admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-09-27T22:00:25.086394+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-09-27 22:00:28 +00:00
parent 8c2bd04bb0
commit b797beb6f6
22 changed files with 888 additions and 225 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
CVE-2018/CVE-2018-122xx/CVE-2018-12207.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-12207",
"sourceIdentifier": "secure@intel.com",
"published": "2019-11-14T20:15:11.133",
"lastModified": "2023-09-25T22:11:08.627",
"lastModified": "2023-09-27T20:51:38.353",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -6565,8 +6565,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:intel:xeon_gold_6240y__firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB1D576D-5667-4513-9F5E-DCEE2E5A8882"
"criteria": "cpe:2.3:o:intel:xeon_gold_6240y_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19C76503-5F56-4C2B-8973-A3F94B1345DF"
}
]
},
@ -6619,8 +6619,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:intel:xeon_gold_6240l__firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30496896-210D-49CA-B0F9-ED5FD912B8D2"
"criteria": "cpe:2.3:o:intel:xeon_gold_6240l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E317001-0126-4B64-85AE-04AEC9954085"
}
]
},
@ -6970,8 +6970,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:intel:xeon_gold_5220t__firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37EA0B46-727D-432E-A8F5-0977900D9B1B"
"criteria": "cpe:2.3:o:intel:xeon_gold_5220t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8141C47E-4F0B-498E-8B18-264E90448C3B"
}
]
},
@ -7051,8 +7051,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:intel:xeon_gold_5218t__firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA339BD7-4BB3-4AD4-A5B7-07A59C3450F3"
"criteria": "cpe:2.3:o:intel:xeon_gold_5218t_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2411CF40-9A5F-4138-9111-84087A30050F"
}
]
},

6
CVE-2022/CVE-2022-18xx/CVE-2022-1822.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-1822",
"sourceIdentifier": "security@wordfence.com",
"published": "2022-06-13T13:15:13.223",
"lastModified": "2022-06-21T16:21:45.333",
"lastModified": "2023-09-27T21:06:35.427",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -104,9 +104,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:zephyr_project_manager_project:zephyr_project_manager:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.2.41",
"matchCriteriaId": "696E49C2-2170-4EAF-BEC1-B27EB94C592E"
"matchCriteriaId": "C9548174-E7B5-415D-97B0-F585FC2A27A4"
}
]
}

8
CVE-2022/CVE-2022-260xx/CVE-2022-26047.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-26047",
"sourceIdentifier": "secure@intel.com",
"published": "2022-11-11T16:15:12.333",
"lastModified": "2022-11-18T17:19:58.020",
"lastModified": "2023-09-27T20:53:06.763",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -68,7 +68,6 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -2390,11 +2389,6 @@
"criteria": "cpe:2.3:o:intel:core_i7-8705g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88971837-5ED9-442C-BAF2-1C6C31105EB8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:intel:core_i7-8706g__firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63BB97D2-A2D2-4D77-977E-0F26CF6D0279"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:intel:core_i7-8706g_firmware:-:*:*:*:*:*:*:*",

18
CVE-2022/CVE-2022-390xx/CVE-2022-39028.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39028",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-08-30T05:15:08.117",
"lastModified": "2022-11-29T17:35:14.020",
"lastModified": "2023-09-27T20:10:25.007",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -97,6 +97,22 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netkit-telnet_project:netkit-telnet:*:*:*:*:*:*:*:*",
"versionEndIncluding": "0.17",
"matchCriteriaId": "C0EF3431-0075-4A40-BAC6-28C9F08315A2"
}
]
}
]
}
],
"references": [

65
CVE-2023/CVE-2023-294xx/CVE-2023-29497.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-29497",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:18:49.990",
"lastModified": "2023-09-27T15:41:55.530",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-27T20:20:36.517",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14. An app may be able to access calendar data saved to a temporary directory."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0",
"matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-400xx/CVE-2023-40026.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-40026",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-27T21:15:09.713",
"lastModified": "2023-09-27T21:15:09.713",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Argo CD is a declarative continuous deployment framework for Kubernetes. In Argo CD versions prior to 2.3 (starting at least in v0.1.0, but likely in any version using Helm before 2.3), using a specifically-crafted Helm file could reference external Helm charts handled by the same repo-server to leak values, or files from the referenced Helm Chart. This was possible because Helm paths were predictable. The vulnerability worked by adding a Helm chart that referenced Helm resources from predictable paths. Because the paths of Helm charts were predictable and available on an instance of repo-server, it was possible to reference and then render the values and resources from other existing Helm charts regardless of permissions. While generally, secrets are not stored in these files, it was nevertheless possible to reference any values from these charts. This issue was fixed in Argo CD 2.3 and subsequent versions by randomizing Helm paths. User's still using Argo CD 2.3 or below are advised to update to a supported version. If this is not possible, disabling Helm chart rendering, or using an additional repo-server for each Helm chart would prevent possible exploitation."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/#supported-versions",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-6jqw-jwf5-rp8h",
"source": "security-advisories@github.com"
}
]
}

62
CVE-2023/CVE-2023-400xx/CVE-2023-40048.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40048",
"sourceIdentifier": "security@progress.com",
"published": "2023-09-27T15:19:00.010",
"lastModified": "2023-09-27T16:21:26.600",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-27T20:01:36.307",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security@progress.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "security@progress.com",
"type": "Secondary",
@ -46,14 +76,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:progress:ws_ftp_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.8.2",
"matchCriteriaId": "D83F473A-56DC-4CC4-8831-EA78D4DC1539"
}
]
}
]
}
],
"references": [
{
"url": "https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023",
"source": "security@progress.com"
"source": "security@progress.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.progress.com/ws_ftp",
"source": "security@progress.com"
"source": "security@progress.com",
"tags": [
"Product"
]
}
]
}

62
CVE-2023/CVE-2023-400xx/CVE-2023-40049.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40049",
"sourceIdentifier": "security@progress.com",
"published": "2023-09-27T15:19:01.013",
"lastModified": "2023-09-27T16:21:28.400",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-27T20:06:23.097",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security@progress.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@progress.com",
"type": "Secondary",
@ -46,14 +76,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:progress:ws_ftp_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.8.2",
"matchCriteriaId": "D83F473A-56DC-4CC4-8831-EA78D4DC1539"
}
]
}
]
}
],
"references": [
{
"url": "https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023",
"source": "security@progress.com"
"source": "security@progress.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.progress.com/ws_ftp",
"source": "security@progress.com"
"source": "security@progress.com",
"tags": [
"Product"
]
}
]
}

70
CVE-2023/CVE-2023-402xx/CVE-2023-40219.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-40219",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-09-27T15:19:02.237",
"lastModified": "2023-09-27T15:40:54.270",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-27T20:19:39.753",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor or higher privilege to upload an arbitrary file to an unauthorized directory."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:collne:welcart_e-commerce:*:*:*:*:*:wordpress:*:*",
"versionStartIncluding": "2.7",
"versionEndIncluding": "2.8.21",
"matchCriteriaId": "3A07E8A8-4F65-42E9-8AFE-B5E4A7D23CCF"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN97197972/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.welcart.com/archives/20106.html",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Release Notes"
]
}
]
}

51
CVE-2023/CVE-2023-40xx/CVE-2023-4066.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2023-4066",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-09-27T21:15:10.550",
"lastModified": "2023-09-27T21:15:10.550",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security-properties-prop-module, defined in ActivemqArtemisSecurity CR; however, they are shown in plaintext in the StatefulSet details yaml of AMQ Broker."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:4720",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4066",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224677",
"source": "secalert@redhat.com"
}
]
}

70
CVE-2023/CVE-2023-412xx/CVE-2023-41233.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-41233",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-09-27T15:19:27.050",
"lastModified": "2023-09-27T15:41:42.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-27T20:15:42.197",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in Item List page registration process of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:collne:welcart_e-commerce:*:*:*:*:*:wordpress:*:*",
"versionStartIncluding": "2.7",
"versionEndIncluding": "2.8.21",
"matchCriteriaId": "3A07E8A8-4F65-42E9-8AFE-B5E4A7D23CCF"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN97197972/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.welcart.com/archives/20106.html",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Release Notes"
]
}
]
}

55
CVE-2023/CVE-2023-428xx/CVE-2023-42818.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-42818",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-27T21:15:10.173",
"lastModified": "2023-09-27T21:15:10.173",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "JumpServer is an open source bastion host. When users enable MFA and use a public key for authentication, the Koko SSH server does not verify the corresponding SSH private key. An attacker could exploit a vulnerability by utilizing a disclosed public key to attempt brute-force authentication against the SSH service This issue has been patched in versions 3.6.5 and 3.5.6. Users are advised to upgrade. There are no known workarounds for this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://github.com/jumpserver/jumpserver/security/advisories/GHSA-jv3c-27cv-w8jv",
"source": "security-advisories@github.com"
}
]
}

70
CVE-2023/CVE-2023-434xx/CVE-2023-43484.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-43484",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-09-27T15:19:34.103",
"lastModified": "2023-09-27T15:41:42.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-27T20:25:34.200",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:collne:welcart_e-commerce:*:*:*:*:*:wordpress:*:*",
"versionStartIncluding": "2.7",
"versionEndIncluding": "2.8.21",
"matchCriteriaId": "3A07E8A8-4F65-42E9-8AFE-B5E4A7D23CCF"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN97197972/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.welcart.com/archives/20106.html",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Release Notes"
]
}
]
}

70
CVE-2023/CVE-2023-434xx/CVE-2023-43493.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-43493",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-09-27T15:19:34.157",
"lastModified": "2023-09-27T15:41:26.297",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-27T20:51:26.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with author or higher privilege to obtain sensitive information."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:collne:welcart_e-commerce:*:*:*:*:*:wordpress:*:*",
"versionStartIncluding": "2.7",
"versionEndIncluding": "2.8.21",
"matchCriteriaId": "3A07E8A8-4F65-42E9-8AFE-B5E4A7D23CCF"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN97197972/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.welcart.com/archives/20106.html",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Release Notes"
]
}
]
}

70
CVE-2023/CVE-2023-436xx/CVE-2023-43610.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-43610",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-09-27T15:19:34.217",
"lastModified": "2023-09-27T15:41:26.297",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-27T21:07:01.437",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor (without setting authority) or higher privilege to perform unintended database operations."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:collne:welcart_e-commerce:*:*:*:*:*:wordpress:*:*",
"versionStartIncluding": "2.7",
"versionEndIncluding": "2.8.21",
"matchCriteriaId": "3A07E8A8-4F65-42E9-8AFE-B5E4A7D23CCF"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN97197972/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.welcart.com/archives/20106.html",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Release Notes"
]
}
]
}

55
CVE-2023/CVE-2023-436xx/CVE-2023-43651.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-43651",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-27T21:15:10.347",
"lastModified": "2023-09-27T21:15:10.347",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "JumpServer is an open source bastion host. An authenticated user can exploit a vulnerability in MongoDB sessions to execute arbitrary commands, leading to remote code execution. This vulnerability may further be leveraged to gain root privileges on the system. Through the WEB CLI interface provided by the koko component, a user logs into the authorized mongoDB database and exploits the MongoDB session to execute arbitrary commands. This vulnerability has been addressed in versions 2.28.20 and 3.7.1. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/jumpserver/jumpserver/security/advisories/GHSA-4r5x-x283-wm96",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2023/CVE-2023-436xx/CVE-2023-43656.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-43656",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-27T21:15:10.443",
"lastModified": "2023-09-27T21:15:10.443",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "matrix-hookshot is a Matrix bot for connecting to external services like GitHub, GitLab, JIRA, and more. Instances that have enabled transformation functions (those that have `generic.allowJsTransformationFunctions` in their config), may be vulnerable to an attack where it is possible to break out of the `vm2` sandbox and as a result Hookshot will be vulnerable to this. This problem is only likely to affect users who have allowed untrusted users to apply their own transformation functions. If you have only enabled a limited set of trusted users, this threat is reduced (though not eliminated). Version 4.5.0 and above of hookshot include a new sandbox library which should better protect users. Users are advised to upgrade. Users unable to upgrade should disable `generic.allowJsTransformationFunctions` in the config."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.4,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"references": [
{
"url": "https://github.com/matrix-org/matrix-hookshot/commit/dc126afa6af86d66aefcd23a825326f405bcc894",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/matrix-org/matrix-hookshot/security/advisories/GHSA-fr97-pv6w-4cj6",
"source": "security-advisories@github.com"
}
]
}

20
CVE-2023/CVE-2023-440xx/CVE-2023-44047.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-44047",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T20:15:09.850",
"lastModified": "2023-09-27T20:15:09.850",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Sourcecodester Toll Tax Management System v1 is vulnerable to SQL Injection."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/xcodeOn1/SQLI-TollTax/blob/main/README.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-440xx/CVE-2023-44048.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-44048",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T20:15:13.493",
"lastModified": "2023-09-27T20:15:13.493",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Sourcecodester Expense Tracker App v1 is vulnerable to Cross Site Scripting (XSS) via add category."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/xcodeOn1/XSS-Stored-Expense-Tracker-App/tree/main",
"source": "cve@mitre.org"
}
]
}

8
CVE-2023/CVE-2023-48xx/CVE-2023-4863.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-4863",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-09-12T15:15:24.327",
"lastModified": "2023-09-27T15:19:41.107",
"lastModified": "2023-09-27T20:15:14.377",
"vulnStatus": "Modified",
"cisaExploitAdd": "2023-09-13",
"cisaActionDue": "2023-10-04",
@ -11,7 +11,7 @@
"descriptions": [
{
"lang": "en",
"value": "Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)"
"value": "Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)"
},
{
"lang": "es",
@ -233,6 +233,10 @@
"url": "http://www.openwall.com/lists/oss-security/2023/09/26/1",
"source": "chrome-cve-admin@google.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/26/7",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway/",
"source": "chrome-cve-admin@google.com",

117
CVE-2023/CVE-2023-51xx/CVE-2023-5129.json
View File

@ -2,121 +2,14 @@
"id": "CVE-2023-5129",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2023-09-25T21:15:16.667",
"lastModified": "2023-09-27T15:19:41.593",
"vulnStatus": "Modified",
"lastModified": "2023-09-27T21:15:11.940",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "With a specially crafted WebP lossless file, libwebp may write data out of bounds to the heap.\n\nThe ReadHuffmanCodes() function allocates the HuffmanCode buffer with a size that comes from an array of precomputed sizes: kTableSize. The color_cache_bits value defines which size to use.\n\nThe kTableSize array only takes into account sizes for 8-bit first-level table lookups but not second-level table lookups. libwebp allows codes that are up to 15-bit (MAX_ALLOWED_CODE_LENGTH). When BuildHuffmanTable() attempts to fill the second-level tables it may write data out-of-bounds. The OOB write to the undersized array happens in ReplicateValue.\n\n"
},
{
"lang": "es",
"value": "\"Con un archivo WebP sin p\u00e9rdidas especialmente manipulado, libwebp puede escribir datos fuera de los l\u00edmites del mont\u00f3n. La funci\u00f3n ReadHuffmanCodes() asigna el b\u00fafer HuffmanCode con un tama\u00f1o que proviene de una matriz de tama\u00f1os precalculados: \nkTableSize. \nEl valor color_cache_bits define qu\u00e9 tama\u00f1o usar.\n La matriz kTableSize solo tiene en cuenta los tama\u00f1os para b\u00fasquedas de tablas de primer nivel de 8 bits, pero no para b\u00fasquedas de tablas de segundo nivel.\n libwebp permite c\u00f3digos de hasta 15 bits (MAX_ALLOWED_CODE_LENGTH). \nCuando BuildHuffmanTable() intenta llenar las tablas de segundo nivel, puede escribir datos fuera de los l\u00edmites. La escritura OOB en la matriz de tama\u00f1o insuficiente ocurre en ReplicateValue.\""
"value": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.\u00a0Duplicate of CVE-2023-4863."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cve-coordination@google.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "cve-coordination@google.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webmproject:libwebp:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.5.0",
"versionEndExcluding": "1.3.2",
"matchCriteriaId": "C4EDD159-D377-4070-861C-8D5E92E6C3B4"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/26/1",
"source": "cve-coordination@google.com"
},
{
"url": "https://chromium.googlesource.com/webm/libwebp/+/2af26267cdfcb63a88e5c74a85927a12d6ca1d76",
"source": "cve-coordination@google.com",
"tags": [
"Patch"
]
},
{
"url": "https://chromium.googlesource.com/webm/libwebp/+/902bc9190331343b2017211debcec8d2ab87e17a",
"source": "cve-coordination@google.com",
"tags": [
"Patch"
]
}
]
"metrics": {},
"references": []
}

80
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-09-27T20:00:25.696695+00:00
2023-09-27T22:00:25.086394+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-09-27T19:58:58.307000+00:00
2023-09-27T21:15:11.940000+00:00
```
### Last Data Feed Release
@ -29,68 +29,40 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
226462
226469
```
### CVEs added in the last Commit
Recently added CVEs: `24`
Recently added CVEs: `7`
* [CVE-2023-20033](CVE-2023/CVE-2023-200xx/CVE-2023-20033.json) (`2023-09-27T18:15:10.687`)
* [CVE-2023-20034](CVE-2023/CVE-2023-200xx/CVE-2023-20034.json) (`2023-09-27T18:15:10.793`)
* [CVE-2023-20109](CVE-2023/CVE-2023-201xx/CVE-2023-20109.json) (`2023-09-27T18:15:10.860`)
* [CVE-2023-20176](CVE-2023/CVE-2023-201xx/CVE-2023-20176.json) (`2023-09-27T18:15:10.923`)
* [CVE-2023-20179](CVE-2023/CVE-2023-201xx/CVE-2023-20179.json) (`2023-09-27T18:15:10.987`)
* [CVE-2023-20186](CVE-2023/CVE-2023-201xx/CVE-2023-20186.json) (`2023-09-27T18:15:11.050`)
* [CVE-2023-20187](CVE-2023/CVE-2023-201xx/CVE-2023-20187.json) (`2023-09-27T18:15:11.117`)
* [CVE-2023-20202](CVE-2023/CVE-2023-202xx/CVE-2023-20202.json) (`2023-09-27T18:15:11.177`)
* [CVE-2023-20223](CVE-2023/CVE-2023-202xx/CVE-2023-20223.json) (`2023-09-27T18:15:11.240`)
* [CVE-2023-20226](CVE-2023/CVE-2023-202xx/CVE-2023-20226.json) (`2023-09-27T18:15:11.307`)
* [CVE-2023-20227](CVE-2023/CVE-2023-202xx/CVE-2023-20227.json) (`2023-09-27T18:15:11.370`)
* [CVE-2023-20231](CVE-2023/CVE-2023-202xx/CVE-2023-20231.json) (`2023-09-27T18:15:11.430`)
* [CVE-2023-20251](CVE-2023/CVE-2023-202xx/CVE-2023-20251.json) (`2023-09-27T18:15:11.493`)
* [CVE-2023-20252](CVE-2023/CVE-2023-202xx/CVE-2023-20252.json) (`2023-09-27T18:15:11.553`)
* [CVE-2023-20253](CVE-2023/CVE-2023-202xx/CVE-2023-20253.json) (`2023-09-27T18:15:11.620`)
* [CVE-2023-20254](CVE-2023/CVE-2023-202xx/CVE-2023-20254.json) (`2023-09-27T18:15:11.690`)
* [CVE-2023-20262](CVE-2023/CVE-2023-202xx/CVE-2023-20262.json) (`2023-09-27T18:15:11.757`)
* [CVE-2023-20268](CVE-2023/CVE-2023-202xx/CVE-2023-20268.json) (`2023-09-27T18:15:11.827`)
* [CVE-2023-42822](CVE-2023/CVE-2023-428xx/CVE-2023-42822.json) (`2023-09-27T18:15:11.903`)
* [CVE-2023-5184](CVE-2023/CVE-2023-51xx/CVE-2023-5184.json) (`2023-09-27T18:15:11.997`)
* [CVE-2023-33972](CVE-2023/CVE-2023-339xx/CVE-2023-33972.json) (`2023-09-27T19:15:11.497`)
* [CVE-2023-43650](CVE-2023/CVE-2023-436xx/CVE-2023-43650.json) (`2023-09-27T19:15:11.927`)
* [CVE-2023-43652](CVE-2023/CVE-2023-436xx/CVE-2023-43652.json) (`2023-09-27T19:15:12.133`)
* [CVE-2023-4523](CVE-2023/CVE-2023-45xx/CVE-2023-4523.json) (`2023-09-27T19:15:12.373`)
* [CVE-2023-44047](CVE-2023/CVE-2023-440xx/CVE-2023-44047.json) (`2023-09-27T20:15:09.850`)
* [CVE-2023-44048](CVE-2023/CVE-2023-440xx/CVE-2023-44048.json) (`2023-09-27T20:15:13.493`)
* [CVE-2023-40026](CVE-2023/CVE-2023-400xx/CVE-2023-40026.json) (`2023-09-27T21:15:09.713`)
* [CVE-2023-42818](CVE-2023/CVE-2023-428xx/CVE-2023-42818.json) (`2023-09-27T21:15:10.173`)
* [CVE-2023-43651](CVE-2023/CVE-2023-436xx/CVE-2023-43651.json) (`2023-09-27T21:15:10.347`)
* [CVE-2023-43656](CVE-2023/CVE-2023-436xx/CVE-2023-43656.json) (`2023-09-27T21:15:10.443`)
* [CVE-2023-4066](CVE-2023/CVE-2023-40xx/CVE-2023-4066.json) (`2023-09-27T21:15:10.550`)
### CVEs modified in the last Commit
Recently modified CVEs: `48`
Recently modified CVEs: `14`
* [CVE-2023-44018](CVE-2023/CVE-2023-440xx/CVE-2023-44018.json) (`2023-09-27T18:45:19.397`)
* [CVE-2023-30959](CVE-2023/CVE-2023-309xx/CVE-2023-30959.json) (`2023-09-27T18:45:25.593`)
* [CVE-2023-44017](CVE-2023/CVE-2023-440xx/CVE-2023-44017.json) (`2023-09-27T18:45:25.770`)
* [CVE-2023-44016](CVE-2023/CVE-2023-440xx/CVE-2023-44016.json) (`2023-09-27T18:45:36.290`)
* [CVE-2023-44015](CVE-2023/CVE-2023-440xx/CVE-2023-44015.json) (`2023-09-27T18:45:44.000`)
* [CVE-2023-44014](CVE-2023/CVE-2023-440xx/CVE-2023-44014.json) (`2023-09-27T18:45:53.000`)
* [CVE-2023-44013](CVE-2023/CVE-2023-440xx/CVE-2023-44013.json) (`2023-09-27T18:45:57.737`)
* [CVE-2023-44023](CVE-2023/CVE-2023-440xx/CVE-2023-44023.json) (`2023-09-27T18:46:31.760`)
* [CVE-2023-44022](CVE-2023/CVE-2023-440xx/CVE-2023-44022.json) (`2023-09-27T18:46:35.543`)
* [CVE-2023-40330](CVE-2023/CVE-2023-403xx/CVE-2023-40330.json) (`2023-09-27T18:47:35.547`)
* [CVE-2023-40333](CVE-2023/CVE-2023-403xx/CVE-2023-40333.json) (`2023-09-27T18:47:40.483`)
* [CVE-2023-32361](CVE-2023/CVE-2023-323xx/CVE-2023-32361.json) (`2023-09-27T18:48:04.810`)
* [CVE-2023-32377](CVE-2023/CVE-2023-323xx/CVE-2023-32377.json) (`2023-09-27T18:54:01.467`)
* [CVE-2023-32396](CVE-2023/CVE-2023-323xx/CVE-2023-32396.json) (`2023-09-27T18:58:25.643`)
* [CVE-2023-32421](CVE-2023/CVE-2023-324xx/CVE-2023-32421.json) (`2023-09-27T19:01:26.557`)
* [CVE-2023-35074](CVE-2023/CVE-2023-350xx/CVE-2023-35074.json) (`2023-09-27T19:05:29.060`)
* [CVE-2023-35984](CVE-2023/CVE-2023-359xx/CVE-2023-35984.json) (`2023-09-27T19:09:38.193`)
* [CVE-2023-37448](CVE-2023/CVE-2023-374xx/CVE-2023-37448.json) (`2023-09-27T19:10:21.997`)
* [CVE-2023-3767](CVE-2023/CVE-2023-37xx/CVE-2023-3767.json) (`2023-09-27T19:18:03.020`)
* [CVE-2023-40044](CVE-2023/CVE-2023-400xx/CVE-2023-40044.json) (`2023-09-27T19:22:39.417`)
* [CVE-2023-40045](CVE-2023/CVE-2023-400xx/CVE-2023-40045.json) (`2023-09-27T19:24:47.143`)
* [CVE-2023-40046](CVE-2023/CVE-2023-400xx/CVE-2023-40046.json) (`2023-09-27T19:33:00.803`)
* [CVE-2023-28790](CVE-2023/CVE-2023-287xx/CVE-2023-28790.json) (`2023-09-27T19:42:11.487`)
* [CVE-2023-2315](CVE-2023/CVE-2023-23xx/CVE-2023-2315.json) (`2023-09-27T19:52:30.920`)
* [CVE-2023-40047](CVE-2023/CVE-2023-400xx/CVE-2023-40047.json) (`2023-09-27T19:58:58.307`)
* [CVE-2018-12207](CVE-2018/CVE-2018-122xx/CVE-2018-12207.json) (`2023-09-27T20:51:38.353`)
* [CVE-2022-39028](CVE-2022/CVE-2022-390xx/CVE-2022-39028.json) (`2023-09-27T20:10:25.007`)
* [CVE-2022-26047](CVE-2022/CVE-2022-260xx/CVE-2022-26047.json) (`2023-09-27T20:53:06.763`)
* [CVE-2022-1822](CVE-2022/CVE-2022-18xx/CVE-2022-1822.json) (`2023-09-27T21:06:35.427`)
* [CVE-2023-40048](CVE-2023/CVE-2023-400xx/CVE-2023-40048.json) (`2023-09-27T20:01:36.307`)
* [CVE-2023-40049](CVE-2023/CVE-2023-400xx/CVE-2023-40049.json) (`2023-09-27T20:06:23.097`)
* [CVE-2023-4863](CVE-2023/CVE-2023-48xx/CVE-2023-4863.json) (`2023-09-27T20:15:14.377`)
* [CVE-2023-41233](CVE-2023/CVE-2023-412xx/CVE-2023-41233.json) (`2023-09-27T20:15:42.197`)
* [CVE-2023-40219](CVE-2023/CVE-2023-402xx/CVE-2023-40219.json) (`2023-09-27T20:19:39.753`)
* [CVE-2023-29497](CVE-2023/CVE-2023-294xx/CVE-2023-29497.json) (`2023-09-27T20:20:36.517`)
* [CVE-2023-43484](CVE-2023/CVE-2023-434xx/CVE-2023-43484.json) (`2023-09-27T20:25:34.200`)
* [CVE-2023-43493](CVE-2023/CVE-2023-434xx/CVE-2023-43493.json) (`2023-09-27T20:51:26.677`)
* [CVE-2023-43610](CVE-2023/CVE-2023-436xx/CVE-2023-43610.json) (`2023-09-27T21:07:01.437`)
* [CVE-2023-5129](CVE-2023/CVE-2023-51xx/CVE-2023-5129.json) (`2023-09-27T21:15:11.940`)
## Download and Usage