From b954f628d814651acaed3287fa27bc39d6ce72be Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 17 Jul 2023 14:01:28 +0000 Subject: [PATCH] Auto-Update: 2023-07-17T14:01:24.557986+00:00 --- CVE-2021/CVE-2021-312xx/CVE-2021-31294.json | 4 +- CVE-2022/CVE-2022-49xx/CVE-2022-4952.json | 4 +- CVE-2023/CVE-2023-19xx/CVE-2023-1902.json | 59 ++++++++++++++++- CVE-2023/CVE-2023-20xx/CVE-2023-2003.json | 6 +- CVE-2023/CVE-2023-226xx/CVE-2023-22672.json | 55 ++++++++++++++++ CVE-2023/CVE-2023-22xx/CVE-2023-2268.json | 4 +- CVE-2023/CVE-2023-236xx/CVE-2023-23646.json | 55 ++++++++++++++++ CVE-2023/CVE-2023-237xx/CVE-2023-23719.json | 55 ++++++++++++++++ CVE-2023/CVE-2023-25xx/CVE-2023-2507.json | 4 +- CVE-2023/CVE-2023-265xx/CVE-2023-26512.json | 32 ++++++++++ CVE-2023/CVE-2023-26xx/CVE-2023-2635.json | 52 +++++++++++++-- CVE-2023/CVE-2023-274xx/CVE-2023-27424.json | 55 ++++++++++++++++ CVE-2023/CVE-2023-276xx/CVE-2023-27606.json | 55 ++++++++++++++++ CVE-2023/CVE-2023-27xx/CVE-2023-2759.json | 55 ++++++++++++++++ CVE-2023/CVE-2023-27xx/CVE-2023-2760.json | 55 ++++++++++++++++ CVE-2023/CVE-2023-29xx/CVE-2023-2912.json | 55 ++++++++++++++++ CVE-2023/CVE-2023-307xx/CVE-2023-30791.json | 4 +- CVE-2023/CVE-2023-309xx/CVE-2023-30988.json | 4 +- CVE-2023/CVE-2023-309xx/CVE-2023-30989.json | 4 +- CVE-2023/CVE-2023-336xx/CVE-2023-33664.json | 71 +++++++++++++++++++-- CVE-2023/CVE-2023-338xx/CVE-2023-33857.json | 8 ++- CVE-2023/CVE-2023-340xx/CVE-2023-34036.json | 55 ++++++++++++++++ CVE-2023/CVE-2023-342xx/CVE-2023-34236.json | 4 +- CVE-2023/CVE-2023-350xx/CVE-2023-35012.json | 4 +- CVE-2023/CVE-2023-358xx/CVE-2023-35802.json | 4 +- CVE-2023/CVE-2023-359xx/CVE-2023-35901.json | 4 +- CVE-2023/CVE-2023-364xx/CVE-2023-36466.json | 4 +- CVE-2023/CVE-2023-368xx/CVE-2023-36818.json | 4 +- CVE-2023/CVE-2023-36xx/CVE-2023-3633.json | 4 +- CVE-2023/CVE-2023-36xx/CVE-2023-3678.json | 4 +- CVE-2023/CVE-2023-36xx/CVE-2023-3679.json | 4 +- CVE-2023/CVE-2023-36xx/CVE-2023-3680.json | 4 +- CVE-2023/CVE-2023-36xx/CVE-2023-3681.json | 4 +- CVE-2023/CVE-2023-36xx/CVE-2023-3682.json | 4 +- CVE-2023/CVE-2023-36xx/CVE-2023-3683.json | 4 +- CVE-2023/CVE-2023-36xx/CVE-2023-3684.json | 4 +- CVE-2023/CVE-2023-36xx/CVE-2023-3685.json | 4 +- CVE-2023/CVE-2023-36xx/CVE-2023-3686.json | 4 +- CVE-2023/CVE-2023-36xx/CVE-2023-3687.json | 4 +- CVE-2023/CVE-2023-36xx/CVE-2023-3688.json | 4 +- CVE-2023/CVE-2023-36xx/CVE-2023-3689.json | 8 ++- CVE-2023/CVE-2023-36xx/CVE-2023-3690.json | 8 ++- CVE-2023/CVE-2023-36xx/CVE-2023-3691.json | 8 ++- CVE-2023/CVE-2023-36xx/CVE-2023-3692.json | 4 +- CVE-2023/CVE-2023-36xx/CVE-2023-3693.json | 8 ++- CVE-2023/CVE-2023-36xx/CVE-2023-3694.json | 8 ++- CVE-2023/CVE-2023-36xx/CVE-2023-3695.json | 8 ++- CVE-2023/CVE-2023-36xx/CVE-2023-3696.json | 4 +- CVE-2023/CVE-2023-372xx/CVE-2023-37268.json | 4 +- CVE-2023/CVE-2023-374xx/CVE-2023-37462.json | 4 +- CVE-2023/CVE-2023-374xx/CVE-2023-37464.json | 4 +- CVE-2023/CVE-2023-374xx/CVE-2023-37472.json | 4 +- CVE-2023/CVE-2023-374xx/CVE-2023-37473.json | 4 +- CVE-2023/CVE-2023-374xx/CVE-2023-37474.json | 4 +- CVE-2023/CVE-2023-377xx/CVE-2023-37793.json | 4 +- CVE-2023/CVE-2023-377xx/CVE-2023-37794.json | 4 +- CVE-2023/CVE-2023-37xx/CVE-2023-3700.json | 59 +++++++++++++++++ CVE-2023/CVE-2023-383xx/CVE-2023-38325.json | 4 +- CVE-2023/CVE-2023-383xx/CVE-2023-38336.json | 4 +- CVE-2023/CVE-2023-383xx/CVE-2023-38337.json | 4 +- CVE-2023/CVE-2023-383xx/CVE-2023-38349.json | 4 +- CVE-2023/CVE-2023-383xx/CVE-2023-38350.json | 4 +- CVE-2023/CVE-2023-383xx/CVE-2023-38378.json | 4 +- CVE-2023/CVE-2023-383xx/CVE-2023-38379.json | 4 +- README.md | 50 ++++++++++++--- 65 files changed, 928 insertions(+), 120 deletions(-) create mode 100644 CVE-2023/CVE-2023-226xx/CVE-2023-22672.json create mode 100644 CVE-2023/CVE-2023-236xx/CVE-2023-23646.json create mode 100644 CVE-2023/CVE-2023-237xx/CVE-2023-23719.json create mode 100644 CVE-2023/CVE-2023-265xx/CVE-2023-26512.json create mode 100644 CVE-2023/CVE-2023-274xx/CVE-2023-27424.json create mode 100644 CVE-2023/CVE-2023-276xx/CVE-2023-27606.json create mode 100644 CVE-2023/CVE-2023-27xx/CVE-2023-2759.json create mode 100644 CVE-2023/CVE-2023-27xx/CVE-2023-2760.json create mode 100644 CVE-2023/CVE-2023-29xx/CVE-2023-2912.json create mode 100644 CVE-2023/CVE-2023-340xx/CVE-2023-34036.json create mode 100644 CVE-2023/CVE-2023-37xx/CVE-2023-3700.json diff --git a/CVE-2021/CVE-2021-312xx/CVE-2021-31294.json b/CVE-2021/CVE-2021-312xx/CVE-2021-31294.json index 48f52c737f1..bffd599a13d 100644 --- a/CVE-2021/CVE-2021-312xx/CVE-2021-31294.json +++ b/CVE-2021/CVE-2021-312xx/CVE-2021-31294.json @@ -2,8 +2,8 @@ "id": "CVE-2021-31294", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-15T23:15:09.203", - "lastModified": "2023-07-15T23:15:09.203", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:42.053", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-49xx/CVE-2022-4952.json b/CVE-2022/CVE-2022-49xx/CVE-2022-4952.json index 735cc3f1837..c0208e25bf2 100644 --- a/CVE-2022/CVE-2022-49xx/CVE-2022-4952.json +++ b/CVE-2022/CVE-2022-49xx/CVE-2022-4952.json @@ -2,8 +2,8 @@ "id": "CVE-2022-4952", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-17T02:15:09.273", - "lastModified": "2023-07-17T02:15:09.273", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:37.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-19xx/CVE-2023-1902.json b/CVE-2023/CVE-2023-19xx/CVE-2023-1902.json index 635ea9f96ff..6f572d6d851 100644 --- a/CVE-2023/CVE-2023-19xx/CVE-2023-1902.json +++ b/CVE-2023/CVE-2023-19xx/CVE-2023-1902.json @@ -2,8 +2,8 @@ "id": "CVE-2023-1902", "sourceIdentifier": "vulnerabilities@zephyrproject.org", "published": "2023-07-10T16:15:49.053", - "lastModified": "2023-07-10T16:27:17.833", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-17T13:45:49.067", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.1, + "impactScore": 5.9 + }, { "source": "vulnerabilities@zephyrproject.org", "type": "Secondary", @@ -34,10 +54,43 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*", + "versionEndIncluding": "3.3.0", + "matchCriteriaId": "E2D56E6F-F247-436A-B6F4-FA7263D4C5E2" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fx9g-8fr2-q899", - "source": "vulnerabilities@zephyrproject.org" + "source": "vulnerabilities@zephyrproject.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-20xx/CVE-2023-2003.json b/CVE-2023/CVE-2023-20xx/CVE-2023-2003.json index 148ccbd52a6..335c79c1a7f 100644 --- a/CVE-2023/CVE-2023-20xx/CVE-2023-2003.json +++ b/CVE-2023/CVE-2023-20xx/CVE-2023-2003.json @@ -2,7 +2,7 @@ "id": "CVE-2023-2003", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2023-07-13T12:15:09.317", - "lastModified": "2023-07-13T12:51:14.383", + "lastModified": "2023-07-17T11:15:09.393", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -47,6 +47,10 @@ } ], "references": [ + { + "url": "https://www.hackplayers.com/2023/07/vulnerabilidad-vision1210-unitronics.html", + "source": "cve-coordination@incibe.es" + }, { "url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/embedded-malicious-code-vulnerability-unitronics-vision1210", "source": "cve-coordination@incibe.es" diff --git a/CVE-2023/CVE-2023-226xx/CVE-2023-22672.json b/CVE-2023/CVE-2023-226xx/CVE-2023-22672.json new file mode 100644 index 00000000000..3cb95584aed --- /dev/null +++ b/CVE-2023/CVE-2023-226xx/CVE-2023-22672.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-22672", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-07-17T11:15:09.063", + "lastModified": "2023-07-17T13:02:37.237", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Mr.Vibe vSlider Multi Image Slider for WordPress plugin <=\u00a04.1.2 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/vslider/wordpress-vslider-multi-image-slider-for-wordpress-plugin-4-1-2-cross-site-request-forgery-csrf?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-22xx/CVE-2023-2268.json b/CVE-2023/CVE-2023-22xx/CVE-2023-2268.json index 90d48584802..0aad98b2027 100644 --- a/CVE-2023/CVE-2023-22xx/CVE-2023-2268.json +++ b/CVE-2023/CVE-2023-22xx/CVE-2023-2268.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2268", "sourceIdentifier": "help@fluidattacks.com", "published": "2023-07-15T19:15:09.450", - "lastModified": "2023-07-15T19:15:09.450", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:42.053", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-236xx/CVE-2023-23646.json b/CVE-2023/CVE-2023-236xx/CVE-2023-23646.json new file mode 100644 index 00000000000..d248f2c6b99 --- /dev/null +++ b/CVE-2023/CVE-2023-236xx/CVE-2023-23646.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-23646", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-07-17T11:15:09.183", + "lastModified": "2023-07-17T13:02:37.237", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Album Gallery \u2013 WordPress Gallery plugin <=\u00a01.4.9 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/new-album-gallery/wordpress-album-gallery-wordpress-gallery-plugin-1-4-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-237xx/CVE-2023-23719.json b/CVE-2023/CVE-2023-237xx/CVE-2023-23719.json new file mode 100644 index 00000000000..8b2dd7fe215 --- /dev/null +++ b/CVE-2023/CVE-2023-237xx/CVE-2023-23719.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-23719", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-07-17T11:15:09.250", + "lastModified": "2023-07-17T13:02:37.237", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Premmerce plugin <=\u00a01.3.17 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/premmerce/wordpress-premmerce-plugin-1-3-17-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-25xx/CVE-2023-2507.json b/CVE-2023/CVE-2023-25xx/CVE-2023-2507.json index 1b7e1853d71..97decdda4e5 100644 --- a/CVE-2023/CVE-2023-25xx/CVE-2023-2507.json +++ b/CVE-2023/CVE-2023-25xx/CVE-2023-2507.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2507", "sourceIdentifier": "help@fluidattacks.com", "published": "2023-07-15T19:15:09.527", - "lastModified": "2023-07-15T19:15:09.527", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:42.053", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-265xx/CVE-2023-26512.json b/CVE-2023/CVE-2023-265xx/CVE-2023-26512.json new file mode 100644 index 00000000000..d38a9b54491 --- /dev/null +++ b/CVE-2023/CVE-2023-265xx/CVE-2023-26512.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-26512", + "sourceIdentifier": "security@apache.org", + "published": "2023-07-17T08:15:09.243", + "lastModified": "2023-07-17T13:02:37.237", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "CWE-502 Deserialization of Untrusted Data\u00a0at the\u00a0rabbitmq-connector plugin\u00a0module in Apache EventMesh (incubating)\u00a0V1.7.0\\V1.8.0 on windows\\linux\\mac os e.g. platforms allows attackers\u00a0to send controlled message and \n\nremote code execute\u00a0via rabbitmq messages. Users can use the code under the master branch in project repo to fix this issue, we will release the new version as soon as possible." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/zb1d62wh8o8pvntrnx4t1hj8vz0pm39p", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2635.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2635.json index 399a1766b92..2ecf9836d5a 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2635.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2635.json @@ -2,15 +2,38 @@ "id": "CVE-2023-2635", "sourceIdentifier": "contact@wpscan.com", "published": "2023-07-10T16:15:51.377", - "lastModified": "2023-07-10T16:27:17.833", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-17T13:39:50.690", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Call Now Accessibility Button WordPress plugin before 1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,10 +46,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:stpetedesign:call_now_accessibility_button:1.0.2:*:*:*:*:wordpress:*:*", + "matchCriteriaId": "284321C7-B631-4911-92B9-E5CD91281A89" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/81b89613-18d0-4c13-84e3-9e2e1802fd7c", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-274xx/CVE-2023-27424.json b/CVE-2023/CVE-2023-274xx/CVE-2023-27424.json new file mode 100644 index 00000000000..938698fc4a7 --- /dev/null +++ b/CVE-2023/CVE-2023-274xx/CVE-2023-27424.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-27424", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-07-17T13:15:10.240", + "lastModified": "2023-07-17T13:15:10.240", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Korol Yuriy aka Shra Inactive User Deleter plugin <=\u00a01.59 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/inactive-user-deleter/wordpress-inactive-user-deleter-plugin-1-58-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-276xx/CVE-2023-27606.json b/CVE-2023/CVE-2023-276xx/CVE-2023-27606.json new file mode 100644 index 00000000000..4b8a568b76a --- /dev/null +++ b/CVE-2023/CVE-2023-276xx/CVE-2023-27606.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-27606", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-07-17T11:15:09.323", + "lastModified": "2023-07-17T13:02:37.237", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Sajjad Hossain WP Reroute Email plugin <=\u00a01.4.6 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-reroute-email/wordpress-wp-reroute-email-plugin-1-4-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2759.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2759.json new file mode 100644 index 00000000000..0570a114b34 --- /dev/null +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2759.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-2759", + "sourceIdentifier": "info@cert.vde.com", + "published": "2023-07-17T07:15:08.717", + "lastModified": "2023-07-17T13:02:37.237", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A hidden API exists in TapHome's core platform before version 2023.2 that allows an authenticated, low privileged user to change passwords of other users without any prior knowledge. The attacker may gain full access to the device by using this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "info@cert.vde.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "info@cert.vde.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], + "references": [ + { + "url": "https://claroty.com/team82/disclosure-dashboard/cve-2023-2759", + "source": "info@cert.vde.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2760.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2760.json new file mode 100644 index 00000000000..cf3a5b9f83a --- /dev/null +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2760.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-2760", + "sourceIdentifier": "info@cert.vde.com", + "published": "2023-07-17T07:15:08.953", + "lastModified": "2023-07-17T13:02:37.237", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An SQL injection vulnerability exists in TapHome core HandleMessageUpdateDevicePropertiesRequest function before version 2023.2, allowing low privileged users to inject arbitrary SQL directives into an SQL query and execute arbitrary SQL commands and get full reading access. This may also lead to limited write access and temporary Denial-of-Service." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "info@cert.vde.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "info@cert.vde.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + } + ] + } + ], + "references": [ + { + "url": "https://claroty.com/team82/disclosure-dashboard/cve-2023-2759", + "source": "info@cert.vde.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-29xx/CVE-2023-2912.json b/CVE-2023/CVE-2023-29xx/CVE-2023-2912.json new file mode 100644 index 00000000000..adaf55c67f3 --- /dev/null +++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2912.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-2912", + "sourceIdentifier": "VulnerabilityReporting@secomea.com", + "published": "2023-07-17T13:15:10.323", + "lastModified": "2023-07-17T13:15:10.323", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Use After Free vulnerability in Secomea SiteManager Embedded allows Obstruction." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "VulnerabilityReporting@secomea.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "VulnerabilityReporting@secomea.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://www.secomea.com/support/cybersecurity-advisory/", + "source": "VulnerabilityReporting@secomea.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-307xx/CVE-2023-30791.json b/CVE-2023/CVE-2023-307xx/CVE-2023-30791.json index 2187cb3c101..9d2d9556d3c 100644 --- a/CVE-2023/CVE-2023-307xx/CVE-2023-30791.json +++ b/CVE-2023/CVE-2023-307xx/CVE-2023-30791.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30791", "sourceIdentifier": "help@fluidattacks.com", "published": "2023-07-15T19:15:09.587", - "lastModified": "2023-07-15T19:15:09.587", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:42.053", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-309xx/CVE-2023-30988.json b/CVE-2023/CVE-2023-309xx/CVE-2023-30988.json index a1b103fbc01..9a4a0c1b205 100644 --- a/CVE-2023/CVE-2023-309xx/CVE-2023-30988.json +++ b/CVE-2023/CVE-2023-309xx/CVE-2023-30988.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30988", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-07-16T23:15:09.137", - "lastModified": "2023-07-16T23:15:09.137", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:37.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-309xx/CVE-2023-30989.json b/CVE-2023/CVE-2023-309xx/CVE-2023-30989.json index f53dddb5412..3c2981c8f31 100644 --- a/CVE-2023/CVE-2023-309xx/CVE-2023-30989.json +++ b/CVE-2023/CVE-2023-309xx/CVE-2023-30989.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30989", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-07-16T23:15:09.227", - "lastModified": "2023-07-16T23:15:09.227", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:37.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-336xx/CVE-2023-33664.json b/CVE-2023/CVE-2023-336xx/CVE-2023-33664.json index f0097f4ace0..7f0e188613c 100644 --- a/CVE-2023/CVE-2023-336xx/CVE-2023-33664.json +++ b/CVE-2023/CVE-2023-336xx/CVE-2023-33664.json @@ -2,23 +2,84 @@ "id": "CVE-2023-33664", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-07T16:15:09.783", - "lastModified": "2023-07-07T17:36:20.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-17T13:37:21.080", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "ai-dev aicombinationsonfly before v0.3.1 was discovered to contain a SQL injection vulnerability via the component /includes/ajax.php." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ai-dev:declinaisons_a_la_volee:*:*:*:*:*:prestashop:*:*", + "versionEndExcluding": "0.3.1", + "matchCriteriaId": "359439C4-1143-4450-89FD-087B5504B756" + } + ] + } + ] + } + ], "references": [ { "url": "https://security.friendsofpresta.org/modules/2023/06/28/aicombinationsonfly.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] }, { "url": "https://www.boutique.ai-dev.fr/en/ergonomie/61-combinations-on-fly.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-338xx/CVE-2023-33857.json b/CVE-2023/CVE-2023-338xx/CVE-2023-33857.json index 83e3b186d5b..802ee70b35e 100644 --- a/CVE-2023/CVE-2023-338xx/CVE-2023-33857.json +++ b/CVE-2023/CVE-2023-338xx/CVE-2023-33857.json @@ -2,12 +2,16 @@ "id": "CVE-2023-33857", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-07-17T00:15:09.463", - "lastModified": "2023-07-17T00:15:09.463", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:37.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain system information using a specially crafted query that could aid in further attacks against the system. IBM X-Force ID: 257695." + }, + { + "lang": "es", + "value": "IBM InfoSphere Information Server v11.7 podr\u00eda permitir a un atacante remoto obtener informaci\u00f3n del sistema utilizando una consulta especialmente manipulada que podr\u00eda ayudar en futuros ataques contra el sistema. ID de IBM X-Force: 257695." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-340xx/CVE-2023-34036.json b/CVE-2023/CVE-2023-340xx/CVE-2023-34036.json new file mode 100644 index 00000000000..cf99237a573 --- /dev/null +++ b/CVE-2023/CVE-2023-340xx/CVE-2023-34036.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-34036", + "sourceIdentifier": "security@vmware.com", + "published": "2023-07-17T11:15:09.480", + "lastModified": "2023-07-17T13:02:37.237", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nReactive web applications that use Spring HATEOAS to produce hypermedia-based responses might be exposed to malicious forwarded headers if they are not behind a trusted proxy that ensures correctness of such headers, or if they don't have anything else in place to handle (and possibly discard) forwarded headers either in WebFlux or at the level of the underlying HTTP server.\n\nFor the application to be affected, it needs to satisfy the following requirements:\n\n * It needs to use the reactive web stack (Spring WebFlux) and Spring HATEOAS to create links in hypermedia-based responses.\n * The application infrastructure does not guard against clients submitting (X-)Forwarded\u2026\u00a0headers.\n\n\n\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@vmware.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@vmware.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-644" + } + ] + } + ], + "references": [ + { + "url": "https://spring.io/security/cve-2023-34036", + "source": "security@vmware.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-342xx/CVE-2023-34236.json b/CVE-2023/CVE-2023-342xx/CVE-2023-34236.json index a950d0576dd..7ab972d4fdf 100644 --- a/CVE-2023/CVE-2023-342xx/CVE-2023-34236.json +++ b/CVE-2023/CVE-2023-342xx/CVE-2023-34236.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34236", "sourceIdentifier": "security-advisories@github.com", "published": "2023-07-14T22:15:09.083", - "lastModified": "2023-07-14T22:15:09.083", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:46.340", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-350xx/CVE-2023-35012.json b/CVE-2023/CVE-2023-350xx/CVE-2023-35012.json index 924b505c60d..096d9127561 100644 --- a/CVE-2023/CVE-2023-350xx/CVE-2023-35012.json +++ b/CVE-2023/CVE-2023-350xx/CVE-2023-35012.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35012", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-07-17T01:15:08.693", - "lastModified": "2023-07-17T01:15:08.693", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:37.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35802.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35802.json index 1b56b4cae65..0da3b9f3625 100644 --- a/CVE-2023/CVE-2023-358xx/CVE-2023-35802.json +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35802.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35802", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-15T02:15:08.803", - "lastModified": "2023-07-15T02:15:08.803", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:46.340", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-359xx/CVE-2023-35901.json b/CVE-2023/CVE-2023-359xx/CVE-2023-35901.json index 5c3d97e9994..ad3f2dd6df0 100644 --- a/CVE-2023/CVE-2023-359xx/CVE-2023-35901.json +++ b/CVE-2023/CVE-2023-359xx/CVE-2023-35901.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35901", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-07-17T00:15:09.547", - "lastModified": "2023-07-17T00:15:09.547", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:37.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-364xx/CVE-2023-36466.json b/CVE-2023/CVE-2023-364xx/CVE-2023-36466.json index 366b7619a89..a1bad30658d 100644 --- a/CVE-2023/CVE-2023-364xx/CVE-2023-36466.json +++ b/CVE-2023/CVE-2023-364xx/CVE-2023-36466.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36466", "sourceIdentifier": "security-advisories@github.com", "published": "2023-07-14T22:15:09.170", - "lastModified": "2023-07-14T22:15:09.170", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:46.340", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36818.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36818.json index 5f617b459f3..ee0cbefac4c 100644 --- a/CVE-2023/CVE-2023-368xx/CVE-2023-36818.json +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36818.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36818", "sourceIdentifier": "security-advisories@github.com", "published": "2023-07-14T22:15:09.243", - "lastModified": "2023-07-14T22:15:09.243", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:46.340", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3633.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3633.json index 5c93b6ee61d..52a5c1b4dee 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3633.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3633.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3633", "sourceIdentifier": "cve-requests@bitdefender.com", "published": "2023-07-14T20:15:09.220", - "lastModified": "2023-07-14T20:15:09.220", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:46.340", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3678.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3678.json index d9cdfdd5324..237ba61f268 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3678.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3678.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3678", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-15T08:15:42.537", - "lastModified": "2023-07-15T08:15:42.537", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:42.053", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3679.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3679.json index fc4fbf8ee3b..63935ea46cd 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3679.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3679.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3679", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-15T09:15:09.403", - "lastModified": "2023-07-15T09:15:09.403", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:42.053", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3680.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3680.json index 899a166e3fd..23b92a1b93f 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3680.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3680.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3680", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-15T09:15:09.803", - "lastModified": "2023-07-15T09:15:09.803", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:42.053", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3681.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3681.json index c22cd024171..abcec723f7b 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3681.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3681.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3681", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-15T10:15:09.323", - "lastModified": "2023-07-15T10:15:09.323", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:42.053", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3682.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3682.json index 56619f9e544..0613c8599b2 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3682.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3682.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3682", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-15T17:15:38.477", - "lastModified": "2023-07-15T17:15:38.477", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:42.053", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3683.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3683.json index 8f945645793..3cecf89ccee 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3683.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3683.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3683", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-16T08:15:14.263", - "lastModified": "2023-07-16T08:15:14.263", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:42.053", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3684.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3684.json index 0bb1bbbb0cb..17c7b891d7f 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3684.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3684.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3684", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-16T11:15:09.333", - "lastModified": "2023-07-16T11:15:09.333", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:42.053", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3685.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3685.json index ba2ef726c6e..8b2b4d4374f 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3685.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3685.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3685", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-16T11:15:09.680", - "lastModified": "2023-07-16T11:15:09.680", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:42.053", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3686.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3686.json index 17504bd142b..0b97ec152c0 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3686.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3686.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3686", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-16T13:15:09.380", - "lastModified": "2023-07-16T13:15:09.380", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:42.053", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3687.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3687.json index c6897ce776b..d3b794678bd 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3687.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3687.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3687", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-16T14:15:09.310", - "lastModified": "2023-07-16T14:15:09.310", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:42.053", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3688.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3688.json index 8ca577dd600..87e18d0a9f5 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3688.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3688.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3688", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-16T15:15:09.143", - "lastModified": "2023-07-16T15:15:09.143", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:42.053", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3689.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3689.json index 7e6636cd5e7..fce29a11f68 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3689.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3689.json @@ -2,12 +2,16 @@ "id": "CVE-2023-3689", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-16T16:15:09.360", - "lastModified": "2023-07-16T16:15:09.360", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:42.053", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical was found in Bylancer QuickQR 6.3.7. Affected by this vulnerability is an unknown functionality of the file /blog of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-234235. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en Bylancer QuickQR v6.3.7. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo \"/blog\" del componente \"GET Parameter Hnadler\". La manipulaci\u00f3n del argumento \"s\" conduce a una inyecci\u00f3n SQL. El ataque puede ser lanzado remotamente. El identificador asociado de esta vulnerabilidad es VDB-234235. NOTA: El vendedor fue contactado a tiempo sobre esta divulgaci\u00f3n pero no respondi\u00f3 de ninguna manera. " } ], "metrics": { diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3690.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3690.json index 6e03e0b4d03..9d2c40ddde2 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3690.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3690.json @@ -2,12 +2,16 @@ "id": "CVE-2023-3690", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-16T16:15:09.437", - "lastModified": "2023-07-16T16:15:09.437", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:42.053", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, has been found in Bylancer QuickOrder 6.3.7. Affected by this issue is some unknown functionality of the file /blog of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The attack may be launched remotely. The identifier of this vulnerability is VDB-234236. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad, clasificada como cr\u00edtica, en Bylancer QuickOrder v6.3.7. Este problema afecta a una funcionalidad desconocida del archivo \"/blog\" del componente \"GET Parameter Handler\". La manipulaci\u00f3n del argumento \"s\" conduce a una inyecci\u00f3n SQL. El ataque puede ser lanzado remotamente. El identificador de esta vulnerabilidad es VDB-234236. NOTA: El vendedor fue contactado a tiempo sobre esta revelaci\u00f3n pero no respondi\u00f3 de ninguna manera. " } ], "metrics": { diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3691.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3691.json index fd558223db2..8877441e7c0 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3691.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3691.json @@ -2,12 +2,16 @@ "id": "CVE-2023-3691", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-16T17:15:09.387", - "lastModified": "2023-07-16T17:15:09.387", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:37.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as problematic, was found in layui up to v2.8.0-rc.16. This affects an unknown part of the component HTML Attribute Handler. The manipulation of the argument title leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 2.8.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-234237 was assigned to this vulnerability." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad, clasificada como problem\u00e1tica, en layui hasta la versi\u00f3n 2.8.0-rc.16. Esto afecta a una parte desconocida del componente \"HTML Attribute Handler\". La manipulaci\u00f3n del argumento \"title\" conduce a Cross-Site Scripting. Es posible iniciar el ataque de forma remota. La actualizaci\u00f3n a la versi\u00f3n 2.8.0 soluciona este problema. Se recomienda actualizar el componente afectado. Se ha asignado el identificador VDB-234237 a esta vulnerabilidad. " } ], "metrics": { diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3692.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3692.json index 10902b76762..80810b3ec72 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3692.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3692.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3692", "sourceIdentifier": "security@huntr.dev", "published": "2023-07-16T01:15:09.893", - "lastModified": "2023-07-16T01:15:09.893", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:42.053", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3693.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3693.json index b7b05601243..a00c18a1b41 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3693.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3693.json @@ -2,12 +2,16 @@ "id": "CVE-2023-3693", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-16T22:15:09.397", - "lastModified": "2023-07-16T22:15:09.397", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:37.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical was found in SourceCodester Life Insurance Management System 1.0. This vulnerability affects unknown code of the file login.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-234244." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en SourceCodester Life Insurance Management System v1.0. Esta vulnerabilidad afecta a c\u00f3digo desconocido del archivo \"login.php\". La manipulaci\u00f3n del argumento \"username\" conduce a una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit ha sido revelado al p\u00fablico y puede ser utilizado. El identificador de esta vulnerabilidad es VDB-234244." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3694.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3694.json index e68fd000a51..61df1781d6a 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3694.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3694.json @@ -2,12 +2,16 @@ "id": "CVE-2023-3694", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-17T00:15:09.623", - "lastModified": "2023-07-17T00:15:09.623", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:37.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, has been found in SourceCodester House Rental and Property Listing 1.0. This issue affects some unknown processing of the file index.php. The manipulation of the argument keywords/location leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-234245 was assigned to this vulnerability." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad, clasificada como cr\u00edtica, en SourceCodester House Rental and Property Listing v1.0. Este problema afecta a alg\u00fan procesamiento desconocido del archivo \"index.php\". La manipulaci\u00f3n del argumento \"keywords/location\" conduce a una inyecci\u00f3n SQL. El ataque puede ser iniciado remotamente. El exploit ha sido revelado al p\u00fablico y puede ser utilizado. El identificador asignado a esta vulnerabilidad es VDB-234245. " } ], "metrics": { diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3695.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3695.json index 7ea30ee4131..cf5823b810c 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3695.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3695.json @@ -2,12 +2,16 @@ "id": "CVE-2023-3695", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-17T01:15:08.780", - "lastModified": "2023-07-17T01:15:08.780", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:37.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical has been found in Campcodes Beauty Salon Management System 1.0. Affected is an unknown function of the file add-product.php. The manipulation of the argument category leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-234252." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en Campcode Beauty Salon Management System v1.0. Se ve afectada una funci\u00f3n desconocida del archivo \"add-product.php\". La manipulaci\u00f3n del argumento \"category\" conduce a una inyecci\u00f3n SQL. Es posible lanzar el ataque de forma remota. El exploit ha sido revelado al p\u00fablico y puede ser utilizado. El identificador de esta vulnerabilidad es VDB-234252" } ], "metrics": { diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3696.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3696.json index ddd60445d31..8869e4f3ea2 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3696.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3696.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3696", "sourceIdentifier": "security@huntr.dev", "published": "2023-07-17T01:15:08.850", - "lastModified": "2023-07-17T01:15:08.850", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:37.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-372xx/CVE-2023-37268.json b/CVE-2023/CVE-2023-372xx/CVE-2023-37268.json index e41b9bd648a..988bb99ede1 100644 --- a/CVE-2023/CVE-2023-372xx/CVE-2023-37268.json +++ b/CVE-2023/CVE-2023-372xx/CVE-2023-37268.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37268", "sourceIdentifier": "security-advisories@github.com", "published": "2023-07-14T22:15:09.317", - "lastModified": "2023-07-14T22:15:09.317", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:46.340", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37462.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37462.json index e40b7a02595..9ed62760966 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37462.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37462.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37462", "sourceIdentifier": "security-advisories@github.com", "published": "2023-07-14T21:15:08.820", - "lastModified": "2023-07-14T21:15:08.820", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:46.340", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37464.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37464.json index de0bb4fbd6f..23b3c6d90c4 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37464.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37464.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37464", "sourceIdentifier": "security-advisories@github.com", "published": "2023-07-14T21:15:08.903", - "lastModified": "2023-07-14T21:15:08.903", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:46.340", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37472.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37472.json index 102b57c7153..82a9dece9b0 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37472.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37472.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37472", "sourceIdentifier": "security-advisories@github.com", "published": "2023-07-14T21:15:08.980", - "lastModified": "2023-07-14T21:15:08.980", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:46.340", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37473.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37473.json index 298c9a9d2b2..df2b3c453be 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37473.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37473.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37473", "sourceIdentifier": "security-advisories@github.com", "published": "2023-07-14T21:15:09.047", - "lastModified": "2023-07-14T21:15:09.047", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:46.340", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37474.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37474.json index ffcfd8fabc0..b1d65b592a9 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37474.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37474.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37474", "sourceIdentifier": "security-advisories@github.com", "published": "2023-07-14T20:15:09.083", - "lastModified": "2023-07-14T20:15:09.083", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:46.340", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-377xx/CVE-2023-37793.json b/CVE-2023/CVE-2023-377xx/CVE-2023-37793.json index e308689a059..1af829d78dc 100644 --- a/CVE-2023/CVE-2023-377xx/CVE-2023-37793.json +++ b/CVE-2023/CVE-2023-377xx/CVE-2023-37793.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37793", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-14T23:15:08.970", - "lastModified": "2023-07-14T23:15:08.970", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:46.340", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-377xx/CVE-2023-37794.json b/CVE-2023/CVE-2023-377xx/CVE-2023-37794.json index 35f24dd0726..b8f36c540b1 100644 --- a/CVE-2023/CVE-2023-377xx/CVE-2023-37794.json +++ b/CVE-2023/CVE-2023-377xx/CVE-2023-37794.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37794", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-14T23:15:09.020", - "lastModified": "2023-07-14T23:15:09.020", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:46.340", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-37xx/CVE-2023-3700.json b/CVE-2023/CVE-2023-37xx/CVE-2023-3700.json new file mode 100644 index 00000000000..26cb23b420e --- /dev/null +++ b/CVE-2023/CVE-2023-37xx/CVE-2023-3700.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-3700", + "sourceIdentifier": "security@huntr.dev", + "published": "2023-07-17T07:15:09.077", + "lastModified": "2023-07-17T13:02:37.237", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Improper Access Control in GitHub repository alextselegidis/easyappointments prior to 1.5.0." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/alextselegidis/easyappointments/commit/b37b46019553089db4f22eb2fe998bca84b2cb64", + "source": "security@huntr.dev" + }, + { + "url": "https://huntr.dev/bounties/e8d530db-a6a7-4f79-a95d-b77654cc04f8", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-383xx/CVE-2023-38325.json b/CVE-2023/CVE-2023-383xx/CVE-2023-38325.json index 0450257d9e7..c1913c822b7 100644 --- a/CVE-2023/CVE-2023-383xx/CVE-2023-38325.json +++ b/CVE-2023/CVE-2023-383xx/CVE-2023-38325.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38325", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-14T20:15:09.157", - "lastModified": "2023-07-14T20:15:09.157", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:46.340", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-383xx/CVE-2023-38336.json b/CVE-2023/CVE-2023-383xx/CVE-2023-38336.json index cf56f7169eb..e909d9e944f 100644 --- a/CVE-2023/CVE-2023-383xx/CVE-2023-38336.json +++ b/CVE-2023/CVE-2023-383xx/CVE-2023-38336.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38336", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-14T22:15:09.387", - "lastModified": "2023-07-14T22:15:09.387", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:46.340", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-383xx/CVE-2023-38337.json b/CVE-2023/CVE-2023-383xx/CVE-2023-38337.json index 9d5e2ee4b1e..cd012164d9d 100644 --- a/CVE-2023/CVE-2023-383xx/CVE-2023-38337.json +++ b/CVE-2023/CVE-2023-383xx/CVE-2023-38337.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38337", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-14T22:15:09.430", - "lastModified": "2023-07-14T22:15:09.430", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:46.340", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-383xx/CVE-2023-38349.json b/CVE-2023/CVE-2023-383xx/CVE-2023-38349.json index 6874c70e02e..56f8fdb430c 100644 --- a/CVE-2023/CVE-2023-383xx/CVE-2023-38349.json +++ b/CVE-2023/CVE-2023-383xx/CVE-2023-38349.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38349", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-15T02:15:08.857", - "lastModified": "2023-07-15T02:15:08.857", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:46.340", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-383xx/CVE-2023-38350.json b/CVE-2023/CVE-2023-383xx/CVE-2023-38350.json index b7a2ccc6dc2..65f4776a9d7 100644 --- a/CVE-2023/CVE-2023-383xx/CVE-2023-38350.json +++ b/CVE-2023/CVE-2023-383xx/CVE-2023-38350.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38350", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-15T02:15:08.900", - "lastModified": "2023-07-15T02:15:08.900", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:46.340", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-383xx/CVE-2023-38378.json b/CVE-2023/CVE-2023-383xx/CVE-2023-38378.json index d5d73a2547d..5a388ed5739 100644 --- a/CVE-2023/CVE-2023-383xx/CVE-2023-38378.json +++ b/CVE-2023/CVE-2023-383xx/CVE-2023-38378.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38378", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-16T17:15:09.277", - "lastModified": "2023-07-16T17:15:09.277", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:42.053", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-383xx/CVE-2023-38379.json b/CVE-2023/CVE-2023-383xx/CVE-2023-38379.json index 7af428294b6..56c6741b216 100644 --- a/CVE-2023/CVE-2023-383xx/CVE-2023-38379.json +++ b/CVE-2023/CVE-2023-383xx/CVE-2023-38379.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38379", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-16T17:15:09.337", - "lastModified": "2023-07-16T17:15:09.337", - "vulnStatus": "Received", + "lastModified": "2023-07-17T13:02:42.053", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/README.md b/README.md index 48381ac24a0..15c02cfb6d8 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-07-17T06:00:25.127680+00:00 +2023-07-17T14:01:24.557986+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-07-17T04:15:12.820000+00:00 +2023-07-17T13:45:49.067000+00:00 ``` ### Last Data Feed Release @@ -29,23 +29,55 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -220393 +220404 ``` ### CVEs added in the last Commit -Recently added CVEs: `0` +Recently added CVEs: `11` +* [CVE-2023-2759](CVE-2023/CVE-2023-27xx/CVE-2023-2759.json) (`2023-07-17T07:15:08.717`) +* [CVE-2023-2760](CVE-2023/CVE-2023-27xx/CVE-2023-2760.json) (`2023-07-17T07:15:08.953`) +* [CVE-2023-3700](CVE-2023/CVE-2023-37xx/CVE-2023-3700.json) (`2023-07-17T07:15:09.077`) +* [CVE-2023-26512](CVE-2023/CVE-2023-265xx/CVE-2023-26512.json) (`2023-07-17T08:15:09.243`) +* [CVE-2023-22672](CVE-2023/CVE-2023-226xx/CVE-2023-22672.json) (`2023-07-17T11:15:09.063`) +* [CVE-2023-23646](CVE-2023/CVE-2023-236xx/CVE-2023-23646.json) (`2023-07-17T11:15:09.183`) +* [CVE-2023-23719](CVE-2023/CVE-2023-237xx/CVE-2023-23719.json) (`2023-07-17T11:15:09.250`) +* [CVE-2023-27606](CVE-2023/CVE-2023-276xx/CVE-2023-27606.json) (`2023-07-17T11:15:09.323`) +* [CVE-2023-34036](CVE-2023/CVE-2023-340xx/CVE-2023-34036.json) (`2023-07-17T11:15:09.480`) +* [CVE-2023-27424](CVE-2023/CVE-2023-274xx/CVE-2023-27424.json) (`2023-07-17T13:15:10.240`) +* [CVE-2023-2912](CVE-2023/CVE-2023-29xx/CVE-2023-2912.json) (`2023-07-17T13:15:10.323`) ### CVEs modified in the last Commit -Recently modified CVEs: `4` +Recently modified CVEs: `53` -* [CVE-2023-2156](CVE-2023/CVE-2023-21xx/CVE-2023-2156.json) (`2023-07-17T04:15:09.597`) -* [CVE-2023-31248](CVE-2023/CVE-2023-312xx/CVE-2023-31248.json) (`2023-07-17T04:15:11.493`) -* [CVE-2023-35001](CVE-2023/CVE-2023-350xx/CVE-2023-35001.json) (`2023-07-17T04:15:12.477`) -* [CVE-2023-36813](CVE-2023/CVE-2023-368xx/CVE-2023-36813.json) (`2023-07-17T04:15:12.820`) +* [CVE-2023-3689](CVE-2023/CVE-2023-36xx/CVE-2023-3689.json) (`2023-07-17T13:02:42.053`) +* [CVE-2023-3690](CVE-2023/CVE-2023-36xx/CVE-2023-3690.json) (`2023-07-17T13:02:42.053`) +* [CVE-2023-38378](CVE-2023/CVE-2023-383xx/CVE-2023-38378.json) (`2023-07-17T13:02:42.053`) +* [CVE-2023-38379](CVE-2023/CVE-2023-383xx/CVE-2023-38379.json) (`2023-07-17T13:02:42.053`) +* [CVE-2023-37474](CVE-2023/CVE-2023-374xx/CVE-2023-37474.json) (`2023-07-17T13:02:46.340`) +* [CVE-2023-38325](CVE-2023/CVE-2023-383xx/CVE-2023-38325.json) (`2023-07-17T13:02:46.340`) +* [CVE-2023-3633](CVE-2023/CVE-2023-36xx/CVE-2023-3633.json) (`2023-07-17T13:02:46.340`) +* [CVE-2023-37462](CVE-2023/CVE-2023-374xx/CVE-2023-37462.json) (`2023-07-17T13:02:46.340`) +* [CVE-2023-37464](CVE-2023/CVE-2023-374xx/CVE-2023-37464.json) (`2023-07-17T13:02:46.340`) +* [CVE-2023-37472](CVE-2023/CVE-2023-374xx/CVE-2023-37472.json) (`2023-07-17T13:02:46.340`) +* [CVE-2023-37473](CVE-2023/CVE-2023-374xx/CVE-2023-37473.json) (`2023-07-17T13:02:46.340`) +* [CVE-2023-34236](CVE-2023/CVE-2023-342xx/CVE-2023-34236.json) (`2023-07-17T13:02:46.340`) +* [CVE-2023-36466](CVE-2023/CVE-2023-364xx/CVE-2023-36466.json) (`2023-07-17T13:02:46.340`) +* [CVE-2023-36818](CVE-2023/CVE-2023-368xx/CVE-2023-36818.json) (`2023-07-17T13:02:46.340`) +* [CVE-2023-37268](CVE-2023/CVE-2023-372xx/CVE-2023-37268.json) (`2023-07-17T13:02:46.340`) +* [CVE-2023-38336](CVE-2023/CVE-2023-383xx/CVE-2023-38336.json) (`2023-07-17T13:02:46.340`) +* [CVE-2023-38337](CVE-2023/CVE-2023-383xx/CVE-2023-38337.json) (`2023-07-17T13:02:46.340`) +* [CVE-2023-37793](CVE-2023/CVE-2023-377xx/CVE-2023-37793.json) (`2023-07-17T13:02:46.340`) +* [CVE-2023-37794](CVE-2023/CVE-2023-377xx/CVE-2023-37794.json) (`2023-07-17T13:02:46.340`) +* [CVE-2023-35802](CVE-2023/CVE-2023-358xx/CVE-2023-35802.json) (`2023-07-17T13:02:46.340`) +* [CVE-2023-38349](CVE-2023/CVE-2023-383xx/CVE-2023-38349.json) (`2023-07-17T13:02:46.340`) +* [CVE-2023-38350](CVE-2023/CVE-2023-383xx/CVE-2023-38350.json) (`2023-07-17T13:02:46.340`) +* [CVE-2023-33664](CVE-2023/CVE-2023-336xx/CVE-2023-33664.json) (`2023-07-17T13:37:21.080`) +* [CVE-2023-2635](CVE-2023/CVE-2023-26xx/CVE-2023-2635.json) (`2023-07-17T13:39:50.690`) +* [CVE-2023-1902](CVE-2023/CVE-2023-19xx/CVE-2023-1902.json) (`2023-07-17T13:45:49.067`) ## Download and Usage