From bc38ac31312ab9c37640379b307d30fbfdf4d381 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 10 Aug 2023 22:00:30 +0000 Subject: [PATCH] Auto-Update: 2023-08-10T22:00:26.867968+00:00 --- CVE-2023/CVE-2023-281xx/CVE-2023-28129.json | 20 + CVE-2023/CVE-2023-295xx/CVE-2023-29505.json | 8 +- CVE-2023/CVE-2023-320xx/CVE-2023-32090.json | 58 ++- CVE-2023/CVE-2023-325xx/CVE-2023-32560.json | 43 +++ CVE-2023/CVE-2023-325xx/CVE-2023-32561.json | 43 +++ CVE-2023/CVE-2023-325xx/CVE-2023-32562.json | 43 +++ CVE-2023/CVE-2023-325xx/CVE-2023-32563.json | 43 +++ CVE-2023/CVE-2023-325xx/CVE-2023-32564.json | 43 +++ CVE-2023/CVE-2023-325xx/CVE-2023-32565.json | 43 +++ CVE-2023/CVE-2023-353xx/CVE-2023-35376.json | 111 +++++- CVE-2023/CVE-2023-353xx/CVE-2023-35377.json | 111 +++++- CVE-2023/CVE-2023-353xx/CVE-2023-35384.json | 133 ++++++- CVE-2023/CVE-2023-353xx/CVE-2023-35385.json | 111 +++++- CVE-2023/CVE-2023-353xx/CVE-2023-35390.json | 69 +++- CVE-2023/CVE-2023-353xx/CVE-2023-35393.json | 39 +- CVE-2023/CVE-2023-353xx/CVE-2023-35394.json | 39 +- CVE-2023/CVE-2023-368xx/CVE-2023-36873.json | 398 +++++++++++++++++++- CVE-2023/CVE-2023-368xx/CVE-2023-36895.json | 89 ++++- CVE-2023/CVE-2023-368xx/CVE-2023-36896.json | 94 ++++- CVE-2023/CVE-2023-368xx/CVE-2023-36897.json | 126 ++++++- CVE-2023/CVE-2023-369xx/CVE-2023-36910.json | 123 +++++- CVE-2023/CVE-2023-369xx/CVE-2023-36912.json | 123 +++++- CVE-2023/CVE-2023-369xx/CVE-2023-36913.json | 145 ++++++- CVE-2023/CVE-2023-376xx/CVE-2023-37625.json | 28 ++ CVE-2023/CVE-2023-37xx/CVE-2023-3772.json | 6 +- CVE-2023/CVE-2023-381xx/CVE-2023-38157.json | 40 +- CVE-2023/CVE-2023-381xx/CVE-2023-38169.json | 199 +++++++++- CVE-2023/CVE-2023-381xx/CVE-2023-38180.json | 74 +++- CVE-2023/CVE-2023-381xx/CVE-2023-38185.json | 49 ++- CVE-2023/CVE-2023-381xx/CVE-2023-38186.json | 111 +++++- CVE-2023/CVE-2023-381xx/CVE-2023-38188.json | 39 +- CVE-2023/CVE-2023-382xx/CVE-2023-38254.json | 159 +++++++- CVE-2023/CVE-2023-383xx/CVE-2023-38333.json | 20 + CVE-2023/CVE-2023-395xx/CVE-2023-39518.json | 57 ++- CVE-2023/CVE-2023-398xx/CVE-2023-39805.json | 28 ++ CVE-2023/CVE-2023-398xx/CVE-2023-39806.json | 28 ++ CVE-2023/CVE-2023-400xx/CVE-2023-40014.json | 75 ++++ CVE-2023/CVE-2023-402xx/CVE-2023-40224.json | 20 + CVE-2023/CVE-2023-402xx/CVE-2023-40225.json | 40 ++ README.md | 87 ++--- 40 files changed, 2993 insertions(+), 122 deletions(-) create mode 100644 CVE-2023/CVE-2023-281xx/CVE-2023-28129.json create mode 100644 CVE-2023/CVE-2023-325xx/CVE-2023-32560.json create mode 100644 CVE-2023/CVE-2023-325xx/CVE-2023-32561.json create mode 100644 CVE-2023/CVE-2023-325xx/CVE-2023-32562.json create mode 100644 CVE-2023/CVE-2023-325xx/CVE-2023-32563.json create mode 100644 CVE-2023/CVE-2023-325xx/CVE-2023-32564.json create mode 100644 CVE-2023/CVE-2023-325xx/CVE-2023-32565.json create mode 100644 CVE-2023/CVE-2023-376xx/CVE-2023-37625.json create mode 100644 CVE-2023/CVE-2023-383xx/CVE-2023-38333.json create mode 100644 CVE-2023/CVE-2023-398xx/CVE-2023-39805.json create mode 100644 CVE-2023/CVE-2023-398xx/CVE-2023-39806.json create mode 100644 CVE-2023/CVE-2023-400xx/CVE-2023-40014.json create mode 100644 CVE-2023/CVE-2023-402xx/CVE-2023-40224.json create mode 100644 CVE-2023/CVE-2023-402xx/CVE-2023-40225.json diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28129.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28129.json new file mode 100644 index 00000000000..18c2655c6f6 --- /dev/null +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28129.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-28129", + "sourceIdentifier": "support@hackerone.com", + "published": "2023-08-10T20:15:09.657", + "lastModified": "2023-08-10T20:15:09.657", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Desktop & Server Management (DSM) may have a possible execution of arbitrary commands." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://forums.ivanti.com/s/article/SA-2023-07-26-CVE-2023-28129", + "source": "support@hackerone.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-295xx/CVE-2023-29505.json b/CVE-2023/CVE-2023-295xx/CVE-2023-29505.json index 1f8d42ef386..e678d6850f2 100644 --- a/CVE-2023/CVE-2023-295xx/CVE-2023-29505.json +++ b/CVE-2023/CVE-2023-295xx/CVE-2023-29505.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29505", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-04T15:15:09.987", - "lastModified": "2023-08-09T17:46:56.713", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-10T21:15:09.293", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -91,6 +91,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.manageengine.com/itom/advisory/cve-2023-29505.html", + "source": "cve@mitre.org" + }, { "url": "https://www.manageengine.com/network-monitoring/help/read-me-complete.html#build_127131", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-320xx/CVE-2023-32090.json b/CVE-2023/CVE-2023-320xx/CVE-2023-32090.json index 163ec9ee506..a25d2cc957e 100644 --- a/CVE-2023/CVE-2023-320xx/CVE-2023-32090.json +++ b/CVE-2023/CVE-2023-320xx/CVE-2023-32090.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32090", "sourceIdentifier": "security@pega.com", "published": "2023-08-07T12:15:10.433", - "lastModified": "2023-08-07T12:57:14.693", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T21:57:19.720", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "security@pega.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + }, { "source": "security@pega.com", "type": "Secondary", @@ -46,10 +76,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pega:pega_platform:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.1", + "versionEndIncluding": "7.3.1", + "matchCriteriaId": "D43B508A-73F9-4194-ADD8-81BCE889996A" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.pega.com/support-doc/pega-security-advisory-%E2%80%93-c23-vulnerability-default-operators", - "source": "security@pega.com" + "source": "security@pega.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-325xx/CVE-2023-32560.json b/CVE-2023/CVE-2023-325xx/CVE-2023-32560.json new file mode 100644 index 00000000000..683116b706a --- /dev/null +++ b/CVE-2023/CVE-2023-325xx/CVE-2023-32560.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-32560", + "sourceIdentifier": "support@hackerone.com", + "published": "2023-08-10T20:15:10.200", + "lastModified": "2023-08-10T20:15:10.200", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An attacker can send a specially crafted message to the Wavelink Avalanche Manager, which could result in service disruption or arbitrary code execution.\n\nThanks to a Researcher at Tenable for finding and reporting.\n\nFixed in version 6.4.1." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "support@hackerone.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US", + "source": "support@hackerone.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-325xx/CVE-2023-32561.json b/CVE-2023/CVE-2023-325xx/CVE-2023-32561.json new file mode 100644 index 00000000000..09d11067d62 --- /dev/null +++ b/CVE-2023/CVE-2023-325xx/CVE-2023-32561.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-32561", + "sourceIdentifier": "support@hackerone.com", + "published": "2023-08-10T20:15:10.287", + "lastModified": "2023-08-10T20:15:10.287", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A previously generated artifact by an administrator could be accessed by an attacker. The contents of this artifact could lead to authentication bypass. Fixed in version 6.4.1." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "support@hackerone.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US", + "source": "support@hackerone.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-325xx/CVE-2023-32562.json b/CVE-2023/CVE-2023-325xx/CVE-2023-32562.json new file mode 100644 index 00000000000..54681654465 --- /dev/null +++ b/CVE-2023/CVE-2023-325xx/CVE-2023-32562.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-32562", + "sourceIdentifier": "support@hackerone.com", + "published": "2023-08-10T20:15:10.360", + "lastModified": "2023-08-10T20:15:10.360", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution. Fixed in version 6.4.1." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "support@hackerone.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US", + "source": "support@hackerone.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-325xx/CVE-2023-32563.json b/CVE-2023/CVE-2023-325xx/CVE-2023-32563.json new file mode 100644 index 00000000000..5580d8c8078 --- /dev/null +++ b/CVE-2023/CVE-2023-325xx/CVE-2023-32563.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-32563", + "sourceIdentifier": "support@hackerone.com", + "published": "2023-08-10T20:15:10.437", + "lastModified": "2023-08-10T20:15:10.437", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An unauthenticated attacker could achieve the code execution through a RemoteControl server." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "support@hackerone.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US", + "source": "support@hackerone.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-325xx/CVE-2023-32564.json b/CVE-2023/CVE-2023-325xx/CVE-2023-32564.json new file mode 100644 index 00000000000..ce2905f144f --- /dev/null +++ b/CVE-2023/CVE-2023-325xx/CVE-2023-32564.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-32564", + "sourceIdentifier": "support@hackerone.com", + "published": "2023-08-10T20:15:10.503", + "lastModified": "2023-08-10T20:15:10.503", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "support@hackerone.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US", + "source": "support@hackerone.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-325xx/CVE-2023-32565.json b/CVE-2023/CVE-2023-325xx/CVE-2023-32565.json new file mode 100644 index 00000000000..d9547f6aaff --- /dev/null +++ b/CVE-2023/CVE-2023-325xx/CVE-2023-32565.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-32565", + "sourceIdentifier": "support@hackerone.com", + "published": "2023-08-10T20:15:10.577", + "lastModified": "2023-08-10T20:15:10.577", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack. Fixed in version 6.4.1." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "support@hackerone.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ] + }, + "references": [ + { + "url": "https://forums.ivanti.com/s/article/Avalanche-Vulnerabilities-Addressed-in-6-4-1?language=en_US", + "source": "support@hackerone.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35376.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35376.json index 6824636314a..5c90d248919 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35376.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35376.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35376", "sourceIdentifier": "secure@microsoft.com", "published": "2023-08-08T18:15:12.467", - "lastModified": "2023-08-08T18:33:10.073", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T20:26:21.667", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,115 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20107", + "matchCriteriaId": "0B6341EE-9F08-41F4-AAC9-69FCFD57AA29" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6167", + "matchCriteriaId": "27D3DBDC-310E-41F1-A2B2-F0D3B09E1C25" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4737", + "matchCriteriaId": "2CAFD7E2-955E-4169-8FE4-E4883C22F128" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19044.3324", + "matchCriteriaId": "B6873B3B-E106-4E56-B8EC-5D5A6EEEA5B5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3324", + "matchCriteriaId": "72882593-8B44-4DF3-A6A1-8EFE2D7BBCF6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2295", + "matchCriteriaId": "32AAA0B2-DF17-4CFA-851E-6B31C11DD38C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.2134", + "matchCriteriaId": "478EF06F-1EF8-45B5-981F-79159BFD709F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35376", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35377.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35377.json index c260f6f2dc9..dd267075bb2 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35377.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35377.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35377", "sourceIdentifier": "secure@microsoft.com", "published": "2023-08-08T18:15:12.567", - "lastModified": "2023-08-08T18:33:10.073", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T20:27:45.907", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,115 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20107", + "matchCriteriaId": "0B6341EE-9F08-41F4-AAC9-69FCFD57AA29" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6167", + "matchCriteriaId": "27D3DBDC-310E-41F1-A2B2-F0D3B09E1C25" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4737", + "matchCriteriaId": "2CAFD7E2-955E-4169-8FE4-E4883C22F128" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19044.3324", + "matchCriteriaId": "B6873B3B-E106-4E56-B8EC-5D5A6EEEA5B5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3324", + "matchCriteriaId": "72882593-8B44-4DF3-A6A1-8EFE2D7BBCF6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2295", + "matchCriteriaId": "32AAA0B2-DF17-4CFA-851E-6B31C11DD38C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.2134", + "matchCriteriaId": "478EF06F-1EF8-45B5-981F-79159BFD709F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35377", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35384.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35384.json index af185466653..f6c987a8fef 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35384.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35384.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35384", "sourceIdentifier": "secure@microsoft.com", "published": "2023-08-08T18:15:13.177", - "lastModified": "2023-08-08T18:33:10.073", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T21:27:48.870", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", @@ -34,10 +54,115 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20107", + "matchCriteriaId": "0B6341EE-9F08-41F4-AAC9-69FCFD57AA29" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6167", + "matchCriteriaId": "27D3DBDC-310E-41F1-A2B2-F0D3B09E1C25" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4737", + "matchCriteriaId": "2CAFD7E2-955E-4169-8FE4-E4883C22F128" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19044.3324", + "matchCriteriaId": "B6873B3B-E106-4E56-B8EC-5D5A6EEEA5B5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3324", + "matchCriteriaId": "72882593-8B44-4DF3-A6A1-8EFE2D7BBCF6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2295", + "matchCriteriaId": "32AAA0B2-DF17-4CFA-851E-6B31C11DD38C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.2134", + "matchCriteriaId": "478EF06F-1EF8-45B5-981F-79159BFD709F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35384", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35385.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35385.json index 7c036f00c9c..76cd0c3fbe8 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35385.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35385.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35385", "sourceIdentifier": "secure@microsoft.com", "published": "2023-08-08T18:15:13.263", - "lastModified": "2023-08-08T18:33:10.073", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T20:39:06.317", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,115 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20107", + "matchCriteriaId": "0B6341EE-9F08-41F4-AAC9-69FCFD57AA29" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6167", + "matchCriteriaId": "27D3DBDC-310E-41F1-A2B2-F0D3B09E1C25" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4737", + "matchCriteriaId": "2CAFD7E2-955E-4169-8FE4-E4883C22F128" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19044.3324", + "matchCriteriaId": "B6873B3B-E106-4E56-B8EC-5D5A6EEEA5B5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3324", + "matchCriteriaId": "72882593-8B44-4DF3-A6A1-8EFE2D7BBCF6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2295", + "matchCriteriaId": "32AAA0B2-DF17-4CFA-851E-6B31C11DD38C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.2134", + "matchCriteriaId": "478EF06F-1EF8-45B5-981F-79159BFD709F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35385", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35390.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35390.json index 0b985f27a78..f8d99ce8c2d 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35390.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35390.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35390", "sourceIdentifier": "secure@microsoft.com", "published": "2023-08-08T18:15:13.667", - "lastModified": "2023-08-08T18:33:04.943", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T20:31:48.303", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,73 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.0.0", + "versionEndExcluding": "6.0.21", + "matchCriteriaId": "AA257401-7276-4427-8692-7B5A6495F182" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.10", + "matchCriteriaId": "C2239C44-5436-4968-959B-C686E0FAECD1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:-:*:*", + "versionStartIncluding": "17.2.0", + "versionEndExcluding": "17.2.18", + "matchCriteriaId": "E3B42567-B3FF-4101-A639-C2883F567CF2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:-:*:*", + "versionStartIncluding": "17.4.0", + "versionEndExcluding": "17.4.10", + "matchCriteriaId": "4759CA52-CEA4-40C8-B1EF-F161DCFF0E78" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:-:*:*", + "versionStartIncluding": "17.6.0", + "versionEndExcluding": "17.6.6", + "matchCriteriaId": "0659AFA0-5AFA-42FC-8733-4502228AC26C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35390", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35393.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35393.json index a8851a47fab..87c3fd39314 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35393.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35393.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35393", "sourceIdentifier": "secure@microsoft.com", "published": "2023-08-08T18:15:13.750", - "lastModified": "2023-08-08T18:33:04.943", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T20:34:52.913", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,43 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:azure_hdinsights:-:*:*:*:*:*:*:*", + "matchCriteriaId": "83A84196-1B0D-46F8-802F-064C6C80486D" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35393", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-353xx/CVE-2023-35394.json b/CVE-2023/CVE-2023-353xx/CVE-2023-35394.json index c79d01ceef0..b4f104d118e 100644 --- a/CVE-2023/CVE-2023-353xx/CVE-2023-35394.json +++ b/CVE-2023/CVE-2023-353xx/CVE-2023-35394.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35394", "sourceIdentifier": "secure@microsoft.com", "published": "2023-08-08T18:15:13.840", - "lastModified": "2023-08-08T18:33:04.943", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T20:58:14.280", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,43 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:azure_hdinsights:-:*:*:*:*:*:*:*", + "matchCriteriaId": "83A84196-1B0D-46F8-802F-064C6C80486D" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35394", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36873.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36873.json index a77dc94dd78..9f614838073 100644 --- a/CVE-2023/CVE-2023-368xx/CVE-2023-36873.json +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36873.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36873", "sourceIdentifier": "secure@microsoft.com", "published": "2023-08-08T19:15:10.057", - "lastModified": "2023-08-08T20:39:01.517", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T21:05:38.873", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6 + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", @@ -34,10 +54,380 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*", + "matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", + "matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", + "matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*", + "matchCriteriaId": "23317443-1968-4791-9F20-AD3B308A83D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:*", + "matchCriteriaId": "934D4E46-12C1-41DC-A28C-A2C430E965E4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:arm64:*", + "matchCriteriaId": "8FC46499-DB6E-48BF-9334-85EE27AFE7AF" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "83A79DD6-E74E-419F-93F1-323B68502633" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x86:*", + "matchCriteriaId": "61959ACC-B608-4556-92AF-4D94B338907A" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:arm64:*", + "matchCriteriaId": "A9D54EE6-30AF-411C-A285-A4DCB6C6EC06" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "C230D3BF-7FCE-405C-B62E-B9190C995C3C" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x86:*", + "matchCriteriaId": "1FD62DCB-66D1-4CEA-828E-0BD302AC63CA" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:arm64:*", + "matchCriteriaId": "F2D718BD-C4B7-48DB-BE78-B9CA22F27DD0" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "0C3552E0-F793-4CDD-965D-457495475805" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:arm64:*", + "matchCriteriaId": "B2D24C54-F04F-4717-B614-FE67B3ED9DC0" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "D5EC3F68-8F41-4F6B-B2E5-920322A4A321" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*", + "matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*", + "matchCriteriaId": "734112B3-1383-4BE3-8721-C0F84566B764" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*", + "matchCriteriaId": "36B0E40A-84EF-4099-A395-75D6B8CDA196" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*", + "matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*", + "matchCriteriaId": "23317443-1968-4791-9F20-AD3B308A83D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*", + "matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:arm64:*", + "matchCriteriaId": "73D24713-D897-408D-893B-77A61982597D" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "306B7CE6-8239-4AED-9ED4-4C9F5B349F58" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*", + "matchCriteriaId": "345FCD64-D37B-425B-B64C-8B1640B7E850" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*", + "matchCriteriaId": "23317443-1968-4791-9F20-AD3B308A83D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*", + "matchCriteriaId": "2D3F18AF-84ED-473B-A8DF-65EB23C475AF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "306B7CE6-8239-4AED-9ED4-4C9F5B349F58" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*", + "matchCriteriaId": "345FCD64-D37B-425B-B64C-8B1640B7E850" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:arm64:*", + "matchCriteriaId": "8FC46499-DB6E-48BF-9334-85EE27AFE7AF" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "83A79DD6-E74E-419F-93F1-323B68502633" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x86:*", + "matchCriteriaId": "61959ACC-B608-4556-92AF-4D94B338907A" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:arm64:*", + "matchCriteriaId": "A9D54EE6-30AF-411C-A285-A4DCB6C6EC06" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "C230D3BF-7FCE-405C-B62E-B9190C995C3C" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x86:*", + "matchCriteriaId": "1FD62DCB-66D1-4CEA-828E-0BD302AC63CA" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:arm64:*", + "matchCriteriaId": "F2D718BD-C4B7-48DB-BE78-B9CA22F27DD0" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "0C3552E0-F793-4CDD-965D-457495475805" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*", + "matchCriteriaId": "2D3F18AF-84ED-473B-A8DF-65EB23C475AF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*", + "matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36873", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36895.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36895.json index ba83504320a..cf677575bf7 100644 --- a/CVE-2023/CVE-2023-368xx/CVE-2023-36895.json +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36895.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36895", "sourceIdentifier": "secure@microsoft.com", "published": "2023-08-08T18:15:15.727", - "lastModified": "2023-08-08T18:33:00.500", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T20:54:09.290", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,93 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*", + "matchCriteriaId": "3259EBFE-AE2D-48B8-BE9A-E22BBDB31378" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*", + "matchCriteriaId": "CD25F492-9272-4836-832C-8439EBE64CCF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "24DD7E07-4BB1-4914-9CDE-5A27A9A3920E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office:2013_rt:sp1:*:*:*:*:*:*", + "matchCriteriaId": "30C744C1-EACB-4D91-A72B-468842308AA3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*", + "matchCriteriaId": "72324216-4EB3-4243-A007-FEF3133C7DF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*", + "matchCriteriaId": "CF5DDD09-902E-4881-98D0-CB896333B4AA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*", + "matchCriteriaId": "26A3B226-5D7C-4556-9350-5222DC8EFC2C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*", + "matchCriteriaId": "40961B9E-80B6-42E0-A876-58B3CE056E4E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:x64:*", + "matchCriteriaId": "75F7306B-D1DA-48C2-AF87-4480E161D794" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:x86:*", + "matchCriteriaId": "BA9BCD55-F71E-4920-B906-A1386843776A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*", + "matchCriteriaId": "BF0E8112-5B6F-4E55-8E40-38ADCF6FC654" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36895", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36896.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36896.json index 837cd26c7c3..ae9d01fb0ff 100644 --- a/CVE-2023/CVE-2023-368xx/CVE-2023-36896.json +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36896.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36896", "sourceIdentifier": "secure@microsoft.com", "published": "2023-08-08T18:15:15.817", - "lastModified": "2023-08-08T18:33:00.500", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T20:50:40.547", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,98 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*", + "matchCriteriaId": "3259EBFE-AE2D-48B8-BE9A-E22BBDB31378" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*", + "matchCriteriaId": "CD25F492-9272-4836-832C-8439EBE64CCF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "24DD7E07-4BB1-4914-9CDE-5A27A9A3920E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office:2013_rt:sp1:*:*:*:*:*:*", + "matchCriteriaId": "30C744C1-EACB-4D91-A72B-468842308AA3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*", + "matchCriteriaId": "72324216-4EB3-4243-A007-FEF3133C7DF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*", + "matchCriteriaId": "CF5DDD09-902E-4881-98D0-CB896333B4AA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*", + "matchCriteriaId": "26A3B226-5D7C-4556-9350-5222DC8EFC2C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*", + "matchCriteriaId": "40961B9E-80B6-42E0-A876-58B3CE056E4E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:x64:*", + "matchCriteriaId": "75F7306B-D1DA-48C2-AF87-4480E161D794" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:x86:*", + "matchCriteriaId": "BA9BCD55-F71E-4920-B906-A1386843776A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*", + "matchCriteriaId": "BF0E8112-5B6F-4E55-8E40-38ADCF6FC654" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office_online_server:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E98AE986-FA31-4301-8025-E8915BA4AC5E" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36896", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36897.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36897.json index 027a4e136d8..44f33f1755f 100644 --- a/CVE-2023/CVE-2023-368xx/CVE-2023-36897.json +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36897.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36897", "sourceIdentifier": "secure@microsoft.com", "published": "2023-08-08T18:15:15.913", - "lastModified": "2023-08-08T18:33:00.500", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T20:52:41.757", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", @@ -34,10 +54,108 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*", + "matchCriteriaId": "3259EBFE-AE2D-48B8-BE9A-E22BBDB31378" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*", + "matchCriteriaId": "CD25F492-9272-4836-832C-8439EBE64CCF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*", + "matchCriteriaId": "CF5DDD09-902E-4881-98D0-CB896333B4AA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*", + "matchCriteriaId": "26A3B226-5D7C-4556-9350-5222DC8EFC2C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:*:x64:*", + "matchCriteriaId": "1AC0C23F-FC55-4DA1-8527-EB4432038FB0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:*:x86:*", + "matchCriteriaId": "A719B461-7869-46D0-9300-D0A348DC26A5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2010_tools_for_office_runtime:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D162C421-065E-4A00-B5D0-FB3434A6A12D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.0", + "versionEndExcluding": "15.9.56", + "matchCriteriaId": "0979AC6C-A38A-4B79-9196-D721D066E64B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.0", + "versionEndExcluding": "16.11.29", + "matchCriteriaId": "45EE88D6-0DF3-419E-B434-9039DE073B1A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:-:*:*", + "versionStartIncluding": "17.2.0", + "versionEndExcluding": "17.2.18", + "matchCriteriaId": "E3B42567-B3FF-4101-A639-C2883F567CF2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:-:*:*", + "versionStartIncluding": "17.4.0", + "versionEndExcluding": "17.4.10", + "matchCriteriaId": "4759CA52-CEA4-40C8-B1EF-F161DCFF0E78" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.6.0", + "versionEndExcluding": "17.6.6", + "matchCriteriaId": "FB465155-CEDD-48E5-8B58-AF49B8FAF504" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36897", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-369xx/CVE-2023-36910.json b/CVE-2023/CVE-2023-369xx/CVE-2023-36910.json index 414479bf00b..cdca3eb259a 100644 --- a/CVE-2023/CVE-2023-369xx/CVE-2023-36910.json +++ b/CVE-2023/CVE-2023-369xx/CVE-2023-36910.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36910", "sourceIdentifier": "secure@microsoft.com", "published": "2023-08-08T18:15:16.943", - "lastModified": "2023-08-08T18:33:00.500", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T20:47:30.210", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,127 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20107", + "matchCriteriaId": "8FD06E46-D04E-45A8-80CE-F46401595A0E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6167", + "matchCriteriaId": "27D3DBDC-310E-41F1-A2B2-F0D3B09E1C25" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4737", + "matchCriteriaId": "2CAFD7E2-955E-4169-8FE4-E4883C22F128" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19044.3324", + "matchCriteriaId": "B6873B3B-E106-4E56-B8EC-5D5A6EEEA5B5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3324", + "matchCriteriaId": "72882593-8B44-4DF3-A6A1-8EFE2D7BBCF6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22000.2295", + "matchCriteriaId": "17CCD061-D397-42B4-A35C-59499EEC3DBA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22000.2295", + "matchCriteriaId": "19850FAF-3452-40A0-8338-EA0FC9B61B4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22621.2134", + "matchCriteriaId": "6B81B5A3-92B9-43B0-8C33-DCE7B1900165" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22621.2134", + "matchCriteriaId": "E9050F06-6348-434B-A4A2-8FDE4A829E27" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36910", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-369xx/CVE-2023-36912.json b/CVE-2023/CVE-2023-369xx/CVE-2023-36912.json index d7723dbe136..67f7e4ee4c7 100644 --- a/CVE-2023/CVE-2023-369xx/CVE-2023-36912.json +++ b/CVE-2023/CVE-2023-369xx/CVE-2023-36912.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36912", "sourceIdentifier": "secure@microsoft.com", "published": "2023-08-08T18:15:19.440", - "lastModified": "2023-08-08T18:33:00.500", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T20:43:19.033", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,127 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20107", + "matchCriteriaId": "8FD06E46-D04E-45A8-80CE-F46401595A0E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6167", + "matchCriteriaId": "27D3DBDC-310E-41F1-A2B2-F0D3B09E1C25" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4737", + "matchCriteriaId": "2CAFD7E2-955E-4169-8FE4-E4883C22F128" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19044.3324", + "matchCriteriaId": "B6873B3B-E106-4E56-B8EC-5D5A6EEEA5B5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3324", + "matchCriteriaId": "72882593-8B44-4DF3-A6A1-8EFE2D7BBCF6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22000.2295", + "matchCriteriaId": "17CCD061-D397-42B4-A35C-59499EEC3DBA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22000.2295", + "matchCriteriaId": "19850FAF-3452-40A0-8338-EA0FC9B61B4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22621.2134", + "matchCriteriaId": "6B81B5A3-92B9-43B0-8C33-DCE7B1900165" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22621.2134", + "matchCriteriaId": "E9050F06-6348-434B-A4A2-8FDE4A829E27" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36912", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-369xx/CVE-2023-36913.json b/CVE-2023/CVE-2023-369xx/CVE-2023-36913.json index 8fa985879c1..7826e05da27 100644 --- a/CVE-2023/CVE-2023-369xx/CVE-2023-36913.json +++ b/CVE-2023/CVE-2023-369xx/CVE-2023-36913.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36913", "sourceIdentifier": "secure@microsoft.com", "published": "2023-08-08T18:15:20.117", - "lastModified": "2023-08-08T18:33:00.500", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T21:49:21.893", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", @@ -34,10 +54,127 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20107", + "matchCriteriaId": "8FD06E46-D04E-45A8-80CE-F46401595A0E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6167", + "matchCriteriaId": "27D3DBDC-310E-41F1-A2B2-F0D3B09E1C25" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4737", + "matchCriteriaId": "2CAFD7E2-955E-4169-8FE4-E4883C22F128" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19044.3324", + "matchCriteriaId": "B6873B3B-E106-4E56-B8EC-5D5A6EEEA5B5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3324", + "matchCriteriaId": "72882593-8B44-4DF3-A6A1-8EFE2D7BBCF6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22000.2295", + "matchCriteriaId": "17CCD061-D397-42B4-A35C-59499EEC3DBA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22000.2295", + "matchCriteriaId": "19850FAF-3452-40A0-8338-EA0FC9B61B4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22621.2134", + "matchCriteriaId": "6B81B5A3-92B9-43B0-8C33-DCE7B1900165" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22621.2134", + "matchCriteriaId": "E9050F06-6348-434B-A4A2-8FDE4A829E27" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36913", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-376xx/CVE-2023-37625.json b/CVE-2023/CVE-2023-376xx/CVE-2023-37625.json new file mode 100644 index 00000000000..39de5765977 --- /dev/null +++ b/CVE-2023/CVE-2023-376xx/CVE-2023-37625.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-37625", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-10T20:15:10.660", + "lastModified": "2023-08-10T20:15:10.660", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A stored cross-site scripting (XSS) vulnerability in Netbox v3.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Link templates." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/benjaminpsinclair/Netbox-CVE", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/benjaminpsinclair/Netbox-CVE-2023-37625", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/netbox-community/netbox/issues/12205", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-37xx/CVE-2023-3772.json b/CVE-2023/CVE-2023-37xx/CVE-2023-3772.json index 7b4be3f5589..ae84c499c96 100644 --- a/CVE-2023/CVE-2023-37xx/CVE-2023-3772.json +++ b/CVE-2023/CVE-2023-37xx/CVE-2023-3772.json @@ -2,7 +2,7 @@ "id": "CVE-2023-3772", "sourceIdentifier": "secalert@redhat.com", "published": "2023-07-25T16:15:11.660", - "lastModified": "2023-08-10T06:15:42.903", + "lastModified": "2023-08-10T21:15:10.493", "vulnStatus": "Modified", "descriptions": [ { @@ -123,6 +123,10 @@ "url": "http://www.openwall.com/lists/oss-security/2023/08/10/1", "source": "secalert@redhat.com" }, + { + "url": "http://www.openwall.com/lists/oss-security/2023/08/10/3", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-3772", "source": "secalert@redhat.com", diff --git a/CVE-2023/CVE-2023-381xx/CVE-2023-38157.json b/CVE-2023/CVE-2023-381xx/CVE-2023-38157.json index db8e0a1aa7b..2dfe3991c14 100644 --- a/CVE-2023/CVE-2023-381xx/CVE-2023-38157.json +++ b/CVE-2023/CVE-2023-381xx/CVE-2023-38157.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38157", "sourceIdentifier": "secure@microsoft.com", "published": "2023-08-07T18:15:09.877", - "lastModified": "2023-08-07T18:20:15.283", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T21:51:17.437", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,44 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*", + "versionEndExcluding": "115.0.1901.200", + "matchCriteriaId": "EDDC125E-DFE9-459F-B5B6-F803A57695B7" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38157", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-381xx/CVE-2023-38169.json b/CVE-2023/CVE-2023-381xx/CVE-2023-38169.json index 7132f685e2b..7bb43768f9a 100644 --- a/CVE-2023/CVE-2023-381xx/CVE-2023-38169.json +++ b/CVE-2023/CVE-2023-381xx/CVE-2023-38169.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38169", "sourceIdentifier": "secure@microsoft.com", "published": "2023-08-08T18:15:22.267", - "lastModified": "2023-08-08T18:32:54.523", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T20:40:02.710", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,203 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:17.0.1.1:*:*:*:*:linux:*:*", + "matchCriteriaId": "68D87353-7F7C-4052-99D5-94A40373B0C4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:17.0.1.1:*:*:*:*:macos:*:*", + "matchCriteriaId": "C6E79003-37F2-43ED-B9A4-B14446F38CA9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:17.0.1.1:*:*:*:*:windows:*:*", + "matchCriteriaId": "C4DA5041-801A-4A3E-A13E-9927AD73DB50" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:17.10.3.1:*:*:*:*:linux:*:*", + "matchCriteriaId": "6871F0BA-B074-45B9-A9B8-108FF8FF51C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:17.10.3.1:*:*:*:*:macos:*:*", + "matchCriteriaId": "43237AFF-E6F5-4323-84F5-47E5C27D03B5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:17.10.3.1:*:*:*:*:windows:*:*", + "matchCriteriaId": "D144A950-F990-4ADE-9374-596C2022DE9B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:17.10.4.1:*:*:*:*:linux:*:*", + "matchCriteriaId": "7FCFB10B-AF29-4E15-A338-483284D8278B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:17.10.4.1:*:*:*:*:macos:*:*", + "matchCriteriaId": "9CAF68C7-18C8-4BB9-BE85-1004162615F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:18.0.1.1:*:*:*:*:linux:*:*", + "matchCriteriaId": "034331B2-8062-497B-A071-0EDC69E47469" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:18.0.1.1:*:*:*:*:macos:*:*", + "matchCriteriaId": "24B7FC47-0B3A-4780-B39E-CC8841E89ADB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:18.0.1.1:*:*:*:*:windows:*:*", + "matchCriteriaId": "E04AF938-4D86-46F0-8F6F-0EA190FB280E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:18.1.2.1:*:*:*:*:linux:*:*", + "matchCriteriaId": "5A71190E-1087-47A0-9B56-B7F0420F9123" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:18.1.2.1:*:*:*:*:macos:*:*", + "matchCriteriaId": "F2BE108F-279C-4283-9813-D4114AF6F143" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:18.1.2.1:*:*:*:*:windows:*:*", + "matchCriteriaId": "F11D57D6-6611-4ABE-AC3B-D38149FD0DF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:18.2.1.1:*:*:*:*:linux:*:*", + "matchCriteriaId": "150A427F-B6E9-44E4-A9FF-DE8F4151C010" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:18.2.1.1:*:*:*:*:macos:*:*", + "matchCriteriaId": "AEE78325-9C25-4C5B-8D27-D0622D64A85D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:18.2.1.1:*:*:*:*:windows:*:*", + "matchCriteriaId": "5A71690B-0158-4C61-9184-F5C5376A74D6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:ole_db_driver_for_sql_server:18.0.2:*:*:*:*:*:*:*", + "matchCriteriaId": "A526EF68-6DBA-4F1A-977E-1F4FEEAF2BC0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:ole_db_driver_for_sql_server:18.1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F101DB23-E39D-42B8-AD51-BDF79740FF73" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:ole_db_driver_for_sql_server:18.2.1:*:*:*:*:*:*:*", + "matchCriteriaId": "3ACA62FD-C417-4ED4-9B79-5710D56E088B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:ole_db_driver_for_sql_server:18.2.2:*:*:*:*:*:*:*", + "matchCriteriaId": "51C9D564-6370-4104-AEFB-03CC7D29C60F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:ole_db_driver_for_sql_server:18.2.3:*:*:*:*:*:*:*", + "matchCriteriaId": "22602E38-0AB8-40BA-AAB0-A2D77E2EDD7F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:ole_db_driver_for_sql_server:18.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "102CD1A2-69DC-41D1-BBFB-6666D22D11DC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:ole_db_driver_for_sql_server:18.4.0:*:*:*:*:*:*:*", + "matchCriteriaId": "846F1C2C-7339-424C-81EF-C670059221CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:ole_db_driver_for_sql_server:18.5.0:*:*:*:*:*:*:*", + "matchCriteriaId": "67256F0F-3CC5-486C-94CD-06FE76E03012" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:ole_db_driver_for_sql_server:18.6.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D32E36DA-245F-48D3-80F3-E85C510FC217" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:ole_db_driver_for_sql_server:19.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "3F731D47-67EA-4EB8-81D2-A1F425E524FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:ole_db_driver_for_sql_server:19.1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "0AAC07B4-34F5-4287-B294-0E526B925ED5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:ole_db_driver_for_sql_server:19.2.0:*:*:*:*:*:*:*", + "matchCriteriaId": "8A45F508-0E06-4B32-8719-ED5BDBFB32B2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:ole_db_driver_for_sql_server:19.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7339F59F-31A7-4D03-B081-5C76C49F357A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:ole_db_driver_for_sql_server:19.3.1:*:*:*:*:*:*:*", + "matchCriteriaId": "7F536A7A-9E9C-4F3C-A861-B1ECEC25A00C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*", + "matchCriteriaId": "9144F644-A3D4-440C-8978-257E71204617" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*", + "matchCriteriaId": "6CB7AD22-F27B-4807-88F1-02ED420421D5" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38169", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-381xx/CVE-2023-38180.json b/CVE-2023/CVE-2023-381xx/CVE-2023-38180.json index 5fb72207b00..89bb0a5a88c 100644 --- a/CVE-2023/CVE-2023-381xx/CVE-2023-38180.json +++ b/CVE-2023/CVE-2023-381xx/CVE-2023-38180.json @@ -2,8 +2,12 @@ "id": "CVE-2023-38180", "sourceIdentifier": "secure@microsoft.com", "published": "2023-08-08T19:15:10.367", - "lastModified": "2023-08-08T20:39:01.517", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T21:03:41.547", + "vulnStatus": "Analyzed", + "cisaExploitAdd": "2023-08-09", + "cisaActionDue": "2023-08-30", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Microsoft .NET Core and Visual Studio Denial of Service Vulnerability", "descriptions": [ { "lang": "en", @@ -34,10 +38,74 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net:6.0.0:-:*:*:*:*:*:*", + "matchCriteriaId": "1DE0C8DD-9C73-4876-8193-068F18074B58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4E2C6C0-FD91-40D9-B1A4-C1C348A156C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:asp.net_core:2.1:*:*:*:*:*:*:*", + "matchCriteriaId": "19C3047E-C222-4636-B1B3-722F2C65BC99" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.2.0", + "versionEndExcluding": "17.2.18", + "matchCriteriaId": "DADAE1CA-1303-4B24-A9EC-E79A83088E49" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.4.0", + "versionEndExcluding": "17.4.10", + "matchCriteriaId": "A2A151F0-EE6A-4D89-BF83-74CCAA76E373" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.6.0", + "versionEndExcluding": "17.6.6", + "matchCriteriaId": "FB465155-CEDD-48E5-8B58-AF49B8FAF504" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38180", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-381xx/CVE-2023-38185.json b/CVE-2023/CVE-2023-381xx/CVE-2023-38185.json index 30c3c43b53f..b44acd4c5aa 100644 --- a/CVE-2023/CVE-2023-381xx/CVE-2023-38185.json +++ b/CVE-2023/CVE-2023-381xx/CVE-2023-38185.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38185", "sourceIdentifier": "secure@microsoft.com", "published": "2023-08-08T18:15:23.053", - "lastModified": "2023-08-08T18:32:54.523", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T21:15:44.717", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,53 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_23:*:*:*:*:*:*", + "matchCriteriaId": "FF76AEDA-E574-40ED-B64F-8FDEF8CAC802" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_12:*:*:*:*:*:*", + "matchCriteriaId": "B23C8E3E-5243-4DA6-B9AA-F6053084B55E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_13:*:*:*:*:*:*", + "matchCriteriaId": "583745C7-B802-4CBE-BD88-B5B9AF9B5371" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38185", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-381xx/CVE-2023-38186.json b/CVE-2023/CVE-2023-381xx/CVE-2023-38186.json index 70b474ca461..46c7ccf30d8 100644 --- a/CVE-2023/CVE-2023-381xx/CVE-2023-38186.json +++ b/CVE-2023/CVE-2023-381xx/CVE-2023-38186.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38186", "sourceIdentifier": "secure@microsoft.com", "published": "2023-08-08T18:15:23.140", - "lastModified": "2023-08-08T18:32:54.523", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T21:07:01.707", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", @@ -34,10 +54,93 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:arm64:*", + "matchCriteriaId": "8FC46499-DB6E-48BF-9334-85EE27AFE7AF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "83A79DD6-E74E-419F-93F1-323B68502633" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x86:*", + "matchCriteriaId": "61959ACC-B608-4556-92AF-4D94B338907A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:arm64:*", + "matchCriteriaId": "A9D54EE6-30AF-411C-A285-A4DCB6C6EC06" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "C230D3BF-7FCE-405C-B62E-B9190C995C3C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x86:*", + "matchCriteriaId": "1FD62DCB-66D1-4CEA-828E-0BD302AC63CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:arm64:*", + "matchCriteriaId": "F2D718BD-C4B7-48DB-BE78-B9CA22F27DD0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "0C3552E0-F793-4CDD-965D-457495475805" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:arm64:*", + "matchCriteriaId": "B2D24C54-F04F-4717-B614-FE67B3ED9DC0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "D5EC3F68-8F41-4F6B-B2E5-920322A4A321" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38186", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-381xx/CVE-2023-38188.json b/CVE-2023/CVE-2023-381xx/CVE-2023-38188.json index 50ced53df31..926fc42cf8a 100644 --- a/CVE-2023/CVE-2023-381xx/CVE-2023-38188.json +++ b/CVE-2023/CVE-2023-381xx/CVE-2023-38188.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38188", "sourceIdentifier": "secure@microsoft.com", "published": "2023-08-08T18:15:23.230", - "lastModified": "2023-08-08T18:32:54.523", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T21:08:34.610", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,43 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:azure_hdinsights:-:*:*:*:*:*:*:*", + "matchCriteriaId": "83A84196-1B0D-46F8-802F-064C6C80486D" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38188", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-382xx/CVE-2023-38254.json b/CVE-2023/CVE-2023-382xx/CVE-2023-38254.json index b5ff9b79c36..20189fe7b6b 100644 --- a/CVE-2023/CVE-2023-382xx/CVE-2023-38254.json +++ b/CVE-2023/CVE-2023-382xx/CVE-2023-38254.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38254", "sourceIdentifier": "secure@microsoft.com", "published": "2023-08-08T18:15:23.317", - "lastModified": "2023-08-08T18:32:54.523", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T21:02:04.993", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,163 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "A045AC0A-471E-444C-B3B0-4CABC23E8CFB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*", + "matchCriteriaId": "28A7FEE9-B473-48A0-B0ED-A5CC1E44194C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*", + "matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:arm64:*", + "matchCriteriaId": "73D24713-D897-408D-893B-77A61982597D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "306B7CE6-8239-4AED-9ED4-4C9F5B349F58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*", + "matchCriteriaId": "345FCD64-D37B-425B-B64C-8B1640B7E850" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:arm64:*", + "matchCriteriaId": "8FC46499-DB6E-48BF-9334-85EE27AFE7AF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "83A79DD6-E74E-419F-93F1-323B68502633" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x86:*", + "matchCriteriaId": "61959ACC-B608-4556-92AF-4D94B338907A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:arm64:*", + "matchCriteriaId": "A9D54EE6-30AF-411C-A285-A4DCB6C6EC06" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "C230D3BF-7FCE-405C-B62E-B9190C995C3C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x86:*", + "matchCriteriaId": "1FD62DCB-66D1-4CEA-828E-0BD302AC63CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:arm64:*", + "matchCriteriaId": "F2D718BD-C4B7-48DB-BE78-B9CA22F27DD0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "0C3552E0-F793-4CDD-965D-457495475805" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:arm64:*", + "matchCriteriaId": "B2D24C54-F04F-4717-B614-FE67B3ED9DC0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:x64:*", + "matchCriteriaId": "D5EC3F68-8F41-4F6B-B2E5-920322A4A321" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", + "matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", + "matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38254", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-383xx/CVE-2023-38333.json b/CVE-2023/CVE-2023-383xx/CVE-2023-38333.json new file mode 100644 index 00000000000..a8f6cdecf66 --- /dev/null +++ b/CVE-2023/CVE-2023-383xx/CVE-2023-38333.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-38333", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-10T21:15:10.307", + "lastModified": "2023-08-10T21:15:10.307", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Zoho ManageEngine Applications Manager through 16530 allows reflected XSS while logged in." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2023-38333.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-395xx/CVE-2023-39518.json b/CVE-2023/CVE-2023-395xx/CVE-2023-39518.json index 1c7dd67c9c9..ab831e50381 100644 --- a/CVE-2023/CVE-2023-395xx/CVE-2023-39518.json +++ b/CVE-2023/CVE-2023-395xx/CVE-2023-39518.json @@ -2,8 +2,8 @@ "id": "CVE-2023-39518", "sourceIdentifier": "security-advisories@github.com", "published": "2023-08-08T19:15:10.533", - "lastModified": "2023-08-08T20:39:01.517", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-10T21:10:19.233", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,18 +66,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fobybus:social-media-skeleton:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.0.3", + "matchCriteriaId": "E47A7BCE-B493-4DB3-9BE2-4E4415436857" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/fobybus/social-media-skeleton/commit/6765d1109016e1f1d707ef47917927c7704e6428", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/fobybus/social-media-skeleton/pull/4", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-2jxx-r967-f76p", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-398xx/CVE-2023-39805.json b/CVE-2023/CVE-2023-398xx/CVE-2023-39805.json new file mode 100644 index 00000000000..f96a33e64c6 --- /dev/null +++ b/CVE-2023/CVE-2023-398xx/CVE-2023-39805.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-39805", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-10T20:15:10.733", + "lastModified": "2023-08-10T20:15:10.733", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the where parameter at admincp.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://icms.com", + "source": "cve@mitre.org" + }, + { + "url": "http://icmsdev.com", + "source": "cve@mitre.org" + }, + { + "url": "https://gist.github.com/ChubbyZ/3ad434bd5fc2ab1242dd32500384cfb5", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-398xx/CVE-2023-39806.json b/CVE-2023/CVE-2023-398xx/CVE-2023-39806.json new file mode 100644 index 00000000000..e6b53cd9b50 --- /dev/null +++ b/CVE-2023/CVE-2023-398xx/CVE-2023-39806.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-39806", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-10T20:15:10.793", + "lastModified": "2023-08-10T20:15:10.793", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the bakupdata function." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://icms.com", + "source": "cve@mitre.org" + }, + { + "url": "http://icmsdev.com", + "source": "cve@mitre.org" + }, + { + "url": "https://gist.github.com/ChubbyZ/27fa6f43699c9964ddfa701614fc4d5e", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-400xx/CVE-2023-40014.json b/CVE-2023/CVE-2023-400xx/CVE-2023-40014.json new file mode 100644 index 00000000000..d818a14c1aa --- /dev/null +++ b/CVE-2023/CVE-2023-400xx/CVE-2023-40014.json @@ -0,0 +1,75 @@ +{ + "id": "CVE-2023-40014", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-08-10T20:15:10.867", + "lastModified": "2023-08-10T20:15:10.867", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "OpenZeppelin Contracts is a library for secure smart contract development. Starting in version 4.0.0 and prior to version 4.9.3, contracts using `ERC2771Context` along with a custom trusted forwarder may see `_msgSender` return `address(0)` in calls that originate from the forwarder with calldata shorter than 20 bytes. This combination of circumstances does not appear to be common, in particular it is not the case for `MinimalForwarder` from OpenZeppelin Contracts, or any deployed forwarder the team is aware of, given that the signer address is appended to all calls that originate from these forwarders. The problem has been patched in v4.9.3.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-116" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/OpenZeppelin/openzeppelin-contracts/commit/9445f96223041abf2bf08daa56f8da50b674cbcd", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/OpenZeppelin/openzeppelin-contracts/commit/e4435eed757d4309436b1e06608e97b6d6e2fdb5", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/OpenZeppelin/openzeppelin-contracts/pull/4481", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/OpenZeppelin/openzeppelin-contracts/pull/4484", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/OpenZeppelin/openzeppelin-contracts/releases/tag/v4.9.3", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/OpenZeppelin/openzeppelin-contracts/security/advisories/GHSA-g4vp-m682-qqmp", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-402xx/CVE-2023-40224.json b/CVE-2023/CVE-2023-402xx/CVE-2023-40224.json new file mode 100644 index 00000000000..c013c46617a --- /dev/null +++ b/CVE-2023/CVE-2023-402xx/CVE-2023-40224.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-40224", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-10T20:15:11.010", + "lastModified": "2023-08-10T20:15:11.010", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "MISP 2.4174 allows XSS in app/View/Events/index.ctp." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/MISP/MISP/commit/0274f8b6332e82317c9529b583d03897adf5883e", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-402xx/CVE-2023-40225.json b/CVE-2023/CVE-2023-402xx/CVE-2023-40225.json new file mode 100644 index 00000000000..482d0f63578 --- /dev/null +++ b/CVE-2023/CVE-2023-402xx/CVE-2023-40225.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2023-40225", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-10T21:15:10.743", + "lastModified": "2023-08-10T21:15:10.743", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://cwe.mitre.org/data/definitions/436.html", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/haproxy/haproxy/commit/6492f1f29d738457ea9f382aca54537f35f9d856", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/haproxy/haproxy/issues/2237", + "source": "cve@mitre.org" + }, + { + "url": "https://www.haproxy.org/download/2.6/src/CHANGELOG", + "source": "cve@mitre.org" + }, + { + "url": "https://www.haproxy.org/download/2.7/src/CHANGELOG", + "source": "cve@mitre.org" + }, + { + "url": "https://www.haproxy.org/download/2.8/src/CHANGELOG", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 8c32d5ea403..e777419d051 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-08-10T20:00:31.853422+00:00 +2023-08-10T22:00:26.867968+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-08-10T19:53:44.323000+00:00 +2023-08-10T21:57:19.720000+00:00 ``` ### Last Data Feed Release @@ -29,57 +29,58 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -222330 +222344 ``` ### CVEs added in the last Commit -Recently added CVEs: `13` +Recently added CVEs: `14` -* [CVE-2023-39958](CVE-2023/CVE-2023-399xx/CVE-2023-39958.json) (`2023-08-10T18:15:09.600`) -* [CVE-2023-39959](CVE-2023/CVE-2023-399xx/CVE-2023-39959.json) (`2023-08-10T18:15:10.157`) -* [CVE-2023-39961](CVE-2023/CVE-2023-399xx/CVE-2023-39961.json) (`2023-08-10T18:15:10.387`) -* [CVE-2023-39962](CVE-2023/CVE-2023-399xx/CVE-2023-39962.json) (`2023-08-10T18:15:10.603`) -* [CVE-2023-39963](CVE-2023/CVE-2023-399xx/CVE-2023-39963.json) (`2023-08-10T18:15:10.813`) -* [CVE-2023-39964](CVE-2023/CVE-2023-399xx/CVE-2023-39964.json) (`2023-08-10T18:15:11.043`) -* [CVE-2023-39965](CVE-2023/CVE-2023-399xx/CVE-2023-39965.json) (`2023-08-10T18:15:11.213`) -* [CVE-2023-39966](CVE-2023/CVE-2023-399xx/CVE-2023-39966.json) (`2023-08-10T18:15:11.550`) -* [CVE-2023-23342](CVE-2023/CVE-2023-233xx/CVE-2023-23342.json) (`2023-08-10T19:15:09.377`) -* [CVE-2023-32566](CVE-2023/CVE-2023-325xx/CVE-2023-32566.json) (`2023-08-10T19:15:09.583`) -* [CVE-2023-32567](CVE-2023/CVE-2023-325xx/CVE-2023-32567.json) (`2023-08-10T19:15:09.663`) -* [CVE-2023-35085](CVE-2023/CVE-2023-350xx/CVE-2023-35085.json) (`2023-08-10T19:15:09.730`) -* [CVE-2023-38034](CVE-2023/CVE-2023-380xx/CVE-2023-38034.json) (`2023-08-10T19:15:09.803`) +* [CVE-2023-28129](CVE-2023/CVE-2023-281xx/CVE-2023-28129.json) (`2023-08-10T20:15:09.657`) +* [CVE-2023-32560](CVE-2023/CVE-2023-325xx/CVE-2023-32560.json) (`2023-08-10T20:15:10.200`) +* [CVE-2023-32561](CVE-2023/CVE-2023-325xx/CVE-2023-32561.json) (`2023-08-10T20:15:10.287`) +* [CVE-2023-32562](CVE-2023/CVE-2023-325xx/CVE-2023-32562.json) (`2023-08-10T20:15:10.360`) +* [CVE-2023-32563](CVE-2023/CVE-2023-325xx/CVE-2023-32563.json) (`2023-08-10T20:15:10.437`) +* [CVE-2023-32564](CVE-2023/CVE-2023-325xx/CVE-2023-32564.json) (`2023-08-10T20:15:10.503`) +* [CVE-2023-32565](CVE-2023/CVE-2023-325xx/CVE-2023-32565.json) (`2023-08-10T20:15:10.577`) +* [CVE-2023-37625](CVE-2023/CVE-2023-376xx/CVE-2023-37625.json) (`2023-08-10T20:15:10.660`) +* [CVE-2023-39805](CVE-2023/CVE-2023-398xx/CVE-2023-39805.json) (`2023-08-10T20:15:10.733`) +* [CVE-2023-39806](CVE-2023/CVE-2023-398xx/CVE-2023-39806.json) (`2023-08-10T20:15:10.793`) +* [CVE-2023-40014](CVE-2023/CVE-2023-400xx/CVE-2023-40014.json) (`2023-08-10T20:15:10.867`) +* [CVE-2023-40224](CVE-2023/CVE-2023-402xx/CVE-2023-40224.json) (`2023-08-10T20:15:11.010`) +* [CVE-2023-38333](CVE-2023/CVE-2023-383xx/CVE-2023-38333.json) (`2023-08-10T21:15:10.307`) +* [CVE-2023-40225](CVE-2023/CVE-2023-402xx/CVE-2023-40225.json) (`2023-08-10T21:15:10.743`) ### CVEs modified in the last Commit -Recently modified CVEs: `64` +Recently modified CVEs: `25` -* [CVE-2023-35371](CVE-2023/CVE-2023-353xx/CVE-2023-35371.json) (`2023-08-10T18:29:48.667`) -* [CVE-2023-36900](CVE-2023/CVE-2023-369xx/CVE-2023-36900.json) (`2023-08-10T18:31:01.120`) -* [CVE-2023-4201](CVE-2023/CVE-2023-42xx/CVE-2023-4201.json) (`2023-08-10T18:31:15.870`) -* [CVE-2023-4200](CVE-2023/CVE-2023-42xx/CVE-2023-4200.json) (`2023-08-10T18:31:40.117`) -* [CVE-2023-35372](CVE-2023/CVE-2023-353xx/CVE-2023-35372.json) (`2023-08-10T18:32:16.993`) -* [CVE-2023-35359](CVE-2023/CVE-2023-353xx/CVE-2023-35359.json) (`2023-08-10T18:33:26.320`) -* [CVE-2023-4193](CVE-2023/CVE-2023-41xx/CVE-2023-4193.json) (`2023-08-10T18:38:56.230`) -* [CVE-2023-36903](CVE-2023/CVE-2023-369xx/CVE-2023-36903.json) (`2023-08-10T18:39:23.840`) -* [CVE-2023-29330](CVE-2023/CVE-2023-293xx/CVE-2023-29330.json) (`2023-08-10T18:42:10.200`) -* [CVE-2023-29328](CVE-2023/CVE-2023-293xx/CVE-2023-29328.json) (`2023-08-10T18:42:29.727`) -* [CVE-2023-4186](CVE-2023/CVE-2023-41xx/CVE-2023-4186.json) (`2023-08-10T18:43:56.433`) -* [CVE-2023-4191](CVE-2023/CVE-2023-41xx/CVE-2023-4191.json) (`2023-08-10T18:44:26.503`) -* [CVE-2023-36898](CVE-2023/CVE-2023-368xx/CVE-2023-36898.json) (`2023-08-10T18:45:35.797`) -* [CVE-2023-36908](CVE-2023/CVE-2023-369xx/CVE-2023-36908.json) (`2023-08-10T18:46:48.047`) -* [CVE-2023-4172](CVE-2023/CVE-2023-41xx/CVE-2023-4172.json) (`2023-08-10T18:48:00.450`) -* [CVE-2023-36904](CVE-2023/CVE-2023-369xx/CVE-2023-36904.json) (`2023-08-10T18:48:57.183`) -* [CVE-2023-36906](CVE-2023/CVE-2023-369xx/CVE-2023-36906.json) (`2023-08-10T18:53:36.207`) -* [CVE-2023-36907](CVE-2023/CVE-2023-369xx/CVE-2023-36907.json) (`2023-08-10T18:55:49.090`) -* [CVE-2023-36909](CVE-2023/CVE-2023-369xx/CVE-2023-36909.json) (`2023-08-10T18:57:23.853`) -* [CVE-2023-36911](CVE-2023/CVE-2023-369xx/CVE-2023-36911.json) (`2023-08-10T18:59:33.250`) -* [CVE-2023-38170](CVE-2023/CVE-2023-381xx/CVE-2023-38170.json) (`2023-08-10T19:02:03.863`) -* [CVE-2023-39346](CVE-2023/CVE-2023-393xx/CVE-2023-39346.json) (`2023-08-10T19:09:13.480`) -* [CVE-2023-4205](CVE-2023/CVE-2023-42xx/CVE-2023-4205.json) (`2023-08-10T19:15:10.120`) -* [CVE-2023-38686](CVE-2023/CVE-2023-386xx/CVE-2023-38686.json) (`2023-08-10T19:30:28.810`) -* [CVE-2023-38497](CVE-2023/CVE-2023-384xx/CVE-2023-38497.json) (`2023-08-10T19:53:44.323`) +* [CVE-2023-35376](CVE-2023/CVE-2023-353xx/CVE-2023-35376.json) (`2023-08-10T20:26:21.667`) +* [CVE-2023-35377](CVE-2023/CVE-2023-353xx/CVE-2023-35377.json) (`2023-08-10T20:27:45.907`) +* [CVE-2023-35390](CVE-2023/CVE-2023-353xx/CVE-2023-35390.json) (`2023-08-10T20:31:48.303`) +* [CVE-2023-35393](CVE-2023/CVE-2023-353xx/CVE-2023-35393.json) (`2023-08-10T20:34:52.913`) +* [CVE-2023-35385](CVE-2023/CVE-2023-353xx/CVE-2023-35385.json) (`2023-08-10T20:39:06.317`) +* [CVE-2023-38169](CVE-2023/CVE-2023-381xx/CVE-2023-38169.json) (`2023-08-10T20:40:02.710`) +* [CVE-2023-36912](CVE-2023/CVE-2023-369xx/CVE-2023-36912.json) (`2023-08-10T20:43:19.033`) +* [CVE-2023-36910](CVE-2023/CVE-2023-369xx/CVE-2023-36910.json) (`2023-08-10T20:47:30.210`) +* [CVE-2023-36896](CVE-2023/CVE-2023-368xx/CVE-2023-36896.json) (`2023-08-10T20:50:40.547`) +* [CVE-2023-36897](CVE-2023/CVE-2023-368xx/CVE-2023-36897.json) (`2023-08-10T20:52:41.757`) +* [CVE-2023-36895](CVE-2023/CVE-2023-368xx/CVE-2023-36895.json) (`2023-08-10T20:54:09.290`) +* [CVE-2023-35394](CVE-2023/CVE-2023-353xx/CVE-2023-35394.json) (`2023-08-10T20:58:14.280`) +* [CVE-2023-38254](CVE-2023/CVE-2023-382xx/CVE-2023-38254.json) (`2023-08-10T21:02:04.993`) +* [CVE-2023-38180](CVE-2023/CVE-2023-381xx/CVE-2023-38180.json) (`2023-08-10T21:03:41.547`) +* [CVE-2023-36873](CVE-2023/CVE-2023-368xx/CVE-2023-36873.json) (`2023-08-10T21:05:38.873`) +* [CVE-2023-38186](CVE-2023/CVE-2023-381xx/CVE-2023-38186.json) (`2023-08-10T21:07:01.707`) +* [CVE-2023-38188](CVE-2023/CVE-2023-381xx/CVE-2023-38188.json) (`2023-08-10T21:08:34.610`) +* [CVE-2023-39518](CVE-2023/CVE-2023-395xx/CVE-2023-39518.json) (`2023-08-10T21:10:19.233`) +* [CVE-2023-29505](CVE-2023/CVE-2023-295xx/CVE-2023-29505.json) (`2023-08-10T21:15:09.293`) +* [CVE-2023-3772](CVE-2023/CVE-2023-37xx/CVE-2023-3772.json) (`2023-08-10T21:15:10.493`) +* [CVE-2023-38185](CVE-2023/CVE-2023-381xx/CVE-2023-38185.json) (`2023-08-10T21:15:44.717`) +* [CVE-2023-35384](CVE-2023/CVE-2023-353xx/CVE-2023-35384.json) (`2023-08-10T21:27:48.870`) +* [CVE-2023-36913](CVE-2023/CVE-2023-369xx/CVE-2023-36913.json) (`2023-08-10T21:49:21.893`) +* [CVE-2023-38157](CVE-2023/CVE-2023-381xx/CVE-2023-38157.json) (`2023-08-10T21:51:17.437`) +* [CVE-2023-32090](CVE-2023/CVE-2023-320xx/CVE-2023-32090.json) (`2023-08-10T21:57:19.720`) ## Download and Usage