-2023/CVE-2023-510xx/CVE-2023-51095.json) (`2023-12-30T03:18:50.037`) +* [CVE-2023-51090](CVE-2023/CVE-2023-510xx/CVE-2023-51090.json) (`2023-12-30T03:18:55.947`) +* [CVE-2023-51091](CVE-2023/CVE-2023-510xx/CVE-2023-51091.json) (`2023-12-30T03:18:57.887`) +* [CVE-2023-51092](CVE-2023/CVE-2023-510xx/CVE-2023-51092.json) (`2023-12-30T03:19:01.717`) +* [CVE-2023-51093](CVE-2023/CVE-2023-510xx/CVE-2023-51093.json) (`2023-12-30T03:19:03.393`) +* [CVE-2023-51094](CVE-2023/CVE-2023-510xx/CVE-2023-51094.json) (`2023-12-30T03:19:05.307`) +* [CVE-2023-51097](CVE-2023/CVE-2023-510xx/CVE-2023-51097.json) (`2023-12-30T03:19:06.583`) +* [CVE-2023-51098](CVE-2023/CVE-2023-510xx/CVE-2023-51098.json) (`2023-12-30T03:19:08.387`) +* [CVE-2023-51099](CVE-2023/CVE-2023-510xx/CVE-2023-51099.json) (`2023-12-30T03:19:10.323`) +* [CVE-2023-51100](CVE-2023/CVE-2023-511xx/CVE-2023-51100.json) (`2023-12-30T03:19:12.080`) +* [CVE-2023-51101](CVE-2023/CVE-2023-511xx/CVE-2023-51101.json) (`2023-12-30T03:19:13.923`) +* [CVE-2023-51102](CVE-2023/CVE-2023-511xx/CVE-2023-51102.json) (`2023-12-30T03:19:15.973`) +* [CVE-2023-47191](CVE-2023/CVE-2023-471xx/CVE-2023-47191.json) (`2023-12-30T03:20:37.497`) +* [CVE-2023-49765](CVE-2023/CVE-2023-497xx/CVE-2023-49765.json) (`2023-12-30T03:21:01.940`) +* [CVE-2023-50834](CVE-2023/CVE-2023-508xx/CVE-2023-50834.json) (`2023-12-30T03:23:31.073`) +* [CVE-2023-7040](CVE-2023/CVE-2023-70xx/CVE-2023-7040.json) (`2023-12-30T03:25:06.460`) ## Download and Usage