From b5343aa2c667ba1315723f1e4a9b46dfa27929a1 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 14 Jun 2023 16:00:29 +0000 Subject: [PATCH] Auto-Update: 2023-06-14T16:00:26.357416+00:00 --- CVE-2020/CVE-2020-224xx/CVE-2020-22402.json | 20 ++++ CVE-2021/CVE-2021-312xx/CVE-2021-31280.json | 20 ++++ CVE-2021/CVE-2021-43xx/CVE-2021-4381.json | 71 +++++++++++++- CVE-2021/CVE-2021-43xx/CVE-2021-4382.json | 72 ++++++++++++-- CVE-2021/CVE-2021-450xx/CVE-2021-45039.json | 69 ++++++++++++- CVE-2023/CVE-2023-07xx/CVE-2023-0710.json | 52 +++++++++- CVE-2023/CVE-2023-07xx/CVE-2023-0721.json | 57 ++++++++++- CVE-2023/CVE-2023-248xx/CVE-2023-24895.json | 43 +++++++++ CVE-2023/CVE-2023-248xx/CVE-2023-24897.json | 43 +++++++++ CVE-2023/CVE-2023-249xx/CVE-2023-24936.json | 43 +++++++++ CVE-2023/CVE-2023-251xx/CVE-2023-25177.json | 49 +++++++++- CVE-2023/CVE-2023-25xx/CVE-2023-2541.json | 57 ++++++++++- CVE-2023/CVE-2023-283xx/CVE-2023-28310.json | 43 +++++++++ CVE-2023/CVE-2023-293xx/CVE-2023-29326.json | 43 +++++++++ CVE-2023/CVE-2023-293xx/CVE-2023-29331.json | 43 +++++++++ CVE-2023/CVE-2023-293xx/CVE-2023-29337.json | 43 +++++++++ CVE-2023/CVE-2023-29xx/CVE-2023-2986.json | 62 ++++++++++-- CVE-2023/CVE-2023-305xx/CVE-2023-30575.json | 60 +++++++++++- CVE-2023/CVE-2023-305xx/CVE-2023-30576.json | 49 +++++++++- CVE-2023/CVE-2023-311xx/CVE-2023-31115.json | 102 +++++++++++++++++++- CVE-2023/CVE-2023-311xx/CVE-2023-31116.json | 102 +++++++++++++++++++- CVE-2023/CVE-2023-314xx/CVE-2023-31486.json | 6 +- CVE-2023/CVE-2023-31xx/CVE-2023-3121.json | 73 ++++++++++++-- CVE-2023/CVE-2023-320xx/CVE-2023-32024.json | 43 +++++++++ CVE-2023/CVE-2023-320xx/CVE-2023-32030.json | 43 +++++++++ CVE-2023/CVE-2023-320xx/CVE-2023-32031.json | 43 +++++++++ CVE-2023/CVE-2023-324xx/CVE-2023-32465.json | 55 +++++++++++ CVE-2023/CVE-2023-332xx/CVE-2023-33282.json | 75 +++++++++++++- CVE-2023/CVE-2023-341xx/CVE-2023-34101.json | 59 +++++++++++ CVE-2023/CVE-2023-341xx/CVE-2023-34149.json | 6 +- CVE-2023/CVE-2023-343xx/CVE-2023-34396.json | 6 +- CVE-2023/CVE-2023-345xx/CVE-2023-34540.json | 20 ++++ CVE-2023/CVE-2023-345xx/CVE-2023-34566.json | 75 +++++++++++++- CVE-2023/CVE-2023-345xx/CVE-2023-34585.json | 20 ++++ CVE-2023/CVE-2023-346xx/CVE-2023-34609.json | 32 ++++++ CVE-2023/CVE-2023-346xx/CVE-2023-34610.json | 20 ++++ CVE-2023/CVE-2023-346xx/CVE-2023-34611.json | 20 ++++ CVE-2023/CVE-2023-346xx/CVE-2023-34612.json | 20 ++++ CVE-2023/CVE-2023-346xx/CVE-2023-34613.json | 20 ++++ CVE-2023/CVE-2023-346xx/CVE-2023-34614.json | 20 ++++ CVE-2023/CVE-2023-346xx/CVE-2023-34615.json | 20 ++++ CVE-2023/CVE-2023-346xx/CVE-2023-34616.json | 20 ++++ CVE-2023/CVE-2023-346xx/CVE-2023-34617.json | 20 ++++ CVE-2023/CVE-2023-346xx/CVE-2023-34620.json | 20 ++++ CVE-2023/CVE-2023-346xx/CVE-2023-34623.json | 20 ++++ CVE-2023/CVE-2023-346xx/CVE-2023-34624.json | 20 ++++ CVE-2023/CVE-2023-347xx/CVE-2023-34747.json | 20 ++++ CVE-2023/CVE-2023-347xx/CVE-2023-34750.json | 20 ++++ CVE-2023/CVE-2023-347xx/CVE-2023-34751.json | 20 ++++ CVE-2023/CVE-2023-347xx/CVE-2023-34752.json | 28 ++++++ CVE-2023/CVE-2023-347xx/CVE-2023-34753.json | 20 ++++ CVE-2023/CVE-2023-347xx/CVE-2023-34754.json | 20 ++++ CVE-2023/CVE-2023-347xx/CVE-2023-34755.json | 20 ++++ CVE-2023/CVE-2023-347xx/CVE-2023-34756.json | 20 ++++ CVE-2023/CVE-2023-348xx/CVE-2023-34823.json | 20 ++++ CVE-2023/CVE-2023-348xx/CVE-2023-34824.json | 20 ++++ CVE-2023/CVE-2023-348xx/CVE-2023-34865.json | 20 ++++ CVE-2023/CVE-2023-348xx/CVE-2023-34878.json | 20 ++++ CVE-2023/CVE-2023-351xx/CVE-2023-35110.json | 20 ++++ CVE-2023/CVE-2023-351xx/CVE-2023-35116.json | 20 ++++ CVE-2023/CVE-2023-351xx/CVE-2023-35141.json | 8 +- CVE-2023/CVE-2023-351xx/CVE-2023-35142.json | 8 +- CVE-2023/CVE-2023-351xx/CVE-2023-35143.json | 8 +- CVE-2023/CVE-2023-351xx/CVE-2023-35144.json | 8 +- CVE-2023/CVE-2023-351xx/CVE-2023-35145.json | 8 +- CVE-2023/CVE-2023-351xx/CVE-2023-35146.json | 8 +- CVE-2023/CVE-2023-351xx/CVE-2023-35147.json | 8 +- CVE-2023/CVE-2023-351xx/CVE-2023-35148.json | 8 +- CVE-2023/CVE-2023-351xx/CVE-2023-35149.json | 8 +- README.md | 96 ++++++++++-------- 70 files changed, 2244 insertions(+), 131 deletions(-) create mode 100644 CVE-2020/CVE-2020-224xx/CVE-2020-22402.json create mode 100644 CVE-2021/CVE-2021-312xx/CVE-2021-31280.json create mode 100644 CVE-2023/CVE-2023-248xx/CVE-2023-24895.json create mode 100644 CVE-2023/CVE-2023-248xx/CVE-2023-24897.json create mode 100644 CVE-2023/CVE-2023-249xx/CVE-2023-24936.json create mode 100644 CVE-2023/CVE-2023-283xx/CVE-2023-28310.json create mode 100644 CVE-2023/CVE-2023-293xx/CVE-2023-29326.json create mode 100644 CVE-2023/CVE-2023-293xx/CVE-2023-29331.json create mode 100644 CVE-2023/CVE-2023-293xx/CVE-2023-29337.json create mode 100644 CVE-2023/CVE-2023-320xx/CVE-2023-32024.json create mode 100644 CVE-2023/CVE-2023-320xx/CVE-2023-32030.json create mode 100644 CVE-2023/CVE-2023-320xx/CVE-2023-32031.json create mode 100644 CVE-2023/CVE-2023-324xx/CVE-2023-32465.json create mode 100644 CVE-2023/CVE-2023-341xx/CVE-2023-34101.json create mode 100644 CVE-2023/CVE-2023-345xx/CVE-2023-34540.json create mode 100644 CVE-2023/CVE-2023-345xx/CVE-2023-34585.json create mode 100644 CVE-2023/CVE-2023-346xx/CVE-2023-34609.json create mode 100644 CVE-2023/CVE-2023-346xx/CVE-2023-34610.json create mode 100644 CVE-2023/CVE-2023-346xx/CVE-2023-34611.json create mode 100644 CVE-2023/CVE-2023-346xx/CVE-2023-34612.json create mode 100644 CVE-2023/CVE-2023-346xx/CVE-2023-34613.json create mode 100644 CVE-2023/CVE-2023-346xx/CVE-2023-34614.json create mode 100644 CVE-2023/CVE-2023-346xx/CVE-2023-34615.json create mode 100644 CVE-2023/CVE-2023-346xx/CVE-2023-34616.json create mode 100644 CVE-2023/CVE-2023-346xx/CVE-2023-34617.json create mode 100644 CVE-2023/CVE-2023-346xx/CVE-2023-34620.json create mode 100644 CVE-2023/CVE-2023-346xx/CVE-2023-34623.json create mode 100644 CVE-2023/CVE-2023-346xx/CVE-2023-34624.json create mode 100644 CVE-2023/CVE-2023-347xx/CVE-2023-34747.json create mode 100644 CVE-2023/CVE-2023-347xx/CVE-2023-34750.json create mode 100644 CVE-2023/CVE-2023-347xx/CVE-2023-34751.json create mode 100644 CVE-2023/CVE-2023-347xx/CVE-2023-34752.json create mode 100644 CVE-2023/CVE-2023-347xx/CVE-2023-34753.json create mode 100644 CVE-2023/CVE-2023-347xx/CVE-2023-34754.json create mode 100644 CVE-2023/CVE-2023-347xx/CVE-2023-34755.json create mode 100644 CVE-2023/CVE-2023-347xx/CVE-2023-34756.json create mode 100644 CVE-2023/CVE-2023-348xx/CVE-2023-34823.json create mode 100644 CVE-2023/CVE-2023-348xx/CVE-2023-34824.json create mode 100644 CVE-2023/CVE-2023-348xx/CVE-2023-34865.json create mode 100644 CVE-2023/CVE-2023-348xx/CVE-2023-34878.json create mode 100644 CVE-2023/CVE-2023-351xx/CVE-2023-35110.json create mode 100644 CVE-2023/CVE-2023-351xx/CVE-2023-35116.json diff --git a/CVE-2020/CVE-2020-224xx/CVE-2020-22402.json b/CVE-2020/CVE-2020-224xx/CVE-2020-22402.json new file mode 100644 index 00000000000..342c327d1db --- /dev/null +++ b/CVE-2020/CVE-2020-224xx/CVE-2020-22402.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-22402", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:09.440", + "lastModified": "2023-06-14T15:30:58.900", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Scripting (XSS) vulnerability in SOGo Web Mail before 4.3.1 allows attackers to obtain user sensitive information when a user reads an email containing malicious code." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sogo.nu/bugs/view.php?id=4979", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-312xx/CVE-2021-31280.json b/CVE-2021/CVE-2021-312xx/CVE-2021-31280.json new file mode 100644 index 00000000000..1882b286e44 --- /dev/null +++ b/CVE-2021/CVE-2021-312xx/CVE-2021-31280.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2021-31280", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:09.517", + "lastModified": "2023-06-14T15:30:58.900", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in tp5cms through 2017-05-25. admin.php/system/set.html has XSS via the keywords parameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/fmsdwifull/tp5cms/issues/8", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-43xx/CVE-2021-4381.json b/CVE-2021/CVE-2021-43xx/CVE-2021-4381.json index 960277e1f56..12d01580291 100644 --- a/CVE-2021/CVE-2021-43xx/CVE-2021-4381.json +++ b/CVE-2021/CVE-2021-43xx/CVE-2021-4381.json @@ -2,16 +2,40 @@ "id": "CVE-2021-4381", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-07T02:15:15.470", - "lastModified": "2023-06-07T02:44:48.507", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-14T15:42:02.547", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The uListing plugin for WordPress is vulnerable to authorization bypass via wp_route due to missing capability checks, and a missing security nonce, in the StmListingSingleLayout::import_new_layout method in versions up to, and including, 1.6.6. This makes it possible for unauthenticated attackers to change any WordPress option in the database." + }, + { + "lang": "es", + "value": "El plugin uListing para WordPress es vulnerable a la omisi\u00f3n de autorizaci\u00f3n a trav\u00e9s de \"wp_route\" debido a la falta de comprobaciones de capacidad, y la falta de un nonce de seguridad, en el m\u00e9todo \"StmListingSingleLayout::import_new_layout\" en versiones hasta la v1.6.6 inclusive. Esto hace posible que atacantes no autenticados cambien cualquier opci\u00f3n de WordPress en la base de datos. " } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -46,18 +80,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:stylemixthemes:ulisting:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.7", + "matchCriteriaId": "045B1417-6884-484C-A5A7-9ACA2CE971F2" + } + ] + } + ] + } + ], "references": [ { "url": "https://blog.nintechnet.com/wordpress-ulisting-plugin-fixed-multiple-critical-vulnerabilities/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2456786%40ulisting&new=2456786%40ulisting&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ff5755dc-2262-47f6-ac3a-6bca9529d088?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-43xx/CVE-2021-4382.json b/CVE-2021/CVE-2021-43xx/CVE-2021-4382.json index b67ff39ea83..3b2f71066e1 100644 --- a/CVE-2021/CVE-2021-43xx/CVE-2021-4382.json +++ b/CVE-2021/CVE-2021-43xx/CVE-2021-4382.json @@ -2,8 +2,8 @@ "id": "CVE-2021-4382", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-07T02:15:15.540", - "lastModified": "2023-06-07T02:44:48.507", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-14T15:43:54.007", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -46,22 +76,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:recently_project:recently:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.0.5", + "matchCriteriaId": "4FDC2CB0-EF34-4018-B098-DE06A075627B" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/2542693", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://wpscan.com/vulnerability/92c3f26a-1a84-459a-874b-07dc83c9f42a", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-recently-multiple-vulnerabilities-3-0-4/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f8297149-2de3-4e49-80f9-6ea59dea6bce?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-450xx/CVE-2021-45039.json b/CVE-2021/CVE-2021-450xx/CVE-2021-45039.json index 19a51d3f676..937b12a9d63 100644 --- a/CVE-2021/CVE-2021-450xx/CVE-2021-45039.json +++ b/CVE-2021/CVE-2021-450xx/CVE-2021-45039.json @@ -2,23 +2,82 @@ "id": "CVE-2021-45039", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-31T20:15:10.210", - "lastModified": "2023-06-01T01:17:03.663", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-14T15:29:37.373", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Multiple models of the Uniview IP Camera (e.g., IPC_G6103 B6103.16.10.B25.201218, IPC_G61, IPC21, IPC23, IPC32, IPC36, IPC62, and IPC_HCMN) offer an undocumented UDP service on port 7788 that allows a remote unauthenticated attacker to overflow an internal buffer and achieve code execution. By using this buffer overflow, a remote attacker can start the telnetd service. This service has a hardcoded default username and password (root/123456). Although it has a restrictive shell, this can be easily bypassed via the built-in ECHO shell command." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:uniview:camera_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5193EE14-B4B7-4708-BD58-F0DD2DB0F0CD" + } + ] + } + ] + } + ], "references": [ { "url": "https://ssd-disclosure.com/ssd-advisory--uniview-preauth-rce/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://www.uniview.com/About_Us/Security/Notice/202112/920471_140493_0.htm", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-07xx/CVE-2023-0710.json b/CVE-2023/CVE-2023-07xx/CVE-2023-0710.json index 097e8742d4a..8e2ea3edd88 100644 --- a/CVE-2023/CVE-2023-07xx/CVE-2023-0710.json +++ b/CVE-2023/CVE-2023-07xx/CVE-2023-0710.json @@ -2,8 +2,8 @@ "id": "CVE-2023-0710", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-09T06:15:53.053", - "lastModified": "2023-06-09T13:03:43.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-14T14:39:39.980", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -46,14 +66,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpmet:metform_elementor_contact_form_builder:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.3.0", + "matchCriteriaId": "76FAF3C1-7141-4E7C-ACBA-CD47256F31FA" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/89a98053-33c7-4e75-87a1-0f483a990641?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-07xx/CVE-2023-0721.json b/CVE-2023/CVE-2023-07xx/CVE-2023-0721.json index f23eab5e1ce..af746ed9cb7 100644 --- a/CVE-2023/CVE-2023-07xx/CVE-2023-0721.json +++ b/CVE-2023/CVE-2023-07xx/CVE-2023-0721.json @@ -2,8 +2,8 @@ "id": "CVE-2023-0721", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-09T06:15:53.530", - "lastModified": "2023-06-09T13:03:43.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-14T14:58:46.843", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -46,18 +66,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpmet:metform_elementor_contact_form_builder:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.3.0", + "matchCriteriaId": "76FAF3C1-7141-4E7C-ACBA-CD47256F31FA" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/metform/trunk/core/entries/export.php?rev=2845078", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/2907471/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ccd85a72-1872-4c4f-8ba7-7f91b0b37d4a?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-248xx/CVE-2023-24895.json b/CVE-2023/CVE-2023-248xx/CVE-2023-24895.json new file mode 100644 index 00000000000..6196a5e3e49 --- /dev/null +++ b/CVE-2023/CVE-2023-248xx/CVE-2023-24895.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-24895", + "sourceIdentifier": "secure@microsoft.com", + "published": "2023-06-14T15:15:09.433", + "lastModified": "2023-06-14T15:30:49.300", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@microsoft.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24895", + "source": "secure@microsoft.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-248xx/CVE-2023-24897.json b/CVE-2023/CVE-2023-248xx/CVE-2023-24897.json new file mode 100644 index 00000000000..0c7dde5daaa --- /dev/null +++ b/CVE-2023/CVE-2023-248xx/CVE-2023-24897.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-24897", + "sourceIdentifier": "secure@microsoft.com", + "published": "2023-06-14T15:15:09.503", + "lastModified": "2023-06-14T15:30:49.300", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@microsoft.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24897", + "source": "secure@microsoft.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-249xx/CVE-2023-24936.json b/CVE-2023/CVE-2023-249xx/CVE-2023-24936.json new file mode 100644 index 00000000000..4c55d6f2f3d --- /dev/null +++ b/CVE-2023/CVE-2023-249xx/CVE-2023-24936.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-24936", + "sourceIdentifier": "secure@microsoft.com", + "published": "2023-06-14T15:15:09.563", + "lastModified": "2023-06-14T15:30:49.300", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": ".NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@microsoft.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24936", + "source": "secure@microsoft.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25177.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25177.json index c1f06ae4907..a689e4c887e 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25177.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25177.json @@ -2,8 +2,8 @@ "id": "CVE-2023-25177", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2023-06-07T21:15:13.193", - "lastModified": "2023-06-07T21:36:36.773", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-14T14:01:14.447", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "ics-cert@hq.dhs.gov", "type": "Secondary", @@ -46,10 +66,33 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:deltaww:cncsoft-b:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.0.0.4", + "matchCriteriaId": "1FDB1A38-9200-4286-B14C-7C06CF2A3DFF" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-157-01", - "source": "ics-cert@hq.dhs.gov" + "source": "ics-cert@hq.dhs.gov", + "tags": [ + "Patch", + "Third Party Advisory", + "US Government Resource" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-25xx/CVE-2023-2541.json b/CVE-2023/CVE-2023-25xx/CVE-2023-2541.json index fbdbae4e834..8ca57d91b35 100644 --- a/CVE-2023/CVE-2023-25xx/CVE-2023-2541.json +++ b/CVE-2023/CVE-2023-25xx/CVE-2023-2541.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2541", "sourceIdentifier": "security@knime.com", "published": "2023-06-07T09:15:09.267", - "lastModified": "2023-06-07T12:52:33.093", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-14T14:51:56.287", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "security@knime.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "security@knime.com", "type": "Secondary", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:knime:business_hub:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.4.0", + "matchCriteriaId": "247C553F-E9B6-4371-865B-8677893F5FB3" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.knime.com/security/advisories#CVE-2023-2541", - "source": "security@knime.com" + "source": "security@knime.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-283xx/CVE-2023-28310.json b/CVE-2023/CVE-2023-283xx/CVE-2023-28310.json new file mode 100644 index 00000000000..65b37e7afd2 --- /dev/null +++ b/CVE-2023/CVE-2023-283xx/CVE-2023-28310.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-28310", + "sourceIdentifier": "secure@microsoft.com", + "published": "2023-06-14T15:15:09.630", + "lastModified": "2023-06-14T15:30:49.300", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Microsoft Exchange Server Remote Code Execution Vulnerability" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@microsoft.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.1, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28310", + "source": "secure@microsoft.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-293xx/CVE-2023-29326.json b/CVE-2023/CVE-2023-293xx/CVE-2023-29326.json new file mode 100644 index 00000000000..32b6bd9b20a --- /dev/null +++ b/CVE-2023/CVE-2023-293xx/CVE-2023-29326.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-29326", + "sourceIdentifier": "secure@microsoft.com", + "published": "2023-06-14T15:15:09.693", + "lastModified": "2023-06-14T15:30:49.300", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": ".NET Framework Remote Code Execution Vulnerability" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@microsoft.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29326", + "source": "secure@microsoft.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-293xx/CVE-2023-29331.json b/CVE-2023/CVE-2023-293xx/CVE-2023-29331.json new file mode 100644 index 00000000000..6808c40bad8 --- /dev/null +++ b/CVE-2023/CVE-2023-293xx/CVE-2023-29331.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-29331", + "sourceIdentifier": "secure@microsoft.com", + "published": "2023-06-14T15:15:09.763", + "lastModified": "2023-06-14T15:30:49.300", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": ".NET, .NET Framework, and Visual Studio Denial of Service Vulnerability" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@microsoft.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29331", + "source": "secure@microsoft.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-293xx/CVE-2023-29337.json b/CVE-2023/CVE-2023-293xx/CVE-2023-29337.json new file mode 100644 index 00000000000..7f2b2e70547 --- /dev/null +++ b/CVE-2023/CVE-2023-293xx/CVE-2023-29337.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-29337", + "sourceIdentifier": "secure@microsoft.com", + "published": "2023-06-14T15:15:09.827", + "lastModified": "2023-06-14T15:30:49.300", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "NuGet Client Remote Code Execution Vulnerability" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@microsoft.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29337", + "source": "secure@microsoft.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-29xx/CVE-2023-2986.json b/CVE-2023/CVE-2023-29xx/CVE-2023-2986.json index ccca65b5249..a06886c4ad1 100644 --- a/CVE-2023/CVE-2023-29xx/CVE-2023-2986.json +++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2986.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2986", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-08T02:15:09.217", - "lastModified": "2023-06-08T02:44:28.663", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-14T15:18:04.487", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -46,22 +66,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tychesoftwares:abandoned_cart_lite_for_woocommerce:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "5.14.2", + "matchCriteriaId": "A8CB7568-7258-4D98-8DD3-AD0FF63820D6" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/woocommerce-abandoned-cart/trunk/woocommerce-ac.php#L1815", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/woocommerce-abandoned-cart/trunk/woocommerce-ac.php?rev=2916178#L1800", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/2922242/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/68052614-204f-4237-af0e-4b8210ebd59f?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-305xx/CVE-2023-30575.json b/CVE-2023/CVE-2023-305xx/CVE-2023-30575.json index 9be91f78089..ca3c0f424a4 100644 --- a/CVE-2023/CVE-2023-305xx/CVE-2023-30575.json +++ b/CVE-2023/CVE-2023-305xx/CVE-2023-30575.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30575", "sourceIdentifier": "security@apache.org", "published": "2023-06-07T09:15:09.993", - "lastModified": "2023-06-07T12:52:33.093", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-14T14:58:37.320", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "security@apache.org", "type": "Secondary", @@ -36,8 +56,18 @@ }, "weaknesses": [ { - "source": "security@apache.org", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-131" + } + ] + }, + { + "source": "security@apache.org", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +76,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:guacamole:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.5.2", + "matchCriteriaId": "AE5D0D8B-CE5F-4168-A1CB-4872610F5B67" + } + ] + } + ] + } + ], "references": [ { "url": "https://lists.apache.org/thread/tn63n2lon0h5p45oft834t1dqvvxownv", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-305xx/CVE-2023-30576.json b/CVE-2023/CVE-2023-305xx/CVE-2023-30576.json index e273b71c39b..0c93f6e1983 100644 --- a/CVE-2023/CVE-2023-305xx/CVE-2023-30576.json +++ b/CVE-2023/CVE-2023-305xx/CVE-2023-30576.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30576", "sourceIdentifier": "security@apache.org", "published": "2023-06-07T09:15:10.080", - "lastModified": "2023-06-07T12:52:33.093", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-14T14:33:16.713", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + }, { "source": "security@apache.org", "type": "Secondary", @@ -46,10 +66,33 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:guacamole:*:*:*:*:*:*:*:*", + "versionStartIncluding": "0.9.0", + "versionEndExcluding": "1.5.2", + "matchCriteriaId": "E7970D34-6918-473C-9F47-674134658E48" + } + ] + } + ] + } + ], "references": [ { "url": "https://lists.apache.org/thread/vgtvxb3w7mm84hx6v8dfc0onsoz05gb6", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31115.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31115.json index 7e1292afaf7..7e97fe58115 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31115.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31115.json @@ -2,19 +2,113 @@ "id": "CVE-2023-31115", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-07T21:15:13.407", - "lastModified": "2023-06-07T21:36:36.773", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-14T14:20:47.187", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause changes to the activation mode of RCS via a crafted application." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-669" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:exynos_5123_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EFFB4DF2-B55C-45BD-9073-56299E19B6DE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:samsung:exynos_5123:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A5954D95-E12B-487D-9744-361566788A2D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:exynos_5300_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6E2E6EE0-4271-43A3-9439-49F332D1FE1C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:samsung:exynos_5300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2F9B26D9-AA50-4652-AFC0-A6AC966B4770" + } + ] + } + ] + } + ], "references": [ { "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31116.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31116.json index 1fafe088019..c5bd252c611 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31116.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31116.json @@ -2,19 +2,113 @@ "id": "CVE-2023-31116", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-07T21:15:13.453", - "lastModified": "2023-06-07T21:36:36.773", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-14T15:10:20.783", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. An incorrect default permission can cause unintended querying of RCS capability via a crafted application." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:exynos_5123_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EFFB4DF2-B55C-45BD-9073-56299E19B6DE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:samsung:exynos_5123:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A5954D95-E12B-487D-9744-361566788A2D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:exynos_5300_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6E2E6EE0-4271-43A3-9439-49F332D1FE1C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:samsung:exynos_5300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2F9B26D9-AA50-4652-AFC0-A6AC966B4770" + } + ] + } + ] + } + ], "references": [ { "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-314xx/CVE-2023-31486.json b/CVE-2023/CVE-2023-314xx/CVE-2023-31486.json index 35856f09c52..8ad8083bd2b 100644 --- a/CVE-2023/CVE-2023-314xx/CVE-2023-31486.json +++ b/CVE-2023/CVE-2023-314xx/CVE-2023-31486.json @@ -2,12 +2,12 @@ "id": "CVE-2023-31486", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-29T00:15:09.083", - "lastModified": "2023-05-08T17:06:34.067", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-14T14:15:09.607", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates." + "value": "HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-31xx/CVE-2023-3121.json b/CVE-2023/CVE-2023-31xx/CVE-2023-3121.json index 5bd1580f419..a2fc4bcf97d 100644 --- a/CVE-2023/CVE-2023-31xx/CVE-2023-3121.json +++ b/CVE-2023/CVE-2023-31xx/CVE-2023-3121.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3121", "sourceIdentifier": "cna@vuldb.com", "published": "2023-06-06T11:15:10.337", - "lastModified": "2023-06-06T12:50:56.083", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-14T15:24:55.380", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,6 +15,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.1, + "impactScore": 2.5 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -65,7 +87,7 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -73,20 +95,59 @@ "value": "CWE-918" } ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dahuasecurity:smart_parking_management:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2023-05-28", + "matchCriteriaId": "AF8169B0-A1DD-4B8F-81BA-CBBBC9F63C67" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/RCEraser/cve/blob/main/DaHua..md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.230800", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.230800", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-320xx/CVE-2023-32024.json b/CVE-2023/CVE-2023-320xx/CVE-2023-32024.json new file mode 100644 index 00000000000..329f7897540 --- /dev/null +++ b/CVE-2023/CVE-2023-320xx/CVE-2023-32024.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-32024", + "sourceIdentifier": "secure@microsoft.com", + "published": "2023-06-14T15:15:09.893", + "lastModified": "2023-06-14T15:30:49.300", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Microsoft Power Apps Spoofing Vulnerability" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@microsoft.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.0, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.3, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32024", + "source": "secure@microsoft.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-320xx/CVE-2023-32030.json b/CVE-2023/CVE-2023-320xx/CVE-2023-32030.json new file mode 100644 index 00000000000..c6a1837c70d --- /dev/null +++ b/CVE-2023/CVE-2023-320xx/CVE-2023-32030.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-32030", + "sourceIdentifier": "secure@microsoft.com", + "published": "2023-06-14T15:15:09.953", + "lastModified": "2023-06-14T15:30:49.300", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": ".NET and Visual Studio Denial of Service Vulnerability" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@microsoft.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32030", + "source": "secure@microsoft.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-320xx/CVE-2023-32031.json b/CVE-2023/CVE-2023-320xx/CVE-2023-32031.json new file mode 100644 index 00000000000..bc6a5f583cc --- /dev/null +++ b/CVE-2023/CVE-2023-320xx/CVE-2023-32031.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-32031", + "sourceIdentifier": "secure@microsoft.com", + "published": "2023-06-14T15:15:10.013", + "lastModified": "2023-06-14T15:30:49.300", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Microsoft Exchange Server Remote Code Execution Vulnerability" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@microsoft.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32031", + "source": "secure@microsoft.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32465.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32465.json new file mode 100644 index 00000000000..f1129b9c31a --- /dev/null +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32465.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32465", + "sourceIdentifier": "security_alert@emc.com", + "published": "2023-06-14T14:15:09.727", + "lastModified": "2023-06-14T15:30:53.640", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nDell Power Protect Cyber Recovery, contains an Authentication Bypass vulnerability. An attacker could potentially exploit this vulnerability, leading to unauthorized admin access to the Cyber Recovery application. Exploitation may lead to complete system takeover by an attacker.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security_alert@emc.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security_alert@emc.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-644" + } + ] + } + ], + "references": [ + { + "url": "https://www.dell.com/support/kbdoc/en-us/000214943/dsa-2023-201-security-update-for-dell-powerprotect-cyber-recovery", + "source": "security_alert@emc.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33282.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33282.json index c40a057ebd9..02cbff3ee1a 100644 --- a/CVE-2023/CVE-2023-332xx/CVE-2023-33282.json +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33282.json @@ -2,23 +2,88 @@ "id": "CVE-2023-33282", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-07T20:15:09.740", - "lastModified": "2023-06-07T20:24:12.193", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-14T14:46:08.897", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Marval MSM through 14.19.0.12476 and 15.0 has a System account with default credentials. A remote attacker is able to login and create a valid session. This makes it possible to make backend calls to endpoints in the application." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:marvalglobal:msm:*:*:*:*:*:*:*:*", + "versionEndIncluding": "14.19.0.12476", + "matchCriteriaId": "82AD0D2F-E9D5-4BC2-96E1-6D7F0B260B9D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:marvalglobal:msm:15.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F24D5289-D1C3-4D57-9B61-FF1D7F2160D7" + } + ] + } + ] + } + ], "references": [ { "url": "https://marvalglobal.com/software/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://www.cyberskydd.se/cve/2023/CVE-2023-33282.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34101.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34101.json new file mode 100644 index 00000000000..ab8529dbe0f --- /dev/null +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34101.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-34101", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-06-14T15:15:10.073", + "lastModified": "2023-06-14T15:30:49.300", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Contiki-NG is an operating system for internet of things devices. In version 4.8 and prior, when processing ICMP DAO packets in the `dao_input_storing` function, the Contiki-NG OS does not verify that the packet buffer is big enough to contain the bytes it needs before accessing them. Up to 16 bytes can be read out of bounds in the `dao_input_storing` function. An attacker can truncate an ICMP packet so that it does not contain enough data, leading to an out-of-bounds read on these lines. The problem has been patched in the \"develop\" branch of Contiki-NG, and is expected to be included in release 4.9. As a workaround, one can apply the changes in Contiki-NG pull request #2435 to patch the system." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/contiki-ng/contiki-ng/pull/2435", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-fp66-ff6x-7w2w", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34149.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34149.json index e0fea9385a1..0ccfd0030f9 100644 --- a/CVE-2023/CVE-2023-341xx/CVE-2023-34149.json +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34149.json @@ -2,7 +2,7 @@ "id": "CVE-2023-34149", "sourceIdentifier": "security@apache.org", "published": "2023-06-14T08:15:09.450", - "lastModified": "2023-06-14T12:54:19.587", + "lastModified": "2023-06-14T15:15:10.147", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -47,6 +47,10 @@ } ], "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/06/14/2", + "source": "security@apache.org" + }, { "url": "https://cwiki.apache.org/confluence/display/WW/S2-063", "source": "security@apache.org" diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34396.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34396.json index 5f972e958d3..cf34ceba001 100644 --- a/CVE-2023/CVE-2023-343xx/CVE-2023-34396.json +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34396.json @@ -2,7 +2,7 @@ "id": "CVE-2023-34396", "sourceIdentifier": "security@apache.org", "published": "2023-06-14T08:15:09.520", - "lastModified": "2023-06-14T12:54:19.587", + "lastModified": "2023-06-14T15:15:10.217", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -47,6 +47,10 @@ } ], "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/06/14/3", + "source": "security@apache.org" + }, { "url": "https://cwiki.apache.org/confluence/display/WW/S2-064", "source": "security@apache.org" diff --git a/CVE-2023/CVE-2023-345xx/CVE-2023-34540.json b/CVE-2023/CVE-2023-345xx/CVE-2023-34540.json new file mode 100644 index 00000000000..33d691736e9 --- /dev/null +++ b/CVE-2023/CVE-2023-345xx/CVE-2023-34540.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34540", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T15:15:10.287", + "lastModified": "2023-06-14T15:30:49.300", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Langchain 0.0.171 is vulnerable to Arbitrary Code Execution." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/hwchase17/langchain/issues/4833", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-345xx/CVE-2023-34566.json b/CVE-2023/CVE-2023-345xx/CVE-2023-34566.json index 317369f19a8..de4b2e71573 100644 --- a/CVE-2023/CVE-2023-345xx/CVE-2023-34566.json +++ b/CVE-2023/CVE-2023-345xx/CVE-2023-34566.json @@ -2,19 +2,86 @@ "id": "CVE-2023-34566", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-08T15:15:09.560", - "lastModified": "2023-06-08T17:08:49.797", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-14T15:48:58.753", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/saveParentControlInfo." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:ac10_firmware:us_ac10v4.0si_v16.03.10.13_cn:*:*:*:*:*:*:*", + "matchCriteriaId": "49F9D003-F0EB-4C49-BEA4-C1F3A84D914A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:ac10:4.0:*:*:*:*:*:*:*", + "matchCriteriaId": "970AEBF4-2B32-4633-A75B-2D2C598C048D" + } + ] + } + ] + } + ], "references": [ { "url": "https://hackmd.io/@0dayResearch/rk8hQf5rh", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-345xx/CVE-2023-34585.json b/CVE-2023/CVE-2023-345xx/CVE-2023-34585.json new file mode 100644 index 00000000000..4eace8a7279 --- /dev/null +++ b/CVE-2023/CVE-2023-345xx/CVE-2023-34585.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34585", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:09.800", + "lastModified": "2023-06-14T15:30:53.640", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in OBS-Studio 29.1.1, plaintext storage of passwords." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/obsproject/obs-studio/issues/8966", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34609.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34609.json new file mode 100644 index 00000000000..a5f3cdb8d4a --- /dev/null +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34609.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-34609", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:09.860", + "lastModified": "2023-06-14T15:30:53.640", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered flexjson thru 3.3 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceforge.net/p/flexjson/bugs/48/", + "source": "cve@mitre.org" + }, + { + "url": "https://sourceforge.net/p/flexjson/bugs/49/", + "source": "cve@mitre.org" + }, + { + "url": "https://sourceforge.net/p/flexjson/bugs/50/", + "source": "cve@mitre.org" + }, + { + "url": "https://sourceforge.net/p/flexjson/bugs/51/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34610.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34610.json new file mode 100644 index 00000000000..ac0e98f64ad --- /dev/null +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34610.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34610", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:09.917", + "lastModified": "2023-06-14T15:30:53.640", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered json-io thru 4.14.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/jdereg/json-io/issues/169", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34611.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34611.json new file mode 100644 index 00000000000..d5ce142c4f4 --- /dev/null +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34611.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34611", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:09.960", + "lastModified": "2023-06-14T15:30:53.640", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered mjson thru 1.4.1 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/bolerio/mjson/issues/40", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34612.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34612.json new file mode 100644 index 00000000000..5f08714b9ea --- /dev/null +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34612.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34612", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.007", + "lastModified": "2023-06-14T15:30:53.640", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered ph-json thru 9.5.5 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/phax/ph-commons/issues/35", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34613.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34613.json new file mode 100644 index 00000000000..9ef5a886a88 --- /dev/null +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34613.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34613", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.050", + "lastModified": "2023-06-14T15:30:53.640", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered sojo thru 1.1.1 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/maddingo/sojo/issues/15", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34614.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34614.json new file mode 100644 index 00000000000..fac3d27033f --- /dev/null +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34614.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34614", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.100", + "lastModified": "2023-06-14T15:30:53.640", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered jmarsden/jsonij thru 0.5.2 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bitbucket.org/jmarsden/jsonij/issues/7/stack-overflow-error-caused-by-jsonij", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34615.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34615.json new file mode 100644 index 00000000000..a043fe74260 --- /dev/null +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34615.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34615", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.143", + "lastModified": "2023-06-14T15:30:53.640", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered JSONUtil thru 5.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/billdavidson/JSONUtil/issues/10", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34616.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34616.json new file mode 100644 index 00000000000..24dd2956a2a --- /dev/null +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34616.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34616", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.190", + "lastModified": "2023-06-14T15:30:53.640", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered pbjson thru 0.4.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/InductiveComputerScience/pbJson/issues/2", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34617.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34617.json new file mode 100644 index 00000000000..de3d4cd091f --- /dev/null +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34617.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34617", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.233", + "lastModified": "2023-06-14T15:30:53.640", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered genson thru 1.6 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/owlike/genson/issues/191", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34620.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34620.json new file mode 100644 index 00000000000..d4c34f5f3b8 --- /dev/null +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34620.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34620", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.277", + "lastModified": "2023-06-14T15:30:53.640", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered hjson thru 3.0.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/hjson/hjson-java/issues/24", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34623.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34623.json new file mode 100644 index 00000000000..e9e48cfbdd8 --- /dev/null +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34623.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34623", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.317", + "lastModified": "2023-06-14T15:30:53.640", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/trajano/jtidy/issues/4", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34624.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34624.json new file mode 100644 index 00000000000..a80dbfcdf7c --- /dev/null +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34624.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34624", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.360", + "lastModified": "2023-06-14T15:30:53.640", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered htmlcleaner thru = 2.28 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/amplafi/htmlcleaner/issues/13", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-347xx/CVE-2023-34747.json b/CVE-2023/CVE-2023-347xx/CVE-2023-34747.json new file mode 100644 index 00000000000..82f59d906be --- /dev/null +++ b/CVE-2023/CVE-2023-347xx/CVE-2023-34747.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34747", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.403", + "lastModified": "2023-06-14T15:30:53.640", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "File upload vulnerability in ujcms 6.0.2 via /api/backend/core/web-file-upload/upload." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/ujcms/ujcms/issues/4", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-347xx/CVE-2023-34750.json b/CVE-2023/CVE-2023-347xx/CVE-2023-34750.json new file mode 100644 index 00000000000..8985dc61b75 --- /dev/null +++ b/CVE-2023/CVE-2023-347xx/CVE-2023-34750.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34750", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.447", + "lastModified": "2023-06-14T15:30:53.640", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=projects&action=edit." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://ndmcyb.hashnode.dev/bloofox-v0521-was-discovered-to-contain-many-sql-injection-vulnerability", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-347xx/CVE-2023-34751.json b/CVE-2023/CVE-2023-347xx/CVE-2023-34751.json new file mode 100644 index 00000000000..389e0ed6b3b --- /dev/null +++ b/CVE-2023/CVE-2023-347xx/CVE-2023-34751.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34751", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.490", + "lastModified": "2023-06-14T15:30:53.640", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the gid parameter at admin/index.php?mode=user&page=groups&action=edit." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://ndmcyb.hashnode.dev/bloofox-v0521-was-discovered-to-contain-many-sql-injection-vulnerability", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-347xx/CVE-2023-34752.json b/CVE-2023/CVE-2023-347xx/CVE-2023-34752.json new file mode 100644 index 00000000000..3ff7072ad86 --- /dev/null +++ b/CVE-2023/CVE-2023-347xx/CVE-2023-34752.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-34752", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.533", + "lastModified": "2023-06-14T15:30:53.640", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the lid parameter at admin/index.php?mode=settings&page=lang&action=edit." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://bloofoxcms.com", + "source": "cve@mitre.org" + }, + { + "url": "https://ndmcyb.hashnode.dev/bloofox-v0521-was-discovered-to-contain-many-sql-injection-vulnerability", + "source": "cve@mitre.org" + }, + { + "url": "https://www.bloofox.com/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-347xx/CVE-2023-34753.json b/CVE-2023/CVE-2023-347xx/CVE-2023-34753.json new file mode 100644 index 00000000000..6985681e488 --- /dev/null +++ b/CVE-2023/CVE-2023-347xx/CVE-2023-34753.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34753", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.573", + "lastModified": "2023-06-14T15:30:53.640", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the tid parameter at admin/index.php?mode=settings&page=tmpl&action=edit." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://ndmcyb.hashnode.dev/bloofox-v0521-was-discovered-to-contain-many-sql-injection-vulnerability", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-347xx/CVE-2023-34754.json b/CVE-2023/CVE-2023-347xx/CVE-2023-34754.json new file mode 100644 index 00000000000..afb38ad61c2 --- /dev/null +++ b/CVE-2023/CVE-2023-347xx/CVE-2023-34754.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34754", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.617", + "lastModified": "2023-06-14T15:30:53.640", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the pid parameter at admin/index.php?mode=settings&page=plugins&action=edit." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://ndmcyb.hashnode.dev/bloofox-v0521-was-discovered-to-contain-many-sql-injection-vulnerability", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-347xx/CVE-2023-34755.json b/CVE-2023/CVE-2023-347xx/CVE-2023-34755.json new file mode 100644 index 00000000000..d2fbd25609c --- /dev/null +++ b/CVE-2023/CVE-2023-347xx/CVE-2023-34755.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34755", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.660", + "lastModified": "2023-06-14T15:30:49.300", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the userid parameter at admin/index.php?mode=user&action=edit." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://ndmcyb.hashnode.dev/bloofox-v0521-was-discovered-to-contain-many-sql-injection-vulnerability", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-347xx/CVE-2023-34756.json b/CVE-2023/CVE-2023-347xx/CVE-2023-34756.json new file mode 100644 index 00000000000..354446eef43 --- /dev/null +++ b/CVE-2023/CVE-2023-347xx/CVE-2023-34756.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34756", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.707", + "lastModified": "2023-06-14T15:30:49.300", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=charset&action=edit." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://ndmcyb.hashnode.dev/bloofox-v0521-was-discovered-to-contain-many-sql-injection-vulnerability", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-348xx/CVE-2023-34823.json b/CVE-2023/CVE-2023-348xx/CVE-2023-34823.json new file mode 100644 index 00000000000..08c39f9b482 --- /dev/null +++ b/CVE-2023/CVE-2023-348xx/CVE-2023-34823.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34823", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.750", + "lastModified": "2023-06-14T15:30:49.300", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "fdkaac before 1.0.5 was discovered to contain a stack overflow in read_callback function in src/main.c." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/nu774/fdkaac/issues/55", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-348xx/CVE-2023-34824.json b/CVE-2023/CVE-2023-348xx/CVE-2023-34824.json new file mode 100644 index 00000000000..085c8637ef6 --- /dev/null +++ b/CVE-2023/CVE-2023-348xx/CVE-2023-34824.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34824", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.790", + "lastModified": "2023-06-14T15:30:49.300", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "fdkaac before 1.0.5 was discovered to contain a heap buffer overflow in caf_info function in caf_reader.c." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/nu774/fdkaac/issues/55", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-348xx/CVE-2023-34865.json b/CVE-2023/CVE-2023-348xx/CVE-2023-34865.json new file mode 100644 index 00000000000..436b3b0984b --- /dev/null +++ b/CVE-2023/CVE-2023-348xx/CVE-2023-34865.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34865", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.837", + "lastModified": "2023-06-14T15:30:49.300", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Directory traversal vulnerability in ujcms 6.0.2 allows attackers to move files via the rename feature." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/ujcms/ujcms/issues/5", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-348xx/CVE-2023-34878.json b/CVE-2023/CVE-2023-348xx/CVE-2023-34878.json new file mode 100644 index 00000000000..828d5acb0ad --- /dev/null +++ b/CVE-2023/CVE-2023-348xx/CVE-2023-34878.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34878", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.880", + "lastModified": "2023-06-14T15:30:49.300", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in Ujcms v6.0.2 allows attackers to gain sensitive information via the dir parameter to /api/backend/core/web-file-html/download-zip." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/ujcms/ujcms/issues/6", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35110.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35110.json new file mode 100644 index 00000000000..741f32bff05 --- /dev/null +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35110.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-35110", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.920", + "lastModified": "2023-06-14T15:30:49.300", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered jjson thru 0.1.7 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/grobmeier/jjson/issues/2", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35116.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35116.json new file mode 100644 index 00000000000..a7c63130913 --- /dev/null +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35116.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-35116", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-14T14:15:10.960", + "lastModified": "2023-06-14T15:30:49.300", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered jackson-databind thru 2.15.2 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/FasterXML/jackson-databind/issues/3972", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35141.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35141.json index c6b60482322..38b63883f90 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35141.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35141.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35141", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2023-06-14T13:15:11.823", - "lastModified": "2023-06-14T13:15:11.823", - "vulnStatus": "Received", + "lastModified": "2023-06-14T15:30:58.900", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", @@ -12,6 +12,10 @@ ], "metrics": {}, "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/06/14/5", + "source": "jenkinsci-cert@googlegroups.com" + }, { "url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-3135", "source": "jenkinsci-cert@googlegroups.com" diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35142.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35142.json index 28e9beb4704..23b34332786 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35142.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35142.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35142", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2023-06-14T13:15:11.897", - "lastModified": "2023-06-14T13:15:11.897", - "vulnStatus": "Received", + "lastModified": "2023-06-14T15:30:58.900", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", @@ -12,6 +12,10 @@ ], "metrics": {}, "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/06/14/5", + "source": "jenkinsci-cert@googlegroups.com" + }, { "url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-2870", "source": "jenkinsci-cert@googlegroups.com" diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35143.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35143.json index 24aeb496cd7..94ad0181150 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35143.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35143.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35143", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2023-06-14T13:15:11.957", - "lastModified": "2023-06-14T13:15:11.957", - "vulnStatus": "Received", + "lastModified": "2023-06-14T15:30:58.900", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", @@ -12,6 +12,10 @@ ], "metrics": {}, "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/06/14/5", + "source": "jenkinsci-cert@googlegroups.com" + }, { "url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-3156", "source": "jenkinsci-cert@googlegroups.com" diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35144.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35144.json index 15a8d63d959..1b47370a345 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35144.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35144.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35144", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2023-06-14T13:15:12.013", - "lastModified": "2023-06-14T13:15:12.013", - "vulnStatus": "Received", + "lastModified": "2023-06-14T15:30:58.900", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", @@ -12,6 +12,10 @@ ], "metrics": {}, "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/06/14/5", + "source": "jenkinsci-cert@googlegroups.com" + }, { "url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-2951", "source": "jenkinsci-cert@googlegroups.com" diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35145.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35145.json index 0581100e181..cf385f889d4 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35145.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35145.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35145", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2023-06-14T13:15:12.067", - "lastModified": "2023-06-14T13:15:12.067", - "vulnStatus": "Received", + "lastModified": "2023-06-14T15:30:58.900", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", @@ -12,6 +12,10 @@ ], "metrics": {}, "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/06/14/5", + "source": "jenkinsci-cert@googlegroups.com" + }, { "url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-3155", "source": "jenkinsci-cert@googlegroups.com" diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35146.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35146.json index 73bcf84be86..75926c6344c 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35146.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35146.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35146", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2023-06-14T13:15:12.117", - "lastModified": "2023-06-14T13:15:12.117", - "vulnStatus": "Received", + "lastModified": "2023-06-14T15:30:58.900", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", @@ -12,6 +12,10 @@ ], "metrics": {}, "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/06/14/5", + "source": "jenkinsci-cert@googlegroups.com" + }, { "url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-3166", "source": "jenkinsci-cert@googlegroups.com" diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35147.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35147.json index d0c3b130c22..87e810fb3d0 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35147.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35147.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35147", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2023-06-14T13:15:12.167", - "lastModified": "2023-06-14T13:15:12.167", - "vulnStatus": "Received", + "lastModified": "2023-06-14T15:30:58.900", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", @@ -12,6 +12,10 @@ ], "metrics": {}, "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/06/14/5", + "source": "jenkinsci-cert@googlegroups.com" + }, { "url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-3099", "source": "jenkinsci-cert@googlegroups.com" diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35148.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35148.json index 7d7e70f7545..905adad2c0c 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35148.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35148.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35148", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2023-06-14T13:15:12.220", - "lastModified": "2023-06-14T13:15:12.220", - "vulnStatus": "Received", + "lastModified": "2023-06-14T15:30:58.900", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", @@ -12,6 +12,10 @@ ], "metrics": {}, "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/06/14/5", + "source": "jenkinsci-cert@googlegroups.com" + }, { "url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-2911", "source": "jenkinsci-cert@googlegroups.com" diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35149.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35149.json index ac2d90b504c..6554628266e 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35149.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35149.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35149", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2023-06-14T13:15:12.277", - "lastModified": "2023-06-14T13:15:12.277", - "vulnStatus": "Received", + "lastModified": "2023-06-14T15:30:58.900", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", @@ -12,6 +12,10 @@ ], "metrics": {}, "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/06/14/5", + "source": "jenkinsci-cert@googlegroups.com" + }, { "url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-2911", "source": "jenkinsci-cert@googlegroups.com" diff --git a/README.md b/README.md index 4aa02b937e4..994b0a5f406 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-06-14T14:00:25.944686+00:00 +2023-06-14T16:00:26.357416+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-06-14T13:45:52.187000+00:00 +2023-06-14T15:48:58.753000+00:00 ``` ### Last Data Feed Release @@ -29,55 +29,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -217718 +217760 ``` ### CVEs added in the last Commit -Recently added CVEs: `11` +Recently added CVEs: `42` -* [CVE-2023-3036](CVE-2023/CVE-2023-30xx/CVE-2023-3036.json) (`2023-06-14T12:15:09.647`) -* [CVE-2023-3040](CVE-2023/CVE-2023-30xx/CVE-2023-3040.json) (`2023-06-14T12:15:09.730`) -* [CVE-2023-35141](CVE-2023/CVE-2023-351xx/CVE-2023-35141.json) (`2023-06-14T13:15:11.823`) -* [CVE-2023-35142](CVE-2023/CVE-2023-351xx/CVE-2023-35142.json) (`2023-06-14T13:15:11.897`) -* [CVE-2023-35143](CVE-2023/CVE-2023-351xx/CVE-2023-35143.json) (`2023-06-14T13:15:11.957`) -* [CVE-2023-35144](CVE-2023/CVE-2023-351xx/CVE-2023-35144.json) (`2023-06-14T13:15:12.013`) -* [CVE-2023-35145](CVE-2023/CVE-2023-351xx/CVE-2023-35145.json) (`2023-06-14T13:15:12.067`) -* [CVE-2023-35146](CVE-2023/CVE-2023-351xx/CVE-2023-35146.json) (`2023-06-14T13:15:12.117`) -* [CVE-2023-35147](CVE-2023/CVE-2023-351xx/CVE-2023-35147.json) (`2023-06-14T13:15:12.167`) -* [CVE-2023-35148](CVE-2023/CVE-2023-351xx/CVE-2023-35148.json) (`2023-06-14T13:15:12.220`) -* [CVE-2023-35149](CVE-2023/CVE-2023-351xx/CVE-2023-35149.json) (`2023-06-14T13:15:12.277`) +* [CVE-2023-32024](CVE-2023/CVE-2023-320xx/CVE-2023-32024.json) (`2023-06-14T15:15:09.893`) +* [CVE-2023-32030](CVE-2023/CVE-2023-320xx/CVE-2023-32030.json) (`2023-06-14T15:15:09.953`) +* [CVE-2023-32031](CVE-2023/CVE-2023-320xx/CVE-2023-32031.json) (`2023-06-14T15:15:10.013`) +* [CVE-2023-34101](CVE-2023/CVE-2023-341xx/CVE-2023-34101.json) (`2023-06-14T15:15:10.073`) +* [CVE-2023-34540](CVE-2023/CVE-2023-345xx/CVE-2023-34540.json) (`2023-06-14T15:15:10.287`) +* [CVE-2023-32465](CVE-2023/CVE-2023-324xx/CVE-2023-32465.json) (`2023-06-14T14:15:09.727`) +* [CVE-2023-34585](CVE-2023/CVE-2023-345xx/CVE-2023-34585.json) (`2023-06-14T14:15:09.800`) +* [CVE-2023-34609](CVE-2023/CVE-2023-346xx/CVE-2023-34609.json) (`2023-06-14T14:15:09.860`) +* [CVE-2023-34610](CVE-2023/CVE-2023-346xx/CVE-2023-34610.json) (`2023-06-14T14:15:09.917`) +* [CVE-2023-34611](CVE-2023/CVE-2023-346xx/CVE-2023-34611.json) (`2023-06-14T14:15:09.960`) +* [CVE-2023-34612](CVE-2023/CVE-2023-346xx/CVE-2023-34612.json) (`2023-06-14T14:15:10.007`) +* [CVE-2023-34613](CVE-2023/CVE-2023-346xx/CVE-2023-34613.json) (`2023-06-14T14:15:10.050`) +* [CVE-2023-34614](CVE-2023/CVE-2023-346xx/CVE-2023-34614.json) (`2023-06-14T14:15:10.100`) +* [CVE-2023-34615](CVE-2023/CVE-2023-346xx/CVE-2023-34615.json) (`2023-06-14T14:15:10.143`) +* [CVE-2023-34616](CVE-2023/CVE-2023-346xx/CVE-2023-34616.json) (`2023-06-14T14:15:10.190`) +* [CVE-2023-34617](CVE-2023/CVE-2023-346xx/CVE-2023-34617.json) (`2023-06-14T14:15:10.233`) +* [CVE-2023-34620](CVE-2023/CVE-2023-346xx/CVE-2023-34620.json) (`2023-06-14T14:15:10.277`) +* [CVE-2023-34623](CVE-2023/CVE-2023-346xx/CVE-2023-34623.json) (`2023-06-14T14:15:10.317`) +* [CVE-2023-34624](CVE-2023/CVE-2023-346xx/CVE-2023-34624.json) (`2023-06-14T14:15:10.360`) +* [CVE-2023-34747](CVE-2023/CVE-2023-347xx/CVE-2023-34747.json) (`2023-06-14T14:15:10.403`) +* [CVE-2023-34750](CVE-2023/CVE-2023-347xx/CVE-2023-34750.json) (`2023-06-14T14:15:10.447`) +* [CVE-2023-34751](CVE-2023/CVE-2023-347xx/CVE-2023-34751.json) (`2023-06-14T14:15:10.490`) +* [CVE-2023-34752](CVE-2023/CVE-2023-347xx/CVE-2023-34752.json) (`2023-06-14T14:15:10.533`) +* [CVE-2023-34753](CVE-2023/CVE-2023-347xx/CVE-2023-34753.json) (`2023-06-14T14:15:10.573`) +* [CVE-2023-34754](CVE-2023/CVE-2023-347xx/CVE-2023-34754.json) (`2023-06-14T14:15:10.617`) ### CVEs modified in the last Commit -Recently modified CVEs: `39` +Recently modified CVEs: `27` -* [CVE-2023-3233](CVE-2023/CVE-2023-32xx/CVE-2023-3233.json) (`2023-06-14T12:54:19.587`) -* [CVE-2023-3234](CVE-2023/CVE-2023-32xx/CVE-2023-3234.json) (`2023-06-14T12:54:19.587`) -* [CVE-2023-3235](CVE-2023/CVE-2023-32xx/CVE-2023-3235.json) (`2023-06-14T12:54:19.587`) -* [CVE-2023-3236](CVE-2023/CVE-2023-32xx/CVE-2023-3236.json) (`2023-06-14T12:54:19.587`) -* [CVE-2023-0837](CVE-2023/CVE-2023-08xx/CVE-2023-0837.json) (`2023-06-14T12:54:19.587`) -* [CVE-2023-1049](CVE-2023/CVE-2023-10xx/CVE-2023-1049.json) (`2023-06-14T12:54:19.587`) -* [CVE-2023-2569](CVE-2023/CVE-2023-25xx/CVE-2023-2569.json) (`2023-06-14T12:54:19.587`) -* [CVE-2023-2570](CVE-2023/CVE-2023-25xx/CVE-2023-2570.json) (`2023-06-14T12:54:19.587`) -* [CVE-2023-30631](CVE-2023/CVE-2023-306xx/CVE-2023-30631.json) (`2023-06-14T12:54:19.587`) -* [CVE-2023-33933](CVE-2023/CVE-2023-339xx/CVE-2023-33933.json) (`2023-06-14T12:54:19.587`) -* [CVE-2023-34000](CVE-2023/CVE-2023-340xx/CVE-2023-34000.json) (`2023-06-14T12:54:19.587`) -* [CVE-2023-34149](CVE-2023/CVE-2023-341xx/CVE-2023-34149.json) (`2023-06-14T12:54:19.587`) -* [CVE-2023-34396](CVE-2023/CVE-2023-343xx/CVE-2023-34396.json) (`2023-06-14T12:54:19.587`) -* [CVE-2023-3001](CVE-2023/CVE-2023-30xx/CVE-2023-3001.json) (`2023-06-14T12:54:19.587`) -* [CVE-2023-3237](CVE-2023/CVE-2023-32xx/CVE-2023-3237.json) (`2023-06-14T12:54:19.587`) -* [CVE-2023-3238](CVE-2023/CVE-2023-32xx/CVE-2023-3238.json) (`2023-06-14T12:54:19.587`) -* [CVE-2023-3239](CVE-2023/CVE-2023-32xx/CVE-2023-3239.json) (`2023-06-14T12:54:19.587`) -* [CVE-2023-3240](CVE-2023/CVE-2023-32xx/CVE-2023-3240.json) (`2023-06-14T12:54:19.587`) -* [CVE-2023-3241](CVE-2023/CVE-2023-32xx/CVE-2023-3241.json) (`2023-06-14T12:54:19.587`) -* [CVE-2023-24014](CVE-2023/CVE-2023-240xx/CVE-2023-24014.json) (`2023-06-14T12:56:34.443`) -* [CVE-2023-3142](CVE-2023/CVE-2023-31xx/CVE-2023-3142.json) (`2023-06-14T13:37:31.593`) -* [CVE-2023-31114](CVE-2023/CVE-2023-311xx/CVE-2023-31114.json) (`2023-06-14T13:43:45.193`) -* [CVE-2023-0695](CVE-2023/CVE-2023-06xx/CVE-2023-0695.json) (`2023-06-14T13:44:01.067`) -* [CVE-2023-0708](CVE-2023/CVE-2023-07xx/CVE-2023-0708.json) (`2023-06-14T13:44:22.850`) -* [CVE-2023-0709](CVE-2023/CVE-2023-07xx/CVE-2023-0709.json) (`2023-06-14T13:45:52.187`) +* [CVE-2021-4382](CVE-2021/CVE-2021-43xx/CVE-2021-4382.json) (`2023-06-14T15:43:54.007`) +* [CVE-2023-25177](CVE-2023/CVE-2023-251xx/CVE-2023-25177.json) (`2023-06-14T14:01:14.447`) +* [CVE-2023-31486](CVE-2023/CVE-2023-314xx/CVE-2023-31486.json) (`2023-06-14T14:15:09.607`) +* [CVE-2023-31115](CVE-2023/CVE-2023-311xx/CVE-2023-31115.json) (`2023-06-14T14:20:47.187`) +* [CVE-2023-30576](CVE-2023/CVE-2023-305xx/CVE-2023-30576.json) (`2023-06-14T14:33:16.713`) +* [CVE-2023-0710](CVE-2023/CVE-2023-07xx/CVE-2023-0710.json) (`2023-06-14T14:39:39.980`) +* [CVE-2023-33282](CVE-2023/CVE-2023-332xx/CVE-2023-33282.json) (`2023-06-14T14:46:08.897`) +* [CVE-2023-2541](CVE-2023/CVE-2023-25xx/CVE-2023-2541.json) (`2023-06-14T14:51:56.287`) +* [CVE-2023-30575](CVE-2023/CVE-2023-305xx/CVE-2023-30575.json) (`2023-06-14T14:58:37.320`) +* [CVE-2023-0721](CVE-2023/CVE-2023-07xx/CVE-2023-0721.json) (`2023-06-14T14:58:46.843`) +* [CVE-2023-31116](CVE-2023/CVE-2023-311xx/CVE-2023-31116.json) (`2023-06-14T15:10:20.783`) +* [CVE-2023-34149](CVE-2023/CVE-2023-341xx/CVE-2023-34149.json) (`2023-06-14T15:15:10.147`) +* [CVE-2023-34396](CVE-2023/CVE-2023-343xx/CVE-2023-34396.json) (`2023-06-14T15:15:10.217`) +* [CVE-2023-2986](CVE-2023/CVE-2023-29xx/CVE-2023-2986.json) (`2023-06-14T15:18:04.487`) +* [CVE-2023-3121](CVE-2023/CVE-2023-31xx/CVE-2023-3121.json) (`2023-06-14T15:24:55.380`) +* [CVE-2023-35141](CVE-2023/CVE-2023-351xx/CVE-2023-35141.json) (`2023-06-14T15:30:58.900`) +* [CVE-2023-35142](CVE-2023/CVE-2023-351xx/CVE-2023-35142.json) (`2023-06-14T15:30:58.900`) +* [CVE-2023-35143](CVE-2023/CVE-2023-351xx/CVE-2023-35143.json) (`2023-06-14T15:30:58.900`) +* [CVE-2023-35144](CVE-2023/CVE-2023-351xx/CVE-2023-35144.json) (`2023-06-14T15:30:58.900`) +* [CVE-2023-35145](CVE-2023/CVE-2023-351xx/CVE-2023-35145.json) (`2023-06-14T15:30:58.900`) +* [CVE-2023-35146](CVE-2023/CVE-2023-351xx/CVE-2023-35146.json) (`2023-06-14T15:30:58.900`) +* [CVE-2023-35147](CVE-2023/CVE-2023-351xx/CVE-2023-35147.json) (`2023-06-14T15:30:58.900`) +* [CVE-2023-35148](CVE-2023/CVE-2023-351xx/CVE-2023-35148.json) (`2023-06-14T15:30:58.900`) +* [CVE-2023-35149](CVE-2023/CVE-2023-351xx/CVE-2023-35149.json) (`2023-06-14T15:30:58.900`) +* [CVE-2023-34566](CVE-2023/CVE-2023-345xx/CVE-2023-34566.json) (`2023-06-14T15:48:58.753`) ## Download and Usage