admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-22 14:00:29.257326+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-05-22 14:00:32 +00:00
parent 3c35bf33e8
commit b9fa5a754a
36 changed files with 7628 additions and 151 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2016/CVE-2016-61xx/CVE-2016-6153.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2016-6153",
"sourceIdentifier": "cve@mitre.org",
"published": "2016-09-26T16:59:03.523",
"lastModified": "2018-10-30T16:27:32.030",
"lastModified": "2023-05-22T13:15:09.220",
"vulnStatus": "Modified",
"descriptions": [
{
@ -160,6 +160,10 @@
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00022.html",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IGQTH7V45QVHFDXJAEECHEO3HHD644WZ/",
"source": "cve@mitre.org",

6
CVE-2018/CVE-2018-87xx/CVE-2018-8740.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-8740",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-03-17T00:29:00.247",
"lastModified": "2021-06-29T15:15:14.467",
"lastModified": "2023-05-22T13:15:09.370",
"vulnStatus": "Modified",
"descriptions": [
{
@ -156,6 +156,10 @@
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html",
"source": "cve@mitre.org"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00022.html",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK/",
"source": "cve@mitre.org"

1474
CVE-2021/CVE-2021-01xx/CVE-2021-0187.json
View File

File diff suppressed because it is too large Load Diff

4584
CVE-2021/CVE-2021-467xx/CVE-2021-46794.json
View File

File diff suppressed because it is too large Load Diff

153
CVE-2022/CVE-2022-363xx/CVE-2022-36330.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-36330",
"sourceIdentifier": "psirt@wdc.com",
"published": "2023-05-10T00:15:09.467",
"lastModified": "2023-05-10T23:15:09.573",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-22T13:58:05.840",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
},
{
"source": "psirt@wdc.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
},
{
"source": "psirt@wdc.com",
"type": "Secondary",
@ -46,10 +76,127 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:westerndigital:my_cloud_home_duo_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.4.0-191",
"matchCriteriaId": "0A0368E6-53C8-4BD2-B0E8-44464B245832"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:westerndigital:my_cloud_home_duo:-:*:*:*:*:*:*:*",
"matchCriteriaId": "124BBC79-65A2-465C-B784-D21E57E96F63"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:westerndigital:my_cloud_home_duo_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.4.0-191",
"matchCriteriaId": "0A0368E6-53C8-4BD2-B0E8-44464B245832"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:westerndigital:my_cloud_home_duo:-:*:*:*:*:*:*:*",
"matchCriteriaId": "124BBC79-65A2-465C-B784-D21E57E96F63"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:westerndigital:sandisk_ibi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.4.0-191",
"matchCriteriaId": "13A2FB91-CCCF-42B1-BCE1-F4962D353593"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:westerndigital:sandisk_ibi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "296ADA43-16BA-4444-B472-DB945FB917B2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:westerndigital:my_cloud_home_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.4.0-191",
"matchCriteriaId": "D471C39A-0854-4755-9DF8-5BAABAB09619"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:westerndigital:my_cloud_home:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BE2FBAB-5BA0-4F09-A76E-4A6869668810"
}
]
}
]
}
],
"references": [
{
"url": "https://www.westerndigital.com/support/product-security/wdc-23003-western-digital-my-cloud-home-my-cloud-home-duo-and-sandisk-ibi-firmware-version-9-4-0-191",
"source": "psirt@wdc.com"
"source": "psirt@wdc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-237xx/CVE-2023-23797.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23797",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-22T11:15:09.237",
"lastModified": "2023-05-22T11:15:09.237",
"vulnStatus": "Received",
"lastModified": "2023-05-22T13:21:34.157",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-255xx/CVE-2023-25537.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25537",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-05-22T11:15:09.333",
"lastModified": "2023-05-22T11:15:09.333",
"vulnStatus": "Received",
"lastModified": "2023-05-22T13:21:34.157",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-25xx/CVE-2023-2597.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-2597",
"sourceIdentifier": "emo@eclipse.org",
"published": "2023-05-22T12:15:09.760",
"lastModified": "2023-05-22T13:21:34.157",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Eclipse Openj9 before version 0.38.0, in the implementation of the shared cache (which is enabled by default in OpenJ9 builds) the size of a string is not properly checked against the size of the buffer."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "emo@eclipse.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "emo@eclipse.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://github.com/eclipse-openj9/openj9/pull/17259",
"source": "emo@eclipse.org"
}
]
}

18
CVE-2023/CVE-2023-261xx/CVE-2023-26116.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-26116",
"sourceIdentifier": "report@snyk.io",
"published": "2023-03-30T05:15:07.410",
"lastModified": "2023-04-05T14:28:59.970",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-22T13:15:09.537",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "All versions of the package angular are vulnerable to Regular Expression Denial of Service (ReDoS) via the angular.copy() utility function due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking."
"value": "Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the angular.copy() utility function due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking."
}
],
"metrics": {
@ -85,6 +85,18 @@
}
],
"references": [
{
"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-5406320",
"source": "report@snyk.io"
},
{
"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-5406322",
"source": "report@snyk.io"
},
{
"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-5406321",
"source": "report@snyk.io"
},
{
"url": "https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373044",
"source": "report@snyk.io",

18
CVE-2023/CVE-2023-261xx/CVE-2023-26117.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-26117",
"sourceIdentifier": "report@snyk.io",
"published": "2023-03-30T05:15:07.687",
"lastModified": "2023-04-05T14:28:51.963",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-22T13:15:09.673",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "All versions of the package angular are vulnerable to Regular Expression Denial of Service (ReDoS) via the $resource service due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking."
"value": "Versions of the package angular from 1.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the $resource service due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking."
}
],
"metrics": {
@ -85,6 +85,18 @@
}
],
"references": [
{
"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-5406323",
"source": "report@snyk.io"
},
{
"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-5406325",
"source": "report@snyk.io"
},
{
"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-5406324",
"source": "report@snyk.io"
},
{
"url": "https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373045",
"source": "report@snyk.io",

18
CVE-2023/CVE-2023-261xx/CVE-2023-26118.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-26118",
"sourceIdentifier": "report@snyk.io",
"published": "2023-03-30T05:15:07.750",
"lastModified": "2023-04-05T14:28:41.663",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-22T13:15:09.757",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "All versions of the package angular are vulnerable to Regular Expression Denial of Service (ReDoS) via the <input type=\"url\"> element due to the usage of an insecure regular expression in the input[url] functionality. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking."
"value": "Versions of the package angular from 1.4.9 are vulnerable to Regular Expression Denial of Service (ReDoS) via the <input type=\"url\"> element due to the usage of an insecure regular expression in the input[url] functionality. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking."
}
],
"metrics": {
@ -85,6 +85,18 @@
}
],
"references": [
{
"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-5406326",
"source": "report@snyk.io"
},
{
"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-5406328",
"source": "report@snyk.io"
},
{
"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-5406327",
"source": "report@snyk.io"
},
{
"url": "https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373046",
"source": "report@snyk.io",

4
CVE-2023/CVE-2023-287xx/CVE-2023-28709.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28709",
"sourceIdentifier": "security@apache.org",
"published": "2023-05-22T11:15:09.423",
"lastModified": "2023-05-22T11:15:09.423",
"vulnStatus": "Received",
"lastModified": "2023-05-22T13:21:34.157",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-28xx/CVE-2023-2832.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2832",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-22T11:15:09.493",
"lastModified": "2023-05-22T11:15:09.493",
"vulnStatus": "Received",
"lastModified": "2023-05-22T13:21:34.157",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

32
CVE-2023/CVE-2023-310xx/CVE-2023-31058.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-31058",
"sourceIdentifier": "security@apache.org",
"published": "2023-05-22T13:15:09.843",
"lastModified": "2023-05-22T13:21:34.157",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the\n'autoDeserialize' option filtering by adding\u00a0blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick [1] to solve it.\n\n\n\n[1] \n\n https://github.com/apache/inlong/pull/7674 https://github.com/apache/inlong/pull/7674 \n\n\n\n\n"
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/bkcgbn9l61croxfyspf7xd42qb189s3z",
"source": "security@apache.org"
}
]
}

65
CVE-2023/CVE-2023-316xx/CVE-2023-31612.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31612",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:11.813",
"lastModified": "2023-05-15T15:20:32.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-22T13:25:16.543",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the dfe_qexp_list component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*",
"matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/openlink/virtuoso-opensource/issues/1125",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

65
CVE-2023/CVE-2023-316xx/CVE-2023-31613.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31613",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:11.867",
"lastModified": "2023-05-15T15:20:32.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-22T13:25:35.357",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the __nss_database_lookup component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*",
"matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/openlink/virtuoso-opensource/issues/1121",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

65
CVE-2023/CVE-2023-316xx/CVE-2023-31614.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31614",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:11.913",
"lastModified": "2023-05-15T15:20:32.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-22T13:25:51.347",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the mp_box_deserialize_string function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*",
"matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/openlink/virtuoso-opensource/issues/1117",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

65
CVE-2023/CVE-2023-316xx/CVE-2023-31615.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31615",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:11.963",
"lastModified": "2023-05-15T15:20:32.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-22T13:26:03.427",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the chash_array component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*",
"matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/openlink/virtuoso-opensource/issues/1124",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

65
CVE-2023/CVE-2023-316xx/CVE-2023-31616.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31616",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:12.010",
"lastModified": "2023-05-15T15:20:32.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-22T13:26:18.930",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the bif_mod component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*",
"matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/openlink/virtuoso-opensource/issues/1122",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

65
CVE-2023/CVE-2023-316xx/CVE-2023-31617.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31617",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:12.057",
"lastModified": "2023-05-15T15:20:32.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-22T13:26:31.713",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the dk_set_delete component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*",
"matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/openlink/virtuoso-opensource/issues/1127",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

65
CVE-2023/CVE-2023-316xx/CVE-2023-31618.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31618",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:12.110",
"lastModified": "2023-05-15T15:20:32.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-22T13:26:45.227",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the sqlc_union_dt_wrap component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*",
"matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/openlink/virtuoso-opensource/issues/1136",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

65
CVE-2023/CVE-2023-316xx/CVE-2023-31619.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31619",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:12.170",
"lastModified": "2023-05-15T15:20:32.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-22T13:26:59.780",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the sch_name_to_object component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*",
"matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/openlink/virtuoso-opensource/issues/1133",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

65
CVE-2023/CVE-2023-316xx/CVE-2023-31620.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31620",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:12.237",
"lastModified": "2023-05-15T15:20:32.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-22T13:27:12.930",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the dv_compare component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*",
"matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/openlink/virtuoso-opensource/issues/1128",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

65
CVE-2023/CVE-2023-316xx/CVE-2023-31621.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31621",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:12.300",
"lastModified": "2023-05-15T15:20:32.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-22T13:50:12.233",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the kc_var_col component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*",
"matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/openlink/virtuoso-opensource/issues/1130",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

65
CVE-2023/CVE-2023-316xx/CVE-2023-31622.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31622",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:12.347",
"lastModified": "2023-05-15T15:20:32.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-22T13:47:22.640",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the sqlc_make_policy_trig component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*",
"matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/openlink/virtuoso-opensource/issues/1135",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

65
CVE-2023/CVE-2023-316xx/CVE-2023-31623.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31623",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:12.390",
"lastModified": "2023-05-15T15:20:32.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-22T13:47:00.637",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the mp_box_copy component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*",
"matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/openlink/virtuoso-opensource/issues/1131",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

65
CVE-2023/CVE-2023-316xx/CVE-2023-31624.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31624",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:12.437",
"lastModified": "2023-05-15T15:20:32.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-22T13:31:35.687",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the sinv_check_exp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*",
"matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/openlink/virtuoso-opensource/issues/1134",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

65
CVE-2023/CVE-2023-316xx/CVE-2023-31625.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31625",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:12.487",
"lastModified": "2023-05-15T15:20:32.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-22T13:31:24.190",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the psiginfo component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*",
"matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/openlink/virtuoso-opensource/issues/1132",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

65
CVE-2023/CVE-2023-316xx/CVE-2023-31626.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31626",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:12.540",
"lastModified": "2023-05-15T15:20:32.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-22T13:29:32.933",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the gpf_notice component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*",
"matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/openlink/virtuoso-opensource/issues/1129",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

65
CVE-2023/CVE-2023-316xx/CVE-2023-31627.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31627",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:12.587",
"lastModified": "2023-05-15T15:20:32.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-22T13:29:51.783",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the strhash component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*",
"matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/openlink/virtuoso-opensource/issues/1140",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

65
CVE-2023/CVE-2023-316xx/CVE-2023-31628.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31628",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:12.633",
"lastModified": "2023-05-15T15:20:32.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-22T13:30:01.657",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the stricmp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*",
"matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/openlink/virtuoso-opensource/issues/1141",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

65
CVE-2023/CVE-2023-316xx/CVE-2023-31629.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31629",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:12.677",
"lastModified": "2023-05-15T15:20:32.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-22T13:30:15.663",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the sqlo_union_scope component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*",
"matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/openlink/virtuoso-opensource/issues/1139",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

65
CVE-2023/CVE-2023-316xx/CVE-2023-31630.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31630",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:12.723",
"lastModified": "2023-05-15T15:20:32.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-22T13:30:38.413",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the sqlo_query_spec component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*",
"matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/openlink/virtuoso-opensource/issues/1138",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

65
CVE-2023/CVE-2023-316xx/CVE-2023-31631.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31631",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T15:15:12.777",
"lastModified": "2023-05-15T15:20:32.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-22T13:30:53.093",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the sqlo_preds_contradiction component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*",
"matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/openlink/virtuoso-opensource/issues/1137",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

24
CVE-2023/CVE-2023-317xx/CVE-2023-31779.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-31779",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-22T13:15:09.913",
"lastModified": "2023-05-22T13:21:34.157",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Wekan v6.84 and earlier is vulnerable to Cross Site Scripting (XSS). An attacker with user privilege on kanban board can insert JavaScript code in in \"Reaction to comment\" feature."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/wekan/wekan/blob/master/CHANGELOG.md",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/wekan/wekan/commit/47ac33d6c234359c31d9b5eae49ed3e793907279",
"source": "cve@mitre.org"
}
]
}

75
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-22T12:00:27.102713+00:00
2023-05-22T14:00:29.257326+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-22T11:36:12.143000+00:00
2023-05-22T13:59:17.053000+00:00
```
### Last Data Feed Release
@ -29,56 +29,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
215734
215737
```
### CVEs added in the last Commit
Recently added CVEs: `12`
Recently added CVEs: `3`
* [CVE-2022-41608](CVE-2022/CVE-2022-416xx/CVE-2022-41608.json) (`2023-05-22T10:15:09.920`)
* [CVE-2022-44739](CVE-2022/CVE-2022-447xx/CVE-2022-44739.json) (`2023-05-22T10:15:10.337`)
* [CVE-2022-45076](CVE-2022/CVE-2022-450xx/CVE-2022-45076.json) (`2023-05-22T10:15:10.823`)
* [CVE-2022-45079](CVE-2022/CVE-2022-450xx/CVE-2022-45079.json) (`2023-05-22T10:15:11.203`)
* [CVE-2022-45376](CVE-2022/CVE-2022-453xx/CVE-2022-45376.json) (`2023-05-22T10:15:11.587`)
* [CVE-2022-47167](CVE-2022/CVE-2022-471xx/CVE-2022-47167.json) (`2023-05-22T10:15:11.957`)
* [CVE-2022-47183](CVE-2022/CVE-2022-471xx/CVE-2022-47183.json) (`2023-05-22T10:15:12.310`)
* [CVE-2022-47611](CVE-2022/CVE-2022-476xx/CVE-2022-47611.json) (`2023-05-22T10:15:12.683`)
* [CVE-2023-23797](CVE-2023/CVE-2023-237xx/CVE-2023-23797.json) (`2023-05-22T11:15:09.237`)
* [CVE-2023-25537](CVE-2023/CVE-2023-255xx/CVE-2023-25537.json) (`2023-05-22T11:15:09.333`)
* [CVE-2023-28709](CVE-2023/CVE-2023-287xx/CVE-2023-28709.json) (`2023-05-22T11:15:09.423`)
* [CVE-2023-2832](CVE-2023/CVE-2023-28xx/CVE-2023-2832.json) (`2023-05-22T11:15:09.493`)
* [CVE-2023-2597](CVE-2023/CVE-2023-25xx/CVE-2023-2597.json) (`2023-05-22T12:15:09.760`)
* [CVE-2023-31058](CVE-2023/CVE-2023-310xx/CVE-2023-31058.json) (`2023-05-22T13:15:09.843`)
* [CVE-2023-31779](CVE-2023/CVE-2023-317xx/CVE-2023-31779.json) (`2023-05-22T13:15:09.913`)
### CVEs modified in the last Commit
Recently modified CVEs: `39`
Recently modified CVEs: `32`
* [CVE-2023-22714](CVE-2023/CVE-2023-227xx/CVE-2023-22714.json) (`2023-05-22T10:56:50.933`)
* [CVE-2023-23680](CVE-2023/CVE-2023-236xx/CVE-2023-23680.json) (`2023-05-22T10:56:50.933`)
* [CVE-2023-23712](CVE-2023/CVE-2023-237xx/CVE-2023-23712.json) (`2023-05-22T10:56:50.933`)
* [CVE-2023-23813](CVE-2023/CVE-2023-238xx/CVE-2023-23813.json) (`2023-05-22T10:56:50.933`)
* [CVE-2023-32700](CVE-2023/CVE-2023-327xx/CVE-2023-32700.json) (`2023-05-22T10:56:56.373`)
* [CVE-2023-33244](CVE-2023/CVE-2023-332xx/CVE-2023-33244.json) (`2023-05-22T10:56:56.373`)
* [CVE-2023-22689](CVE-2023/CVE-2023-226xx/CVE-2023-22689.json) (`2023-05-22T10:56:56.373`)
* [CVE-2023-23890](CVE-2023/CVE-2023-238xx/CVE-2023-23890.json) (`2023-05-22T10:56:56.373`)
* [CVE-2023-24414](CVE-2023/CVE-2023-244xx/CVE-2023-24414.json) (`2023-05-22T10:56:56.373`)
* [CVE-2023-32589](CVE-2023/CVE-2023-325xx/CVE-2023-32589.json) (`2023-05-22T10:56:56.373`)
* [CVE-2023-2826](CVE-2023/CVE-2023-28xx/CVE-2023-2826.json) (`2023-05-22T10:56:56.373`)
* [CVE-2023-33250](CVE-2023/CVE-2023-332xx/CVE-2023-33250.json) (`2023-05-22T10:56:56.373`)
* [CVE-2023-33251](CVE-2023/CVE-2023-332xx/CVE-2023-33251.json) (`2023-05-22T10:56:56.373`)
* [CVE-2023-33252](CVE-2023/CVE-2023-332xx/CVE-2023-33252.json) (`2023-05-22T10:56:56.373`)
* [CVE-2023-33254](CVE-2023/CVE-2023-332xx/CVE-2023-33254.json) (`2023-05-22T10:56:56.373`)
* [CVE-2023-32336](CVE-2023/CVE-2023-323xx/CVE-2023-32336.json) (`2023-05-22T10:56:56.373`)
* [CVE-2023-33264](CVE-2023/CVE-2023-332xx/CVE-2023-33264.json) (`2023-05-22T10:56:56.373`)
* [CVE-2023-33281](CVE-2023/CVE-2023-332xx/CVE-2023-33281.json) (`2023-05-22T10:56:56.373`)
* [CVE-2023-33285](CVE-2023/CVE-2023-332xx/CVE-2023-33285.json) (`2023-05-22T10:56:56.373`)
* [CVE-2023-33288](CVE-2023/CVE-2023-332xx/CVE-2023-33288.json) (`2023-05-22T10:56:56.373`)
* [CVE-2023-33297](CVE-2023/CVE-2023-332xx/CVE-2023-33297.json) (`2023-05-22T10:56:56.373`)
* [CVE-2023-1692](CVE-2023/CVE-2023-16xx/CVE-2023-1692.json) (`2023-05-22T10:57:01.797`)
* [CVE-2023-1693](CVE-2023/CVE-2023-16xx/CVE-2023-1693.json) (`2023-05-22T10:57:01.797`)
* [CVE-2023-1694](CVE-2023/CVE-2023-16xx/CVE-2023-1694.json) (`2023-05-22T10:57:01.797`)
* [CVE-2023-1696](CVE-2023/CVE-2023-16xx/CVE-2023-1696.json) (`2023-05-22T10:57:01.797`)
* [CVE-2023-26118](CVE-2023/CVE-2023-261xx/CVE-2023-26118.json) (`2023-05-22T13:15:09.757`)
* [CVE-2023-23797](CVE-2023/CVE-2023-237xx/CVE-2023-23797.json) (`2023-05-22T13:21:34.157`)
* [CVE-2023-25537](CVE-2023/CVE-2023-255xx/CVE-2023-25537.json) (`2023-05-22T13:21:34.157`)
* [CVE-2023-28709](CVE-2023/CVE-2023-287xx/CVE-2023-28709.json) (`2023-05-22T13:21:34.157`)
* [CVE-2023-2832](CVE-2023/CVE-2023-28xx/CVE-2023-2832.json) (`2023-05-22T13:21:34.157`)
* [CVE-2023-31612](CVE-2023/CVE-2023-316xx/CVE-2023-31612.json) (`2023-05-22T13:25:16.543`)
* [CVE-2023-31613](CVE-2023/CVE-2023-316xx/CVE-2023-31613.json) (`2023-05-22T13:25:35.357`)
* [CVE-2023-31614](CVE-2023/CVE-2023-316xx/CVE-2023-31614.json) (`2023-05-22T13:25:51.347`)
* [CVE-2023-31615](CVE-2023/CVE-2023-316xx/CVE-2023-31615.json) (`2023-05-22T13:26:03.427`)
* [CVE-2023-31616](CVE-2023/CVE-2023-316xx/CVE-2023-31616.json) (`2023-05-22T13:26:18.930`)
* [CVE-2023-31617](CVE-2023/CVE-2023-316xx/CVE-2023-31617.json) (`2023-05-22T13:26:31.713`)
* [CVE-2023-31618](CVE-2023/CVE-2023-316xx/CVE-2023-31618.json) (`2023-05-22T13:26:45.227`)
* [CVE-2023-31619](CVE-2023/CVE-2023-316xx/CVE-2023-31619.json) (`2023-05-22T13:26:59.780`)
* [CVE-2023-31620](CVE-2023/CVE-2023-316xx/CVE-2023-31620.json) (`2023-05-22T13:27:12.930`)
* [CVE-2023-31626](CVE-2023/CVE-2023-316xx/CVE-2023-31626.json) (`2023-05-22T13:29:32.933`)
* [CVE-2023-31627](CVE-2023/CVE-2023-316xx/CVE-2023-31627.json) (`2023-05-22T13:29:51.783`)
* [CVE-2023-31628](CVE-2023/CVE-2023-316xx/CVE-2023-31628.json) (`2023-05-22T13:30:01.657`)
* [CVE-2023-31629](CVE-2023/CVE-2023-316xx/CVE-2023-31629.json) (`2023-05-22T13:30:15.663`)
* [CVE-2023-31630](CVE-2023/CVE-2023-316xx/CVE-2023-31630.json) (`2023-05-22T13:30:38.413`)
* [CVE-2023-31631](CVE-2023/CVE-2023-316xx/CVE-2023-31631.json) (`2023-05-22T13:30:53.093`)
* [CVE-2023-31625](CVE-2023/CVE-2023-316xx/CVE-2023-31625.json) (`2023-05-22T13:31:24.190`)
* [CVE-2023-31624](CVE-2023/CVE-2023-316xx/CVE-2023-31624.json) (`2023-05-22T13:31:35.687`)
* [CVE-2023-31623](CVE-2023/CVE-2023-316xx/CVE-2023-31623.json) (`2023-05-22T13:47:00.637`)
* [CVE-2023-31622](CVE-2023/CVE-2023-316xx/CVE-2023-31622.json) (`2023-05-22T13:47:22.640`)
* [CVE-2023-31621](CVE-2023/CVE-2023-316xx/CVE-2023-31621.json) (`2023-05-22T13:50:12.233`)
## Download and Usage