admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-05T20:00:38.490985+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-05 20:00:41 +00:00
parent 14970549d3
commit b63d8051a0
60 changed files with 7566 additions and 227 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
CVE-2020/CVE-2020-184xx/CVE-2020-18414.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2020-18414", "id": "CVE-2020-18414",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-27T21:15:15.763", "published": "2023-06-27T21:15:15.763",
"lastModified": "2023-06-28T12:34:43.903", "lastModified": "2023-07-05T18:46:27.213",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Stored cross site scripting (XSS) vulnerability in Chaoji CMS v2.18 that allows attackers to execute arbitrary code via /index.php?admin-master-webset." "value": "Stored cross site scripting (XSS) vulnerability in Chaoji CMS v2.18 that allows attackers to execute arbitrary code via /index.php?admin-master-webset."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chaoji_cms_project:chaoji_cms:2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "DA483300-3FE3-4249-AC6D-C38BD441A68E"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/GodEpic/chaojicms/issues/3", "url": "https://github.com/GodEpic/chaojicms/issues/3",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
} }
] ]
} }

20
CVE-2020/CVE-2020-234xx/CVE-2020-23452.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2020-23452",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-05T18:15:09.750",
"lastModified": "2023-07-05T18:15:09.750",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in Selenium Grid v3.141.59 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hub parameter under the /grid/console page."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/SeleniumHQ/selenium/issues/8259",
"source": "cve@mitre.org"
}
]
}

64
CVE-2021/CVE-2021-302xx/CVE-2021-30203.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2021-30203", "id": "CVE-2021-30203",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-27T14:15:09.667", "published": "2023-06-27T14:15:09.667",
"lastModified": "2023-06-27T16:15:38.897", "lastModified": "2023-07-05T19:50:58.443",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A reflected cross-site scripting (XSS) vulnerability in the zero parameter of dzzoffice 2.02.1_SC_UTF8 allows attackers to execute arbitrary web scripts or HTML." "value": "A reflected cross-site scripting (XSS) vulnerability in the zero parameter of dzzoffice 2.02.1_SC_UTF8 allows attackers to execute arbitrary web scripts or HTML."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dzzoffice:dzzoffice:2.02.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECA901D-850D-468C-B516-01F29417313D"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/zyx0814/dzzoffice/issues/183", "url": "https://github.com/zyx0814/dzzoffice/issues/183",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
} }
] ]
} }

65
CVE-2022/CVE-2022-442xx/CVE-2022-44276.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2022-44276", "id": "CVE-2022-44276",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T15:15:09.323", "published": "2023-06-28T15:15:09.323",
"lastModified": "2023-06-28T15:25:19.233", "lastModified": "2023-07-05T18:51:03.210",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In Responsive Filemanager < 9.12.0, an attacker can bypass upload restrictions resulting in RCE." "value": "In Responsive Filemanager < 9.12.0, an attacker can bypass upload restrictions resulting in RCE."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tecrail:responsive_filemanager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.12.0",
"matchCriteriaId": "FD1D1311-57CB-40F1-869D-7C4B789B1A02"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/HerrLeStrate/CVE-2022-44276-PoC", "url": "https://github.com/HerrLeStrate/CVE-2022-44276-PoC",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
]
} }
] ]
} }

10
CVE-2022/CVE-2022-480xx/CVE-2022-48073.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-48073", "id": "CVE-2022-48073",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-01-27T15:15:10.673", "published": "2023-01-27T15:15:10.673",
"lastModified": "2023-02-04T01:57:42.277", "lastModified": "2023-07-05T18:15:09.857",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext." "value": "Phicomm K2G v22.6.3.20 was discovered to store the root and admin passwords in plaintext."
} }
], ],
"metrics": { "metrics": {
@ -76,6 +76,10 @@
} }
], ],
"references": [ "references": [
{
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2-v22-6-534-263-Sensitive-Information-Disclosure-Vulnerability-530d2415593a400099451d9f0dd7371a",
"source": "cve@mitre.org"
},
{ {
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2G-v22-6-3-20-Sensitive-Information-Disclosure-Vulnerability-8649a75a7ea7455583294e7447145cc6", "url": "https://befitting-vinca-933.notion.site/Phicomm-K2G-v22-6-3-20-Sensitive-Information-Disclosure-Vulnerability-8649a75a7ea7455583294e7447145cc6",
"source": "cve@mitre.org", "source": "cve@mitre.org",

37
CVE-2023/CVE-2023-18xx/CVE-2023-1844.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1844", "id": "CVE-2023-1844",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2023-06-28T03:15:09.140", "published": "2023-06-28T03:15:09.140",
"lastModified": "2023-06-28T12:34:43.903", "lastModified": "2023-07-05T18:38:05.483",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -50,18 +50,45 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:subscribe2_project:subscribe2:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "10.40",
"matchCriteriaId": "34325F77-97FF-4F8E-AA88-30E2B687950B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/subscribe2/trunk/admin/send-email.php#L12", "url": "https://plugins.trac.wordpress.org/browser/subscribe2/trunk/admin/send-email.php#L12",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/2930676", "url": "https://plugins.trac.wordpress.org/changeset/2930676",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c34ce601-5cf9-433f-bc9d-5c705eba6b08?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c34ce601-5cf9-433f-bc9d-5c705eba6b08?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

63
CVE-2023/CVE-2023-211xx/CVE-2023-21195.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-21195", "id": "CVE-2023-21195",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2023-06-28T18:15:15.383", "published": "2023-06-28T18:15:15.383",
"lastModified": "2023-06-28T19:27:43.520", "lastModified": "2023-07-05T19:25:24.387",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In btm_ble_periodic_adv_sync_tx_rcvd of btm_ble_gap.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth, if the firmware were compromised with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233879420" "value": "In btm_ble_periodic_adv_sync_tx_rcvd of btm_ble_gap.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth, if the firmware were compromised with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233879420"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://source.android.com/security/bulletin/pixel/2023-06-01", "url": "https://source.android.com/security/bulletin/pixel/2023-06-01",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

63
CVE-2023/CVE-2023-211xx/CVE-2023-21196.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-21196", "id": "CVE-2023-21196",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2023-06-28T18:15:15.423", "published": "2023-06-28T18:15:15.423",
"lastModified": "2023-06-28T19:27:43.520", "lastModified": "2023-07-05T19:27:24.927",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In btm_ble_batchscan_filter_track_adv_vse_cback of btm_ble_batchscan.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-261857395" "value": "In btm_ble_batchscan_filter_track_adv_vse_cback of btm_ble_batchscan.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-261857395"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://source.android.com/security/bulletin/pixel/2023-06-01", "url": "https://source.android.com/security/bulletin/pixel/2023-06-01",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

63
CVE-2023/CVE-2023-211xx/CVE-2023-21197.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-21197", "id": "CVE-2023-21197",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2023-06-28T18:15:15.460", "published": "2023-06-28T18:15:15.460",
"lastModified": "2023-06-28T19:27:43.520", "lastModified": "2023-07-05T19:35:40.793",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In btm_acl_process_sca_cmpl_pkt of btm_acl.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-251427561" "value": "In btm_acl_process_sca_cmpl_pkt of btm_acl.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-251427561"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://source.android.com/security/bulletin/pixel/2023-06-01", "url": "https://source.android.com/security/bulletin/pixel/2023-06-01",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

63
CVE-2023/CVE-2023-211xx/CVE-2023-21198.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-21198", "id": "CVE-2023-21198",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2023-06-28T18:15:15.500", "published": "2023-06-28T18:15:15.500",
"lastModified": "2023-06-28T19:27:43.520", "lastModified": "2023-07-05T19:38:07.660",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In remove_sdp_record of btif_sdp_server.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-245517503" "value": "In remove_sdp_record of btif_sdp_server.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-245517503"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://source.android.com/security/bulletin/pixel/2023-06-01", "url": "https://source.android.com/security/bulletin/pixel/2023-06-01",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

63
CVE-2023/CVE-2023-211xx/CVE-2023-21199.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-21199", "id": "CVE-2023-21199",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2023-06-28T18:15:15.540", "published": "2023-06-28T18:15:15.540",
"lastModified": "2023-06-28T19:27:43.520", "lastModified": "2023-07-05T19:42:07.917",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In btu_ble_proc_ltk_req of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-254445961" "value": "In btu_ble_proc_ltk_req of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-254445961"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://source.android.com/security/bulletin/pixel/2023-06-01", "url": "https://source.android.com/security/bulletin/pixel/2023-06-01",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

63
CVE-2023/CVE-2023-212xx/CVE-2023-21200.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-21200", "id": "CVE-2023-21200",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2023-06-28T18:15:15.577", "published": "2023-06-28T18:15:15.577",
"lastModified": "2023-06-28T19:27:43.520", "lastModified": "2023-07-05T19:45:27.017",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In on_remove_iso_data_path of btm_iso_impl.h, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-236688764" "value": "In on_remove_iso_data_path of btm_iso_impl.h, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-236688764"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://source.android.com/security/bulletin/pixel/2023-06-01", "url": "https://source.android.com/security/bulletin/pixel/2023-06-01",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

63
CVE-2023/CVE-2023-212xx/CVE-2023-21201.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-21201", "id": "CVE-2023-21201",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2023-06-28T18:15:15.617", "published": "2023-06-28T18:15:15.617",
"lastModified": "2023-06-28T19:27:43.520", "lastModified": "2023-07-05T19:46:48.690",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In on_create_record_event of btif_sdp_server.cc, there is a possible out of bounds read due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-263545186" "value": "In on_create_record_event of btif_sdp_server.cc, there is a possible out of bounds read due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-263545186"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://source.android.com/security/bulletin/pixel/2023-06-01", "url": "https://source.android.com/security/bulletin/pixel/2023-06-01",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

63
CVE-2023/CVE-2023-212xx/CVE-2023-21202.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-21202", "id": "CVE-2023-21202",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2023-06-28T18:15:15.660", "published": "2023-06-28T18:15:15.660",
"lastModified": "2023-06-28T19:27:43.520", "lastModified": "2023-07-05T19:48:33.540",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In btm_delete_stored_link_key_complete of btm_devctl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over Bluetooth with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260568359" "value": "In btm_delete_stored_link_key_complete of btm_devctl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over Bluetooth with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260568359"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://source.android.com/security/bulletin/pixel/2023-06-01", "url": "https://source.android.com/security/bulletin/pixel/2023-06-01",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

63
CVE-2023/CVE-2023-228xx/CVE-2023-22834.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-22834", "id": "CVE-2023-22834",
"sourceIdentifier": "cve-coordination@palantir.com", "sourceIdentifier": "cve-coordination@palantir.com",
"published": "2023-06-27T00:15:09.437", "published": "2023-06-27T00:15:09.437",
"lastModified": "2023-06-27T01:40:40.277", "lastModified": "2023-07-05T19:14:49.097",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The Contour Service was not checking that users had permission to create an analysis for a given dataset. This could allow an attacker to clutter up Compass folders with extraneous analyses, that the attacker would otherwise not have permission to create." "value": "The Contour Service was not checking that users had permission to create an analysis for a given dataset. This could allow an attacker to clutter up Compass folders with extraneous analyses, that the attacker would otherwise not have permission to create."
},
{
"lang": "es",
"value": "Contour Service no comprobaba que los usuarios tuvieran permiso para crear un an\u00e1lisis para un conjunto de datos determinado. Esto podr\u00eda permitir a un atacante saturar las carpetas de Compass con an\u00e1lisis extra\u00f1os que, de otro modo, no tendr\u00eda permiso para crear. "
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{ {
"source": "cve-coordination@palantir.com", "source": "cve-coordination@palantir.com",
"type": "Secondary", "type": "Secondary",
@ -34,10 +58,43 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:palantir:contour:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.642.0",
"matchCriteriaId": "DE4A9B13-659F-47C5-9B8B-7B6886AD285A"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://palantir.safebase.us/?tcuUid=14874400-e9c9-4ac4-a8a6-9f4c48a56ff8", "url": "https://palantir.safebase.us/?tcuUid=14874400-e9c9-4ac4-a8a6-9f4c48a56ff8",
"source": "cve-coordination@palantir.com" "source": "cve-coordination@palantir.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

82
CVE-2023/CVE-2023-266xx/CVE-2023-26615.json
View File

@ -2,23 +2,95 @@
"id": "CVE-2023-26615", "id": "CVE-2023-26615",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T15:15:10.137", "published": "2023-06-28T15:15:10.137",
"lastModified": "2023-06-28T15:25:19.233", "lastModified": "2023-07-05T18:50:06.507",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password." "value": "D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-640"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-823g_firmware:1.02b05:*:*:*:*:*:*:*",
"matchCriteriaId": "359D06ED-7E8E-40E5-84A4-27F1693820E9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-823g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67B980AA-84BE-4D22-B4E7-7B2DBF571B65"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1", "url": "https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1/SetMultipleActions", "url": "https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1/SetMultipleActions",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

6
CVE-2023/CVE-2023-273xx/CVE-2023-27390.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27390", "id": "CVE-2023-27390",
"sourceIdentifier": "talos-cna@cisco.com", "sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-05T16:15:09.507", "published": "2023-07-05T16:15:09.507",
"lastModified": "2023-07-05T16:25:41.353", "lastModified": "2023-07-05T18:15:09.987",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
@ -50,6 +50,10 @@
{ {
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1744", "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1744",
"source": "talos-cna@cisco.com" "source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1744",
"source": "talos-cna@cisco.com"
} }
] ]
} }

64
CVE-2023/CVE-2023-302xx/CVE-2023-30259.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-30259", "id": "CVE-2023-30259",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T14:15:09.677", "published": "2023-06-28T14:15:09.677",
"lastModified": "2023-06-28T15:25:24.900", "lastModified": "2023-07-05T18:53:44.850",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A Buffer Overflow vulnerability in importshp plugin in LibreCAD 2.2.0 allows attackers to obtain sensitive information via a crafted DBF file." "value": "A Buffer Overflow vulnerability in importshp plugin in LibreCAD 2.2.0 allows attackers to obtain sensitive information via a crafted DBF file."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:librecad:librecad:2.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "1601072D-9004-48B7-80B9-CB62792D4B27"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/LibreCAD/LibreCAD/issues/1481", "url": "https://github.com/LibreCAD/LibreCAD/issues/1481",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
} }
] ]
} }

63
CVE-2023/CVE-2023-306xx/CVE-2023-30607.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-30607",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-05T18:15:10.070",
"lastModified": "2023-07-05T18:15:10.070",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "icingaweb2-module-jira provides integration with Atlassian Jira. Starting in version 1.3.0 and prior to version 1.3.2, template and field configuration forms perform the deletion action before user input is validated, including the cross site request forgery token. This issue is fixed in version 1.3.2. There are no known workarounds."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://github.com/Icinga/icingaweb2-module-jira/commit/7f0c53b7a3e87be2f4c2e8840805d7b7c9762424",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/Icinga/icingaweb2-module-jira/releases/tag/v1.3.2",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/Icinga/icingaweb2-module-jira/security/advisories/GHSA-gh7w-7f7j-gwp5",
"source": "security-advisories@github.com"
}
]
}

71
CVE-2023/CVE-2023-309xx/CVE-2023-30945.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30945", "id": "CVE-2023-30945",
"sourceIdentifier": "cve-coordination@palantir.com", "sourceIdentifier": "cve-coordination@palantir.com",
"published": "2023-06-26T23:15:09.193", "published": "2023-06-26T23:15:09.193",
"lastModified": "2023-06-27T01:40:40.277", "lastModified": "2023-07-05T18:14:06.537",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{ {
"source": "cve-coordination@palantir.com", "source": "cve-coordination@palantir.com",
"type": "Secondary", "type": "Secondary",
@ -34,10 +54,55 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:palantir:clips2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.111.2",
"matchCriteriaId": "EB9EB1C8-6DDE-4EC8-99F2-1130EABA72CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:palantir:video_clip_distributor:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.24.10",
"matchCriteriaId": "B4883F5A-B29C-4EB9-9F55-D15499EC1A40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:palantir:video_history_service:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.210.3",
"matchCriteriaId": "C9C66728-D88D-4A48-89E3-D887A31C78DF"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://palantir.safebase.us/?tcuUid=e62e4dad-b39b-48ba-ba30-7b7c83406ad9", "url": "https://palantir.safebase.us/?tcuUid=e62e4dad-b39b-48ba-ba30-7b7c83406ad9",
"source": "cve-coordination@palantir.com" "source": "cve-coordination@palantir.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

65
CVE-2023/CVE-2023-309xx/CVE-2023-30993.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30993", "id": "CVE-2023-30993",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-06-27T20:15:09.620", "published": "2023-06-27T20:15:09.620",
"lastModified": "2023-06-27T20:45:06.090", "lastModified": "2023-07-05T18:47:03.063",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "psirt@us.ibm.com", "source": "psirt@us.ibm.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
},
{ {
"source": "psirt@us.ibm.com", "source": "psirt@us.ibm.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +76,41 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:cloud_pak_for_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.9.0.0",
"versionEndIncluding": "1.9.2.0",
"matchCriteriaId": "45D219FF-33C0-470A-889E-1F82EC5428C5"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254136", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254136",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.ibm.com/support/pages/node/6995221", "url": "https://www.ibm.com/support/pages/node/6995221",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

6
CVE-2023/CVE-2023-311xx/CVE-2023-31194.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31194", "id": "CVE-2023-31194",
"sourceIdentifier": "talos-cna@cisco.com", "sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-05T16:15:09.600", "published": "2023-07-05T16:15:09.600",
"lastModified": "2023-07-05T16:25:41.353", "lastModified": "2023-07-05T18:15:10.157",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
@ -50,6 +50,10 @@
{ {
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1745", "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1745",
"source": "talos-cna@cisco.com" "source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1745",
"source": "talos-cna@cisco.com"
} }
] ]
} }

59
CVE-2023/CVE-2023-312xx/CVE-2023-31248.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-31248",
"sourceIdentifier": "security@ubuntu.com",
"published": "2023-07-05T19:15:09.713",
"lastModified": "2023-07-05T19:15:09.713",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@ubuntu.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@ubuntu.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://lore.kernel.org/netfilter-devel/20230705121627.GC19489@breakpoint.cc/T/",
"source": "security@ubuntu.com"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/07/05/2",
"source": "security@ubuntu.com"
}
]
}

64
CVE-2023/CVE-2023-319xx/CVE-2023-31972.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-31972", "id": "CVE-2023-31972",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T13:15:18.503", "published": "2023-05-09T13:15:18.503",
"lastModified": "2023-05-09T14:30:54.950", "lastModified": "2023-07-05T19:00:26.747",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "yasm v1.3.0 was discovered to contain a use after free via the function pp_getline at /nasm/nasm-pp.c." "value": "yasm v1.3.0 was discovered to contain a use after free via the function pp_getline at /nasm/nasm-pp.c."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tortall:yasm:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1453CF78-5025-49BF-A1A6-C62F948B5735"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/yasm/yasm/issues/209", "url": "https://github.com/yasm/yasm/issues/209",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
} }
] ]
} }

64
CVE-2023/CVE-2023-319xx/CVE-2023-31973.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-31973", "id": "CVE-2023-31973",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T14:15:13.737", "published": "2023-05-09T14:15:13.737",
"lastModified": "2023-05-09T14:30:54.950", "lastModified": "2023-07-05T19:00:20.850",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "yasm v1.3.0 was discovered to contain a use after free via the function expand_mmac_params at /nasm/nasm-pp.c." "value": "yasm v1.3.0 was discovered to contain a use after free via the function expand_mmac_params at /nasm/nasm-pp.c."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tortall:yasm:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1453CF78-5025-49BF-A1A6-C62F948B5735"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/yasm/yasm/issues/207", "url": "https://github.com/yasm/yasm/issues/207",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
} }
] ]
} }

64
CVE-2023/CVE-2023-319xx/CVE-2023-31974.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-31974", "id": "CVE-2023-31974",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T13:15:18.550", "published": "2023-05-09T13:15:18.550",
"lastModified": "2023-05-09T14:30:54.950", "lastModified": "2023-07-05T19:00:17.533",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "yasm v1.3.0 was discovered to contain a use after free via the function error at /nasm/nasm-pp.c." "value": "yasm v1.3.0 was discovered to contain a use after free via the function error at /nasm/nasm-pp.c."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tortall:yasm:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1453CF78-5025-49BF-A1A6-C62F948B5735"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/yasm/yasm/issues/208", "url": "https://github.com/yasm/yasm/issues/208",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
} }
] ]
} }

20
CVE-2023/CVE-2023-319xx/CVE-2023-31975.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31975", "id": "CVE-2023-31975",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T13:15:18.590", "published": "2023-05-09T13:15:18.590",
"lastModified": "2023-06-24T09:15:47.420", "lastModified": "2023-07-05T19:01:42.130",
"vulnStatus": "Modified", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -17,7 +17,7 @@
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL", "attackVector": "LOCAL",
"attackComplexity": "LOW", "attackComplexity": "LOW",
"privilegesRequired": "NONE", "privilegesRequired": "NONE",
@ -25,12 +25,12 @@
"scope": "UNCHANGED", "scope": "UNCHANGED",
"confidentialityImpact": "NONE", "confidentialityImpact": "NONE",
"integrityImpact": "NONE", "integrityImpact": "NONE",
"availabilityImpact": "HIGH", "availabilityImpact": "LOW",
"baseScore": 5.5, "baseScore": 3.3,
"baseSeverity": "MEDIUM" "baseSeverity": "LOW"
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 1.4
} }
] ]
}, },
@ -194,7 +194,11 @@
}, },
{ {
"url": "http://www.openwall.com/lists/oss-security/2023/06/24/1", "url": "http://www.openwall.com/lists/oss-security/2023/06/24/1",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/yasm/yasm/issues/210", "url": "https://github.com/yasm/yasm/issues/210",

1303
CVE-2023/CVE-2023-324xx/CVE-2023-32463.json
View File

File diff suppressed because it is too large Load Diff

1336
CVE-2023/CVE-2023-324xx/CVE-2023-32464.json
View File

File diff suppressed because it is too large Load Diff

20
CVE-2023/CVE-2023-333xx/CVE-2023-33335.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33335",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-05T18:15:10.277",
"lastModified": "2023-07-05T18:15:10.277",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) in Sophos Sophos iView (The EOL was December 31st 2020) in grpname parameter that allows arbitrary script to be executed."
}
],
"metrics": {},
"references": [
{
"url": "https://inf0seq.github.io/cve/2023/05/03/Cross-Site-scripting-(XSS)-in-Sophos-iView.html",
"source": "cve@mitre.org"
}
]
}

505
CVE-2023/CVE-2023-33xx/CVE-2023-3330.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-3330", "id": "CVE-2023-3330",
"sourceIdentifier": "psirt-info@cyber.jp.nec.com", "sourceIdentifier": "psirt-info@cyber.jp.nec.com",
"published": "2023-06-28T02:15:49.523", "published": "2023-06-28T02:15:49.523",
"lastModified": "2023-07-03T03:15:09.473", "lastModified": "2023-07-05T18:45:49.867",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0obtain specific files in the product." "value": "Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0obtain specific files in the product."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{ {
"source": "psirt-info@cyber.jp.nec.com", "source": "psirt-info@cyber.jp.nec.com",
"type": "Secondary", "type": "Secondary",
@ -23,10 +56,474 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wf300hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FDEB886-84A3-466F-A44D-C8343DC8EA26"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wf300hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02D5D7A6-3E46-401A-8987-ECCC0D97BE73"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1400hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D2A5730-11AC-4920-ACC3-B16F3F06F74D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1400hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B516AF4-E4BE-4074-A8B7-67276C7B57CD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1800hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C771D26-13FE-4821-8FAE-7B55E147C586"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1800hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44146A63-6E9A-4A6A-836A-FA75E0954E35"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1800hp2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9971F7F6-56E0-49D8-8D77-EEE4E0398531"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1800hp2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7F7EC38-F304-41AD-9F85-39820E5945E6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2200hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A48CCBD-1662-4188-ADBB-B3E69E2330F6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2200hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F167B2EE-7708-4A73-A52D-35725A0A1E29"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2600hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B377AF40-2788-4192-AC90-E6395B62FC4C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2600hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "872F8DA6-CB06-4886-801D-DC8F53EB7305"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2600hp2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85717CF6-DB27-4F5F-9685-5235A5EB402B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2600hp2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49782342-2E93-475A-90A5-9EDF40F97137"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg300hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3736608B-2D6C-4E2B-A52D-D3F1E60C1498"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg300hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "195A8A79-4E27-4EDD-975F-A4B58F040221"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg600hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CC22AB5-2239-45FB-B57E-6344FE3EA483"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg600hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "049F25E4-A0A6-4E98-9FB2-63BF9D451B4A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8600n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "093CFEBE-49F0-4387-B0CD-377F580E37AA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8600n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D96606ED-63AA-41E0-823A-16A2CD5200FD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8700n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCBF41D-824A-449C-9C1F-5FF3DE9D6F08"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8700n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD5B8F6-19F6-4F80-90C3-AC4EFE564FFF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8750n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "014F8A96-0AA2-4C65-89F8-2DF59717D079"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8750n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9559B967-CCD6-4CEE-ADD8-862D1D7E5D96"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr9300n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96E88402-955F-4565-8219-1332DBC3FAB5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr9300n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B83D44BD-00FB-4F15-B543-84DF92E67CBD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr9500n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B542A9B-FBE4-446B-9BCF-F86859BB2F16"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr9500n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63C99E37-A070-49C3-BB3B-AE189F02E5F2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8170n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9E46CDB-A7B3-4A2C-8A91-E18986F60AC6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8170n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24F752BB-CFD7-41EC-83FD-7C0A352C72B7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8175n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D29A7303-517C-4FDE-AB97-9AD9D42F1E5F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8175n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138732B4-C531-4DD3-B2C6-F672E72EE3AE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8370n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02434FCD-EBFB-4A93-A0F1-E0FED57715C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8370n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B487F29B-4F4D-40EB-9D7E-48681370F5F6"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html", "url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html",
"source": "psirt-info@cyber.jp.nec.com" "source": "psirt-info@cyber.jp.nec.com",
"tags": [
"Broken Link"
]
} }
] ]
} }

505
CVE-2023/CVE-2023-33xx/CVE-2023-3331.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-3331", "id": "CVE-2023-3331",
"sourceIdentifier": "psirt-info@cyber.jp.nec.com", "sourceIdentifier": "psirt-info@cyber.jp.nec.com",
"published": "2023-06-28T02:15:49.590", "published": "2023-06-28T02:15:49.590",
"lastModified": "2023-07-03T03:15:09.560", "lastModified": "2023-07-05T18:45:37.043",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0delete\n\n specific files in the product." "value": "Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0delete\n\n specific files in the product."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{ {
"source": "psirt-info@cyber.jp.nec.com", "source": "psirt-info@cyber.jp.nec.com",
"type": "Secondary", "type": "Secondary",
@ -23,10 +56,474 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wf300hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FDEB886-84A3-466F-A44D-C8343DC8EA26"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wf300hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02D5D7A6-3E46-401A-8987-ECCC0D97BE73"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1400hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D2A5730-11AC-4920-ACC3-B16F3F06F74D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1400hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B516AF4-E4BE-4074-A8B7-67276C7B57CD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1800hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C771D26-13FE-4821-8FAE-7B55E147C586"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1800hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44146A63-6E9A-4A6A-836A-FA75E0954E35"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1800hp2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9971F7F6-56E0-49D8-8D77-EEE4E0398531"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1800hp2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7F7EC38-F304-41AD-9F85-39820E5945E6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2200hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A48CCBD-1662-4188-ADBB-B3E69E2330F6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2200hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F167B2EE-7708-4A73-A52D-35725A0A1E29"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2600hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B377AF40-2788-4192-AC90-E6395B62FC4C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2600hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "872F8DA6-CB06-4886-801D-DC8F53EB7305"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2600hp2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85717CF6-DB27-4F5F-9685-5235A5EB402B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2600hp2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49782342-2E93-475A-90A5-9EDF40F97137"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg300hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3736608B-2D6C-4E2B-A52D-D3F1E60C1498"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg300hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "195A8A79-4E27-4EDD-975F-A4B58F040221"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg600hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CC22AB5-2239-45FB-B57E-6344FE3EA483"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg600hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "049F25E4-A0A6-4E98-9FB2-63BF9D451B4A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8600n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "093CFEBE-49F0-4387-B0CD-377F580E37AA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8600n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D96606ED-63AA-41E0-823A-16A2CD5200FD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8700n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCBF41D-824A-449C-9C1F-5FF3DE9D6F08"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8700n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD5B8F6-19F6-4F80-90C3-AC4EFE564FFF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8750n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "014F8A96-0AA2-4C65-89F8-2DF59717D079"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8750n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9559B967-CCD6-4CEE-ADD8-862D1D7E5D96"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr9300n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96E88402-955F-4565-8219-1332DBC3FAB5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr9300n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B83D44BD-00FB-4F15-B543-84DF92E67CBD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr9500n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B542A9B-FBE4-446B-9BCF-F86859BB2F16"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr9500n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63C99E37-A070-49C3-BB3B-AE189F02E5F2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8170n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9E46CDB-A7B3-4A2C-8A91-E18986F60AC6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8170n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24F752BB-CFD7-41EC-83FD-7C0A352C72B7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8175n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D29A7303-517C-4FDE-AB97-9AD9D42F1E5F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8175n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138732B4-C531-4DD3-B2C6-F672E72EE3AE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8370n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02434FCD-EBFB-4A93-A0F1-E0FED57715C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8370n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B487F29B-4F4D-40EB-9D7E-48681370F5F6"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html", "url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html",
"source": "psirt-info@cyber.jp.nec.com" "source": "psirt-info@cyber.jp.nec.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

505
CVE-2023/CVE-2023-33xx/CVE-2023-3332.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-3332", "id": "CVE-2023-3332",
"sourceIdentifier": "psirt-info@cyber.jp.nec.com", "sourceIdentifier": "psirt-info@cyber.jp.nec.com",
"published": "2023-06-28T02:15:49.650", "published": "2023-06-28T02:15:49.650",
"lastModified": "2023-07-03T03:15:09.633", "lastModified": "2023-07-05T19:19:49.067",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0\n\nexecute an arbitrary script, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities." "value": "Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0\n\nexecute an arbitrary script, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{ {
"source": "psirt-info@cyber.jp.nec.com", "source": "psirt-info@cyber.jp.nec.com",
"type": "Secondary", "type": "Secondary",
@ -23,10 +56,474 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wf300hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FDEB886-84A3-466F-A44D-C8343DC8EA26"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wf300hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02D5D7A6-3E46-401A-8987-ECCC0D97BE73"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1400hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D2A5730-11AC-4920-ACC3-B16F3F06F74D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1400hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B516AF4-E4BE-4074-A8B7-67276C7B57CD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1800hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C771D26-13FE-4821-8FAE-7B55E147C586"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1800hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44146A63-6E9A-4A6A-836A-FA75E0954E35"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1800hp2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9971F7F6-56E0-49D8-8D77-EEE4E0398531"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1800hp2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7F7EC38-F304-41AD-9F85-39820E5945E6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2200hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A48CCBD-1662-4188-ADBB-B3E69E2330F6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2200hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F167B2EE-7708-4A73-A52D-35725A0A1E29"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2600hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B377AF40-2788-4192-AC90-E6395B62FC4C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2600hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "872F8DA6-CB06-4886-801D-DC8F53EB7305"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2600hp2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85717CF6-DB27-4F5F-9685-5235A5EB402B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2600hp2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49782342-2E93-475A-90A5-9EDF40F97137"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg300hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3736608B-2D6C-4E2B-A52D-D3F1E60C1498"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg300hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "195A8A79-4E27-4EDD-975F-A4B58F040221"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg600hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CC22AB5-2239-45FB-B57E-6344FE3EA483"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg600hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "049F25E4-A0A6-4E98-9FB2-63BF9D451B4A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8600n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "093CFEBE-49F0-4387-B0CD-377F580E37AA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8600n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D96606ED-63AA-41E0-823A-16A2CD5200FD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8700n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCBF41D-824A-449C-9C1F-5FF3DE9D6F08"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8700n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD5B8F6-19F6-4F80-90C3-AC4EFE564FFF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8750n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "014F8A96-0AA2-4C65-89F8-2DF59717D079"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8750n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9559B967-CCD6-4CEE-ADD8-862D1D7E5D96"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr9300n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96E88402-955F-4565-8219-1332DBC3FAB5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr9300n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B83D44BD-00FB-4F15-B543-84DF92E67CBD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr9500n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B542A9B-FBE4-446B-9BCF-F86859BB2F16"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr9500n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63C99E37-A070-49C3-BB3B-AE189F02E5F2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8170n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9E46CDB-A7B3-4A2C-8A91-E18986F60AC6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8170n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24F752BB-CFD7-41EC-83FD-7C0A352C72B7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8175n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D29A7303-517C-4FDE-AB97-9AD9D42F1E5F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8175n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138732B4-C531-4DD3-B2C6-F672E72EE3AE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8370n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02434FCD-EBFB-4A93-A0F1-E0FED57715C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8370n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B487F29B-4F4D-40EB-9D7E-48681370F5F6"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html", "url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html",
"source": "psirt-info@cyber.jp.nec.com" "source": "psirt-info@cyber.jp.nec.com",
"tags": [
"Broken Link"
]
} }
] ]
} }

505
CVE-2023/CVE-2023-33xx/CVE-2023-3333.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-3333", "id": "CVE-2023-3333",
"sourceIdentifier": "psirt-info@cyber.jp.nec.com", "sourceIdentifier": "psirt-info@cyber.jp.nec.com",
"published": "2023-06-28T02:15:49.713", "published": "2023-06-28T02:15:49.713",
"lastModified": "2023-07-03T03:15:09.713", "lastModified": "2023-07-05T19:19:52.590",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0execute an arbitrary OS command with the root privilege, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities." "value": "Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0execute an arbitrary OS command with the root privilege, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
},
{ {
"source": "psirt-info@cyber.jp.nec.com", "source": "psirt-info@cyber.jp.nec.com",
"type": "Secondary", "type": "Secondary",
@ -23,10 +56,474 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wf300hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FDEB886-84A3-466F-A44D-C8343DC8EA26"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wf300hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02D5D7A6-3E46-401A-8987-ECCC0D97BE73"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1400hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D2A5730-11AC-4920-ACC3-B16F3F06F74D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1400hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B516AF4-E4BE-4074-A8B7-67276C7B57CD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1800hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C771D26-13FE-4821-8FAE-7B55E147C586"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1800hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44146A63-6E9A-4A6A-836A-FA75E0954E35"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1800hp2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9971F7F6-56E0-49D8-8D77-EEE4E0398531"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1800hp2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7F7EC38-F304-41AD-9F85-39820E5945E6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2200hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A48CCBD-1662-4188-ADBB-B3E69E2330F6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2200hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F167B2EE-7708-4A73-A52D-35725A0A1E29"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2600hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B377AF40-2788-4192-AC90-E6395B62FC4C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2600hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "872F8DA6-CB06-4886-801D-DC8F53EB7305"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2600hp2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85717CF6-DB27-4F5F-9685-5235A5EB402B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2600hp2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49782342-2E93-475A-90A5-9EDF40F97137"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg300hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3736608B-2D6C-4E2B-A52D-D3F1E60C1498"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg300hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "195A8A79-4E27-4EDD-975F-A4B58F040221"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg600hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CC22AB5-2239-45FB-B57E-6344FE3EA483"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg600hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "049F25E4-A0A6-4E98-9FB2-63BF9D451B4A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8600n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "093CFEBE-49F0-4387-B0CD-377F580E37AA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8600n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D96606ED-63AA-41E0-823A-16A2CD5200FD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8700n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCBF41D-824A-449C-9C1F-5FF3DE9D6F08"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8700n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD5B8F6-19F6-4F80-90C3-AC4EFE564FFF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8750n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "014F8A96-0AA2-4C65-89F8-2DF59717D079"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8750n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9559B967-CCD6-4CEE-ADD8-862D1D7E5D96"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr9300n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96E88402-955F-4565-8219-1332DBC3FAB5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr9300n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B83D44BD-00FB-4F15-B543-84DF92E67CBD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr9500n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B542A9B-FBE4-446B-9BCF-F86859BB2F16"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr9500n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63C99E37-A070-49C3-BB3B-AE189F02E5F2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8170n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9E46CDB-A7B3-4A2C-8A91-E18986F60AC6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8170n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24F752BB-CFD7-41EC-83FD-7C0A352C72B7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8175n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D29A7303-517C-4FDE-AB97-9AD9D42F1E5F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8175n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138732B4-C531-4DD3-B2C6-F672E72EE3AE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8370n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02434FCD-EBFB-4A93-A0F1-E0FED57715C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8370n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B487F29B-4F4D-40EB-9D7E-48681370F5F6"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html", "url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html",
"source": "psirt-info@cyber.jp.nec.com" "source": "psirt-info@cyber.jp.nec.com",
"tags": [
"Broken Link"
]
} }
] ]
} }

74
CVE-2023/CVE-2023-33xx/CVE-2023-3371.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3371", "id": "CVE-2023-3371",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2023-06-27T02:15:09.657", "published": "2023-06-27T02:15:09.657",
"lastModified": "2023-06-27T16:15:41.447", "lastModified": "2023-07-05T19:24:05.357",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -17,8 +17,28 @@
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "security@wordfence.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
@ -50,30 +70,66 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:embedpress:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.7.3",
"matchCriteriaId": "E2AA4D09-9B14-4CCD-83A8-7A60FA06C0B1"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/embedpress/tags/3.7.3/EmbedPress/Includes/Classes/Helper.php#L231", "url": "https://plugins.trac.wordpress.org/browser/embedpress/tags/3.7.3/EmbedPress/Includes/Classes/Helper.php#L231",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/embedpress/tags/3.7.3/EmbedPress/Includes/Classes/Helper.php#L278", "url": "https://plugins.trac.wordpress.org/browser/embedpress/tags/3.7.3/EmbedPress/Includes/Classes/Helper.php#L278",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/embedpress/tags/3.7.3/Gutenberg/block-backend/block-embedpress.php#L30", "url": "https://plugins.trac.wordpress.org/browser/embedpress/tags/3.7.3/Gutenberg/block-backend/block-embedpress.php#L30",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/2930523/embedpress#file10", "url": "https://plugins.trac.wordpress.org/changeset/2930523/embedpress#file10",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/2930523/embedpress#file28", "url": "https://plugins.trac.wordpress.org/changeset/2930523/embedpress#file28",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c1033b4d-82a0-4484-aebf-f35d6a2a9a13?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c1033b4d-82a0-4484-aebf-f35d6a2a9a13?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

63
CVE-2023/CVE-2023-341xx/CVE-2023-34106.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-34106",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-05T18:15:10.330",
"lastModified": "2023-07-05T18:15:10.330",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "GLPI is a free asset and IT management software package. Versions of the software starting with 0.68 and prior to 10.0.8 have an incorrect rights check on a on a file accessible by an authenticated user. This allows access to the list of all users and their personal information. Users should upgrade to version 10.0.8 to receive a patch."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
},
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://github.com/glpi-project/glpi/releases/tag/10.0.8",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-923r-hqh4-wj7c",
"source": "security-advisories@github.com"
}
]
}

55
CVE-2023/CVE-2023-343xx/CVE-2023-34337.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34337",
"sourceIdentifier": "biossecurity@ami.com",
"published": "2023-07-05T19:15:09.800",
"lastModified": "2023-07-05T19:15:09.800",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nAMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption strength by hash-based message authentication code (HMAC). A successful exploit of this vulnerability\u00a0may lead to a loss of confidentiality, integrity, and availability. \n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-326"
}
]
}
],
"references": [
{
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf",
"source": "biossecurity@ami.com"
}
]
}

55
CVE-2023/CVE-2023-343xx/CVE-2023-34338.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34338",
"sourceIdentifier": "biossecurity@ami.com",
"published": "2023-07-05T19:15:09.877",
"lastModified": "2023-07-05T19:15:09.877",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded cryptographic key by a hard-coded certificate. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.\u00a0"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-321"
}
]
}
],
"references": [
{
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf",
"source": "biossecurity@ami.com"
}
]
}

48
CVE-2023/CVE-2023-344xx/CVE-2023-34463.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34463", "id": "CVE-2023-34463",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-26T21:15:09.363", "published": "2023-06-26T21:15:09.363",
"lastModified": "2023-06-26T22:13:24.933", "lastModified": "2023-07-05T18:29:05.773",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +66,32 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.18.8",
"matchCriteriaId": "21DCEC86-16D9-4180-9088-06D6AD31EF93"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/dataease/dataease/security/advisories/GHSA-4c4p-qfwq-85fj", "url": "https://github.com/dataease/dataease/security/advisories/GHSA-4c4p-qfwq-85fj",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

55
CVE-2023/CVE-2023-344xx/CVE-2023-34471.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34471",
"sourceIdentifier": "biossecurity@ami.com",
"published": "2023-07-05T19:15:09.947",
"lastModified": "2023-07-05T19:15:09.947",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n AMI SPx contains a vulnerability in the BMC where a user may cause a missing cryptographic step by generating a hash-based message authentication code (HMAC). A successful exploit of this vulnerability may lead to the loss confidentiality, integrity, and authentication."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.4,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-325"
}
]
}
],
"references": [
{
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf",
"source": "biossecurity@ami.com"
}
]
}

59
CVE-2023/CVE-2023-344xx/CVE-2023-34472.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-34472",
"sourceIdentifier": "biossecurity@ami.com",
"published": "2023-07-05T19:15:10.017",
"lastModified": "2023-07-05T19:15:10.017",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "AMI SPx contains a vulnerability in the BMC where an Attacker may cause an improper neutralization of CRLF sequences in HTTP Headers. A successful exploit of this vulnerability may lead to a loss of integrity.\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-113"
},
{
"lang": "en",
"value": "CWE-93"
}
]
}
],
"references": [
{
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf",
"source": "biossecurity@ami.com"
}
]
}

55
CVE-2023/CVE-2023-344xx/CVE-2023-34473.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34473",
"sourceIdentifier": "biossecurity@ami.com",
"published": "2023-07-05T19:15:10.083",
"lastModified": "2023-07-05T19:15:10.083",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nAMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded credentials. A successful exploit of this vulnerability\u00a0may lead to a loss of confidentiality, integrity, and availability. \n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
}
],
"references": [
{
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf",
"source": "biossecurity@ami.com"
}
]
}

75
CVE-2023/CVE-2023-349xx/CVE-2023-34928.json
View File

@ -2,19 +2,86 @@
"id": "CVE-2023-34928", "id": "CVE-2023-34928",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T14:15:09.743", "published": "2023-06-28T14:15:09.743",
"lastModified": "2023-06-28T15:25:24.900", "lastModified": "2023-07-05T18:53:06.870",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A stack overflow in the Edit_BasicSSID function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request." "value": "A stack overflow in the Edit_BasicSSID function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34928.md", "url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34928.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit"
]
} }
] ]
} }

75
CVE-2023/CVE-2023-349xx/CVE-2023-34929.json
View File

@ -2,19 +2,86 @@
"id": "CVE-2023-34929", "id": "CVE-2023-34929",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T14:15:09.790", "published": "2023-06-28T14:15:09.790",
"lastModified": "2023-06-28T15:25:24.900", "lastModified": "2023-07-05T18:52:59.827",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A stack overflow in the AddMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request." "value": "A stack overflow in the AddMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34929.md", "url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34929.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit"
]
} }
] ]
} }

75
CVE-2023/CVE-2023-349xx/CVE-2023-34930.json
View File

@ -2,19 +2,86 @@
"id": "CVE-2023-34930", "id": "CVE-2023-34930",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T14:15:09.833", "published": "2023-06-28T14:15:09.833",
"lastModified": "2023-06-28T15:25:24.900", "lastModified": "2023-07-05T18:52:52.173",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A stack overflow in the EditMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request." "value": "A stack overflow in the EditMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34930.md", "url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34930.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit"
]
} }
] ]
} }

75
CVE-2023/CVE-2023-349xx/CVE-2023-34931.json
View File

@ -2,19 +2,86 @@
"id": "CVE-2023-34931", "id": "CVE-2023-34931",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T14:15:09.877", "published": "2023-06-28T14:15:09.877",
"lastModified": "2023-06-28T15:25:24.900", "lastModified": "2023-07-05T18:52:45.057",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A stack overflow in the EditWlanMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request." "value": "A stack overflow in the EditWlanMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34931.md", "url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34931.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit"
]
} }
] ]
} }

75
CVE-2023/CVE-2023-349xx/CVE-2023-34932.json
View File

@ -2,19 +2,86 @@
"id": "CVE-2023-34932", "id": "CVE-2023-34932",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T14:15:09.923", "published": "2023-06-28T14:15:09.923",
"lastModified": "2023-06-28T15:25:24.900", "lastModified": "2023-07-05T18:52:37.597",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A stack overflow in the UpdateWanMode function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request." "value": "A stack overflow in the UpdateWanMode function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34932.md", "url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34932.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit"
]
} }
] ]
} }

76
CVE-2023/CVE-2023-349xx/CVE-2023-34933.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-34933", "id": "CVE-2023-34933",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T15:15:10.193", "published": "2023-06-28T15:15:10.193",
"lastModified": "2023-06-28T15:25:19.233", "lastModified": "2023-07-05T18:49:01.307",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A stack overflow in the UpdateWanParams function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request." "value": "A stack overflow in the UpdateWanParams function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34933.md", "url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34933.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

76
CVE-2023/CVE-2023-349xx/CVE-2023-34934.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-34934", "id": "CVE-2023-34934",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T15:15:10.240", "published": "2023-06-28T15:15:10.240",
"lastModified": "2023-06-28T15:25:19.233", "lastModified": "2023-07-05T18:48:47.040",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A stack overflow in the Edit_BasicSSID_5G function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request." "value": "A stack overflow in the Edit_BasicSSID_5G function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34934.md", "url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34934.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

76
CVE-2023/CVE-2023-349xx/CVE-2023-34935.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-34935", "id": "CVE-2023-34935",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T15:15:10.283", "published": "2023-06-28T15:15:10.283",
"lastModified": "2023-06-28T15:25:19.233", "lastModified": "2023-07-05T18:48:29.870",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A stack overflow in the AddWlanMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request." "value": "A stack overflow in the AddWlanMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34935.md", "url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34935.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

76
CVE-2023/CVE-2023-349xx/CVE-2023-34936.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-34936", "id": "CVE-2023-34936",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T15:15:10.333", "published": "2023-06-28T15:15:10.333",
"lastModified": "2023-06-28T15:25:19.233", "lastModified": "2023-07-05T18:48:19.643",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A stack overflow in the UpdateMacClone function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request." "value": "A stack overflow in the UpdateMacClone function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34936.md", "url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34936.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

76
CVE-2023/CVE-2023-349xx/CVE-2023-34937.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-34937", "id": "CVE-2023-34937",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T15:15:10.377", "published": "2023-06-28T15:15:10.377",
"lastModified": "2023-06-28T15:25:19.233", "lastModified": "2023-07-05T18:48:00.847",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A stack overflow in the UpdateSnat function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request." "value": "A stack overflow in the UpdateSnat function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34937.md", "url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34937.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

59
CVE-2023/CVE-2023-34xx/CVE-2023-3407.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3407", "id": "CVE-2023-3407",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2023-06-28T03:15:09.243", "published": "2023-06-28T03:15:09.243",
"lastModified": "2023-06-28T12:34:43.903", "lastModified": "2023-07-05T18:37:01.277",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -17,7 +17,7 @@
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "security@wordfence.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
@ -35,6 +35,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
} }
] ]
}, },
@ -50,18 +70,45 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:subscribe2_project:subscribe2:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "10.40",
"matchCriteriaId": "34325F77-97FF-4F8E-AA88-30E2B687950B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/subscribe2/trunk/admin/send-email.php#L12", "url": "https://plugins.trac.wordpress.org/browser/subscribe2/trunk/admin/send-email.php#L12",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/2930676", "url": "https://plugins.trac.wordpress.org/changeset/2930676",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/92b4d800-2895-4f7b-8b3b-ee6df75a7908?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/92b4d800-2895-4f7b-8b3b-ee6df75a7908?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

59
CVE-2023/CVE-2023-34xx/CVE-2023-3427.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3427", "id": "CVE-2023-3427",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2023-06-28T02:15:49.783", "published": "2023-06-28T02:15:49.783",
"lastModified": "2023-06-28T12:34:43.903", "lastModified": "2023-07-05T18:42:38.810",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -13,8 +13,28 @@
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "security@wordfence.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
@ -46,18 +66,45 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:salonbookingsystem:salon_booking_system:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "8.4.6",
"matchCriteriaId": "448FEF9C-79E4-447B-ACC5-E7EDDE3CBE0E"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Customers.php?rev=2779160#L68", "url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Customers.php?rev=2779160#L68",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2931406%40salon-booking-system&new=2931406%40salon-booking-system&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2931406%40salon-booking-system&new=2931406%40salon-booking-system&sfp_email=&sfph_mail=",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/93875f19-d9b9-4e33-bba9-afc75cf26bf2?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/93875f19-d9b9-4e33-bba9-afc75cf26bf2?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

55
CVE-2023/CVE-2023-34xx/CVE-2023-3445.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3445", "id": "CVE-2023-3445",
"sourceIdentifier": "security@huntr.dev", "sourceIdentifier": "security@huntr.dev",
"published": "2023-06-28T14:15:10.117", "published": "2023-06-28T14:15:10.117",
"lastModified": "2023-06-28T15:25:19.233", "lastModified": "2023-07-05T18:52:26.923",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -11,6 +11,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "security@huntr.dev", "source": "security@huntr.dev",
@ -46,14 +68,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:denkgroot:spina:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.15.1",
"matchCriteriaId": "CA56A37D-3579-48FE-AA0E-B3BD80E73D74"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/spinacms/spina/commit/9adfe7b4807b3cc10dbb7351a26cc32f5d8c14a3", "url": "https://github.com/spinacms/spina/commit/9adfe7b4807b3cc10dbb7351a26cc32f5d8c14a3",
"source": "security@huntr.dev" "source": "security@huntr.dev",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://huntr.dev/bounties/18a74a9d-4a2d-4bf8-ae62-56a909427070", "url": "https://huntr.dev/bounties/18a74a9d-4a2d-4bf8-ae62-56a909427070",
"source": "security@huntr.dev" "source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

59
CVE-2023/CVE-2023-350xx/CVE-2023-35001.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-35001",
"sourceIdentifier": "security@ubuntu.com",
"published": "2023-07-05T19:15:10.147",
"lastModified": "2023-07-05T19:15:10.147",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@ubuntu.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@ubuntu.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://lore.kernel.org/netfilter-devel/20230705121515.747251-1-cascardo@canonical.com/T/",
"source": "security@ubuntu.com"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/07/05/3",
"source": "security@ubuntu.com"
}
]
}

52
CVE-2023/CVE-2023-351xx/CVE-2023-35164.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-35164", "id": "CVE-2023-35164",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-26T22:15:11.317", "published": "2023-06-26T22:15:11.317",
"lastModified": "2023-06-26T22:22:30.843", "lastModified": "2023-07-05T18:17:45.713",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. In affected versions a missing authorization check allows unauthorized users to manipulate a dashboard created by the administrator. This vulnerability has been fixed in version 1.18.8. Users are advised to upgrade. There are no known workarounds for this vulnerability." "value": "DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. In affected versions a missing authorization check allows unauthorized users to manipulate a dashboard created by the administrator. This vulnerability has been fixed in version 1.18.8. Users are advised to upgrade. There are no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "DataEase es una herramienta de an\u00e1lisis de visualizaci\u00f3n de datos de c\u00f3digo abierto para analizar datos y obtener informaci\u00f3n sobre las tendencias empresariales. En las versiones afectadas, la falta de una comprobaci\u00f3n de autorizaci\u00f3n permite a usuarios no autorizados manipular un cuadro de mando creado por el administrador. Esta vulnerabilidad se ha corregido en la versi\u00f3n 1.18.8. Se recomienda a los usuarios que la actualicen. No se conocen soluciones para esta vulnerabilidad. "
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +70,32 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.18.8",
"matchCriteriaId": "21DCEC86-16D9-4180-9088-06D6AD31EF93"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/dataease/dataease/security/advisories/GHSA-grxm-fc3h-3qgj", "url": "https://github.com/dataease/dataease/security/advisories/GHSA-grxm-fc3h-3qgj",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

48
CVE-2023/CVE-2023-351xx/CVE-2023-35168.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35168", "id": "CVE-2023-35168",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-26T21:15:09.483", "published": "2023-06-26T21:15:09.483",
"lastModified": "2023-06-26T22:13:24.933", "lastModified": "2023-07-05T18:26:34.743",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +66,32 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.18.8",
"matchCriteriaId": "21DCEC86-16D9-4180-9088-06D6AD31EF93"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/dataease/dataease/security/advisories/GHSA-c2r2-68p6-73xv", "url": "https://github.com/dataease/dataease/security/advisories/GHSA-c2r2-68p6-73xv",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

28
CVE-2023/CVE-2023-358xx/CVE-2023-35863.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-35863",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-05T18:15:10.420",
"lastModified": "2023-07-05T18:15:10.420",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In MADEFORNET HTTP Debugger through 9.12, the Windows service does not set the seclevel registry key before launching the driver. Thus, it is possible for an unprivileged application to obtain a handle to the NetFilterSDK wrapper before the service obtains exclusive access."
}
],
"metrics": {},
"references": [
{
"url": "https://ctrl-c.club/~blue/nfsdk.html",
"source": "cve@mitre.org"
},
{
"url": "https://www.madefornet.com/products.html",
"source": "cve@mitre.org"
},
{
"url": "https://www.michaelrowley.dev/research/posts/nfsdk/nfsdk.html",
"source": "cve@mitre.org"
}
]
}

79
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-07-05T18:00:34.099372+00:00 2023-07-05T20:00:38.490985+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-07-05T17:52:50.177000+00:00 2023-07-05T19:50:58.443000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,51 +29,56 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
219196 219208
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `7` Recently added CVEs: `12`
* [CVE-2020-25969](CVE-2020/CVE-2020-259xx/CVE-2020-25969.json) (`2023-07-05T17:15:09.213`) * [CVE-2020-23452](CVE-2020/CVE-2020-234xx/CVE-2020-23452.json) (`2023-07-05T18:15:09.750`)
* [CVE-2023-27390](CVE-2023/CVE-2023-273xx/CVE-2023-27390.json) (`2023-07-05T16:15:09.507`) * [CVE-2023-30607](CVE-2023/CVE-2023-306xx/CVE-2023-30607.json) (`2023-07-05T18:15:10.070`)
* [CVE-2023-31194](CVE-2023/CVE-2023-311xx/CVE-2023-31194.json) (`2023-07-05T16:15:09.600`) * [CVE-2023-33335](CVE-2023/CVE-2023-333xx/CVE-2023-33335.json) (`2023-07-05T18:15:10.277`)
* [CVE-2023-36932](CVE-2023/CVE-2023-369xx/CVE-2023-36932.json) (`2023-07-05T16:15:09.687`) * [CVE-2023-34106](CVE-2023/CVE-2023-341xx/CVE-2023-34106.json) (`2023-07-05T18:15:10.330`)
* [CVE-2023-36933](CVE-2023/CVE-2023-369xx/CVE-2023-36933.json) (`2023-07-05T16:15:09.740`) * [CVE-2023-35863](CVE-2023/CVE-2023-358xx/CVE-2023-35863.json) (`2023-07-05T18:15:10.420`)
* [CVE-2023-36934](CVE-2023/CVE-2023-369xx/CVE-2023-36934.json) (`2023-07-05T16:15:09.793`) * [CVE-2023-31248](CVE-2023/CVE-2023-312xx/CVE-2023-31248.json) (`2023-07-05T19:15:09.713`)
* [CVE-2023-25399](CVE-2023/CVE-2023-253xx/CVE-2023-25399.json) (`2023-07-05T17:15:09.320`) * [CVE-2023-34337](CVE-2023/CVE-2023-343xx/CVE-2023-34337.json) (`2023-07-05T19:15:09.800`)
* [CVE-2023-34338](CVE-2023/CVE-2023-343xx/CVE-2023-34338.json) (`2023-07-05T19:15:09.877`)
* [CVE-2023-34471](CVE-2023/CVE-2023-344xx/CVE-2023-34471.json) (`2023-07-05T19:15:09.947`)
* [CVE-2023-34472](CVE-2023/CVE-2023-344xx/CVE-2023-34472.json) (`2023-07-05T19:15:10.017`)
* [CVE-2023-34473](CVE-2023/CVE-2023-344xx/CVE-2023-34473.json) (`2023-07-05T19:15:10.083`)
* [CVE-2023-35001](CVE-2023/CVE-2023-350xx/CVE-2023-35001.json) (`2023-07-05T19:15:10.147`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `49` Recently modified CVEs: `47`
* [CVE-2023-3515](CVE-2023/CVE-2023-35xx/CVE-2023-3515.json) (`2023-07-05T16:25:41.353`) * [CVE-2023-34933](CVE-2023/CVE-2023-349xx/CVE-2023-34933.json) (`2023-07-05T18:49:01.307`)
* [CVE-2023-34098](CVE-2023/CVE-2023-340xx/CVE-2023-34098.json) (`2023-07-05T16:25:47.773`) * [CVE-2023-26615](CVE-2023/CVE-2023-266xx/CVE-2023-26615.json) (`2023-07-05T18:50:06.507`)
* [CVE-2023-26274](CVE-2023/CVE-2023-262xx/CVE-2023-26274.json) (`2023-07-05T16:26:09.287`) * [CVE-2023-3445](CVE-2023/CVE-2023-34xx/CVE-2023-3445.json) (`2023-07-05T18:52:26.923`)
* [CVE-2023-26276](CVE-2023/CVE-2023-262xx/CVE-2023-26276.json) (`2023-07-05T16:26:24.613`) * [CVE-2023-34932](CVE-2023/CVE-2023-349xx/CVE-2023-34932.json) (`2023-07-05T18:52:37.597`)
* [CVE-2023-22593](CVE-2023/CVE-2023-225xx/CVE-2023-22593.json) (`2023-07-05T16:28:23.427`) * [CVE-2023-34931](CVE-2023/CVE-2023-349xx/CVE-2023-34931.json) (`2023-07-05T18:52:45.057`)
* [CVE-2023-23468](CVE-2023/CVE-2023-234xx/CVE-2023-23468.json) (`2023-07-05T16:28:41.243`) * [CVE-2023-34930](CVE-2023/CVE-2023-349xx/CVE-2023-34930.json) (`2023-07-05T18:52:52.173`)
* [CVE-2023-25004](CVE-2023/CVE-2023-250xx/CVE-2023-25004.json) (`2023-07-05T16:29:14.923`) * [CVE-2023-34929](CVE-2023/CVE-2023-349xx/CVE-2023-34929.json) (`2023-07-05T18:52:59.827`)
* [CVE-2023-29068](CVE-2023/CVE-2023-290xx/CVE-2023-29068.json) (`2023-07-05T16:29:40.353`) * [CVE-2023-34928](CVE-2023/CVE-2023-349xx/CVE-2023-34928.json) (`2023-07-05T18:53:06.870`)
* [CVE-2023-34673](CVE-2023/CVE-2023-346xx/CVE-2023-34673.json) (`2023-07-05T16:30:36.027`) * [CVE-2023-30259](CVE-2023/CVE-2023-302xx/CVE-2023-30259.json) (`2023-07-05T18:53:44.850`)
* [CVE-2023-33565](CVE-2023/CVE-2023-335xx/CVE-2023-33565.json) (`2023-07-05T16:38:44.877`) * [CVE-2023-31974](CVE-2023/CVE-2023-319xx/CVE-2023-31974.json) (`2023-07-05T19:00:17.533`)
* [CVE-2023-34254](CVE-2023/CVE-2023-342xx/CVE-2023-34254.json) (`2023-07-05T16:53:39.367`) * [CVE-2023-31973](CVE-2023/CVE-2023-319xx/CVE-2023-31973.json) (`2023-07-05T19:00:20.850`)
* [CVE-2023-30757](CVE-2023/CVE-2023-307xx/CVE-2023-30757.json) (`2023-07-05T17:01:26.063`) * [CVE-2023-31972](CVE-2023/CVE-2023-319xx/CVE-2023-31972.json) (`2023-07-05T19:00:26.747`)
* [CVE-2023-29129](CVE-2023/CVE-2023-291xx/CVE-2023-29129.json) (`2023-07-05T17:02:50.873`) * [CVE-2023-31975](CVE-2023/CVE-2023-319xx/CVE-2023-31975.json) (`2023-07-05T19:01:42.130`)
* [CVE-2023-32019](CVE-2023/CVE-2023-320xx/CVE-2023-32019.json) (`2023-07-05T17:15:09.380`) * [CVE-2023-22834](CVE-2023/CVE-2023-228xx/CVE-2023-22834.json) (`2023-07-05T19:14:49.097`)
* [CVE-2023-33584](CVE-2023/CVE-2023-335xx/CVE-2023-33584.json) (`2023-07-05T17:15:09.477`) * [CVE-2023-3332](CVE-2023/CVE-2023-33xx/CVE-2023-3332.json) (`2023-07-05T19:19:49.067`)
* [CVE-2023-2005](CVE-2023/CVE-2023-20xx/CVE-2023-2005.json) (`2023-07-05T17:16:12.110`) * [CVE-2023-3333](CVE-2023/CVE-2023-33xx/CVE-2023-3333.json) (`2023-07-05T19:19:52.590`)
* [CVE-2023-2290](CVE-2023/CVE-2023-22xx/CVE-2023-2290.json) (`2023-07-05T17:22:10.923`) * [CVE-2023-3371](CVE-2023/CVE-2023-33xx/CVE-2023-3371.json) (`2023-07-05T19:24:05.357`)
* [CVE-2023-2992](CVE-2023/CVE-2023-29xx/CVE-2023-2992.json) (`2023-07-05T17:27:57.377`) * [CVE-2023-21195](CVE-2023/CVE-2023-211xx/CVE-2023-21195.json) (`2023-07-05T19:25:24.387`)
* [CVE-2023-2993](CVE-2023/CVE-2023-29xx/CVE-2023-2993.json) (`2023-07-05T17:30:11.073`) * [CVE-2023-21196](CVE-2023/CVE-2023-211xx/CVE-2023-21196.json) (`2023-07-05T19:27:24.927`)
* [CVE-2023-33404](CVE-2023/CVE-2023-334xx/CVE-2023-33404.json) (`2023-07-05T17:35:32.947`) * [CVE-2023-21197](CVE-2023/CVE-2023-211xx/CVE-2023-21197.json) (`2023-07-05T19:35:40.793`)
* [CVE-2023-28829](CVE-2023/CVE-2023-288xx/CVE-2023-28829.json) (`2023-07-05T17:36:45.750`) * [CVE-2023-21198](CVE-2023/CVE-2023-211xx/CVE-2023-21198.json) (`2023-07-05T19:38:07.660`)
* [CVE-2023-27465](CVE-2023/CVE-2023-274xx/CVE-2023-27465.json) (`2023-07-05T17:48:25.550`) * [CVE-2023-21199](CVE-2023/CVE-2023-211xx/CVE-2023-21199.json) (`2023-07-05T19:42:07.917`)
* [CVE-2023-33176](CVE-2023/CVE-2023-331xx/CVE-2023-33176.json) (`2023-07-05T17:49:17.157`) * [CVE-2023-21200](CVE-2023/CVE-2023-212xx/CVE-2023-21200.json) (`2023-07-05T19:45:27.017`)
* [CVE-2023-28991](CVE-2023/CVE-2023-289xx/CVE-2023-28991.json) (`2023-07-05T17:52:33.687`) * [CVE-2023-21201](CVE-2023/CVE-2023-212xx/CVE-2023-21201.json) (`2023-07-05T19:46:48.690`)
* [CVE-2023-28988](CVE-2023/CVE-2023-289xx/CVE-2023-28988.json) (`2023-07-05T17:52:50.177`) * [CVE-2023-21202](CVE-2023/CVE-2023-212xx/CVE-2023-21202.json) (`2023-07-05T19:48:33.540`)
## Download and Usage ## Download and Usage