admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-11-26T23:00:25.309026+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-11-26 23:00:28 +00:00
parent e1aec81f90
commit b732b928e2
4 changed files with 121 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2023/CVE-2023-340xx/CVE-2023-34059.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-34059",
"sourceIdentifier": "security@vmware.com",
"published": "2023-10-27T05:15:39.013",
"lastModified": "2023-11-08T04:15:07.613",
"lastModified": "2023-11-26T21:15:54.993",
"vulnStatus": "Modified",
"descriptions": [
{
@ -132,6 +132,10 @@
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/11/26/1",
"source": "security@vmware.com"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00002.html",
"source": "security@vmware.com",

24
CVE-2023/CVE-2023-493xx/CVE-2023-49312.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-49312",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-26T22:15:06.907",
"lastModified": "2023-11-26T22:15:06.907",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Precision Bridge PrecisionBridge.exe (aka the thick client) before 7.3.21 allows an integrity violation in which the same license key is used on multiple systems, via vectors involving a Process Hacker memory dump, error message inspection, and modification of a MAC address."
}
],
"metrics": {},
"references": [
{
"url": "https://precisionbridge.net/738vulnerability",
"source": "cve@mitre.org"
},
{
"url": "https://processhacker.sourceforge.io/archive/website_v2/features.php",
"source": "cve@mitre.org"
}
]
}

84
CVE-2023/CVE-2023-62xx/CVE-2023-6296.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-6296",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-11-26T22:15:06.983",
"lastModified": "2023-11-26T22:15:06.983",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in osCommerce 4. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /catalog/compare of the component Instant Message Handler. The manipulation of the argument compare with the input 40dz4iq\"><script>alert(1)</script>zohkx leads to cross site scripting. The attack may be launched remotely. VDB-246122 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.246122",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.246122",
"source": "cna@vuldb.com"
}
]
}

23
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-11-26T13:00:20.952055+00:00
2023-11-26T23:00:25.309026+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-11-26T12:15:07.213000+00:00
2023-11-26T22:15:06.983000+00:00
```
### Last Data Feed Release
@ -29,29 +29,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
231485
231487
```
### CVEs added in the last Commit
Recently added CVEs: `0`
Recently added CVEs: `2`
* [CVE-2023-49312](CVE-2023/CVE-2023-493xx/CVE-2023-49312.json) (`2023-11-26T22:15:06.907`)
* [CVE-2023-6296](CVE-2023/CVE-2023-62xx/CVE-2023-6296.json) (`2023-11-26T22:15:06.983`)
### CVEs modified in the last Commit
Recently modified CVEs: `10`
Recently modified CVEs: `1`
* [CVE-2020-27827](CVE-2020/CVE-2020-278xx/CVE-2020-27827.json) (`2023-11-26T11:15:07.307`)
* [CVE-2020-35498](CVE-2020/CVE-2020-354xx/CVE-2020-35498.json) (`2023-11-26T11:15:07.937`)
* [CVE-2021-36980](CVE-2021/CVE-2021-369xx/CVE-2021-36980.json) (`2023-11-26T11:15:08.053`)
* [CVE-2021-3905](CVE-2021/CVE-2021-39xx/CVE-2021-3905.json) (`2023-11-26T11:15:08.147`)
* [CVE-2022-4337](CVE-2022/CVE-2022-43xx/CVE-2022-4337.json) (`2023-11-26T11:15:08.287`)
* [CVE-2022-4338](CVE-2022/CVE-2022-43xx/CVE-2022-4338.json) (`2023-11-26T11:15:08.393`)
* [CVE-2022-0813](CVE-2022/CVE-2022-08xx/CVE-2022-0813.json) (`2023-11-26T12:15:06.950`)
* [CVE-2022-23807](CVE-2022/CVE-2022-238xx/CVE-2022-23807.json) (`2023-11-26T12:15:07.127`)
* [CVE-2022-23808](CVE-2022/CVE-2022-238xx/CVE-2022-23808.json) (`2023-11-26T12:15:07.213`)
* [CVE-2023-1668](CVE-2023/CVE-2023-16xx/CVE-2023-1668.json) (`2023-11-26T11:15:08.477`)
* [CVE-2023-34059](CVE-2023/CVE-2023-340xx/CVE-2023-34059.json) (`2023-11-26T21:15:54.993`)
## Download and Usage