admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-09-08T14:00:25.474966+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-09-08 14:00:29 +00:00
parent 33600959ea
commit b55d360376
46 changed files with 1413 additions and 123 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2014/CVE-2014-53xx/CVE-2014-5329.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-5329",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-09-08T03:15:07.387",
"lastModified": "2023-09-08T03:15:07.387",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:39.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2021/CVE-2021-277xx/CVE-2021-27715.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-27715",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-08T03:15:07.823",
"lastModified": "2023-09-08T03:15:07.823",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:39.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2021/CVE-2021-338xx/CVE-2021-33834.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-33834",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-08T02:15:07.503",
"lastModified": "2023-09-08T02:15:07.503",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:44.673",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2021/CVE-2021-458xx/CVE-2021-45811.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-45811",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-08T02:15:07.877",
"lastModified": "2023-09-08T02:15:07.877",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:39.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-275xx/CVE-2022-27599.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-27599",
"sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2023-09-08T02:15:07.940",
"lastModified": "2023-09-08T02:15:07.940",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:39.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

64
CVE-2022/CVE-2022-417xx/CVE-2022-41763.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2022-41763",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-05T13:15:07.717",
"lastModified": "2023-09-05T13:33:34.903",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-08T13:14:00.017",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in NOKIA AMS 9.7.05. Remote Code Execution exists via the debugger of the ipAddress variable. A remote user, authenticated to the AMS server, could inject code in the PING function. The privileges of the command executed depend on the user that runs the service."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nokia:access_management_system:9.7.05:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5A3717-77A8-476F-939F-530FACD43166"
}
]
}
]
}
],
"references": [
{
"url": "https://www.gruppotim.it/it/footer/red-team.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

100
CVE-2022/CVE-2022-473xx/CVE-2022-47353.json
View File

@ -2,19 +2,111 @@
"id": "CVE-2022-47353",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-09-04T02:15:08.037",
"lastModified": "2023-09-04T03:51:45.317",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-08T13:52:53.673",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In vdsp device, there is a possible system crash due to improper input validation.This could lead to local denial of service with System execution privileges needed"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F120D280-287A-474F-9DC5-CBBC4B4C7237"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
}
]
}
]
}
],
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434",
"source": "security@unisoc.com"
"source": "security@unisoc.com",
"tags": [
"Broken Link"
]
}
]
}

47
CVE-2023/CVE-2023-280xx/CVE-2023-28072.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28072",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-09-04T16:15:07.767",
"lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-08T13:58:40.990",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "security_alert@emc.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:alienware_command_center:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.5.51.0",
"matchCriteriaId": "3199E72C-25B2-4AE1-895F-8A1AE003197D"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-in/000212982/dsa-2023-158",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-309xx/CVE-2023-30908.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30908",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-09-07T22:15:07.500",
"lastModified": "2023-09-07T22:15:07.500",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:44.673",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-324xx/CVE-2023-32470.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32470",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-09-08T06:15:07.437",
"lastModified": "2023-09-08T06:15:07.437",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:39.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-340xx/CVE-2023-34041.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34041",
"sourceIdentifier": "security@vmware.com",
"published": "2023-09-08T08:15:07.493",
"lastModified": "2023-09-08T08:15:07.493",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:39.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2023/CVE-2023-361xx/CVE-2023-36184.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36184",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-08T02:15:08.080",
"lastModified": "2023-09-08T02:15:08.080",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:39.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "CMysten Labs Sui blockchain v1.2.0 was discovered to contain a stack overflow via the component /spec/openrpc.json."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que CMysten Labs Sui blockchain v1.2.0 contiene un desbordamiento de pila a trav\u00e9s del componente \"/spec/openrpc.json\"."
}
],
"metrics": {},

4
CVE-2023/CVE-2023-373xx/CVE-2023-37367.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37367",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-08T03:15:08.330",
"lastModified": "2023-09-08T03:15:08.330",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:39.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-373xx/CVE-2023-37368.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37368",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-08T03:15:08.560",
"lastModified": "2023-09-08T03:15:08.560",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:39.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-373xx/CVE-2023-37377.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37377",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-08T03:15:08.643",
"lastModified": "2023-09-08T03:15:08.643",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:39.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-377xx/CVE-2023-37759.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37759",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-08T03:15:08.727",
"lastModified": "2023-09-08T03:15:08.727",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:39.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

6
CVE-2023/CVE-2023-388xx/CVE-2023-38836.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-38836",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-21T17:15:47.633",
"lastModified": "2023-08-24T21:07:15.960",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-08T13:15:07.563",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code via the GIF header component."
"value": "File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME type checks."
},
{
"lang": "es",

20
CVE-2023/CVE-2023-390xx/CVE-2023-39076.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-39076",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-08T13:15:07.827",
"lastModified": "2023-09-08T13:15:07.827",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Injecting random data into the USB memory area on a General Motors (GM) Chevrolet Equinox 2021 Software. 2021.03.26 (build version) vehicle causes a Denial of Service (DoS) in the in-car infotainment system."
}
],
"metrics": {},
"references": [
{
"url": "https://blog.jhyeon.dev/posts/vuln/202307/gm-chevrolet/",
"source": "cve@mitre.org"
}
]
}

8
CVE-2023/CVE-2023-391xx/CVE-2023-39112.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39112",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-04T17:15:11.300",
"lastModified": "2023-08-08T20:09:47.073",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-08T12:15:07.853",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -71,6 +71,10 @@
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/zh/?id.236164",
"source": "cve@mitre.org"
}
]
}

28
CVE-2023/CVE-2023-395xx/CVE-2023-39584.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-39584",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-08T13:15:07.990",
"lastModified": "2023-09-08T13:15:07.990",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Hexo up to v7.0.0 (RC2) was discovered to contain an arbitrary file read vulnerability."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/hexojs/hexo/blob/a3e68e7576d279db22bd7481914286104e867834/lib/plugins/tag/include_code.js#L49",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/hexojs/hexo/issues/5250",
"source": "cve@mitre.org"
},
{
"url": "https://www.gem-love.com/2023/07/25/hexo%E5%8D%9A%E5%AE%A2%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E5%92%8C%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E/#undefined",
"source": "cve@mitre.org"
}
]
}

4
CVE-2023/CVE-2023-396xx/CVE-2023-39620.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39620",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-08T03:15:08.787",
"lastModified": "2023-09-08T03:15:08.787",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:39.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

58
CVE-2023/CVE-2023-399xx/CVE-2023-39982.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39982",
"sourceIdentifier": "psirt@moxa.com",
"published": "2023-09-02T13:15:45.347",
"lastModified": "2023-09-04T00:06:16.703",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-08T13:23:36.153",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
},
{
"source": "psirt@moxa.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
},
{
"source": "psirt@moxa.com",
"type": "Secondary",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moxa:mxsecurity:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.1",
"matchCriteriaId": "0ED6F989-0F7D-46CC-BCEC-91E50F1B42AC"
}
]
}
]
}
],
"references": [
{
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities",
"source": "psirt@moxa.com"
"source": "psirt@moxa.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

48
CVE-2023/CVE-2023-400xx/CVE-2023-40015.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40015",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-04T18:15:07.880",
"lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-08T13:58:23.860",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,10 +66,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vyperlang:vyper:*:*:*:*:*:python:*:*",
"versionEndIncluding": "0.3.9",
"matchCriteriaId": "56FB25B4-6446-4B4B-87AA-D4368B4B8685"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-g2xh-c426-v8mf",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-400xx/CVE-2023-40029.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40029",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-07T23:15:09.763",
"lastModified": "2023-09-07T23:15:09.763",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:44.673",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-402xx/CVE-2023-40271.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40271",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-08T02:15:08.133",
"lastModified": "2023-09-08T02:15:08.133",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:39.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-403xx/CVE-2023-40353.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40353",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-08T03:15:08.853",
"lastModified": "2023-09-08T03:15:08.853",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:39.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-405xx/CVE-2023-40584.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40584",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-07T23:15:10.240",
"lastModified": "2023-09-07T23:15:10.240",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:44.673",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

24
CVE-2023/CVE-2023-409xx/CVE-2023-40924.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-40924",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-08T13:15:08.127",
"lastModified": "2023-09-08T13:15:08.127",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "SolarView Compact < 6.00 is vulnerable to Directory Traversal."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Yobing1/CVE-2023-40924/blob/main/README.md",
"source": "cve@mitre.org"
},
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33620",
"source": "cve@mitre.org"
}
]
}

8
CVE-2023/CVE-2023-409xx/CVE-2023-40953.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-40953",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-08T03:15:08.930",
"lastModified": "2023-09-08T03:15:08.930",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:39.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "icms 7.0.16 is vulnerable to Cross Site Request Forgery (CSRF)."
},
{
"lang": "es",
"value": "iCMS v7.0.16 es vulnerable a Cross-Site Request Forgery (CSRF)."
}
],
"metrics": {},

54
CVE-2023/CVE-2023-410xx/CVE-2023-41054.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41054",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-04T18:15:08.977",
"lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-08T13:39:44.417",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +66,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ahwx:librey:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2023-08-29",
"matchCriteriaId": "C2034F07-7024-4598-9E24-06506A1223D3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Ahwxorg/LibreY/pull/31",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/Ahwxorg/LibreY/security/advisories/GHSA-p4f9-h8x8-mpwf",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-411xx/CVE-2023-41161.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41161",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-07T22:15:07.793",
"lastModified": "2023-09-07T22:15:07.793",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:44.673",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

238
CVE-2023/CVE-2023-412xx/CVE-2023-41265.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41265",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-29T23:15:09.170",
"lastModified": "2023-08-29T23:49:20.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-08T13:59:58.123",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
},
{
"source": "cve@mitre.org",
"type": "Secondary",
@ -34,14 +54,224 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-444"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:-:*:*:enterprise:windows:*:*",
"matchCriteriaId": "41AEA1CA-D344-48DB-92D8-05D0EDC8487D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_1:*:*:enterprise:windows:*:*",
"matchCriteriaId": "FC12BB7A-366F-4EE2-AABF-19E83B5B9EC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_10:*:*:enterprise:windows:*:*",
"matchCriteriaId": "5F601CFC-70D0-450B-AE49-058E6B887E15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_11:*:*:enterprise:windows:*:*",
"matchCriteriaId": "17E7F947-3322-46BB-9B89-689F1B792D89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_12:*:*:enterprise:windows:*:*",
"matchCriteriaId": "37AF6E89-73F0-49E8-82F4-08084A5EBE2A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_2:*:*:enterprise:windows:*:*",
"matchCriteriaId": "E4C7CBBB-C6A0-460E-95DC-C1855826C7F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_3:*:*:enterprise:windows:*:*",
"matchCriteriaId": "BD491E32-270C-452B-AC1E-FB8F509B916E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_4:*:*:enterprise:windows:*:*",
"matchCriteriaId": "EDE2809B-4234-443E-9E6A-6B402D258617"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_5:*:*:enterprise:windows:*:*",
"matchCriteriaId": "155F0D6F-2E4A-40E7-9145-7D130334466B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_6:*:*:enterprise:windows:*:*",
"matchCriteriaId": "D733F495-E0EF-4F25-8532-2773415EFB8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_7:*:*:enterprise:windows:*:*",
"matchCriteriaId": "578092D7-0F52-45C1-B7E2-FC5AF86AB8ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_8:*:*:enterprise:windows:*:*",
"matchCriteriaId": "1B3164BA-0BDB-41F9-B51C-4FB0489A125A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_9:*:*:enterprise:windows:*:*",
"matchCriteriaId": "E0D31C35-50DC-4CDF-AFD4-311EAF5BBBD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:february_2023:-:*:*:enterprise:windows:*:*",
"matchCriteriaId": "95BBBA68-269F-4385-9D14-A736F2CD707E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:february_2023:patch_1:*:*:enterprise:windows:*:*",
"matchCriteriaId": "E6E1046C-35F4-451A-BFF1-2FC6EB01B547"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:february_2023:patch_2:*:*:enterprise:windows:*:*",
"matchCriteriaId": "D9AB037B-EE88-47CD-B387-42651CBAAFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:february_2023:patch_3:*:*:enterprise:windows:*:*",
"matchCriteriaId": "3D28B87A-B36A-428E-A93B-255CFD62036F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:february_2023:patch_4:*:*:enterprise:windows:*:*",
"matchCriteriaId": "9AD961D6-A315-493C-926F-1441E51C1742"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:february_2023:patch_5:*:*:enterprise:windows:*:*",
"matchCriteriaId": "1EFEBD77-7968-4649-8E9B-DAB24DC36E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:february_2023:patch_6:*:*:enterprise:windows:*:*",
"matchCriteriaId": "E6D033E6-C022-4C6B-9EAC-95ABF6CA9BA6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:february_2023:patch_7:*:*:enterprise:windows:*:*",
"matchCriteriaId": "761B402F-4E98-46A4-A8E3-87F167CF01D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:may_2023:-:*:*:enterprise:windows:*:*",
"matchCriteriaId": "9E7034FB-5E64-47AD-B4A4-8428474C48C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:may_2023:patch_1:*:*:enterprise:windows:*:*",
"matchCriteriaId": "29158A06-3DE9-487B-9BC5-B4A690864F4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:may_2023:patch_2:*:*:enterprise:windows:*:*",
"matchCriteriaId": "272C2CFE-0D8E-46CE-92B6-2BA8658C951B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:may_2023:patch3:*:*:enterprise:windows:*:*",
"matchCriteriaId": "039E4C03-89CA-4E77-8D79-39D22E85A299"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:november_2022:-:*:*:enterprise:windows:*:*",
"matchCriteriaId": "72D56C24-9CEF-486B-8E46-6111D7B1676A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:november_2022:patch_1:*:*:enterprise:windows:*:*",
"matchCriteriaId": "338E52B2-AD7D-43F3-B707-E0E5976B269E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:november_2022:patch_10:*:*:enterprise:windows:*:*",
"matchCriteriaId": "D216C67A-F124-49F0-90EA-B0C8B663D760"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:november_2022:patch_2:*:*:enterprise:windows:*:*",
"matchCriteriaId": "FA68ADC7-9E20-4BD3-9235-6D76D4519512"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:november_2022:patch_3:*:*:enterprise:windows:*:*",
"matchCriteriaId": "B41A9B8C-FAD3-46F1-8973-DF1FA408064B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:november_2022:patch_4:*:*:enterprise:windows:*:*",
"matchCriteriaId": "EE23F5BD-579C-488D-965A-AE916C32976A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:november_2022:patch_5:*:*:enterprise:windows:*:*",
"matchCriteriaId": "E9C90120-93D1-43B0-B541-F07EB8FD44EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:november_2022:patch_6:*:*:enterprise:windows:*:*",
"matchCriteriaId": "450F236B-4673-403C-9E23-736C0ED92F6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:november_2022:patch_7:*:*:enterprise:windows:*:*",
"matchCriteriaId": "D5E431DE-26E2-4DA2-AD0B-1479D0C95B98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:november_2022:patch_8:*:*:enterprise:windows:*:*",
"matchCriteriaId": "0D6F6570-970B-4E49-9D92-65FAFCC71360"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:november_2022:patch_9:*:*:enterprise:windows:*:*",
"matchCriteriaId": "38116465-3485-44D3-9097-F2C821D8278F"
}
]
}
]
}
],
"references": [
{
"url": "https://community.qlik.com/t5/Official-Support-Articles/Critical-Security-fixes-for-Qlik-Sense-Enterprise-for-Windows/ta-p/2110801",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://community.qlik.com/t5/Release-Notes/tkb-p/ReleaseNotes",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

238
CVE-2023/CVE-2023-412xx/CVE-2023-41266.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41266",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-29T23:15:09.380",
"lastModified": "2023-08-29T23:49:20.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-08T13:57:32.727",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{
"source": "cve@mitre.org",
"type": "Secondary",
@ -34,14 +54,224 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:-:*:*:enterprise:windows:*:*",
"matchCriteriaId": "41AEA1CA-D344-48DB-92D8-05D0EDC8487D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_1:*:*:enterprise:windows:*:*",
"matchCriteriaId": "FC12BB7A-366F-4EE2-AABF-19E83B5B9EC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_10:*:*:enterprise:windows:*:*",
"matchCriteriaId": "5F601CFC-70D0-450B-AE49-058E6B887E15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_11:*:*:enterprise:windows:*:*",
"matchCriteriaId": "17E7F947-3322-46BB-9B89-689F1B792D89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_12:*:*:enterprise:windows:*:*",
"matchCriteriaId": "37AF6E89-73F0-49E8-82F4-08084A5EBE2A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_2:*:*:enterprise:windows:*:*",
"matchCriteriaId": "E4C7CBBB-C6A0-460E-95DC-C1855826C7F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_3:*:*:enterprise:windows:*:*",
"matchCriteriaId": "BD491E32-270C-452B-AC1E-FB8F509B916E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_4:*:*:enterprise:windows:*:*",
"matchCriteriaId": "EDE2809B-4234-443E-9E6A-6B402D258617"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_5:*:*:enterprise:windows:*:*",
"matchCriteriaId": "155F0D6F-2E4A-40E7-9145-7D130334466B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_6:*:*:enterprise:windows:*:*",
"matchCriteriaId": "D733F495-E0EF-4F25-8532-2773415EFB8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_7:*:*:enterprise:windows:*:*",
"matchCriteriaId": "578092D7-0F52-45C1-B7E2-FC5AF86AB8ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_8:*:*:enterprise:windows:*:*",
"matchCriteriaId": "1B3164BA-0BDB-41F9-B51C-4FB0489A125A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:august_2022:patch_9:*:*:enterprise:windows:*:*",
"matchCriteriaId": "E0D31C35-50DC-4CDF-AFD4-311EAF5BBBD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:february_2023:-:*:*:enterprise:windows:*:*",
"matchCriteriaId": "95BBBA68-269F-4385-9D14-A736F2CD707E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:february_2023:patch_1:*:*:enterprise:windows:*:*",
"matchCriteriaId": "E6E1046C-35F4-451A-BFF1-2FC6EB01B547"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:february_2023:patch_2:*:*:enterprise:windows:*:*",
"matchCriteriaId": "D9AB037B-EE88-47CD-B387-42651CBAAFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:february_2023:patch_3:*:*:enterprise:windows:*:*",
"matchCriteriaId": "3D28B87A-B36A-428E-A93B-255CFD62036F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:february_2023:patch_4:*:*:enterprise:windows:*:*",
"matchCriteriaId": "9AD961D6-A315-493C-926F-1441E51C1742"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:february_2023:patch_5:*:*:enterprise:windows:*:*",
"matchCriteriaId": "1EFEBD77-7968-4649-8E9B-DAB24DC36E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:february_2023:patch_6:*:*:enterprise:windows:*:*",
"matchCriteriaId": "E6D033E6-C022-4C6B-9EAC-95ABF6CA9BA6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:february_2023:patch_7:*:*:enterprise:windows:*:*",
"matchCriteriaId": "761B402F-4E98-46A4-A8E3-87F167CF01D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:may_2023:-:*:*:enterprise:windows:*:*",
"matchCriteriaId": "9E7034FB-5E64-47AD-B4A4-8428474C48C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:may_2023:patch_1:*:*:enterprise:windows:*:*",
"matchCriteriaId": "29158A06-3DE9-487B-9BC5-B4A690864F4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:may_2023:patch_2:*:*:enterprise:windows:*:*",
"matchCriteriaId": "272C2CFE-0D8E-46CE-92B6-2BA8658C951B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:may_2023:patch3:*:*:enterprise:windows:*:*",
"matchCriteriaId": "039E4C03-89CA-4E77-8D79-39D22E85A299"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:november_2022:-:*:*:enterprise:windows:*:*",
"matchCriteriaId": "72D56C24-9CEF-486B-8E46-6111D7B1676A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:november_2022:patch_1:*:*:enterprise:windows:*:*",
"matchCriteriaId": "338E52B2-AD7D-43F3-B707-E0E5976B269E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:november_2022:patch_10:*:*:enterprise:windows:*:*",
"matchCriteriaId": "D216C67A-F124-49F0-90EA-B0C8B663D760"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:november_2022:patch_2:*:*:enterprise:windows:*:*",
"matchCriteriaId": "FA68ADC7-9E20-4BD3-9235-6D76D4519512"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:november_2022:patch_3:*:*:enterprise:windows:*:*",
"matchCriteriaId": "B41A9B8C-FAD3-46F1-8973-DF1FA408064B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:november_2022:patch_4:*:*:enterprise:windows:*:*",
"matchCriteriaId": "EE23F5BD-579C-488D-965A-AE916C32976A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:november_2022:patch_5:*:*:enterprise:windows:*:*",
"matchCriteriaId": "E9C90120-93D1-43B0-B541-F07EB8FD44EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:november_2022:patch_6:*:*:enterprise:windows:*:*",
"matchCriteriaId": "450F236B-4673-403C-9E23-736C0ED92F6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:november_2022:patch_7:*:*:enterprise:windows:*:*",
"matchCriteriaId": "D5E431DE-26E2-4DA2-AD0B-1479D0C95B98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:november_2022:patch_8:*:*:enterprise:windows:*:*",
"matchCriteriaId": "0D6F6570-970B-4E49-9D92-65FAFCC71360"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qlik:qlik_sense:november_2022:patch_9:*:*:enterprise:windows:*:*",
"matchCriteriaId": "38116465-3485-44D3-9097-F2C821D8278F"
}
]
}
]
}
],
"references": [
{
"url": "https://community.qlik.com/t5/Official-Support-Articles/Critical-Security-fixes-for-Qlik-Sense-Enterprise-for-Windows/ta-p/2110801",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://community.qlik.com/t5/Release-Notes/tkb-p/ReleaseNotes",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

8
CVE-2023/CVE-2023-415xx/CVE-2023-41594.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-41594",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-08T03:15:08.997",
"lastModified": "2023-09-08T03:15:08.997",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:39.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Dairy Farm Shop Management System Using PHP and MySQL v1.1 was discovered to contain multiple SQL injection vulnerabilities in the Login function via the Username and Password parameters."
},
{
"lang": "es",
"value": "Se ha descubierto que Dairy Farm Shop Management System Using PHP and MySQL v1.1 contiene m\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en la funci\u00f3n de inicio de sesi\u00f3n a trav\u00e9s de los par\u00e1metros de nombre de usuario y contrase\u00f1a. "
}
],
"metrics": {},

8
CVE-2023/CVE-2023-416xx/CVE-2023-41615.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-41615",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-08T03:15:09.060",
"lastModified": "2023-09-08T03:15:09.060",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:39.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Zoo Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the Admin sign-in page via the username and password fields."
},
{
"lang": "es",
"value": "Se ha descubierto que Zoo Management System v1.0 contiene m\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en la p\u00e1gina de inicio de sesi\u00f3n del administrador a trav\u00e9s de los campos de nombre de usuario y contrase\u00f1a. "
}
],
"metrics": {},

8
CVE-2023/CVE-2023-416xx/CVE-2023-41646.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-41646",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-07T22:15:07.857",
"lastModified": "2023-09-07T22:15:07.857",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:44.673",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Buttercup v2.20.3 allows attackers to obtain the hash of the master password for the password manager via accessing the file /vaults.json/"
},
{
"lang": "es",
"value": "Buttercup v2.20.3 permite a los atacantes obtener el hash de la contrase\u00f1a maestra para el gestor de contrase\u00f1as mediante el acceso al archivo \"/vaults.json/\". "
}
],
"metrics": {},

4
CVE-2023/CVE-2023-417xx/CVE-2023-41775.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41775",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-09-08T08:15:07.593",
"lastModified": "2023-09-08T08:15:07.593",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:39.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

62
CVE-2023/CVE-2023-47xx/CVE-2023-4740.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4740",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-03T20:15:14.813",
"lastModified": "2023-09-04T00:06:16.703",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-08T13:51:18.927",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibos:ibos:4.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F678D76-48AA-4940-833F-5567D196DB7D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/RCEraser/cve/blob/main/sql_inject.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.238629",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.238629",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

63
CVE-2023/CVE-2023-47xx/CVE-2023-4741.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4741",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-03T23:15:39.057",
"lastModified": "2023-09-04T00:06:16.703",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-08T13:54:42.737",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,49 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibos:ibos:4.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F678D76-48AA-4940-833F-5567D196DB7D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wudidike/cve/blob/main/sql.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.238630",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.238630",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

63
CVE-2023/CVE-2023-47xx/CVE-2023-4742.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4742",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-03T23:15:39.937",
"lastModified": "2023-09-04T00:06:16.703",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-08T13:54:08.653",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,49 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibos:ibos:4.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F678D76-48AA-4940-833F-5567D196DB7D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gatsby2003/cve/blob/main/sql.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.238631",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.238631",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

76
CVE-2023/CVE-2023-47xx/CVE-2023-4750.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4750",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-09-04T14:15:08.263",
"lastModified": "2023-09-07T03:15:08.620",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-08T13:59:22.443",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,18 +68,62 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.0.1857",
"matchCriteriaId": "ED821385-90E6-453E-8835-0084B386F287"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/vim/vim/commit/fc68299d436cf87453e432daa77b6d545df4d7ed",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/1ab3ebdf-fe7d-4436-b483-9a586e03b0ea",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Mailing List"
]
}
]
}

68
CVE-2023/CVE-2023-47xx/CVE-2023-4751.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4751",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-09-03T19:15:43.677",
"lastModified": "2023-09-04T00:06:16.703",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-08T12:58:23.437",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -36,8 +58,18 @@
},
"weaknesses": [
{
"source": "security@huntr.dev",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,14 +78,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.0.1331",
"matchCriteriaId": "64312BDB-1246-461E-A8E7-E4A5C8574EED"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/vim/vim/commit/e1121b139480f53d1b06f84f3e4574048108fa0b",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/db7be8d6-6cb7-4ae5-9c4e-805423afa378",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-47xx/CVE-2023-4752.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4752",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-09-04T14:15:08.450",
"lastModified": "2023-09-07T03:15:08.713",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-08T13:24:52.210",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,18 +68,62 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.0.1858",
"matchCriteriaId": "A246BFA3-E48C-41A4-8E2A-EA83DE37B499"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/vim/vim/commit/ee9166eb3b41846661a39b662dc7ebe8b5e15139",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/85f62dd7-ed84-4fa2-b265-8a369a318757",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Mailing List"
]
}
]
}

4
CVE-2023/CVE-2023-47xx/CVE-2023-4777.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4777",
"sourceIdentifier": "bugreport@qualys.com",
"published": "2023-09-08T09:15:08.697",
"lastModified": "2023-09-08T09:15:08.697",
"vulnStatus": "Received",
"lastModified": "2023-09-08T12:58:39.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

32
CVE-2023/CVE-2023-48xx/CVE-2023-4807.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-4807",
"sourceIdentifier": "openssl-security@openssl.org",
"published": "2023-09-08T12:15:08.043",
"lastModified": "2023-09-08T12:58:39.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Issue summary: The POLY1305 MAC (message authentication code) implementation\ncontains a bug that might corrupt the internal state of applications on the\nWindows 64 platform when running on newer X86_64 processors supporting the\nAVX512-IFMA instructions.\n\nImpact summary: If in an application that uses the OpenSSL library an attacker\ncan influence whether the POLY1305 MAC algorithm is used, the application\nstate might be corrupted with various application dependent consequences.\n\nThe POLY1305 MAC (message authentication code) implementation in OpenSSL does\nnot save the contents of non-volatile XMM registers on Windows 64 platform\nwhen calculating the MAC of data larger than 64 bytes. Before returning to\nthe caller all the XMM registers are set to zero rather than restoring their\nprevious content. The vulnerable code is used only on newer x86_64 processors\nsupporting the AVX512-IFMA instructions.\n\nThe consequences of this kind of internal application state corruption can\nbe various - from no consequences, if the calling application does not\ndepend on the contents of non-volatile XMM registers at all, to the worst\nconsequences, where the attacker could get complete control of the application\nprocess. However given the contents of the registers are just zeroized so\nthe attacker cannot put arbitrary values inside, the most likely consequence,\nif any, would be an incorrect result of some application dependent\ncalculations or a crash leading to a denial of service.\n\nThe POLY1305 MAC algorithm is most frequently used as part of the\nCHACHA20-POLY1305 AEAD (authenticated encryption with associated data)\nalgorithm. The most common usage of this AEAD cipher is with TLS protocol\nversions 1.2 and 1.3 and a malicious client can influence whether this AEAD\ncipher is used by the server. This implies that server applications using\nOpenSSL can be potentially impacted. However we are currently not aware of\nany concrete application that would be affected by this issue therefore we\nconsider this a Low severity security issue.\n\nAs a workaround the AVX512-IFMA instructions support can be disabled at\nruntime by setting the environment variable OPENSSL_ia32cap:\n\n OPENSSL_ia32cap=:~0x200000\n\nThe FIPS provider is not affected by this issue."
}
],
"metrics": {},
"references": [
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=4bfac4471f53c4f74c8d81020beb938f92d84ca5",
"source": "openssl-security@openssl.org"
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6754de4a121ec7f261b16723180df6592cbb4508",
"source": "openssl-security@openssl.org"
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a632d534c73eeb3e3db8c7540d811194ef7c79ff",
"source": "openssl-security@openssl.org"
},
{
"url": "https://www.openssl.org/news/secadv/20230908.txt",
"source": "openssl-security@openssl.org"
}
]
}

43
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-09-08T10:00:25.880821+00:00
2023-09-08T14:00:25.474966+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-09-08T09:15:08.697000+00:00
2023-09-08T13:59:58.123000+00:00
```
### Last Data Feed Release
@ -29,23 +29,48 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
224507
224511
```
### CVEs added in the last Commit
Recently added CVEs: `3`
Recently added CVEs: `4`
* [CVE-2023-34041](CVE-2023/CVE-2023-340xx/CVE-2023-34041.json) (`2023-09-08T08:15:07.493`)
* [CVE-2023-41775](CVE-2023/CVE-2023-417xx/CVE-2023-41775.json) (`2023-09-08T08:15:07.593`)
* [CVE-2023-4777](CVE-2023/CVE-2023-47xx/CVE-2023-4777.json) (`2023-09-08T09:15:08.697`)
* [CVE-2023-4807](CVE-2023/CVE-2023-48xx/CVE-2023-4807.json) (`2023-09-08T12:15:08.043`)
* [CVE-2023-39076](CVE-2023/CVE-2023-390xx/CVE-2023-39076.json) (`2023-09-08T13:15:07.827`)
* [CVE-2023-39584](CVE-2023/CVE-2023-395xx/CVE-2023-39584.json) (`2023-09-08T13:15:07.990`)
* [CVE-2023-40924](CVE-2023/CVE-2023-409xx/CVE-2023-40924.json) (`2023-09-08T13:15:08.127`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `41`
* [CVE-2023-3572](CVE-2023/CVE-2023-35xx/CVE-2023-3572.json) (`2023-09-08T09:15:07.390`)
* [CVE-2023-40353](CVE-2023/CVE-2023-403xx/CVE-2023-40353.json) (`2023-09-08T12:58:39.247`)
* [CVE-2023-40953](CVE-2023/CVE-2023-409xx/CVE-2023-40953.json) (`2023-09-08T12:58:39.247`)
* [CVE-2023-41594](CVE-2023/CVE-2023-415xx/CVE-2023-41594.json) (`2023-09-08T12:58:39.247`)
* [CVE-2023-41615](CVE-2023/CVE-2023-416xx/CVE-2023-41615.json) (`2023-09-08T12:58:39.247`)
* [CVE-2023-32470](CVE-2023/CVE-2023-324xx/CVE-2023-32470.json) (`2023-09-08T12:58:39.247`)
* [CVE-2023-34041](CVE-2023/CVE-2023-340xx/CVE-2023-34041.json) (`2023-09-08T12:58:39.247`)
* [CVE-2023-41775](CVE-2023/CVE-2023-417xx/CVE-2023-41775.json) (`2023-09-08T12:58:39.247`)
* [CVE-2023-4777](CVE-2023/CVE-2023-47xx/CVE-2023-4777.json) (`2023-09-08T12:58:39.247`)
* [CVE-2023-30908](CVE-2023/CVE-2023-309xx/CVE-2023-30908.json) (`2023-09-08T12:58:44.673`)
* [CVE-2023-41161](CVE-2023/CVE-2023-411xx/CVE-2023-41161.json) (`2023-09-08T12:58:44.673`)
* [CVE-2023-41646](CVE-2023/CVE-2023-416xx/CVE-2023-41646.json) (`2023-09-08T12:58:44.673`)
* [CVE-2023-40029](CVE-2023/CVE-2023-400xx/CVE-2023-40029.json) (`2023-09-08T12:58:44.673`)
* [CVE-2023-40584](CVE-2023/CVE-2023-405xx/CVE-2023-40584.json) (`2023-09-08T12:58:44.673`)
* [CVE-2023-38836](CVE-2023/CVE-2023-388xx/CVE-2023-38836.json) (`2023-09-08T13:15:07.563`)
* [CVE-2023-39982](CVE-2023/CVE-2023-399xx/CVE-2023-39982.json) (`2023-09-08T13:23:36.153`)
* [CVE-2023-4752](CVE-2023/CVE-2023-47xx/CVE-2023-4752.json) (`2023-09-08T13:24:52.210`)
* [CVE-2023-41054](CVE-2023/CVE-2023-410xx/CVE-2023-41054.json) (`2023-09-08T13:39:44.417`)
* [CVE-2023-4740](CVE-2023/CVE-2023-47xx/CVE-2023-4740.json) (`2023-09-08T13:51:18.927`)
* [CVE-2023-4742](CVE-2023/CVE-2023-47xx/CVE-2023-4742.json) (`2023-09-08T13:54:08.653`)
* [CVE-2023-4741](CVE-2023/CVE-2023-47xx/CVE-2023-4741.json) (`2023-09-08T13:54:42.737`)
* [CVE-2023-41266](CVE-2023/CVE-2023-412xx/CVE-2023-41266.json) (`2023-09-08T13:57:32.727`)
* [CVE-2023-40015](CVE-2023/CVE-2023-400xx/CVE-2023-40015.json) (`2023-09-08T13:58:23.860`)
* [CVE-2023-28072](CVE-2023/CVE-2023-280xx/CVE-2023-28072.json) (`2023-09-08T13:58:40.990`)
* [CVE-2023-4750](CVE-2023/CVE-2023-47xx/CVE-2023-4750.json) (`2023-09-08T13:59:22.443`)
* [CVE-2023-41265](CVE-2023/CVE-2023-412xx/CVE-2023-41265.json) (`2023-09-08T13:59:58.123`)
## Download and Usage