mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-09 16:05:11 +00:00
Auto-Update: 2023-11-26T23:00:25.309026+00:00
This commit is contained in:
parent
e1aec81f90
commit
b732b928e2
@ -2,7 +2,7 @@
|
|||||||
"id": "CVE-2023-34059",
|
"id": "CVE-2023-34059",
|
||||||
"sourceIdentifier": "security@vmware.com",
|
"sourceIdentifier": "security@vmware.com",
|
||||||
"published": "2023-10-27T05:15:39.013",
|
"published": "2023-10-27T05:15:39.013",
|
||||||
"lastModified": "2023-11-08T04:15:07.613",
|
"lastModified": "2023-11-26T21:15:54.993",
|
||||||
"vulnStatus": "Modified",
|
"vulnStatus": "Modified",
|
||||||
"descriptions": [
|
"descriptions": [
|
||||||
{
|
{
|
||||||
@ -132,6 +132,10 @@
|
|||||||
"Third Party Advisory"
|
"Third Party Advisory"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"url": "http://www.openwall.com/lists/oss-security/2023/11/26/1",
|
||||||
|
"source": "security@vmware.com"
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00002.html",
|
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00002.html",
|
||||||
"source": "security@vmware.com",
|
"source": "security@vmware.com",
|
||||||
|
24
CVE-2023/CVE-2023-493xx/CVE-2023-49312.json
Normal file
24
CVE-2023/CVE-2023-493xx/CVE-2023-49312.json
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
{
|
||||||
|
"id": "CVE-2023-49312",
|
||||||
|
"sourceIdentifier": "cve@mitre.org",
|
||||||
|
"published": "2023-11-26T22:15:06.907",
|
||||||
|
"lastModified": "2023-11-26T22:15:06.907",
|
||||||
|
"vulnStatus": "Received",
|
||||||
|
"descriptions": [
|
||||||
|
{
|
||||||
|
"lang": "en",
|
||||||
|
"value": "Precision Bridge PrecisionBridge.exe (aka the thick client) before 7.3.21 allows an integrity violation in which the same license key is used on multiple systems, via vectors involving a Process Hacker memory dump, error message inspection, and modification of a MAC address."
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"metrics": {},
|
||||||
|
"references": [
|
||||||
|
{
|
||||||
|
"url": "https://precisionbridge.net/738vulnerability",
|
||||||
|
"source": "cve@mitre.org"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://processhacker.sourceforge.io/archive/website_v2/features.php",
|
||||||
|
"source": "cve@mitre.org"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
84
CVE-2023/CVE-2023-62xx/CVE-2023-6296.json
Normal file
84
CVE-2023/CVE-2023-62xx/CVE-2023-6296.json
Normal file
@ -0,0 +1,84 @@
|
|||||||
|
{
|
||||||
|
"id": "CVE-2023-6296",
|
||||||
|
"sourceIdentifier": "cna@vuldb.com",
|
||||||
|
"published": "2023-11-26T22:15:06.983",
|
||||||
|
"lastModified": "2023-11-26T22:15:06.983",
|
||||||
|
"vulnStatus": "Received",
|
||||||
|
"descriptions": [
|
||||||
|
{
|
||||||
|
"lang": "en",
|
||||||
|
"value": "A vulnerability was found in osCommerce 4. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /catalog/compare of the component Instant Message Handler. The manipulation of the argument compare with the input 40dz4iq\"><script>alert(1)</script>zohkx leads to cross site scripting. The attack may be launched remotely. VDB-246122 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"metrics": {
|
||||||
|
"cvssMetricV31": [
|
||||||
|
{
|
||||||
|
"source": "cna@vuldb.com",
|
||||||
|
"type": "Secondary",
|
||||||
|
"cvssData": {
|
||||||
|
"version": "3.1",
|
||||||
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||||||
|
"attackVector": "NETWORK",
|
||||||
|
"attackComplexity": "LOW",
|
||||||
|
"privilegesRequired": "NONE",
|
||||||
|
"userInteraction": "REQUIRED",
|
||||||
|
"scope": "UNCHANGED",
|
||||||
|
"confidentialityImpact": "NONE",
|
||||||
|
"integrityImpact": "LOW",
|
||||||
|
"availabilityImpact": "NONE",
|
||||||
|
"baseScore": 4.3,
|
||||||
|
"baseSeverity": "MEDIUM"
|
||||||
|
},
|
||||||
|
"exploitabilityScore": 2.8,
|
||||||
|
"impactScore": 1.4
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"cvssMetricV2": [
|
||||||
|
{
|
||||||
|
"source": "cna@vuldb.com",
|
||||||
|
"type": "Secondary",
|
||||||
|
"cvssData": {
|
||||||
|
"version": "2.0",
|
||||||
|
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
|
||||||
|
"accessVector": "NETWORK",
|
||||||
|
"accessComplexity": "LOW",
|
||||||
|
"authentication": "NONE",
|
||||||
|
"confidentialityImpact": "NONE",
|
||||||
|
"integrityImpact": "PARTIAL",
|
||||||
|
"availabilityImpact": "NONE",
|
||||||
|
"baseScore": 5.0
|
||||||
|
},
|
||||||
|
"baseSeverity": "MEDIUM",
|
||||||
|
"exploitabilityScore": 10.0,
|
||||||
|
"impactScore": 2.9,
|
||||||
|
"acInsufInfo": false,
|
||||||
|
"obtainAllPrivilege": false,
|
||||||
|
"obtainUserPrivilege": false,
|
||||||
|
"obtainOtherPrivilege": false,
|
||||||
|
"userInteractionRequired": false
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"weaknesses": [
|
||||||
|
{
|
||||||
|
"source": "cna@vuldb.com",
|
||||||
|
"type": "Secondary",
|
||||||
|
"description": [
|
||||||
|
{
|
||||||
|
"lang": "en",
|
||||||
|
"value": "CWE-79"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"references": [
|
||||||
|
{
|
||||||
|
"url": "https://vuldb.com/?ctiid.246122",
|
||||||
|
"source": "cna@vuldb.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "https://vuldb.com/?id.246122",
|
||||||
|
"source": "cna@vuldb.com"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
23
README.md
23
README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
|
|||||||
### Last Repository Update
|
### Last Repository Update
|
||||||
|
|
||||||
```plain
|
```plain
|
||||||
2023-11-26T13:00:20.952055+00:00
|
2023-11-26T23:00:25.309026+00:00
|
||||||
```
|
```
|
||||||
|
|
||||||
### Most recent CVE Modification Timestamp synchronized with NVD
|
### Most recent CVE Modification Timestamp synchronized with NVD
|
||||||
|
|
||||||
```plain
|
```plain
|
||||||
2023-11-26T12:15:07.213000+00:00
|
2023-11-26T22:15:06.983000+00:00
|
||||||
```
|
```
|
||||||
|
|
||||||
### Last Data Feed Release
|
### Last Data Feed Release
|
||||||
@ -29,29 +29,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
|
|||||||
### Total Number of included CVEs
|
### Total Number of included CVEs
|
||||||
|
|
||||||
```plain
|
```plain
|
||||||
231485
|
231487
|
||||||
```
|
```
|
||||||
|
|
||||||
### CVEs added in the last Commit
|
### CVEs added in the last Commit
|
||||||
|
|
||||||
Recently added CVEs: `0`
|
Recently added CVEs: `2`
|
||||||
|
|
||||||
|
* [CVE-2023-49312](CVE-2023/CVE-2023-493xx/CVE-2023-49312.json) (`2023-11-26T22:15:06.907`)
|
||||||
|
* [CVE-2023-6296](CVE-2023/CVE-2023-62xx/CVE-2023-6296.json) (`2023-11-26T22:15:06.983`)
|
||||||
|
|
||||||
|
|
||||||
### CVEs modified in the last Commit
|
### CVEs modified in the last Commit
|
||||||
|
|
||||||
Recently modified CVEs: `10`
|
Recently modified CVEs: `1`
|
||||||
|
|
||||||
* [CVE-2020-27827](CVE-2020/CVE-2020-278xx/CVE-2020-27827.json) (`2023-11-26T11:15:07.307`)
|
* [CVE-2023-34059](CVE-2023/CVE-2023-340xx/CVE-2023-34059.json) (`2023-11-26T21:15:54.993`)
|
||||||
* [CVE-2020-35498](CVE-2020/CVE-2020-354xx/CVE-2020-35498.json) (`2023-11-26T11:15:07.937`)
|
|
||||||
* [CVE-2021-36980](CVE-2021/CVE-2021-369xx/CVE-2021-36980.json) (`2023-11-26T11:15:08.053`)
|
|
||||||
* [CVE-2021-3905](CVE-2021/CVE-2021-39xx/CVE-2021-3905.json) (`2023-11-26T11:15:08.147`)
|
|
||||||
* [CVE-2022-4337](CVE-2022/CVE-2022-43xx/CVE-2022-4337.json) (`2023-11-26T11:15:08.287`)
|
|
||||||
* [CVE-2022-4338](CVE-2022/CVE-2022-43xx/CVE-2022-4338.json) (`2023-11-26T11:15:08.393`)
|
|
||||||
* [CVE-2022-0813](CVE-2022/CVE-2022-08xx/CVE-2022-0813.json) (`2023-11-26T12:15:06.950`)
|
|
||||||
* [CVE-2022-23807](CVE-2022/CVE-2022-238xx/CVE-2022-23807.json) (`2023-11-26T12:15:07.127`)
|
|
||||||
* [CVE-2022-23808](CVE-2022/CVE-2022-238xx/CVE-2022-23808.json) (`2023-11-26T12:15:07.213`)
|
|
||||||
* [CVE-2023-1668](CVE-2023/CVE-2023-16xx/CVE-2023-1668.json) (`2023-11-26T11:15:08.477`)
|
|
||||||
|
|
||||||
|
|
||||||
## Download and Usage
|
## Download and Usage
|
||||||
|
Loading…
x
Reference in New Issue
Block a user