admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-05T20:00:38.490985+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-05 20:00:41 +00:00
parent 14970549d3
commit b63d8051a0
60 changed files with 7566 additions and 227 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
CVE-2020/CVE-2020-184xx/CVE-2020-18414.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2020-18414",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-27T21:15:15.763",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:46:27.213",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Stored cross site scripting (XSS) vulnerability in Chaoji CMS v2.18 that allows attackers to execute arbitrary code via /index.php?admin-master-webset."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chaoji_cms_project:chaoji_cms:2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "DA483300-3FE3-4249-AC6D-C38BD441A68E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/GodEpic/chaojicms/issues/3",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

20
CVE-2020/CVE-2020-234xx/CVE-2020-23452.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2020-23452",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-05T18:15:09.750",
"lastModified": "2023-07-05T18:15:09.750",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in Selenium Grid v3.141.59 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hub parameter under the /grid/console page."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/SeleniumHQ/selenium/issues/8259",
"source": "cve@mitre.org"
}
]
}

64
CVE-2021/CVE-2021-302xx/CVE-2021-30203.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2021-30203",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-27T14:15:09.667",
"lastModified": "2023-06-27T16:15:38.897",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T19:50:58.443",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A reflected cross-site scripting (XSS) vulnerability in the zero parameter of dzzoffice 2.02.1_SC_UTF8 allows attackers to execute arbitrary web scripts or HTML."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dzzoffice:dzzoffice:2.02.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECA901D-850D-468C-B516-01F29417313D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/zyx0814/dzzoffice/issues/183",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

65
CVE-2022/CVE-2022-442xx/CVE-2022-44276.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2022-44276",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T15:15:09.323",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:51:03.210",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In Responsive Filemanager < 9.12.0, an attacker can bypass upload restrictions resulting in RCE."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tecrail:responsive_filemanager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.12.0",
"matchCriteriaId": "FD1D1311-57CB-40F1-869D-7C4B789B1A02"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/HerrLeStrate/CVE-2022-44276-PoC",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
]
}
]
}

10
CVE-2022/CVE-2022-480xx/CVE-2022-48073.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-48073",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-27T15:15:10.673",
"lastModified": "2023-02-04T01:57:42.277",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-05T18:15:09.857",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext."
"value": "Phicomm K2G v22.6.3.20 was discovered to store the root and admin passwords in plaintext."
}
],
"metrics": {
@ -76,6 +76,10 @@
}
],
"references": [
{
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2-v22-6-534-263-Sensitive-Information-Disclosure-Vulnerability-530d2415593a400099451d9f0dd7371a",
"source": "cve@mitre.org"
},
{
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2G-v22-6-3-20-Sensitive-Information-Disclosure-Vulnerability-8649a75a7ea7455583294e7447145cc6",
"source": "cve@mitre.org",

37
CVE-2023/CVE-2023-18xx/CVE-2023-1844.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1844",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-28T03:15:09.140",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:38:05.483",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -50,18 +50,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:subscribe2_project:subscribe2:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "10.40",
"matchCriteriaId": "34325F77-97FF-4F8E-AA88-30E2B687950B"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/subscribe2/trunk/admin/send-email.php#L12",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2930676",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c34ce601-5cf9-433f-bc9d-5c705eba6b08?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-211xx/CVE-2023-21195.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-21195",
"sourceIdentifier": "security@android.com",
"published": "2023-06-28T18:15:15.383",
"lastModified": "2023-06-28T19:27:43.520",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T19:25:24.387",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In btm_ble_periodic_adv_sync_tx_rcvd of btm_ble_gap.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth, if the firmware were compromised with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233879420"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2023-06-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-211xx/CVE-2023-21196.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-21196",
"sourceIdentifier": "security@android.com",
"published": "2023-06-28T18:15:15.423",
"lastModified": "2023-06-28T19:27:43.520",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T19:27:24.927",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In btm_ble_batchscan_filter_track_adv_vse_cback of btm_ble_batchscan.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-261857395"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2023-06-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-211xx/CVE-2023-21197.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-21197",
"sourceIdentifier": "security@android.com",
"published": "2023-06-28T18:15:15.460",
"lastModified": "2023-06-28T19:27:43.520",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T19:35:40.793",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In btm_acl_process_sca_cmpl_pkt of btm_acl.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-251427561"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2023-06-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-211xx/CVE-2023-21198.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-21198",
"sourceIdentifier": "security@android.com",
"published": "2023-06-28T18:15:15.500",
"lastModified": "2023-06-28T19:27:43.520",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T19:38:07.660",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In remove_sdp_record of btif_sdp_server.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-245517503"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2023-06-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-211xx/CVE-2023-21199.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-21199",
"sourceIdentifier": "security@android.com",
"published": "2023-06-28T18:15:15.540",
"lastModified": "2023-06-28T19:27:43.520",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T19:42:07.917",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In btu_ble_proc_ltk_req of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-254445961"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2023-06-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-212xx/CVE-2023-21200.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-21200",
"sourceIdentifier": "security@android.com",
"published": "2023-06-28T18:15:15.577",
"lastModified": "2023-06-28T19:27:43.520",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T19:45:27.017",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In on_remove_iso_data_path of btm_iso_impl.h, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-236688764"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2023-06-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-212xx/CVE-2023-21201.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-21201",
"sourceIdentifier": "security@android.com",
"published": "2023-06-28T18:15:15.617",
"lastModified": "2023-06-28T19:27:43.520",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T19:46:48.690",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In on_create_record_event of btif_sdp_server.cc, there is a possible out of bounds read due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-263545186"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2023-06-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-212xx/CVE-2023-21202.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-21202",
"sourceIdentifier": "security@android.com",
"published": "2023-06-28T18:15:15.660",
"lastModified": "2023-06-28T19:27:43.520",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T19:48:33.540",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In btm_delete_stored_link_key_complete of btm_devctl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over Bluetooth with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260568359"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2023-06-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-228xx/CVE-2023-22834.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-22834",
"sourceIdentifier": "cve-coordination@palantir.com",
"published": "2023-06-27T00:15:09.437",
"lastModified": "2023-06-27T01:40:40.277",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T19:14:49.097",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Contour Service was not checking that users had permission to create an analysis for a given dataset. This could allow an attacker to clutter up Compass folders with extraneous analyses, that the attacker would otherwise not have permission to create."
},
{
"lang": "es",
"value": "Contour Service no comprobaba que los usuarios tuvieran permiso para crear un an\u00e1lisis para un conjunto de datos determinado. Esto podr\u00eda permitir a un atacante saturar las carpetas de Compass con an\u00e1lisis extra\u00f1os que, de otro modo, no tendr\u00eda permiso para crear. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "cve-coordination@palantir.com",
"type": "Secondary",
@ -34,10 +58,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:palantir:contour:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.642.0",
"matchCriteriaId": "DE4A9B13-659F-47C5-9B8B-7B6886AD285A"
}
]
}
]
}
],
"references": [
{
"url": "https://palantir.safebase.us/?tcuUid=14874400-e9c9-4ac4-a8a6-9f4c48a56ff8",
"source": "cve-coordination@palantir.com"
"source": "cve-coordination@palantir.com",
"tags": [
"Vendor Advisory"
]
}
]
}

82
CVE-2023/CVE-2023-266xx/CVE-2023-26615.json
View File

@ -2,23 +2,95 @@
"id": "CVE-2023-26615",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T15:15:10.137",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:50:06.507",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-640"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-823g_firmware:1.02b05:*:*:*:*:*:*:*",
"matchCriteriaId": "359D06ED-7E8E-40E5-84A4-27F1693820E9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-823g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67B980AA-84BE-4D22-B4E7-7B2DBF571B65"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1/SetMultipleActions",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-273xx/CVE-2023-27390.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27390",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-05T16:15:09.507",
"lastModified": "2023-07-05T16:25:41.353",
"lastModified": "2023-07-05T18:15:09.987",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,6 +50,10 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1744",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1744",
"source": "talos-cna@cisco.com"
}
]
}

64
CVE-2023/CVE-2023-302xx/CVE-2023-30259.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-30259",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T14:15:09.677",
"lastModified": "2023-06-28T15:25:24.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:53:44.850",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A Buffer Overflow vulnerability in importshp plugin in LibreCAD 2.2.0 allows attackers to obtain sensitive information via a crafted DBF file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:librecad:librecad:2.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "1601072D-9004-48B7-80B9-CB62792D4B27"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/LibreCAD/LibreCAD/issues/1481",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

63
CVE-2023/CVE-2023-306xx/CVE-2023-30607.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-30607",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-05T18:15:10.070",
"lastModified": "2023-07-05T18:15:10.070",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "icingaweb2-module-jira provides integration with Atlassian Jira. Starting in version 1.3.0 and prior to version 1.3.2, template and field configuration forms perform the deletion action before user input is validated, including the cross site request forgery token. This issue is fixed in version 1.3.2. There are no known workarounds."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://github.com/Icinga/icingaweb2-module-jira/commit/7f0c53b7a3e87be2f4c2e8840805d7b7c9762424",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/Icinga/icingaweb2-module-jira/releases/tag/v1.3.2",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/Icinga/icingaweb2-module-jira/security/advisories/GHSA-gh7w-7f7j-gwp5",
"source": "security-advisories@github.com"
}
]
}

71
CVE-2023/CVE-2023-309xx/CVE-2023-30945.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30945",
"sourceIdentifier": "cve-coordination@palantir.com",
"published": "2023-06-26T23:15:09.193",
"lastModified": "2023-06-27T01:40:40.277",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:14:06.537",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cve-coordination@palantir.com",
"type": "Secondary",
@ -34,10 +54,55 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:palantir:clips2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.111.2",
"matchCriteriaId": "EB9EB1C8-6DDE-4EC8-99F2-1130EABA72CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:palantir:video_clip_distributor:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.24.10",
"matchCriteriaId": "B4883F5A-B29C-4EB9-9F55-D15499EC1A40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:palantir:video_history_service:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.210.3",
"matchCriteriaId": "C9C66728-D88D-4A48-89E3-D887A31C78DF"
}
]
}
]
}
],
"references": [
{
"url": "https://palantir.safebase.us/?tcuUid=e62e4dad-b39b-48ba-ba30-7b7c83406ad9",
"source": "cve-coordination@palantir.com"
"source": "cve-coordination@palantir.com",
"tags": [
"Vendor Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-309xx/CVE-2023-30993.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30993",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-06-27T20:15:09.620",
"lastModified": "2023-06-27T20:45:06.090",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:47:03.063",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,14 +76,41 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:cloud_pak_for_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.9.0.0",
"versionEndIncluding": "1.9.2.0",
"matchCriteriaId": "45D219FF-33C0-470A-889E-1F82EC5428C5"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254136",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6995221",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-311xx/CVE-2023-31194.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31194",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-05T16:15:09.600",
"lastModified": "2023-07-05T16:25:41.353",
"lastModified": "2023-07-05T18:15:10.157",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,6 +50,10 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1745",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1745",
"source": "talos-cna@cisco.com"
}
]
}

59
CVE-2023/CVE-2023-312xx/CVE-2023-31248.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-31248",
"sourceIdentifier": "security@ubuntu.com",
"published": "2023-07-05T19:15:09.713",
"lastModified": "2023-07-05T19:15:09.713",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@ubuntu.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@ubuntu.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://lore.kernel.org/netfilter-devel/20230705121627.GC19489@breakpoint.cc/T/",
"source": "security@ubuntu.com"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/07/05/2",
"source": "security@ubuntu.com"
}
]
}

64
CVE-2023/CVE-2023-319xx/CVE-2023-31972.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-31972",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T13:15:18.503",
"lastModified": "2023-05-09T14:30:54.950",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T19:00:26.747",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "yasm v1.3.0 was discovered to contain a use after free via the function pp_getline at /nasm/nasm-pp.c."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tortall:yasm:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1453CF78-5025-49BF-A1A6-C62F948B5735"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/yasm/yasm/issues/209",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

64
CVE-2023/CVE-2023-319xx/CVE-2023-31973.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-31973",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T14:15:13.737",
"lastModified": "2023-05-09T14:30:54.950",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T19:00:20.850",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "yasm v1.3.0 was discovered to contain a use after free via the function expand_mmac_params at /nasm/nasm-pp.c."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tortall:yasm:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1453CF78-5025-49BF-A1A6-C62F948B5735"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/yasm/yasm/issues/207",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

64
CVE-2023/CVE-2023-319xx/CVE-2023-31974.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-31974",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T13:15:18.550",
"lastModified": "2023-05-09T14:30:54.950",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T19:00:17.533",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "yasm v1.3.0 was discovered to contain a use after free via the function error at /nasm/nasm-pp.c."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tortall:yasm:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1453CF78-5025-49BF-A1A6-C62F948B5735"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/yasm/yasm/issues/208",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

20
CVE-2023/CVE-2023-319xx/CVE-2023-31975.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31975",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T13:15:18.590",
"lastModified": "2023-06-24T09:15:47.420",
"vulnStatus": "Modified",
"lastModified": "2023-07-05T19:01:42.130",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -25,12 +25,12 @@
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
"impactScore": 1.4
}
]
},
@ -194,7 +194,11 @@
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/24/1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://github.com/yasm/yasm/issues/210",

1303
CVE-2023/CVE-2023-324xx/CVE-2023-32463.json
View File

File diff suppressed because it is too large Load Diff

1336
CVE-2023/CVE-2023-324xx/CVE-2023-32464.json
View File

File diff suppressed because it is too large Load Diff

20
CVE-2023/CVE-2023-333xx/CVE-2023-33335.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33335",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-05T18:15:10.277",
"lastModified": "2023-07-05T18:15:10.277",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) in Sophos Sophos iView (The EOL was December 31st 2020) in grpname parameter that allows arbitrary script to be executed."
}
],
"metrics": {},
"references": [
{
"url": "https://inf0seq.github.io/cve/2023/05/03/Cross-Site-scripting-(XSS)-in-Sophos-iView.html",
"source": "cve@mitre.org"
}
]
}

505
CVE-2023/CVE-2023-33xx/CVE-2023-3330.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-3330",
"sourceIdentifier": "psirt-info@cyber.jp.nec.com",
"published": "2023-06-28T02:15:49.523",
"lastModified": "2023-07-03T03:15:09.473",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:45:49.867",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0obtain specific files in the product."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "psirt-info@cyber.jp.nec.com",
"type": "Secondary",
@ -23,10 +56,474 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wf300hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FDEB886-84A3-466F-A44D-C8343DC8EA26"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wf300hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02D5D7A6-3E46-401A-8987-ECCC0D97BE73"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1400hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D2A5730-11AC-4920-ACC3-B16F3F06F74D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1400hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B516AF4-E4BE-4074-A8B7-67276C7B57CD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1800hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C771D26-13FE-4821-8FAE-7B55E147C586"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1800hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44146A63-6E9A-4A6A-836A-FA75E0954E35"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1800hp2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9971F7F6-56E0-49D8-8D77-EEE4E0398531"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1800hp2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7F7EC38-F304-41AD-9F85-39820E5945E6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2200hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A48CCBD-1662-4188-ADBB-B3E69E2330F6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2200hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F167B2EE-7708-4A73-A52D-35725A0A1E29"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2600hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B377AF40-2788-4192-AC90-E6395B62FC4C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2600hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "872F8DA6-CB06-4886-801D-DC8F53EB7305"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2600hp2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85717CF6-DB27-4F5F-9685-5235A5EB402B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2600hp2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49782342-2E93-475A-90A5-9EDF40F97137"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg300hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3736608B-2D6C-4E2B-A52D-D3F1E60C1498"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg300hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "195A8A79-4E27-4EDD-975F-A4B58F040221"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg600hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CC22AB5-2239-45FB-B57E-6344FE3EA483"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg600hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "049F25E4-A0A6-4E98-9FB2-63BF9D451B4A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8600n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "093CFEBE-49F0-4387-B0CD-377F580E37AA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8600n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D96606ED-63AA-41E0-823A-16A2CD5200FD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8700n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCBF41D-824A-449C-9C1F-5FF3DE9D6F08"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8700n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD5B8F6-19F6-4F80-90C3-AC4EFE564FFF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8750n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "014F8A96-0AA2-4C65-89F8-2DF59717D079"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8750n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9559B967-CCD6-4CEE-ADD8-862D1D7E5D96"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr9300n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96E88402-955F-4565-8219-1332DBC3FAB5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr9300n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B83D44BD-00FB-4F15-B543-84DF92E67CBD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr9500n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B542A9B-FBE4-446B-9BCF-F86859BB2F16"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr9500n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63C99E37-A070-49C3-BB3B-AE189F02E5F2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8170n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9E46CDB-A7B3-4A2C-8A91-E18986F60AC6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8170n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24F752BB-CFD7-41EC-83FD-7C0A352C72B7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8175n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D29A7303-517C-4FDE-AB97-9AD9D42F1E5F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8175n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138732B4-C531-4DD3-B2C6-F672E72EE3AE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8370n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02434FCD-EBFB-4A93-A0F1-E0FED57715C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8370n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B487F29B-4F4D-40EB-9D7E-48681370F5F6"
}
]
}
]
}
],
"references": [
{
"url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html",
"source": "psirt-info@cyber.jp.nec.com"
"source": "psirt-info@cyber.jp.nec.com",
"tags": [
"Broken Link"
]
}
]
}

505
CVE-2023/CVE-2023-33xx/CVE-2023-3331.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-3331",
"sourceIdentifier": "psirt-info@cyber.jp.nec.com",
"published": "2023-06-28T02:15:49.590",
"lastModified": "2023-07-03T03:15:09.560",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:45:37.043",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0delete\n\n specific files in the product."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "psirt-info@cyber.jp.nec.com",
"type": "Secondary",
@ -23,10 +56,474 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wf300hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FDEB886-84A3-466F-A44D-C8343DC8EA26"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wf300hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02D5D7A6-3E46-401A-8987-ECCC0D97BE73"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1400hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D2A5730-11AC-4920-ACC3-B16F3F06F74D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1400hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B516AF4-E4BE-4074-A8B7-67276C7B57CD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1800hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C771D26-13FE-4821-8FAE-7B55E147C586"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1800hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44146A63-6E9A-4A6A-836A-FA75E0954E35"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1800hp2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9971F7F6-56E0-49D8-8D77-EEE4E0398531"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1800hp2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7F7EC38-F304-41AD-9F85-39820E5945E6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2200hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A48CCBD-1662-4188-ADBB-B3E69E2330F6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2200hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F167B2EE-7708-4A73-A52D-35725A0A1E29"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2600hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B377AF40-2788-4192-AC90-E6395B62FC4C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2600hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "872F8DA6-CB06-4886-801D-DC8F53EB7305"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2600hp2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85717CF6-DB27-4F5F-9685-5235A5EB402B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2600hp2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49782342-2E93-475A-90A5-9EDF40F97137"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg300hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3736608B-2D6C-4E2B-A52D-D3F1E60C1498"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg300hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "195A8A79-4E27-4EDD-975F-A4B58F040221"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg600hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CC22AB5-2239-45FB-B57E-6344FE3EA483"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg600hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "049F25E4-A0A6-4E98-9FB2-63BF9D451B4A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8600n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "093CFEBE-49F0-4387-B0CD-377F580E37AA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8600n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D96606ED-63AA-41E0-823A-16A2CD5200FD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8700n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCBF41D-824A-449C-9C1F-5FF3DE9D6F08"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8700n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD5B8F6-19F6-4F80-90C3-AC4EFE564FFF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8750n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "014F8A96-0AA2-4C65-89F8-2DF59717D079"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8750n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9559B967-CCD6-4CEE-ADD8-862D1D7E5D96"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr9300n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96E88402-955F-4565-8219-1332DBC3FAB5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr9300n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B83D44BD-00FB-4F15-B543-84DF92E67CBD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr9500n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B542A9B-FBE4-446B-9BCF-F86859BB2F16"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr9500n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63C99E37-A070-49C3-BB3B-AE189F02E5F2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8170n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9E46CDB-A7B3-4A2C-8A91-E18986F60AC6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8170n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24F752BB-CFD7-41EC-83FD-7C0A352C72B7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8175n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D29A7303-517C-4FDE-AB97-9AD9D42F1E5F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8175n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138732B4-C531-4DD3-B2C6-F672E72EE3AE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8370n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02434FCD-EBFB-4A93-A0F1-E0FED57715C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8370n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B487F29B-4F4D-40EB-9D7E-48681370F5F6"
}
]
}
]
}
],
"references": [
{
"url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html",
"source": "psirt-info@cyber.jp.nec.com"
"source": "psirt-info@cyber.jp.nec.com",
"tags": [
"Vendor Advisory"
]
}
]
}

505
CVE-2023/CVE-2023-33xx/CVE-2023-3332.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-3332",
"sourceIdentifier": "psirt-info@cyber.jp.nec.com",
"published": "2023-06-28T02:15:49.650",
"lastModified": "2023-07-03T03:15:09.633",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T19:19:49.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0\n\nexecute an arbitrary script, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "psirt-info@cyber.jp.nec.com",
"type": "Secondary",
@ -23,10 +56,474 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wf300hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FDEB886-84A3-466F-A44D-C8343DC8EA26"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wf300hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02D5D7A6-3E46-401A-8987-ECCC0D97BE73"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1400hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D2A5730-11AC-4920-ACC3-B16F3F06F74D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1400hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B516AF4-E4BE-4074-A8B7-67276C7B57CD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1800hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C771D26-13FE-4821-8FAE-7B55E147C586"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1800hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44146A63-6E9A-4A6A-836A-FA75E0954E35"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1800hp2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9971F7F6-56E0-49D8-8D77-EEE4E0398531"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1800hp2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7F7EC38-F304-41AD-9F85-39820E5945E6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2200hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A48CCBD-1662-4188-ADBB-B3E69E2330F6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2200hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F167B2EE-7708-4A73-A52D-35725A0A1E29"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2600hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B377AF40-2788-4192-AC90-E6395B62FC4C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2600hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "872F8DA6-CB06-4886-801D-DC8F53EB7305"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2600hp2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85717CF6-DB27-4F5F-9685-5235A5EB402B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2600hp2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49782342-2E93-475A-90A5-9EDF40F97137"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg300hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3736608B-2D6C-4E2B-A52D-D3F1E60C1498"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg300hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "195A8A79-4E27-4EDD-975F-A4B58F040221"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg600hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CC22AB5-2239-45FB-B57E-6344FE3EA483"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg600hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "049F25E4-A0A6-4E98-9FB2-63BF9D451B4A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8600n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "093CFEBE-49F0-4387-B0CD-377F580E37AA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8600n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D96606ED-63AA-41E0-823A-16A2CD5200FD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8700n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCBF41D-824A-449C-9C1F-5FF3DE9D6F08"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8700n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD5B8F6-19F6-4F80-90C3-AC4EFE564FFF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8750n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "014F8A96-0AA2-4C65-89F8-2DF59717D079"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8750n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9559B967-CCD6-4CEE-ADD8-862D1D7E5D96"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr9300n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96E88402-955F-4565-8219-1332DBC3FAB5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr9300n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B83D44BD-00FB-4F15-B543-84DF92E67CBD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr9500n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B542A9B-FBE4-446B-9BCF-F86859BB2F16"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr9500n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63C99E37-A070-49C3-BB3B-AE189F02E5F2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8170n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9E46CDB-A7B3-4A2C-8A91-E18986F60AC6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8170n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24F752BB-CFD7-41EC-83FD-7C0A352C72B7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8175n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D29A7303-517C-4FDE-AB97-9AD9D42F1E5F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8175n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138732B4-C531-4DD3-B2C6-F672E72EE3AE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8370n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02434FCD-EBFB-4A93-A0F1-E0FED57715C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8370n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B487F29B-4F4D-40EB-9D7E-48681370F5F6"
}
]
}
]
}
],
"references": [
{
"url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html",
"source": "psirt-info@cyber.jp.nec.com"
"source": "psirt-info@cyber.jp.nec.com",
"tags": [
"Broken Link"
]
}
]
}

505
CVE-2023/CVE-2023-33xx/CVE-2023-3333.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-3333",
"sourceIdentifier": "psirt-info@cyber.jp.nec.com",
"published": "2023-06-28T02:15:49.713",
"lastModified": "2023-07-03T03:15:09.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T19:19:52.590",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows\u00a0a attacker\u00a0to\u00a0execute an arbitrary OS command with the root privilege, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
},
{
"source": "psirt-info@cyber.jp.nec.com",
"type": "Secondary",
@ -23,10 +56,474 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wf300hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FDEB886-84A3-466F-A44D-C8343DC8EA26"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wf300hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02D5D7A6-3E46-401A-8987-ECCC0D97BE73"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1400hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D2A5730-11AC-4920-ACC3-B16F3F06F74D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1400hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B516AF4-E4BE-4074-A8B7-67276C7B57CD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1800hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C771D26-13FE-4821-8FAE-7B55E147C586"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1800hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44146A63-6E9A-4A6A-836A-FA75E0954E35"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg1800hp2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9971F7F6-56E0-49D8-8D77-EEE4E0398531"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg1800hp2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7F7EC38-F304-41AD-9F85-39820E5945E6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2200hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A48CCBD-1662-4188-ADBB-B3E69E2330F6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2200hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F167B2EE-7708-4A73-A52D-35725A0A1E29"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2600hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B377AF40-2788-4192-AC90-E6395B62FC4C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2600hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "872F8DA6-CB06-4886-801D-DC8F53EB7305"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg2600hp2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85717CF6-DB27-4F5F-9685-5235A5EB402B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg2600hp2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49782342-2E93-475A-90A5-9EDF40F97137"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg300hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3736608B-2D6C-4E2B-A52D-D3F1E60C1498"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg300hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "195A8A79-4E27-4EDD-975F-A4B58F040221"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wg600hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CC22AB5-2239-45FB-B57E-6344FE3EA483"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wg600hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "049F25E4-A0A6-4E98-9FB2-63BF9D451B4A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8600n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "093CFEBE-49F0-4387-B0CD-377F580E37AA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8600n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D96606ED-63AA-41E0-823A-16A2CD5200FD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8700n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCBF41D-824A-449C-9C1F-5FF3DE9D6F08"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8700n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD5B8F6-19F6-4F80-90C3-AC4EFE564FFF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8750n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "014F8A96-0AA2-4C65-89F8-2DF59717D079"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8750n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9559B967-CCD6-4CEE-ADD8-862D1D7E5D96"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr9300n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96E88402-955F-4565-8219-1332DBC3FAB5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr9300n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B83D44BD-00FB-4F15-B543-84DF92E67CBD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr9500n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B542A9B-FBE4-446B-9BCF-F86859BB2F16"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr9500n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63C99E37-A070-49C3-BB3B-AE189F02E5F2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8170n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9E46CDB-A7B3-4A2C-8A91-E18986F60AC6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8170n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24F752BB-CFD7-41EC-83FD-7C0A352C72B7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8175n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D29A7303-517C-4FDE-AB97-9AD9D42F1E5F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8175n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138732B4-C531-4DD3-B2C6-F672E72EE3AE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:aterm_wr8370n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02434FCD-EBFB-4A93-A0F1-E0FED57715C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:aterm_wr8370n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B487F29B-4F4D-40EB-9D7E-48681370F5F6"
}
]
}
]
}
],
"references": [
{
"url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html",
"source": "psirt-info@cyber.jp.nec.com"
"source": "psirt-info@cyber.jp.nec.com",
"tags": [
"Broken Link"
]
}
]
}

74
CVE-2023/CVE-2023-33xx/CVE-2023-3371.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3371",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-27T02:15:09.657",
"lastModified": "2023-06-27T16:15:41.447",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T19:24:05.357",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
@ -50,30 +70,66 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:embedpress:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.7.3",
"matchCriteriaId": "E2AA4D09-9B14-4CCD-83A8-7A60FA06C0B1"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/embedpress/tags/3.7.3/EmbedPress/Includes/Classes/Helper.php#L231",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/embedpress/tags/3.7.3/EmbedPress/Includes/Classes/Helper.php#L278",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/embedpress/tags/3.7.3/Gutenberg/block-backend/block-embedpress.php#L30",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2930523/embedpress#file10",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2930523/embedpress#file28",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c1033b4d-82a0-4484-aebf-f35d6a2a9a13?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-341xx/CVE-2023-34106.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-34106",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-05T18:15:10.330",
"lastModified": "2023-07-05T18:15:10.330",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "GLPI is a free asset and IT management software package. Versions of the software starting with 0.68 and prior to 10.0.8 have an incorrect rights check on a on a file accessible by an authenticated user. This allows access to the list of all users and their personal information. Users should upgrade to version 10.0.8 to receive a patch."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
},
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://github.com/glpi-project/glpi/releases/tag/10.0.8",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-923r-hqh4-wj7c",
"source": "security-advisories@github.com"
}
]
}

55
CVE-2023/CVE-2023-343xx/CVE-2023-34337.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34337",
"sourceIdentifier": "biossecurity@ami.com",
"published": "2023-07-05T19:15:09.800",
"lastModified": "2023-07-05T19:15:09.800",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nAMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption strength by hash-based message authentication code (HMAC). A successful exploit of this vulnerability\u00a0may lead to a loss of confidentiality, integrity, and availability. \n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-326"
}
]
}
],
"references": [
{
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf",
"source": "biossecurity@ami.com"
}
]
}

55
CVE-2023/CVE-2023-343xx/CVE-2023-34338.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34338",
"sourceIdentifier": "biossecurity@ami.com",
"published": "2023-07-05T19:15:09.877",
"lastModified": "2023-07-05T19:15:09.877",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded cryptographic key by a hard-coded certificate. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.\u00a0"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-321"
}
]
}
],
"references": [
{
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf",
"source": "biossecurity@ami.com"
}
]
}

48
CVE-2023/CVE-2023-344xx/CVE-2023-34463.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34463",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-26T21:15:09.363",
"lastModified": "2023-06-26T22:13:24.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:29:05.773",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,10 +66,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.18.8",
"matchCriteriaId": "21DCEC86-16D9-4180-9088-06D6AD31EF93"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/dataease/dataease/security/advisories/GHSA-4c4p-qfwq-85fj",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-344xx/CVE-2023-34471.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34471",
"sourceIdentifier": "biossecurity@ami.com",
"published": "2023-07-05T19:15:09.947",
"lastModified": "2023-07-05T19:15:09.947",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n AMI SPx contains a vulnerability in the BMC where a user may cause a missing cryptographic step by generating a hash-based message authentication code (HMAC). A successful exploit of this vulnerability may lead to the loss confidentiality, integrity, and authentication."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.4,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-325"
}
]
}
],
"references": [
{
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf",
"source": "biossecurity@ami.com"
}
]
}

59
CVE-2023/CVE-2023-344xx/CVE-2023-34472.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-34472",
"sourceIdentifier": "biossecurity@ami.com",
"published": "2023-07-05T19:15:10.017",
"lastModified": "2023-07-05T19:15:10.017",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "AMI SPx contains a vulnerability in the BMC where an Attacker may cause an improper neutralization of CRLF sequences in HTTP Headers. A successful exploit of this vulnerability may lead to a loss of integrity.\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-113"
},
{
"lang": "en",
"value": "CWE-93"
}
]
}
],
"references": [
{
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf",
"source": "biossecurity@ami.com"
}
]
}

55
CVE-2023/CVE-2023-344xx/CVE-2023-34473.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34473",
"sourceIdentifier": "biossecurity@ami.com",
"published": "2023-07-05T19:15:10.083",
"lastModified": "2023-07-05T19:15:10.083",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nAMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded credentials. A successful exploit of this vulnerability\u00a0may lead to a loss of confidentiality, integrity, and availability. \n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "biossecurity@ami.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
}
],
"references": [
{
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf",
"source": "biossecurity@ami.com"
}
]
}

75
CVE-2023/CVE-2023-349xx/CVE-2023-34928.json
View File

@ -2,19 +2,86 @@
"id": "CVE-2023-34928",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T14:15:09.743",
"lastModified": "2023-06-28T15:25:24.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:53:06.870",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in the Edit_BasicSSID function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34928.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

75
CVE-2023/CVE-2023-349xx/CVE-2023-34929.json
View File

@ -2,19 +2,86 @@
"id": "CVE-2023-34929",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T14:15:09.790",
"lastModified": "2023-06-28T15:25:24.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:52:59.827",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in the AddMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34929.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

75
CVE-2023/CVE-2023-349xx/CVE-2023-34930.json
View File

@ -2,19 +2,86 @@
"id": "CVE-2023-34930",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T14:15:09.833",
"lastModified": "2023-06-28T15:25:24.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:52:52.173",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in the EditMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34930.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

75
CVE-2023/CVE-2023-349xx/CVE-2023-34931.json
View File

@ -2,19 +2,86 @@
"id": "CVE-2023-34931",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T14:15:09.877",
"lastModified": "2023-06-28T15:25:24.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:52:45.057",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in the EditWlanMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34931.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

75
CVE-2023/CVE-2023-349xx/CVE-2023-34932.json
View File

@ -2,19 +2,86 @@
"id": "CVE-2023-34932",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T14:15:09.923",
"lastModified": "2023-06-28T15:25:24.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:52:37.597",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in the UpdateWanMode function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34932.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

76
CVE-2023/CVE-2023-349xx/CVE-2023-34933.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-34933",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T15:15:10.193",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:49:01.307",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in the UpdateWanParams function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34933.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-349xx/CVE-2023-34934.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-34934",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T15:15:10.240",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:48:47.040",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in the Edit_BasicSSID_5G function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34934.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-349xx/CVE-2023-34935.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-34935",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T15:15:10.283",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:48:29.870",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in the AddWlanMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34935.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-349xx/CVE-2023-34936.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-34936",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T15:15:10.333",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:48:19.643",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in the UpdateMacClone function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34936.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-349xx/CVE-2023-34937.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-34937",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T15:15:10.377",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:48:00.847",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in the UpdateSnat function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD76D39-A823-4334-83E0-93CD2D0DF2FC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10848FA6-A3BF-4EED-82D8-10A6567C0EF4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34937.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-34xx/CVE-2023-3407.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3407",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-28T03:15:09.243",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:37:01.277",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
@ -50,18 +70,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:subscribe2_project:subscribe2:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "10.40",
"matchCriteriaId": "34325F77-97FF-4F8E-AA88-30E2B687950B"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/subscribe2/trunk/admin/send-email.php#L12",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2930676",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/92b4d800-2895-4f7b-8b3b-ee6df75a7908?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-34xx/CVE-2023-3427.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3427",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-28T02:15:49.783",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:42:38.810",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
@ -46,18 +66,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:salonbookingsystem:salon_booking_system:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "8.4.6",
"matchCriteriaId": "448FEF9C-79E4-447B-ACC5-E7EDDE3CBE0E"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Customers.php?rev=2779160#L68",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2931406%40salon-booking-system&new=2931406%40salon-booking-system&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/93875f19-d9b9-4e33-bba9-afc75cf26bf2?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-34xx/CVE-2023-3445.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3445",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-06-28T14:15:10.117",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:52:26.923",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:denkgroot:spina:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.15.1",
"matchCriteriaId": "CA56A37D-3579-48FE-AA0E-B3BD80E73D74"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/spinacms/spina/commit/9adfe7b4807b3cc10dbb7351a26cc32f5d8c14a3",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/18a74a9d-4a2d-4bf8-ae62-56a909427070",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-350xx/CVE-2023-35001.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-35001",
"sourceIdentifier": "security@ubuntu.com",
"published": "2023-07-05T19:15:10.147",
"lastModified": "2023-07-05T19:15:10.147",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@ubuntu.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@ubuntu.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://lore.kernel.org/netfilter-devel/20230705121515.747251-1-cascardo@canonical.com/T/",
"source": "security@ubuntu.com"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/07/05/3",
"source": "security@ubuntu.com"
}
]
}

52
CVE-2023/CVE-2023-351xx/CVE-2023-35164.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-35164",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-26T22:15:11.317",
"lastModified": "2023-06-26T22:22:30.843",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:17:45.713",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. In affected versions a missing authorization check allows unauthorized users to manipulate a dashboard created by the administrator. This vulnerability has been fixed in version 1.18.8. Users are advised to upgrade. There are no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "DataEase es una herramienta de an\u00e1lisis de visualizaci\u00f3n de datos de c\u00f3digo abierto para analizar datos y obtener informaci\u00f3n sobre las tendencias empresariales. En las versiones afectadas, la falta de una comprobaci\u00f3n de autorizaci\u00f3n permite a usuarios no autorizados manipular un cuadro de mando creado por el administrador. Esta vulnerabilidad se ha corregido en la versi\u00f3n 1.18.8. Se recomienda a los usuarios que la actualicen. No se conocen soluciones para esta vulnerabilidad. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,10 +70,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.18.8",
"matchCriteriaId": "21DCEC86-16D9-4180-9088-06D6AD31EF93"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/dataease/dataease/security/advisories/GHSA-grxm-fc3h-3qgj",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

48
CVE-2023/CVE-2023-351xx/CVE-2023-35168.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35168",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-26T21:15:09.483",
"lastModified": "2023-06-26T22:13:24.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T18:26:34.743",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,10 +66,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.18.8",
"matchCriteriaId": "21DCEC86-16D9-4180-9088-06D6AD31EF93"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/dataease/dataease/security/advisories/GHSA-c2r2-68p6-73xv",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

28
CVE-2023/CVE-2023-358xx/CVE-2023-35863.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-35863",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-05T18:15:10.420",
"lastModified": "2023-07-05T18:15:10.420",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In MADEFORNET HTTP Debugger through 9.12, the Windows service does not set the seclevel registry key before launching the driver. Thus, it is possible for an unprivileged application to obtain a handle to the NetFilterSDK wrapper before the service obtains exclusive access."
}
],
"metrics": {},
"references": [
{
"url": "https://ctrl-c.club/~blue/nfsdk.html",
"source": "cve@mitre.org"
},
{
"url": "https://www.madefornet.com/products.html",
"source": "cve@mitre.org"
},
{
"url": "https://www.michaelrowley.dev/research/posts/nfsdk/nfsdk.html",
"source": "cve@mitre.org"
}
]
}

79
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-07-05T18:00:34.099372+00:00
2023-07-05T20:00:38.490985+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-07-05T17:52:50.177000+00:00
2023-07-05T19:50:58.443000+00:00
```
### Last Data Feed Release
@ -29,51 +29,56 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
219196
219208
```
### CVEs added in the last Commit
Recently added CVEs: `7`
Recently added CVEs: `12`
* [CVE-2020-25969](CVE-2020/CVE-2020-259xx/CVE-2020-25969.json) (`2023-07-05T17:15:09.213`)
* [CVE-2023-27390](CVE-2023/CVE-2023-273xx/CVE-2023-27390.json) (`2023-07-05T16:15:09.507`)
* [CVE-2023-31194](CVE-2023/CVE-2023-311xx/CVE-2023-31194.json) (`2023-07-05T16:15:09.600`)
* [CVE-2023-36932](CVE-2023/CVE-2023-369xx/CVE-2023-36932.json) (`2023-07-05T16:15:09.687`)
* [CVE-2023-36933](CVE-2023/CVE-2023-369xx/CVE-2023-36933.json) (`2023-07-05T16:15:09.740`)
* [CVE-2023-36934](CVE-2023/CVE-2023-369xx/CVE-2023-36934.json) (`2023-07-05T16:15:09.793`)
* [CVE-2023-25399](CVE-2023/CVE-2023-253xx/CVE-2023-25399.json) (`2023-07-05T17:15:09.320`)
* [CVE-2020-23452](CVE-2020/CVE-2020-234xx/CVE-2020-23452.json) (`2023-07-05T18:15:09.750`)
* [CVE-2023-30607](CVE-2023/CVE-2023-306xx/CVE-2023-30607.json) (`2023-07-05T18:15:10.070`)
* [CVE-2023-33335](CVE-2023/CVE-2023-333xx/CVE-2023-33335.json) (`2023-07-05T18:15:10.277`)
* [CVE-2023-34106](CVE-2023/CVE-2023-341xx/CVE-2023-34106.json) (`2023-07-05T18:15:10.330`)
* [CVE-2023-35863](CVE-2023/CVE-2023-358xx/CVE-2023-35863.json) (`2023-07-05T18:15:10.420`)
* [CVE-2023-31248](CVE-2023/CVE-2023-312xx/CVE-2023-31248.json) (`2023-07-05T19:15:09.713`)
* [CVE-2023-34337](CVE-2023/CVE-2023-343xx/CVE-2023-34337.json) (`2023-07-05T19:15:09.800`)
* [CVE-2023-34338](CVE-2023/CVE-2023-343xx/CVE-2023-34338.json) (`2023-07-05T19:15:09.877`)
* [CVE-2023-34471](CVE-2023/CVE-2023-344xx/CVE-2023-34471.json) (`2023-07-05T19:15:09.947`)
* [CVE-2023-34472](CVE-2023/CVE-2023-344xx/CVE-2023-34472.json) (`2023-07-05T19:15:10.017`)
* [CVE-2023-34473](CVE-2023/CVE-2023-344xx/CVE-2023-34473.json) (`2023-07-05T19:15:10.083`)
* [CVE-2023-35001](CVE-2023/CVE-2023-350xx/CVE-2023-35001.json) (`2023-07-05T19:15:10.147`)
### CVEs modified in the last Commit
Recently modified CVEs: `49`
Recently modified CVEs: `47`
* [CVE-2023-3515](CVE-2023/CVE-2023-35xx/CVE-2023-3515.json) (`2023-07-05T16:25:41.353`)
* [CVE-2023-34098](CVE-2023/CVE-2023-340xx/CVE-2023-34098.json) (`2023-07-05T16:25:47.773`)
* [CVE-2023-26274](CVE-2023/CVE-2023-262xx/CVE-2023-26274.json) (`2023-07-05T16:26:09.287`)
* [CVE-2023-26276](CVE-2023/CVE-2023-262xx/CVE-2023-26276.json) (`2023-07-05T16:26:24.613`)
* [CVE-2023-22593](CVE-2023/CVE-2023-225xx/CVE-2023-22593.json) (`2023-07-05T16:28:23.427`)
* [CVE-2023-23468](CVE-2023/CVE-2023-234xx/CVE-2023-23468.json) (`2023-07-05T16:28:41.243`)
* [CVE-2023-25004](CVE-2023/CVE-2023-250xx/CVE-2023-25004.json) (`2023-07-05T16:29:14.923`)
* [CVE-2023-29068](CVE-2023/CVE-2023-290xx/CVE-2023-29068.json) (`2023-07-05T16:29:40.353`)
* [CVE-2023-34673](CVE-2023/CVE-2023-346xx/CVE-2023-34673.json) (`2023-07-05T16:30:36.027`)
* [CVE-2023-33565](CVE-2023/CVE-2023-335xx/CVE-2023-33565.json) (`2023-07-05T16:38:44.877`)
* [CVE-2023-34254](CVE-2023/CVE-2023-342xx/CVE-2023-34254.json) (`2023-07-05T16:53:39.367`)
* [CVE-2023-30757](CVE-2023/CVE-2023-307xx/CVE-2023-30757.json) (`2023-07-05T17:01:26.063`)
* [CVE-2023-29129](CVE-2023/CVE-2023-291xx/CVE-2023-29129.json) (`2023-07-05T17:02:50.873`)
* [CVE-2023-32019](CVE-2023/CVE-2023-320xx/CVE-2023-32019.json) (`2023-07-05T17:15:09.380`)
* [CVE-2023-33584](CVE-2023/CVE-2023-335xx/CVE-2023-33584.json) (`2023-07-05T17:15:09.477`)
* [CVE-2023-2005](CVE-2023/CVE-2023-20xx/CVE-2023-2005.json) (`2023-07-05T17:16:12.110`)
* [CVE-2023-2290](CVE-2023/CVE-2023-22xx/CVE-2023-2290.json) (`2023-07-05T17:22:10.923`)
* [CVE-2023-2992](CVE-2023/CVE-2023-29xx/CVE-2023-2992.json) (`2023-07-05T17:27:57.377`)
* [CVE-2023-2993](CVE-2023/CVE-2023-29xx/CVE-2023-2993.json) (`2023-07-05T17:30:11.073`)
* [CVE-2023-33404](CVE-2023/CVE-2023-334xx/CVE-2023-33404.json) (`2023-07-05T17:35:32.947`)
* [CVE-2023-28829](CVE-2023/CVE-2023-288xx/CVE-2023-28829.json) (`2023-07-05T17:36:45.750`)
* [CVE-2023-27465](CVE-2023/CVE-2023-274xx/CVE-2023-27465.json) (`2023-07-05T17:48:25.550`)
* [CVE-2023-33176](CVE-2023/CVE-2023-331xx/CVE-2023-33176.json) (`2023-07-05T17:49:17.157`)
* [CVE-2023-28991](CVE-2023/CVE-2023-289xx/CVE-2023-28991.json) (`2023-07-05T17:52:33.687`)
* [CVE-2023-28988](CVE-2023/CVE-2023-289xx/CVE-2023-28988.json) (`2023-07-05T17:52:50.177`)
* [CVE-2023-34933](CVE-2023/CVE-2023-349xx/CVE-2023-34933.json) (`2023-07-05T18:49:01.307`)
* [CVE-2023-26615](CVE-2023/CVE-2023-266xx/CVE-2023-26615.json) (`2023-07-05T18:50:06.507`)
* [CVE-2023-3445](CVE-2023/CVE-2023-34xx/CVE-2023-3445.json) (`2023-07-05T18:52:26.923`)
* [CVE-2023-34932](CVE-2023/CVE-2023-349xx/CVE-2023-34932.json) (`2023-07-05T18:52:37.597`)
* [CVE-2023-34931](CVE-2023/CVE-2023-349xx/CVE-2023-34931.json) (`2023-07-05T18:52:45.057`)
* [CVE-2023-34930](CVE-2023/CVE-2023-349xx/CVE-2023-34930.json) (`2023-07-05T18:52:52.173`)
* [CVE-2023-34929](CVE-2023/CVE-2023-349xx/CVE-2023-34929.json) (`2023-07-05T18:52:59.827`)
* [CVE-2023-34928](CVE-2023/CVE-2023-349xx/CVE-2023-34928.json) (`2023-07-05T18:53:06.870`)
* [CVE-2023-30259](CVE-2023/CVE-2023-302xx/CVE-2023-30259.json) (`2023-07-05T18:53:44.850`)
* [CVE-2023-31974](CVE-2023/CVE-2023-319xx/CVE-2023-31974.json) (`2023-07-05T19:00:17.533`)
* [CVE-2023-31973](CVE-2023/CVE-2023-319xx/CVE-2023-31973.json) (`2023-07-05T19:00:20.850`)
* [CVE-2023-31972](CVE-2023/CVE-2023-319xx/CVE-2023-31972.json) (`2023-07-05T19:00:26.747`)
* [CVE-2023-31975](CVE-2023/CVE-2023-319xx/CVE-2023-31975.json) (`2023-07-05T19:01:42.130`)
* [CVE-2023-22834](CVE-2023/CVE-2023-228xx/CVE-2023-22834.json) (`2023-07-05T19:14:49.097`)
* [CVE-2023-3332](CVE-2023/CVE-2023-33xx/CVE-2023-3332.json) (`2023-07-05T19:19:49.067`)
* [CVE-2023-3333](CVE-2023/CVE-2023-33xx/CVE-2023-3333.json) (`2023-07-05T19:19:52.590`)
* [CVE-2023-3371](CVE-2023/CVE-2023-33xx/CVE-2023-3371.json) (`2023-07-05T19:24:05.357`)
* [CVE-2023-21195](CVE-2023/CVE-2023-211xx/CVE-2023-21195.json) (`2023-07-05T19:25:24.387`)
* [CVE-2023-21196](CVE-2023/CVE-2023-211xx/CVE-2023-21196.json) (`2023-07-05T19:27:24.927`)
* [CVE-2023-21197](CVE-2023/CVE-2023-211xx/CVE-2023-21197.json) (`2023-07-05T19:35:40.793`)
* [CVE-2023-21198](CVE-2023/CVE-2023-211xx/CVE-2023-21198.json) (`2023-07-05T19:38:07.660`)
* [CVE-2023-21199](CVE-2023/CVE-2023-211xx/CVE-2023-21199.json) (`2023-07-05T19:42:07.917`)
* [CVE-2023-21200](CVE-2023/CVE-2023-212xx/CVE-2023-21200.json) (`2023-07-05T19:45:27.017`)
* [CVE-2023-21201](CVE-2023/CVE-2023-212xx/CVE-2023-21201.json) (`2023-07-05T19:46:48.690`)
* [CVE-2023-21202](CVE-2023/CVE-2023-212xx/CVE-2023-21202.json) (`2023-07-05T19:48:33.540`)
## Download and Usage