admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-25T16:00:31.639914+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-05-25 16:00:35 +00:00
parent ddd4733049
commit bd97535838
47 changed files with 3272 additions and 211 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
CVE-2021/CVE-2021-271xx/CVE-2021-27131.json
View File

@ -2,23 +2,81 @@
"id": "CVE-2021-27131",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-16T20:15:08.987",
"lastModified": "2023-05-17T12:46:50.773",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:56:09.600",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting (XSS) due to the improper input sanitization on the \"Additional HTML Section\" via \"Header and Footer\" parameter in /admin/settings.php. This vulnerability is leading an attacker to steal admin and all user account cookies by storing the malicious XSS payload in Header and Footer."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:3.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8DE1A209-128A-4D30-845C-298A3EEB93FF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/moodle/moodle",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/p4nk4jv/CVEs-Assigned/blob/master/Moodle-3.10.1-CVE-2021-27131.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

4
CVE-2022/CVE-2022-453xx/CVE-2022-45366.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-45366",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-25T13:15:09.153",
"lastModified": "2023-05-25T13:15:09.153",
"vulnStatus": "Received",
"lastModified": "2023-05-25T15:58:29.613",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-471xx/CVE-2022-47174.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47174",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-25T13:15:09.230",
"lastModified": "2023-05-25T13:15:09.230",
"vulnStatus": "Received",
"lastModified": "2023-05-25T15:58:29.613",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2023/CVE-2023-04xx/CVE-2023-0459.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-0459",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2023-05-25T14:15:09.603",
"lastModified": "2023-05-25T15:58:29.613",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the \"access_ok\" check and pass a kernel pointer to copy_from_user(). This would allow an attacker to leak information. We recommend upgrading beyond commit\u00a074e19ef0ff8061ef55957c3abd71614ef0f42f47"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@google.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "cve-coordination@google.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-763"
}
]
}
],
"references": [
{
"url": "https://github.com/torvalds/linux/commit/4b842e4e25b12951fa10dedb4bc16bc47e3b850c",
"source": "cve-coordination@google.com"
},
{
"url": "https://github.com/torvalds/linux/commit/74e19ef0ff8061ef55957c3abd71614ef0f42f47",
"source": "cve-coordination@google.com"
}
]
}

64
CVE-2023/CVE-2023-21xx/CVE-2023-2161.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2161",
"sourceIdentifier": "cybersecurity@se.com",
"published": "2023-05-16T05:15:09.357",
"lastModified": "2023-05-16T10:46:36.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:14:00.573",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "cybersecurity@se.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "cybersecurity@se.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +64,48 @@
"value": "CWE-611"
}
]
},
{
"source": "cybersecurity@se.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:schneider-electric:opc_factory_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.63",
"matchCriteriaId": "8157EA01-7338-4192-B5B0-0AAE18F856E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:schneider-electric:opc_factory_server:3.63:-:*:*:*:*:*:*",
"matchCriteriaId": "E308BCBF-DE73-4CF1-85FD-CB216CEF9410"
}
]
}
]
}
],
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-129-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-129-01.pdf",
"source": "cybersecurity@se.com"
"source": "cybersecurity@se.com",
"tags": [
"Vendor Advisory"
]
}
]
}

43
CVE-2023/CVE-2023-225xx/CVE-2023-22504.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-22504",
"sourceIdentifier": "security@atlassian.com",
"published": "2023-05-25T14:15:09.877",
"lastModified": "2023-05-25T15:58:29.613",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Affected versions of Atlassian Confluence Server allow remote attackers who have read permissions to a page, but not write permissions, to upload attachments via a Broken Access Control vulnerability in the attachments feature.\n\nThe affected versions are before version 7.19.9.\n\nThis vulnerability was discovered by Rojan Rijal of the Tinder Security Engineering Team."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@atlassian.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://jira.atlassian.com/browse/CONFSERVER-83218",
"source": "security@atlassian.com"
}
]
}

55
CVE-2023/CVE-2023-24xx/CVE-2023-2480.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-2480",
"sourceIdentifier": "security@m-files.com",
"published": "2023-05-25T14:15:10.120",
"lastModified": "2023-05-25T15:58:29.613",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Missing access permissions checks in M-Files Client before 23.5.12598.0 allows elevation of privilege via UI extension applications"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@m-files.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security@m-files.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-280"
}
]
}
],
"references": [
{
"url": "https://https://www.m-files.com/about/trust-center/security-advisories/cve-2023-2480/",
"source": "security@m-files.com"
}
]
}

67
CVE-2023/CVE-2023-27xx/CVE-2023-2710.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2710",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-05-16T03:15:09.147",
"lastModified": "2023-05-16T10:46:36.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:25:43.933",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +76,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:i13websolution:video_carousel_slider_with_lightbox:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.23",
"matchCriteriaId": "3687DF21-1D34-4CF4-B552-23E2FC58ECDD"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-responsive-video-gallery-with-lightbox/tags/1.0.22/wp-responsive-video-gallery-with-lightbox.php#L1023",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/wp-responsive-video-gallery-with-lightbox/tags/1.0.23/wp-responsive-video-gallery-with-lightbox.php#L1023",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e88bb3a8-de24-46fb-a3e4-9ca3fdd4cca7?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

119
CVE-2023/CVE-2023-27xx/CVE-2023-2721.json
View File

@ -2,35 +2,138 @@
"id": "CVE-2023-2721",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-16T19:15:09.160",
"lastModified": "2023-05-22T04:15:09.867",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T14:07:15.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "113.0.5672.126",
"matchCriteriaId": "43A84E9E-131C-4DA1-B09E-0BFC1E3D8846"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_16.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://crbug.com/1444360",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/73XUIHJ6UT75VFPDPLJOXJON7MVIKVZI/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FXFL4TDAH72PRCPD5UPZMJMKIMVOPLTI/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5404",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

133
CVE-2023/CVE-2023-27xx/CVE-2023-2722.json
View File

@ -2,35 +2,152 @@
"id": "CVE-2023-2722",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-16T19:15:09.217",
"lastModified": "2023-05-22T04:15:09.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T14:52:08.253",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "113.0.5672.126",
"matchCriteriaId": "43A84E9E-131C-4DA1-B09E-0BFC1E3D8846"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_16.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://crbug.com/1400905",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/73XUIHJ6UT75VFPDPLJOXJON7MVIKVZI/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FXFL4TDAH72PRCPD5UPZMJMKIMVOPLTI/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5404",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

119
CVE-2023/CVE-2023-27xx/CVE-2023-2723.json
View File

@ -2,35 +2,138 @@
"id": "CVE-2023-2723",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-16T19:15:09.277",
"lastModified": "2023-05-22T04:15:10.010",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T14:53:13.103",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "113.0.5672.126",
"matchCriteriaId": "43A84E9E-131C-4DA1-B09E-0BFC1E3D8846"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_16.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://crbug.com/1435166",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/73XUIHJ6UT75VFPDPLJOXJON7MVIKVZI/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FXFL4TDAH72PRCPD5UPZMJMKIMVOPLTI/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5404",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

119
CVE-2023/CVE-2023-27xx/CVE-2023-2724.json
View File

@ -2,35 +2,138 @@
"id": "CVE-2023-2724",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-16T19:15:09.327",
"lastModified": "2023-05-22T04:15:10.077",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T14:53:37.267",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "113.0.5672.126",
"matchCriteriaId": "43A84E9E-131C-4DA1-B09E-0BFC1E3D8846"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_16.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://crbug.com/1433211",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/73XUIHJ6UT75VFPDPLJOXJON7MVIKVZI/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FXFL4TDAH72PRCPD5UPZMJMKIMVOPLTI/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5404",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

119
CVE-2023/CVE-2023-27xx/CVE-2023-2725.json
View File

@ -2,35 +2,138 @@
"id": "CVE-2023-2725",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-16T19:15:09.383",
"lastModified": "2023-05-22T04:15:10.197",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T14:53:47.370",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Use after free in Guest View in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "113.0.5672.126",
"matchCriteriaId": "43A84E9E-131C-4DA1-B09E-0BFC1E3D8846"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_16.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://crbug.com/1442516",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/73XUIHJ6UT75VFPDPLJOXJON7MVIKVZI/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FXFL4TDAH72PRCPD5UPZMJMKIMVOPLTI/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5404",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

119
CVE-2023/CVE-2023-27xx/CVE-2023-2726.json
View File

@ -2,35 +2,138 @@
"id": "CVE-2023-2726",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-16T19:15:09.433",
"lastModified": "2023-05-22T04:15:10.280",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T14:53:56.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious web app to bypass install dialog via a crafted HTML page. (Chromium security severity: Medium)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "113.0.5672.126",
"matchCriteriaId": "43A84E9E-131C-4DA1-B09E-0BFC1E3D8846"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_16.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://crbug.com/1442018",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/73XUIHJ6UT75VFPDPLJOXJON7MVIKVZI/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FXFL4TDAH72PRCPD5UPZMJMKIMVOPLTI/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5404",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-27xx/CVE-2023-2769.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2769",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-17T18:15:09.317",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:59:04.283",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:service_provider_management_system_project:service_provider_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72A53E3F-CC8B-4570-9F4F-BA25E7F4F642"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Serviced-Providerd-Managementd-Systemd--d-SQLd-injections.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.229275",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.229275",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-27xx/CVE-2023-2770.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2770",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-17T18:15:09.377",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:58:23.257",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_exam_system_project:online_exam_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99ACEFBC-1F4A-41C6-BA00-C80C40D32783"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/tht1997/CVE_2023/blob/main/online_exam/kelasdosen.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.229276",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.229276",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-27xx/CVE-2023-2771.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2771",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-17T19:15:09.210",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:57:12.883",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_exam_system_project:online_exam_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99ACEFBC-1F4A-41C6-BA00-C80C40D32783"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/tht1997/CVE_2023/blob/main/online_exam/kelasdosen.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.229277",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.229277",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-27xx/CVE-2023-2772.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2772",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-17T19:15:09.277",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:56:37.780",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:budget_and_expense_tracker_system_project:budget_and_expense_tracker_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD601796-E468-4ED7-B2E5-9EEC6BC2D8D4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wucwu1/CVEApplication/blob/main/SQL.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.229278",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.229278",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-27xx/CVE-2023-2773.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2773",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-17T19:15:09.340",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:55:30.730",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bus_dispatch_and_information_system_project:bus_dispatch_and_information_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7617077D-5306-4794-B118-A6CB5E7ECB02"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/zyz0103/system-vul/blob/master/Bus%20Dispatch%20and%20Information%20System%20in%20adminid%20has%20Sql%20injection%20vulnerabilities.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.229279",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.229279",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-27xx/CVE-2023-2798.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-2798",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2023-05-25T14:15:10.320",
"lastModified": "2023-05-25T15:58:29.613",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Those using HtmlUnit to browse untrusted webpages may be vulnerable to Denial of service attacks (DoS). If HtmlUnit is running on user supplied web pages, an attacker may supply content that causes HtmlUnit to crash by a stack overflow. This effect may support a denial of service attack.This issue affects htmlunit before 2.70.0.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@google.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "cve-coordination@google.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54613",
"source": "cve-coordination@google.com"
},
{
"url": "https://github.com/HtmlUnit/htmlunit/commit/940dc7fd",
"source": "cve-coordination@google.com"
}
]
}

55
CVE-2023/CVE-2023-28xx/CVE-2023-2851.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-2851",
"sourceIdentifier": "cve@usom.gov.tr",
"published": "2023-05-25T14:15:10.557",
"lastModified": "2023-05-25T15:58:29.613",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AGT Tech Ceppatron allows Command Line Execution through SQL Injection, SQL Injection.This issue affects all versions of the sofware also EOS when CVE-ID assigned.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "cve@usom.gov.tr",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0294",
"source": "cve@usom.gov.tr"
}
]
}

4
CVE-2023/CVE-2023-28xx/CVE-2023-2888.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2888",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-25T13:15:09.310",
"lastModified": "2023-05-25T13:15:09.310",
"vulnStatus": "Received",
"lastModified": "2023-05-25T15:58:29.613",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

53
CVE-2023/CVE-2023-294xx/CVE-2023-29439.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29439",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-16T15:15:08.983",
"lastModified": "2023-05-16T20:04:03.627",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T14:24:04.563",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,14 +66,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fooplugins:foogallery:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.2.35",
"matchCriteriaId": "E366FA26-8E52-483A-BDC1-C70059226300"
}
]
}
]
}
],
"references": [
{
"url": "https://lourcode.kr/posts/CVE-2023-29439-Analysis?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://patchstack.com/database/vulnerability/foogallery/wordpress-foogallery-plugin-2-2-35-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-305xx/CVE-2023-30501.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30501",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.493",
"lastModified": "2023-05-16T20:04:03.627",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:22:05.390",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +54,58 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.0.8.0",
"matchCriteriaId": "D75E6912-3DB4-47C9-87BF-A5D0BFA71743"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.1.0.0",
"versionEndIncluding": "9.1.5.0",
"matchCriteriaId": "40ABD090-E99C-4A19-9540-3A1123FF886B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.2.0.0",
"versionEndIncluding": "9.2.3.0",
"matchCriteriaId": "73218F9F-C3F8-4AD2-8116-9CA428995154"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-305xx/CVE-2023-30502.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30502",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.567",
"lastModified": "2023-05-16T20:04:03.627",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:31:55.457",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +54,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.0.8.0",
"matchCriteriaId": "D75E6912-3DB4-47C9-87BF-A5D0BFA71743"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.1.0.0",
"versionEndIncluding": "9.1.5.0",
"matchCriteriaId": "40ABD090-E99C-4A19-9540-3A1123FF886B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.2.0.0",
"versionEndIncluding": "9.2.3.0",
"matchCriteriaId": "73218F9F-C3F8-4AD2-8116-9CA428995154"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-305xx/CVE-2023-30503.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30503",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.630",
"lastModified": "2023-05-16T20:04:03.627",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:32:10.817",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +54,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.0.8.0",
"matchCriteriaId": "D75E6912-3DB4-47C9-87BF-A5D0BFA71743"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.1.0.0",
"versionEndIncluding": "9.1.5.0",
"matchCriteriaId": "40ABD090-E99C-4A19-9540-3A1123FF886B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.2.0.0",
"versionEndIncluding": "9.2.3.0",
"matchCriteriaId": "73218F9F-C3F8-4AD2-8116-9CA428995154"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-305xx/CVE-2023-30504.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30504",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.693",
"lastModified": "2023-05-16T20:04:03.627",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:32:19.507",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +54,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.0.8.0",
"matchCriteriaId": "D75E6912-3DB4-47C9-87BF-A5D0BFA71743"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.1.0.0",
"versionEndIncluding": "9.1.5.0",
"matchCriteriaId": "40ABD090-E99C-4A19-9540-3A1123FF886B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.2.0.0",
"versionEndIncluding": "9.2.3.0",
"matchCriteriaId": "73218F9F-C3F8-4AD2-8116-9CA428995154"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-305xx/CVE-2023-30505.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30505",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.757",
"lastModified": "2023-05-16T20:04:03.627",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:32:44.243",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +54,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.0.8.0",
"matchCriteriaId": "D75E6912-3DB4-47C9-87BF-A5D0BFA71743"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.1.0.0",
"versionEndIncluding": "9.1.5.0",
"matchCriteriaId": "40ABD090-E99C-4A19-9540-3A1123FF886B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.2.0.0",
"versionEndIncluding": "9.2.3.0",
"matchCriteriaId": "73218F9F-C3F8-4AD2-8116-9CA428995154"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-305xx/CVE-2023-30506.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30506",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.817",
"lastModified": "2023-05-16T20:04:03.627",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:32:52.403",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +54,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.0.8.0",
"matchCriteriaId": "D75E6912-3DB4-47C9-87BF-A5D0BFA71743"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.1.0.0",
"versionEndIncluding": "9.1.5.0",
"matchCriteriaId": "40ABD090-E99C-4A19-9540-3A1123FF886B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.2.0.0",
"versionEndIncluding": "9.2.3.0",
"matchCriteriaId": "73218F9F-C3F8-4AD2-8116-9CA428995154"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-305xx/CVE-2023-30507.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30507",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.893",
"lastModified": "2023-05-16T20:04:03.627",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:41:52.120",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +54,58 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.0.8.0",
"matchCriteriaId": "D75E6912-3DB4-47C9-87BF-A5D0BFA71743"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.1.0.0",
"versionEndIncluding": "9.1.5.0",
"matchCriteriaId": "40ABD090-E99C-4A19-9540-3A1123FF886B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.2.0.0",
"versionEndIncluding": "9.2.3.0",
"matchCriteriaId": "73218F9F-C3F8-4AD2-8116-9CA428995154"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-305xx/CVE-2023-30508.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30508",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.980",
"lastModified": "2023-05-16T20:04:03.627",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:42:02.047",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +54,58 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.0.8.0",
"matchCriteriaId": "D75E6912-3DB4-47C9-87BF-A5D0BFA71743"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.1.0.0",
"versionEndIncluding": "9.1.5.0",
"matchCriteriaId": "40ABD090-E99C-4A19-9540-3A1123FF886B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.2.0.0",
"versionEndIncluding": "9.2.3.0",
"matchCriteriaId": "73218F9F-C3F8-4AD2-8116-9CA428995154"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-305xx/CVE-2023-30509.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30509",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:10.067",
"lastModified": "2023-05-16T20:04:03.627",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:42:19.017",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +54,58 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.0.8.0",
"matchCriteriaId": "D75E6912-3DB4-47C9-87BF-A5D0BFA71743"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.1.0.0",
"versionEndIncluding": "9.1.5.0",
"matchCriteriaId": "40ABD090-E99C-4A19-9540-3A1123FF886B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.2.0.0",
"versionEndIncluding": "9.2.3.0",
"matchCriteriaId": "73218F9F-C3F8-4AD2-8116-9CA428995154"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-305xx/CVE-2023-30510.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30510",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:10.140",
"lastModified": "2023-05-16T20:04:03.627",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:42:58.103",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +54,58 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.0.8.0",
"matchCriteriaId": "D75E6912-3DB4-47C9-87BF-A5D0BFA71743"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.1.0.0",
"versionEndIncluding": "9.1.5.0",
"matchCriteriaId": "40ABD090-E99C-4A19-9540-3A1123FF886B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.2.0.0",
"versionEndIncluding": "9.2.3.0",
"matchCriteriaId": "73218F9F-C3F8-4AD2-8116-9CA428995154"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
}
]
}

247
CVE-2023/CVE-2023-314xx/CVE-2023-31408.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31408",
"sourceIdentifier": "psirt@sick.de",
"published": "2023-05-15T11:15:09.477",
"lastModified": "2023-05-15T12:54:28.597",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T14:16:49.183",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@sick.de",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-312"
}
]
},
{
"source": "psirt@sick.de",
"type": "Secondary",
@ -46,18 +76,225 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:ftmg-esd20axx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0",
"matchCriteriaId": "E3882685-8678-47E4-995C-C3F6D9AD5668"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:ftmg-esd20axx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16AD808F-900B-41EE-B90A-F9D67AAAD6BE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:ftmg-esd25axx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0",
"matchCriteriaId": "49D930E8-415C-4183-87A1-8D7F44247B67"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:ftmg-esd25axx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24618A95-328C-47C9-B8EF-B4DF6E65D68E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:ftmg-esn40sxx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0",
"matchCriteriaId": "1DCC9C0B-7CCE-44E5-B25D-67BF971B4541"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:ftmg-esn40sxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "290B016B-20B7-40C1-B825-6ED4774C4861"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:ftmg-esn50sxx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0",
"matchCriteriaId": "E23D6018-1DFB-4516-82C9-3A3B09C2CBF9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:ftmg-esn50sxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B113D9E-8E61-4F9C-9E5B-2030EEFB133B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:ftmg-esr50sxx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0",
"matchCriteriaId": "77F2683F-B1B5-4033-97D4-ADF77B6B50E8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:ftmg-esr50sxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A02547D3-5E40-41B3-A7B4-D63F60A5F80B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:ftmg-esr40sxx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0",
"matchCriteriaId": "9075A02A-C627-43DA-ACF7-776197B518C5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:ftmg-esr40sxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B887993-18A8-493F-97A1-A788FBD5A5B9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:ftmg-esd15axx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0",
"matchCriteriaId": "E9219CD8-34CE-45A2-904A-E7B1740706C2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:ftmg-esd15axx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF162AA9-6645-4032-8D29-BAE2D60FBD9B"
}
]
}
]
}
],
"references": [
{
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.json",
"source": "psirt@sick.de"
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.pdf",
"source": "psirt@sick.de"
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://sick.com/psirt",
"source": "psirt@sick.de"
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
]
}
]
}

247
CVE-2023/CVE-2023-314xx/CVE-2023-31409.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31409",
"sourceIdentifier": "psirt@sick.de",
"published": "2023-05-15T11:15:09.550",
"lastModified": "2023-05-15T12:54:28.597",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T14:21:13.940",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@sick.de",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
},
{
"source": "psirt@sick.de",
"type": "Secondary",
@ -46,18 +76,225 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:ftmg-esd20axx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0",
"matchCriteriaId": "E3882685-8678-47E4-995C-C3F6D9AD5668"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:ftmg-esd20axx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16AD808F-900B-41EE-B90A-F9D67AAAD6BE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:ftmg-esd25axx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0",
"matchCriteriaId": "49D930E8-415C-4183-87A1-8D7F44247B67"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:ftmg-esd25axx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24618A95-328C-47C9-B8EF-B4DF6E65D68E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:ftmg-esn40sxx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0",
"matchCriteriaId": "1DCC9C0B-7CCE-44E5-B25D-67BF971B4541"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:ftmg-esn40sxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "290B016B-20B7-40C1-B825-6ED4774C4861"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:ftmg-esn50sxx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0",
"matchCriteriaId": "E23D6018-1DFB-4516-82C9-3A3B09C2CBF9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:ftmg-esn50sxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B113D9E-8E61-4F9C-9E5B-2030EEFB133B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:ftmg-esr50sxx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0",
"matchCriteriaId": "77F2683F-B1B5-4033-97D4-ADF77B6B50E8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:ftmg-esr50sxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A02547D3-5E40-41B3-A7B4-D63F60A5F80B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:ftmg-esr40sxx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0",
"matchCriteriaId": "9075A02A-C627-43DA-ACF7-776197B518C5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:ftmg-esr40sxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B887993-18A8-493F-97A1-A788FBD5A5B9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:ftmg-esd15axx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0",
"matchCriteriaId": "E9219CD8-34CE-45A2-904A-E7B1740706C2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:ftmg-esd15axx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF162AA9-6645-4032-8D29-BAE2D60FBD9B"
}
]
}
]
}
],
"references": [
{
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.json",
"source": "psirt@sick.de"
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.pdf",
"source": "psirt@sick.de"
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://sick.com/psirt",
"source": "psirt@sick.de"
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-316xx/CVE-2023-31698.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-31698",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-17T13:15:09.463",
"lastModified": "2023-05-19T17:15:09.303",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:41:38.163",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Bludit v3.14.1 is vulnerable to Stored Cross Site Scripting (XSS) via SVG file on site logo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bludit:bludit:3.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E1884F54-CD39-43CC-B52B-8B2335A09CDB"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/172462/Bludit-CMS-3.14.1-Cross-Site-Scripting.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://github.com/bludit/bludit/issues/1509",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

63
CVE-2023/CVE-2023-316xx/CVE-2023-31699.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-31699",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-17T13:15:09.517",
"lastModified": "2023-05-17T17:00:54.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:43:57.950",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "ChurchCRM v4.5.4 is vulnerable to Reflected Cross-Site Scripting (XSS) via image file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:churchcrm:churchcrm:4.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B55D7EE2-CEB8-45EC-A48C-C0A8B90E4E53"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ChurchCRM/CRM/issues/6471",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-317xx/CVE-2023-31702.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-31702",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-17T13:15:09.567",
"lastModified": "2023-05-24T18:15:10.673",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-05-25T15:51:23.433",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution on database server via GetUserCurrentPwd?UsrId=1."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:escanav:escan_management_console:14.0.1400.2281:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9D13C7-6948-4E3A-946C-B291CFBD4D70"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/172545/eScan-Management-Console-14.0.1400.2281-SQL-Injection.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/sahiloj/CVE-2023-31702/blob/main/README.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-317xx/CVE-2023-31703.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-31703",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-17T13:15:09.617",
"lastModified": "2023-05-24T18:15:10.753",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-05-25T15:52:01.867",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the from parameter."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:escanav:escan_management_console:14.0.1400.2281:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9D13C7-6948-4E3A-946C-B291CFBD4D70"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/172540/eScan-Management-Console-14.0.1400.2281-Cross-Site-Scripting.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/sahiloj/CVE-2023-31703/blob/main/README.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-319xx/CVE-2023-31902.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-31902",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-17T13:15:09.667",
"lastModified": "2023-05-17T17:00:54.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:46:52.150",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "RPA Technology Mobile Mouse 3.6.0.4 is vulnerable to Remote Code Execution (RCE)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mobilemouse:mobile_mouse:3.6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D17B42BF-030B-4B45-9776-AC72D5184CCD"
}
]
}
]
}
],
"references": [
{
"url": "https://www.exploit-db.com/exploits/51010",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.redpacketsecurity.com/mobile-mouse-code-execution/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

54
CVE-2023/CVE-2023-323xx/CVE-2023-32309.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32309",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-15T21:15:09.607",
"lastModified": "2023-05-16T10:46:36.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:01:21.910",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +66,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pymdown_extensions_project:pymdown_extensions:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.5.0",
"versionEndExcluding": "10.0",
"matchCriteriaId": "1C8C74AA-13E5-4F9F-ADAC-5D9320CCBD13"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/facelessuser/pymdown-extensions/commit/b7bb4878d6017c03c8dc97c42d8d3bb6ee81db9d",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/facelessuser/pymdown-extensions/security/advisories/GHSA-jh85-wwv9-24hv",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-326xx/CVE-2023-32694.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-32694",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-25T15:15:09.027",
"lastModified": "2023-05-25T15:58:29.613",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Saleor Core is a composable, headless commerce API. Saleor's `validate_hmac_signature` function is vulnerable to timing attacks. Malicious users could abuse this vulnerability on Saleor deployments having the Adyen plugin enabled in order to determine the secret key and forge fake events, this could affect the database integrity such as marking an order as paid when it is not. This issue has been patched in versions 3.7.68, 3.8.40, 3.9.49, 3.10.36, 3.11.35, 3.12.25, and 3.13.16."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-203"
},
{
"lang": "en",
"value": "CWE-208"
}
]
}
],
"references": [
{
"url": "https://github.com/saleor/saleor/commit/1328274e1a3d04ab87d7daee90229ff47b3bc35e",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-3rqj-9v87-2x3f",
"source": "security-advisories@github.com"
}
]
}

55
CVE-2023/CVE-2023-329xx/CVE-2023-32955.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32955",
"sourceIdentifier": "security@synology.com",
"published": "2023-05-16T08:15:08.490",
"lastModified": "2023-05-16T10:46:36.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:19:39.333",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
},
{
"source": "security@synology.com",
"type": "Secondary",
@ -46,10 +66,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.2",
"versionEndExcluding": "1.2.5-8227-6",
"matchCriteriaId": "9701AC9D-05E6-4EAA-BD8D-E7993E92CFA0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.3",
"versionEndExcluding": "1.3.1-9346-3",
"matchCriteriaId": "5BE8A994-AE91-473C-9E84-42F72585700F"
}
]
}
]
}
],
"references": [
{
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_22_25",
"source": "security@synology.com"
"source": "security@synology.com",
"tags": [
"Vendor Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-329xx/CVE-2023-32956.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32956",
"sourceIdentifier": "security@synology.com",
"published": "2023-05-16T08:15:08.743",
"lastModified": "2023-05-16T10:46:36.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T15:09:54.967",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security@synology.com",
"type": "Secondary",
@ -46,10 +66,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.2",
"versionEndExcluding": "1.2.5-8227-6",
"matchCriteriaId": "9701AC9D-05E6-4EAA-BD8D-E7993E92CFA0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.3",
"versionEndExcluding": "1.3.1-9346-3",
"matchCriteriaId": "5BE8A994-AE91-473C-9E84-42F72585700F"
}
]
}
]
}
],
"references": [
{
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_22_25",
"source": "security@synology.com"
"source": "security@synology.com",
"tags": [
"Vendor Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-333xx/CVE-2023-33355.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33355",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-25T14:15:10.850",
"lastModified": "2023-05-25T15:58:29.613",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IceCMS v1.0.0 has Insecure Permissions. There is unauthorized access to the API, resulting in the disclosure of sensitive information."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Thecosy/IceCMS/issues/7",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-333xx/CVE-2023-33356.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33356",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-25T14:15:11.030",
"lastModified": "2023-05-25T15:58:29.613",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IceCMS v1.0.0 is vulnerable to Cross Site Scripting (XSS)."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Thecosy/IceCMS/issues/8",
"source": "cve@mitre.org"
}
]
}

78
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-25T14:00:34.780103+00:00
2023-05-25T16:00:31.639914+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-25T13:59:33.993000+00:00
2023-05-25T15:59:04.283000+00:00
```
### Last Data Feed Release
@ -29,54 +29,52 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
216022
216030
```
### CVEs added in the last Commit
Recently added CVEs: `10`
Recently added CVEs: `8`
* [CVE-2022-46810](CVE-2022/CVE-2022-468xx/CVE-2022-46810.json) (`2023-05-25T12:15:09.820`)
* [CVE-2022-46814](CVE-2022/CVE-2022-468xx/CVE-2022-46814.json) (`2023-05-25T12:15:09.893`)
* [CVE-2022-46820](CVE-2022/CVE-2022-468xx/CVE-2022-46820.json) (`2023-05-25T12:15:09.957`)
* [CVE-2022-46856](CVE-2022/CVE-2022-468xx/CVE-2022-46856.json) (`2023-05-25T12:15:10.023`)
* [CVE-2022-47136](CVE-2022/CVE-2022-471xx/CVE-2022-47136.json) (`2023-05-25T12:15:10.157`)
* [CVE-2022-47144](CVE-2022/CVE-2022-471xx/CVE-2022-47144.json) (`2023-05-25T12:15:10.227`)
* [CVE-2022-47178](CVE-2022/CVE-2022-471xx/CVE-2022-47178.json) (`2023-05-25T12:15:10.297`)
* [CVE-2022-45366](CVE-2022/CVE-2022-453xx/CVE-2022-45366.json) (`2023-05-25T13:15:09.153`)
* [CVE-2022-47174](CVE-2022/CVE-2022-471xx/CVE-2022-47174.json) (`2023-05-25T13:15:09.230`)
* [CVE-2023-2888](CVE-2023/CVE-2023-28xx/CVE-2023-2888.json) (`2023-05-25T13:15:09.310`)
* [CVE-2023-0459](CVE-2023/CVE-2023-04xx/CVE-2023-0459.json) (`2023-05-25T14:15:09.603`)
* [CVE-2023-22504](CVE-2023/CVE-2023-225xx/CVE-2023-22504.json) (`2023-05-25T14:15:09.877`)
* [CVE-2023-2480](CVE-2023/CVE-2023-24xx/CVE-2023-2480.json) (`2023-05-25T14:15:10.120`)
* [CVE-2023-2798](CVE-2023/CVE-2023-27xx/CVE-2023-2798.json) (`2023-05-25T14:15:10.320`)
* [CVE-2023-2851](CVE-2023/CVE-2023-28xx/CVE-2023-2851.json) (`2023-05-25T14:15:10.557`)
* [CVE-2023-33355](CVE-2023/CVE-2023-333xx/CVE-2023-33355.json) (`2023-05-25T14:15:10.850`)
* [CVE-2023-33356](CVE-2023/CVE-2023-333xx/CVE-2023-33356.json) (`2023-05-25T14:15:11.030`)
* [CVE-2023-32694](CVE-2023/CVE-2023-326xx/CVE-2023-32694.json) (`2023-05-25T15:15:09.027`)
### CVEs modified in the last Commit
Recently modified CVEs: `115`
Recently modified CVEs: `38`
* [CVE-2023-2883](CVE-2023/CVE-2023-28xx/CVE-2023-2883.json) (`2023-05-25T12:40:12.980`)
* [CVE-2023-2884](CVE-2023/CVE-2023-28xx/CVE-2023-2884.json) (`2023-05-25T12:40:12.980`)
* [CVE-2023-2885](CVE-2023/CVE-2023-28xx/CVE-2023-2885.json) (`2023-05-25T12:40:12.980`)
* [CVE-2023-2886](CVE-2023/CVE-2023-28xx/CVE-2023-2886.json) (`2023-05-25T12:40:12.980`)
* [CVE-2023-2887](CVE-2023/CVE-2023-28xx/CVE-2023-2887.json) (`2023-05-25T12:40:12.980`)
* [CVE-2023-27529](CVE-2023/CVE-2023-275xx/CVE-2023-27529.json) (`2023-05-25T12:40:12.980`)
* [CVE-2023-28370](CVE-2023/CVE-2023-283xx/CVE-2023-28370.json) (`2023-05-25T12:40:12.980`)
* [CVE-2023-30484](CVE-2023/CVE-2023-304xx/CVE-2023-30484.json) (`2023-05-25T12:40:12.980`)
* [CVE-2023-2045](CVE-2023/CVE-2023-20xx/CVE-2023-2045.json) (`2023-05-25T12:40:42.083`)
* [CVE-2023-2064](CVE-2023/CVE-2023-20xx/CVE-2023-2064.json) (`2023-05-25T12:40:42.083`)
* [CVE-2023-33938](CVE-2023/CVE-2023-339xx/CVE-2023-33938.json) (`2023-05-25T12:40:42.083`)
* [CVE-2023-33939](CVE-2023/CVE-2023-339xx/CVE-2023-33939.json) (`2023-05-25T12:40:42.083`)
* [CVE-2023-33940](CVE-2023/CVE-2023-339xx/CVE-2023-33940.json) (`2023-05-25T12:40:42.083`)
* [CVE-2023-31748](CVE-2023/CVE-2023-317xx/CVE-2023-31748.json) (`2023-05-25T12:40:42.083`)
* [CVE-2023-33246](CVE-2023/CVE-2023-332xx/CVE-2023-33246.json) (`2023-05-25T12:40:42.083`)
* [CVE-2023-33941](CVE-2023/CVE-2023-339xx/CVE-2023-33941.json) (`2023-05-25T12:40:42.083`)
* [CVE-2023-33942](CVE-2023/CVE-2023-339xx/CVE-2023-33942.json) (`2023-05-25T12:40:42.083`)
* [CVE-2023-33943](CVE-2023/CVE-2023-339xx/CVE-2023-33943.json) (`2023-05-25T12:40:42.083`)
* [CVE-2023-33944](CVE-2023/CVE-2023-339xx/CVE-2023-33944.json) (`2023-05-25T12:40:42.083`)
* [CVE-2023-33945](CVE-2023/CVE-2023-339xx/CVE-2023-33945.json) (`2023-05-25T12:40:42.083`)
* [CVE-2023-23447](CVE-2023/CVE-2023-234xx/CVE-2023-23447.json) (`2023-05-25T13:17:58.103`)
* [CVE-2023-23445](CVE-2023/CVE-2023-234xx/CVE-2023-23445.json) (`2023-05-25T13:39:23.143`)
* [CVE-2023-23446](CVE-2023/CVE-2023-234xx/CVE-2023-23446.json) (`2023-05-25T13:40:25.777`)
* [CVE-2023-23448](CVE-2023/CVE-2023-234xx/CVE-2023-23448.json) (`2023-05-25T13:50:47.727`)
* [CVE-2023-23449](CVE-2023/CVE-2023-234xx/CVE-2023-23449.json) (`2023-05-25T13:59:33.993`)
* [CVE-2023-32956](CVE-2023/CVE-2023-329xx/CVE-2023-32956.json) (`2023-05-25T15:09:54.967`)
* [CVE-2023-2161](CVE-2023/CVE-2023-21xx/CVE-2023-2161.json) (`2023-05-25T15:14:00.573`)
* [CVE-2023-32955](CVE-2023/CVE-2023-329xx/CVE-2023-32955.json) (`2023-05-25T15:19:39.333`)
* [CVE-2023-30501](CVE-2023/CVE-2023-305xx/CVE-2023-30501.json) (`2023-05-25T15:22:05.390`)
* [CVE-2023-2710](CVE-2023/CVE-2023-27xx/CVE-2023-2710.json) (`2023-05-25T15:25:43.933`)
* [CVE-2023-30502](CVE-2023/CVE-2023-305xx/CVE-2023-30502.json) (`2023-05-25T15:31:55.457`)
* [CVE-2023-30503](CVE-2023/CVE-2023-305xx/CVE-2023-30503.json) (`2023-05-25T15:32:10.817`)
* [CVE-2023-30504](CVE-2023/CVE-2023-305xx/CVE-2023-30504.json) (`2023-05-25T15:32:19.507`)
* [CVE-2023-30505](CVE-2023/CVE-2023-305xx/CVE-2023-30505.json) (`2023-05-25T15:32:44.243`)
* [CVE-2023-30506](CVE-2023/CVE-2023-305xx/CVE-2023-30506.json) (`2023-05-25T15:32:52.403`)
* [CVE-2023-31698](CVE-2023/CVE-2023-316xx/CVE-2023-31698.json) (`2023-05-25T15:41:38.163`)
* [CVE-2023-30507](CVE-2023/CVE-2023-305xx/CVE-2023-30507.json) (`2023-05-25T15:41:52.120`)
* [CVE-2023-30508](CVE-2023/CVE-2023-305xx/CVE-2023-30508.json) (`2023-05-25T15:42:02.047`)
* [CVE-2023-30509](CVE-2023/CVE-2023-305xx/CVE-2023-30509.json) (`2023-05-25T15:42:19.017`)
* [CVE-2023-30510](CVE-2023/CVE-2023-305xx/CVE-2023-30510.json) (`2023-05-25T15:42:58.103`)
* [CVE-2023-31699](CVE-2023/CVE-2023-316xx/CVE-2023-31699.json) (`2023-05-25T15:43:57.950`)
* [CVE-2023-31902](CVE-2023/CVE-2023-319xx/CVE-2023-31902.json) (`2023-05-25T15:46:52.150`)
* [CVE-2023-31702](CVE-2023/CVE-2023-317xx/CVE-2023-31702.json) (`2023-05-25T15:51:23.433`)
* [CVE-2023-31703](CVE-2023/CVE-2023-317xx/CVE-2023-31703.json) (`2023-05-25T15:52:01.867`)
* [CVE-2023-2773](CVE-2023/CVE-2023-27xx/CVE-2023-2773.json) (`2023-05-25T15:55:30.730`)
* [CVE-2023-2772](CVE-2023/CVE-2023-27xx/CVE-2023-2772.json) (`2023-05-25T15:56:37.780`)
* [CVE-2023-2771](CVE-2023/CVE-2023-27xx/CVE-2023-2771.json) (`2023-05-25T15:57:12.883`)
* [CVE-2023-2770](CVE-2023/CVE-2023-27xx/CVE-2023-2770.json) (`2023-05-25T15:58:23.257`)
* [CVE-2023-2888](CVE-2023/CVE-2023-28xx/CVE-2023-2888.json) (`2023-05-25T15:58:29.613`)
* [CVE-2023-2769](CVE-2023/CVE-2023-27xx/CVE-2023-2769.json) (`2023-05-25T15:59:04.283`)
## Download and Usage