admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-17T14:01:24.557986+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-17 14:01:28 +00:00
parent 48f54b5d00
commit b954f628d8
65 changed files with 928 additions and 120 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2021/CVE-2021-312xx/CVE-2021-31294.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31294",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-15T23:15:09.203",
"lastModified": "2023-07-15T23:15:09.203",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-49xx/CVE-2022-4952.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-4952",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-17T02:15:09.273",
"lastModified": "2023-07-17T02:15:09.273",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:37.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

63
CVE-2023/CVE-2023-19xx/CVE-2023-1902.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1902",
"sourceIdentifier": "vulnerabilities@zephyrproject.org",
"published": "2023-07-10T16:15:49.053",
"lastModified": "2023-07-10T16:27:17.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-17T13:45:49.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
},
{
"source": "vulnerabilities@zephyrproject.org",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fx9g-8fr2-q899",
"source": "vulnerabilities@zephyrproject.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.0",
"matchCriteriaId": "E2D56E6F-F247-436A-B6F4-FA7263D4C5E2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fx9g-8fr2-q899",
"source": "vulnerabilities@zephyrproject.org",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-20xx/CVE-2023-2003.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2003",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-07-13T12:15:09.317",
"lastModified": "2023-07-13T12:51:14.383",
"lastModified": "2023-07-17T11:15:09.393",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -47,6 +47,10 @@
}
],
"references": [
{
"url": "https://www.hackplayers.com/2023/07/vulnerabilidad-vision1210-unitronics.html",
"source": "cve-coordination@incibe.es"
},
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/embedded-malicious-code-vulnerability-unitronics-vision1210",
"source": "cve-coordination@incibe.es"

55
CVE-2023/CVE-2023-226xx/CVE-2023-22672.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-22672",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-17T11:15:09.063",
"lastModified": "2023-07-17T13:02:37.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Mr.Vibe vSlider Multi Image Slider for WordPress plugin <=\u00a04.1.2 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/vslider/wordpress-vslider-multi-image-slider-for-wordpress-plugin-4-1-2-cross-site-request-forgery-csrf?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

4
CVE-2023/CVE-2023-22xx/CVE-2023-2268.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2268",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-07-15T19:15:09.450",
"lastModified": "2023-07-15T19:15:09.450",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-236xx/CVE-2023-23646.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-23646",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-17T11:15:09.183",
"lastModified": "2023-07-17T13:02:37.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Album Gallery \u2013 WordPress Gallery plugin <=\u00a01.4.9 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/new-album-gallery/wordpress-album-gallery-wordpress-gallery-plugin-1-4-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-237xx/CVE-2023-23719.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-23719",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-17T11:15:09.250",
"lastModified": "2023-07-17T13:02:37.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Premmerce plugin <=\u00a01.3.17 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/premmerce/wordpress-premmerce-plugin-1-3-17-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

4
CVE-2023/CVE-2023-25xx/CVE-2023-2507.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2507",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-07-15T19:15:09.527",
"lastModified": "2023-07-15T19:15:09.527",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

32
CVE-2023/CVE-2023-265xx/CVE-2023-26512.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-26512",
"sourceIdentifier": "security@apache.org",
"published": "2023-07-17T08:15:09.243",
"lastModified": "2023-07-17T13:02:37.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "CWE-502 Deserialization of Untrusted Data\u00a0at the\u00a0rabbitmq-connector plugin\u00a0module in Apache EventMesh (incubating)\u00a0V1.7.0\\V1.8.0 on windows\\linux\\mac os e.g. platforms allows attackers\u00a0to send controlled message and \n\nremote code execute\u00a0via rabbitmq messages. Users can use the code under the master branch in project repo to fix this issue, we will release the new version as soon as possible."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/zb1d62wh8o8pvntrnx4t1hj8vz0pm39p",
"source": "security@apache.org"
}
]
}

56
CVE-2023/CVE-2023-26xx/CVE-2023-2635.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-2635",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-10T16:15:51.377",
"lastModified": "2023-07-10T16:27:17.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-17T13:39:50.690",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Call Now Accessibility Button WordPress plugin before 1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://wpscan.com/vulnerability/81b89613-18d0-4c13-84e3-9e2e1802fd7c",
"source": "contact@wpscan.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stpetedesign:call_now_accessibility_button:1.0.2:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "284321C7-B631-4911-92B9-E5CD91281A89"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/81b89613-18d0-4c13-84e3-9e2e1802fd7c",
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-274xx/CVE-2023-27424.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-27424",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-17T13:15:10.240",
"lastModified": "2023-07-17T13:15:10.240",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Korol Yuriy aka Shra Inactive User Deleter plugin <=\u00a01.59 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/inactive-user-deleter/wordpress-inactive-user-deleter-plugin-1-58-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-276xx/CVE-2023-27606.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-27606",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-17T11:15:09.323",
"lastModified": "2023-07-17T13:02:37.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Sajjad Hossain WP Reroute Email plugin <=\u00a01.4.6 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-reroute-email/wordpress-wp-reroute-email-plugin-1-4-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-27xx/CVE-2023-2759.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-2759",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-07-17T07:15:08.717",
"lastModified": "2023-07-17T13:02:37.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A hidden API exists in TapHome's core platform before version 2023.2 that allows an authenticated, low privileged user to change passwords of other users without any prior knowledge. The attacker may gain full access to the device by using this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "info@cert.vde.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "info@cert.vde.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://claroty.com/team82/disclosure-dashboard/cve-2023-2759",
"source": "info@cert.vde.com"
}
]
}

55
CVE-2023/CVE-2023-27xx/CVE-2023-2760.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-2760",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-07-17T07:15:08.953",
"lastModified": "2023-07-17T13:02:37.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An SQL injection vulnerability exists in TapHome core HandleMessageUpdateDevicePropertiesRequest function before version 2023.2, allowing low privileged users to inject arbitrary SQL directives into an SQL query and execute arbitrary SQL commands and get full reading access. This may also lead to limited write access and temporary Denial-of-Service."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "info@cert.vde.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "info@cert.vde.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"references": [
{
"url": "https://claroty.com/team82/disclosure-dashboard/cve-2023-2759",
"source": "info@cert.vde.com"
}
]
}

55
CVE-2023/CVE-2023-29xx/CVE-2023-2912.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-2912",
"sourceIdentifier": "VulnerabilityReporting@secomea.com",
"published": "2023-07-17T13:15:10.323",
"lastModified": "2023-07-17T13:15:10.323",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Use After Free vulnerability in Secomea SiteManager Embedded allows Obstruction."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "VulnerabilityReporting@secomea.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "VulnerabilityReporting@secomea.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://www.secomea.com/support/cybersecurity-advisory/",
"source": "VulnerabilityReporting@secomea.com"
}
]
}

4
CVE-2023/CVE-2023-307xx/CVE-2023-30791.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30791",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-07-15T19:15:09.587",
"lastModified": "2023-07-15T19:15:09.587",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-309xx/CVE-2023-30988.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30988",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-16T23:15:09.137",
"lastModified": "2023-07-16T23:15:09.137",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:37.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-309xx/CVE-2023-30989.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30989",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-16T23:15:09.227",
"lastModified": "2023-07-16T23:15:09.227",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:37.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

77
CVE-2023/CVE-2023-336xx/CVE-2023-33664.json
View File

@ -2,23 +2,84 @@
"id": "CVE-2023-33664",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-07T16:15:09.783",
"lastModified": "2023-07-07T17:36:20.173",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-17T13:37:21.080",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "ai-dev aicombinationsonfly before v0.3.1 was discovered to contain a SQL injection vulnerability via the component /includes/ajax.php."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://security.friendsofpresta.org/modules/2023/06/28/aicombinationsonfly.html",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://www.boutique.ai-dev.fr/en/ergonomie/61-combinations-on-fly.html",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ai-dev:declinaisons_a_la_volee:*:*:*:*:*:prestashop:*:*",
"versionEndExcluding": "0.3.1",
"matchCriteriaId": "359439C4-1143-4450-89FD-087B5504B756"
}
]
}
]
}
],
"references": [
{
"url": "https://security.friendsofpresta.org/modules/2023/06/28/aicombinationsonfly.html",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://www.boutique.ai-dev.fr/en/ergonomie/61-combinations-on-fly.html",
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

8
CVE-2023/CVE-2023-338xx/CVE-2023-33857.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-33857",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-17T00:15:09.463",
"lastModified": "2023-07-17T00:15:09.463",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:37.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain system information using a specially crafted query that could aid in further attacks against the system. IBM X-Force ID: 257695."
},
{
"lang": "es",
"value": "IBM InfoSphere Information Server v11.7 podr\u00eda permitir a un atacante remoto obtener informaci\u00f3n del sistema utilizando una consulta especialmente manipulada que podr\u00eda ayudar en futuros ataques contra el sistema. ID de IBM X-Force: 257695."
}
],
"metrics": {

55
CVE-2023/CVE-2023-340xx/CVE-2023-34036.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34036",
"sourceIdentifier": "security@vmware.com",
"published": "2023-07-17T11:15:09.480",
"lastModified": "2023-07-17T13:02:37.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nReactive web applications that use Spring HATEOAS to produce hypermedia-based responses might be exposed to malicious forwarded headers if they are not behind a trusted proxy that ensures correctness of such headers, or if they don't have anything else in place to handle (and possibly discard) forwarded headers either in WebFlux or at the level of the underlying HTTP server.\n\nFor the application to be affected, it needs to satisfy the following requirements:\n\n * It needs to use the reactive web stack (Spring WebFlux) and Spring HATEOAS to create links in hypermedia-based responses.\n * The application infrastructure does not guard against clients submitting (X-)Forwarded\u2026\u00a0headers.\n\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@vmware.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@vmware.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-644"
}
]
}
],
"references": [
{
"url": "https://spring.io/security/cve-2023-34036",
"source": "security@vmware.com"
}
]
}

4
CVE-2023/CVE-2023-342xx/CVE-2023-34236.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34236",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-14T22:15:09.083",
"lastModified": "2023-07-14T22:15:09.083",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:46.340",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-350xx/CVE-2023-35012.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35012",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-17T01:15:08.693",
"lastModified": "2023-07-17T01:15:08.693",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:37.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-358xx/CVE-2023-35802.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35802",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-15T02:15:08.803",
"lastModified": "2023-07-15T02:15:08.803",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:46.340",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-359xx/CVE-2023-35901.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35901",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-17T00:15:09.547",
"lastModified": "2023-07-17T00:15:09.547",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:37.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-364xx/CVE-2023-36466.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36466",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-14T22:15:09.170",
"lastModified": "2023-07-14T22:15:09.170",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:46.340",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-368xx/CVE-2023-36818.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36818",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-14T22:15:09.243",
"lastModified": "2023-07-14T22:15:09.243",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:46.340",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-36xx/CVE-2023-3633.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3633",
"sourceIdentifier": "cve-requests@bitdefender.com",
"published": "2023-07-14T20:15:09.220",
"lastModified": "2023-07-14T20:15:09.220",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:46.340",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-36xx/CVE-2023-3678.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3678",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-15T08:15:42.537",
"lastModified": "2023-07-15T08:15:42.537",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-36xx/CVE-2023-3679.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3679",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-15T09:15:09.403",
"lastModified": "2023-07-15T09:15:09.403",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-36xx/CVE-2023-3680.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3680",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-15T09:15:09.803",
"lastModified": "2023-07-15T09:15:09.803",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-36xx/CVE-2023-3681.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3681",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-15T10:15:09.323",
"lastModified": "2023-07-15T10:15:09.323",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-36xx/CVE-2023-3682.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3682",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-15T17:15:38.477",
"lastModified": "2023-07-15T17:15:38.477",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-36xx/CVE-2023-3683.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3683",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-16T08:15:14.263",
"lastModified": "2023-07-16T08:15:14.263",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-36xx/CVE-2023-3684.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3684",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-16T11:15:09.333",
"lastModified": "2023-07-16T11:15:09.333",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-36xx/CVE-2023-3685.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3685",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-16T11:15:09.680",
"lastModified": "2023-07-16T11:15:09.680",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-36xx/CVE-2023-3686.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3686",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-16T13:15:09.380",
"lastModified": "2023-07-16T13:15:09.380",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-36xx/CVE-2023-3687.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3687",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-16T14:15:09.310",
"lastModified": "2023-07-16T14:15:09.310",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-36xx/CVE-2023-3688.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3688",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-16T15:15:09.143",
"lastModified": "2023-07-16T15:15:09.143",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2023/CVE-2023-36xx/CVE-2023-3689.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3689",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-16T16:15:09.360",
"lastModified": "2023-07-16T16:15:09.360",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in Bylancer QuickQR 6.3.7. Affected by this vulnerability is an unknown functionality of the file /blog of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-234235. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en Bylancer QuickQR v6.3.7. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo \"/blog\" del componente \"GET Parameter Hnadler\". La manipulaci\u00f3n del argumento \"s\" conduce a una inyecci\u00f3n SQL. El ataque puede ser lanzado remotamente. El identificador asociado de esta vulnerabilidad es VDB-234235. NOTA: El vendedor fue contactado a tiempo sobre esta divulgaci\u00f3n pero no respondi\u00f3 de ninguna manera. "
}
],
"metrics": {

8
CVE-2023/CVE-2023-36xx/CVE-2023-3690.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3690",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-16T16:15:09.437",
"lastModified": "2023-07-16T16:15:09.437",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in Bylancer QuickOrder 6.3.7. Affected by this issue is some unknown functionality of the file /blog of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The attack may be launched remotely. The identifier of this vulnerability is VDB-234236. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad, clasificada como cr\u00edtica, en Bylancer QuickOrder v6.3.7. Este problema afecta a una funcionalidad desconocida del archivo \"/blog\" del componente \"GET Parameter Handler\". La manipulaci\u00f3n del argumento \"s\" conduce a una inyecci\u00f3n SQL. El ataque puede ser lanzado remotamente. El identificador de esta vulnerabilidad es VDB-234236. NOTA: El vendedor fue contactado a tiempo sobre esta revelaci\u00f3n pero no respondi\u00f3 de ninguna manera. "
}
],
"metrics": {

8
CVE-2023/CVE-2023-36xx/CVE-2023-3691.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3691",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-16T17:15:09.387",
"lastModified": "2023-07-16T17:15:09.387",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:37.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in layui up to v2.8.0-rc.16. This affects an unknown part of the component HTML Attribute Handler. The manipulation of the argument title leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 2.8.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-234237 was assigned to this vulnerability."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad, clasificada como problem\u00e1tica, en layui hasta la versi\u00f3n 2.8.0-rc.16. Esto afecta a una parte desconocida del componente \"HTML Attribute Handler\". La manipulaci\u00f3n del argumento \"title\" conduce a Cross-Site Scripting. Es posible iniciar el ataque de forma remota. La actualizaci\u00f3n a la versi\u00f3n 2.8.0 soluciona este problema. Se recomienda actualizar el componente afectado. Se ha asignado el identificador VDB-234237 a esta vulnerabilidad. "
}
],
"metrics": {

4
CVE-2023/CVE-2023-36xx/CVE-2023-3692.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3692",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-07-16T01:15:09.893",
"lastModified": "2023-07-16T01:15:09.893",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2023/CVE-2023-36xx/CVE-2023-3693.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3693",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-16T22:15:09.397",
"lastModified": "2023-07-16T22:15:09.397",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:37.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in SourceCodester Life Insurance Management System 1.0. This vulnerability affects unknown code of the file login.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-234244."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en SourceCodester Life Insurance Management System v1.0. Esta vulnerabilidad afecta a c\u00f3digo desconocido del archivo \"login.php\". La manipulaci\u00f3n del argumento \"username\" conduce a una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit ha sido revelado al p\u00fablico y puede ser utilizado. El identificador de esta vulnerabilidad es VDB-234244."
}
],
"metrics": {

8
CVE-2023/CVE-2023-36xx/CVE-2023-3694.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3694",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-17T00:15:09.623",
"lastModified": "2023-07-17T00:15:09.623",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:37.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in SourceCodester House Rental and Property Listing 1.0. This issue affects some unknown processing of the file index.php. The manipulation of the argument keywords/location leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-234245 was assigned to this vulnerability."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad, clasificada como cr\u00edtica, en SourceCodester House Rental and Property Listing v1.0. Este problema afecta a alg\u00fan procesamiento desconocido del archivo \"index.php\". La manipulaci\u00f3n del argumento \"keywords/location\" conduce a una inyecci\u00f3n SQL. El ataque puede ser iniciado remotamente. El exploit ha sido revelado al p\u00fablico y puede ser utilizado. El identificador asignado a esta vulnerabilidad es VDB-234245. "
}
],
"metrics": {

8
CVE-2023/CVE-2023-36xx/CVE-2023-3695.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3695",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-17T01:15:08.780",
"lastModified": "2023-07-17T01:15:08.780",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:37.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in Campcodes Beauty Salon Management System 1.0. Affected is an unknown function of the file add-product.php. The manipulation of the argument category leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-234252."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en Campcode Beauty Salon Management System v1.0. Se ve afectada una funci\u00f3n desconocida del archivo \"add-product.php\". La manipulaci\u00f3n del argumento \"category\" conduce a una inyecci\u00f3n SQL. Es posible lanzar el ataque de forma remota. El exploit ha sido revelado al p\u00fablico y puede ser utilizado. El identificador de esta vulnerabilidad es VDB-234252"
}
],
"metrics": {

4
CVE-2023/CVE-2023-36xx/CVE-2023-3696.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3696",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-07-17T01:15:08.850",
"lastModified": "2023-07-17T01:15:08.850",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:37.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-372xx/CVE-2023-37268.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37268",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-14T22:15:09.317",
"lastModified": "2023-07-14T22:15:09.317",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:46.340",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-374xx/CVE-2023-37462.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37462",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-14T21:15:08.820",
"lastModified": "2023-07-14T21:15:08.820",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:46.340",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-374xx/CVE-2023-37464.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37464",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-14T21:15:08.903",
"lastModified": "2023-07-14T21:15:08.903",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:46.340",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-374xx/CVE-2023-37472.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37472",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-14T21:15:08.980",
"lastModified": "2023-07-14T21:15:08.980",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:46.340",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-374xx/CVE-2023-37473.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37473",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-14T21:15:09.047",
"lastModified": "2023-07-14T21:15:09.047",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:46.340",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-374xx/CVE-2023-37474.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37474",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-14T20:15:09.083",
"lastModified": "2023-07-14T20:15:09.083",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:46.340",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-377xx/CVE-2023-37793.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37793",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-14T23:15:08.970",
"lastModified": "2023-07-14T23:15:08.970",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:46.340",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-377xx/CVE-2023-37794.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37794",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-14T23:15:09.020",
"lastModified": "2023-07-14T23:15:09.020",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:46.340",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2023/CVE-2023-37xx/CVE-2023-3700.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-3700",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-07-17T07:15:09.077",
"lastModified": "2023-07-17T13:02:37.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Access Control in GitHub repository alextselegidis/easyappointments prior to 1.5.0."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://github.com/alextselegidis/easyappointments/commit/b37b46019553089db4f22eb2fe998bca84b2cb64",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.dev/bounties/e8d530db-a6a7-4f79-a95d-b77654cc04f8",
"source": "security@huntr.dev"
}
]
}

4
CVE-2023/CVE-2023-383xx/CVE-2023-38325.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38325",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-14T20:15:09.157",
"lastModified": "2023-07-14T20:15:09.157",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:46.340",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-383xx/CVE-2023-38336.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38336",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-14T22:15:09.387",
"lastModified": "2023-07-14T22:15:09.387",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:46.340",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-383xx/CVE-2023-38337.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38337",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-14T22:15:09.430",
"lastModified": "2023-07-14T22:15:09.430",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:46.340",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-383xx/CVE-2023-38349.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38349",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-15T02:15:08.857",
"lastModified": "2023-07-15T02:15:08.857",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:46.340",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-383xx/CVE-2023-38350.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38350",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-15T02:15:08.900",
"lastModified": "2023-07-15T02:15:08.900",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:46.340",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-383xx/CVE-2023-38378.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38378",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-16T17:15:09.277",
"lastModified": "2023-07-16T17:15:09.277",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-383xx/CVE-2023-38379.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38379",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-16T17:15:09.337",
"lastModified": "2023-07-16T17:15:09.337",
"vulnStatus": "Received",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

50
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-07-17T06:00:25.127680+00:00
2023-07-17T14:01:24.557986+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-07-17T04:15:12.820000+00:00
2023-07-17T13:45:49.067000+00:00
```
### Last Data Feed Release
@ -29,23 +29,55 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
220393
220404
```
### CVEs added in the last Commit
Recently added CVEs: `0`
Recently added CVEs: `11`
* [CVE-2023-2759](CVE-2023/CVE-2023-27xx/CVE-2023-2759.json) (`2023-07-17T07:15:08.717`)
* [CVE-2023-2760](CVE-2023/CVE-2023-27xx/CVE-2023-2760.json) (`2023-07-17T07:15:08.953`)
* [CVE-2023-3700](CVE-2023/CVE-2023-37xx/CVE-2023-3700.json) (`2023-07-17T07:15:09.077`)
* [CVE-2023-26512](CVE-2023/CVE-2023-265xx/CVE-2023-26512.json) (`2023-07-17T08:15:09.243`)
* [CVE-2023-22672](CVE-2023/CVE-2023-226xx/CVE-2023-22672.json) (`2023-07-17T11:15:09.063`)
* [CVE-2023-23646](CVE-2023/CVE-2023-236xx/CVE-2023-23646.json) (`2023-07-17T11:15:09.183`)
* [CVE-2023-23719](CVE-2023/CVE-2023-237xx/CVE-2023-23719.json) (`2023-07-17T11:15:09.250`)
* [CVE-2023-27606](CVE-2023/CVE-2023-276xx/CVE-2023-27606.json) (`2023-07-17T11:15:09.323`)
* [CVE-2023-34036](CVE-2023/CVE-2023-340xx/CVE-2023-34036.json) (`2023-07-17T11:15:09.480`)
* [CVE-2023-27424](CVE-2023/CVE-2023-274xx/CVE-2023-27424.json) (`2023-07-17T13:15:10.240`)
* [CVE-2023-2912](CVE-2023/CVE-2023-29xx/CVE-2023-2912.json) (`2023-07-17T13:15:10.323`)
### CVEs modified in the last Commit
Recently modified CVEs: `4`
Recently modified CVEs: `53`
* [CVE-2023-2156](CVE-2023/CVE-2023-21xx/CVE-2023-2156.json) (`2023-07-17T04:15:09.597`)
* [CVE-2023-31248](CVE-2023/CVE-2023-312xx/CVE-2023-31248.json) (`2023-07-17T04:15:11.493`)
* [CVE-2023-35001](CVE-2023/CVE-2023-350xx/CVE-2023-35001.json) (`2023-07-17T04:15:12.477`)
* [CVE-2023-36813](CVE-2023/CVE-2023-368xx/CVE-2023-36813.json) (`2023-07-17T04:15:12.820`)
* [CVE-2023-3689](CVE-2023/CVE-2023-36xx/CVE-2023-3689.json) (`2023-07-17T13:02:42.053`)
* [CVE-2023-3690](CVE-2023/CVE-2023-36xx/CVE-2023-3690.json) (`2023-07-17T13:02:42.053`)
* [CVE-2023-38378](CVE-2023/CVE-2023-383xx/CVE-2023-38378.json) (`2023-07-17T13:02:42.053`)
* [CVE-2023-38379](CVE-2023/CVE-2023-383xx/CVE-2023-38379.json) (`2023-07-17T13:02:42.053`)
* [CVE-2023-37474](CVE-2023/CVE-2023-374xx/CVE-2023-37474.json) (`2023-07-17T13:02:46.340`)
* [CVE-2023-38325](CVE-2023/CVE-2023-383xx/CVE-2023-38325.json) (`2023-07-17T13:02:46.340`)
* [CVE-2023-3633](CVE-2023/CVE-2023-36xx/CVE-2023-3633.json) (`2023-07-17T13:02:46.340`)
* [CVE-2023-37462](CVE-2023/CVE-2023-374xx/CVE-2023-37462.json) (`2023-07-17T13:02:46.340`)
* [CVE-2023-37464](CVE-2023/CVE-2023-374xx/CVE-2023-37464.json) (`2023-07-17T13:02:46.340`)
* [CVE-2023-37472](CVE-2023/CVE-2023-374xx/CVE-2023-37472.json) (`2023-07-17T13:02:46.340`)
* [CVE-2023-37473](CVE-2023/CVE-2023-374xx/CVE-2023-37473.json) (`2023-07-17T13:02:46.340`)
* [CVE-2023-34236](CVE-2023/CVE-2023-342xx/CVE-2023-34236.json) (`2023-07-17T13:02:46.340`)
* [CVE-2023-36466](CVE-2023/CVE-2023-364xx/CVE-2023-36466.json) (`2023-07-17T13:02:46.340`)
* [CVE-2023-36818](CVE-2023/CVE-2023-368xx/CVE-2023-36818.json) (`2023-07-17T13:02:46.340`)
* [CVE-2023-37268](CVE-2023/CVE-2023-372xx/CVE-2023-37268.json) (`2023-07-17T13:02:46.340`)
* [CVE-2023-38336](CVE-2023/CVE-2023-383xx/CVE-2023-38336.json) (`2023-07-17T13:02:46.340`)
* [CVE-2023-38337](CVE-2023/CVE-2023-383xx/CVE-2023-38337.json) (`2023-07-17T13:02:46.340`)
* [CVE-2023-37793](CVE-2023/CVE-2023-377xx/CVE-2023-37793.json) (`2023-07-17T13:02:46.340`)
* [CVE-2023-37794](CVE-2023/CVE-2023-377xx/CVE-2023-37794.json) (`2023-07-17T13:02:46.340`)
* [CVE-2023-35802](CVE-2023/CVE-2023-358xx/CVE-2023-35802.json) (`2023-07-17T13:02:46.340`)
* [CVE-2023-38349](CVE-2023/CVE-2023-383xx/CVE-2023-38349.json) (`2023-07-17T13:02:46.340`)
* [CVE-2023-38350](CVE-2023/CVE-2023-383xx/CVE-2023-38350.json) (`2023-07-17T13:02:46.340`)
* [CVE-2023-33664](CVE-2023/CVE-2023-336xx/CVE-2023-33664.json) (`2023-07-17T13:37:21.080`)
* [CVE-2023-2635](CVE-2023/CVE-2023-26xx/CVE-2023-2635.json) (`2023-07-17T13:39:50.690`)
* [CVE-2023-1902](CVE-2023/CVE-2023-19xx/CVE-2023-1902.json) (`2023-07-17T13:45:49.067`)
## Download and Usage