admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-09 03:57:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-11-02T19:00:19.346614+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-11-02 19:00:23 +00:00
parent 884d59adcf
commit be9a0c3b0a
54 changed files with 3432 additions and 353 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
CVE-2022/CVE-2022-48xx/CVE-2022-4886.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-4886",
"sourceIdentifier": "jordan@liggitt.net",
"published": "2023-10-25T20:15:09.790",
"lastModified": "2023-10-25T21:15:09.930",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-02T18:05:23.427",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "jordan@liggitt.net",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "jordan@liggitt.net",
"type": "Secondary",
@ -50,18 +80,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kubernetes:ingress-nginx:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.8.0",
"matchCriteriaId": "54E2DB85-1B0E-44DC-928F-28B1E1B74728"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/25/5",
"source": "jordan@liggitt.net"
"source": "jordan@liggitt.net",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://github.com/kubernetes/ingress-nginx/issues/10570",
"source": "jordan@liggitt.net"
"source": "jordan@liggitt.net",
"tags": [
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://groups.google.com/g/kubernetes-security-announce/c/ge7u3qCwZLI",
"source": "jordan@liggitt.net"
"source": "jordan@liggitt.net",
"tags": [
"Mailing List",
"Mitigation"
]
}
]
}

4
CVE-2022/CVE-2022-49xx/CVE-2022-4900.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-4900",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-02T16:15:08.700",
"lastModified": "2023-11-02T16:15:08.700",
"vulnStatus": "Received",
"lastModified": "2023-11-02T18:21:28.383",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

22
CVE-2023/CVE-2023-11xx/CVE-2023-1177.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1177",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-03-24T15:15:10.193",
"lastModified": "2023-10-25T20:30:10.547",
"vulnStatus": "Analyzed",
"lastModified": "2023-11-02T18:15:08.913",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -37,41 +37,41 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 10.0,
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 9.3,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
"value": "CWE-29"
}
]
},
{
"source": "security@huntr.dev",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-29"
"value": "CWE-22"
}
]
}

12
CVE-2023/CVE-2023-331xx/CVE-2023-33186.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33186",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-30T06:16:36.237",
"lastModified": "2023-06-06T16:01:21.473",
"vulnStatus": "Analyzed",
"lastModified": "2023-11-02T17:15:11.357",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -56,7 +56,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -66,7 +66,7 @@
]
},
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
@ -99,6 +99,10 @@
}
],
"references": [
{
"url": "https://github.com/zulip/zulip/commit/03cfb3d9fe61c975d133121ec31a7357f0c9e18f",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/zulip/zulip/commit/3ca131743b00f42bad8edbac4ef92656d954c629",
"source": "security-advisories@github.com",

4
CVE-2023/CVE-2023-384xx/CVE-2023-38469.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38469",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-02T15:15:08.167",
"lastModified": "2023-11-02T15:15:08.167",
"vulnStatus": "Received",
"lastModified": "2023-11-02T18:21:28.383",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-384xx/CVE-2023-38470.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38470",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-02T15:15:08.237",
"lastModified": "2023-11-02T15:15:08.237",
"vulnStatus": "Received",
"lastModified": "2023-11-02T18:21:28.383",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-384xx/CVE-2023-38471.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38471",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-02T15:15:08.300",
"lastModified": "2023-11-02T15:15:08.300",
"vulnStatus": "Received",
"lastModified": "2023-11-02T18:21:28.383",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-384xx/CVE-2023-38472.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38472",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-02T15:15:08.363",
"lastModified": "2023-11-02T15:15:08.363",
"vulnStatus": "Received",
"lastModified": "2023-11-02T18:21:28.383",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-384xx/CVE-2023-38473.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38473",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-02T16:15:08.773",
"lastModified": "2023-11-02T16:15:08.773",
"vulnStatus": "Received",
"lastModified": "2023-11-02T18:21:28.383",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

76
CVE-2023/CVE-2023-404xx/CVE-2023-40404.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40404",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-10-25T19:15:09.157",
"lastModified": "2023-10-26T00:15:10.280",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-02T17:53:55.373",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,83 @@
"value": "Se solucion\u00f3 un problema de use-after-free con una gesti\u00f3n de memoria mejorada. Este problema se solucion\u00f3 en macOS Sonoma 14.1. Una aplicaci\u00f3n puede ejecutar c\u00f3digo arbitrario con privilegios del kernel."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FE27DF1-3AF9-4BE4-8541-565FE5BC16A2"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/24",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-404xx/CVE-2023-40405.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40405",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-10-25T19:15:09.203",
"lastModified": "2023-10-26T00:15:10.327",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-02T17:35:14.250",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,83 @@
"value": "Se solucion\u00f3 un problema de privacidad mejorando la redacci\u00f3n de datos privados para las entradas de registro. Este problema se solucion\u00f3 en macOS Sonoma 14.1. Es posible que una aplicaci\u00f3n pueda leer informaci\u00f3n confidencial de la ubicaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FE27DF1-3AF9-4BE4-8541-565FE5BC16A2"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/24",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

134
CVE-2023/CVE-2023-419xx/CVE-2023-41988.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41988",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-10-25T19:15:10.160",
"lastModified": "2023-10-26T00:15:11.190",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-02T18:00:25.943",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,43 +14,153 @@
"value": "Este problema se solucion\u00f3 restringiendo las opciones ofrecidas en un dispositivo bloqueado. Este problema se solucion\u00f3 en macOS Sonoma 14.1, watchOS 10.1, iOS 17.1 y iPadOS 17.1. Un atacante con acceso f\u00edsico puede utilizar Siri para acceder a datos confidenciales del usuario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.1",
"matchCriteriaId": "387C5D63-833F-4407-A402-501DEF4E15AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.1",
"matchCriteriaId": "F53A32D0-DB67-40D7-B14E-3963E696A77E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.1",
"matchCriteriaId": "F9F52915-10F1-4514-B839-F6DC74B53555"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.1",
"matchCriteriaId": "F88E7355-ECFB-4EB0-9579-0C954C25355F"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/19",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/24",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/25",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213982",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213988",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213982",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213988",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

78
CVE-2023/CVE-2023-419xx/CVE-2023-41989.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41989",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-10-25T19:15:10.210",
"lastModified": "2023-10-26T00:15:11.237",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-02T18:02:01.663",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,85 @@
"value": "El problema se solucion\u00f3 restringiendo las opciones ofrecidas en un dispositivo bloqueado. Este problema se solucion\u00f3 en macOS Sonoma 14.1. Un atacante puede ejecutar c\u00f3digo arbitrario como root desde la pantalla de bloqueo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.1",
"matchCriteriaId": "F9F52915-10F1-4514-B839-F6DC74B53555"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/24",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

164
CVE-2023/CVE-2023-419xx/CVE-2023-41997.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41997",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-10-25T19:15:10.257",
"lastModified": "2023-10-26T00:15:11.283",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-02T18:05:34.847",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,55 +14,189 @@
"value": "Este problema se solucion\u00f3 restringiendo las opciones ofrecidas en un dispositivo bloqueado. Este problema se solucion\u00f3 en macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 y iPadOS 16.7.2, iOS 17.1 y iPadOS 17.1. Un atacante con acceso f\u00edsico puede utilizar Siri para acceder a datos confidenciales del usuario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.2",
"matchCriteriaId": "3DFB829A-82EA-40BB-81F9-AD4F69F24ABA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.1",
"matchCriteriaId": "387C5D63-833F-4407-A402-501DEF4E15AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.2",
"matchCriteriaId": "5EB9EAAE-441A-4844-BCB2-1716FD9ACE85"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.1",
"matchCriteriaId": "F53A32D0-DB67-40D7-B14E-3963E696A77E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.1",
"matchCriteriaId": "F9F52915-10F1-4514-B839-F6DC74B53555"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.1",
"matchCriteriaId": "F88E7355-ECFB-4EB0-9579-0C954C25355F"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/19",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/23",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/24",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/25",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213981",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213982",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213988",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213981",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213982",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213988",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

78
CVE-2023/CVE-2023-424xx/CVE-2023-42438.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42438",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-10-25T19:15:10.297",
"lastModified": "2023-10-26T00:15:11.327",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-02T18:10:51.867",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,85 @@
"value": "Se solucion\u00f3 un problema de interfaz de usuario inconsistente con una gesti\u00f3n del estado mejorada. Este problema se solucion\u00f3 en macOS Sonoma 14.1. Visitar un sitio web malicioso puede provocar una suplantaci\u00f3n de la interfaz de usuario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.1",
"matchCriteriaId": "F9F52915-10F1-4514-B839-F6DC74B53555"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/24",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

165
CVE-2023/CVE-2023-428xx/CVE-2023-42841.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42841",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-10-25T19:15:10.433",
"lastModified": "2023-10-26T00:15:11.373",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-02T17:04:47.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,55 +14,190 @@
"value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en macOS Sonoma 14.1, iOS 17.1 y iPadOS 17.1, iOS 16.7.2 y iPadOS 16.7.2, macOS Ventura 13.6.1. Una aplicaci\u00f3n puede ejecutar c\u00f3digo arbitrario con privilegios del kernel."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.2",
"matchCriteriaId": "3DFB829A-82EA-40BB-81F9-AD4F69F24ABA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.1",
"matchCriteriaId": "387C5D63-833F-4407-A402-501DEF4E15AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.2",
"matchCriteriaId": "5EB9EAAE-441A-4844-BCB2-1716FD9ACE85"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.1",
"matchCriteriaId": "F53A32D0-DB67-40D7-B14E-3963E696A77E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6.1",
"matchCriteriaId": "85B6F336-AA76-4706-AD68-BCDFFB48358B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.1",
"matchCriteriaId": "F9F52915-10F1-4514-B839-F6DC74B53555"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/19",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/23",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/24",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/26",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213981",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213982",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213985",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213981",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213982",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213985",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

78
CVE-2023/CVE-2023-428xx/CVE-2023-42842.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42842",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-10-25T19:15:10.483",
"lastModified": "2023-10-26T00:15:11.427",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-02T18:08:01.803",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,85 @@
"value": "El problema se solucion\u00f3 con controles mejorados. Este problema se solucion\u00f3 en macOS Sonoma 14.1. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.1",
"matchCriteriaId": "F9F52915-10F1-4514-B839-F6DC74B53555"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/24",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

128
CVE-2023/CVE-2023-428xx/CVE-2023-42844.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42844",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-10-25T19:15:10.537",
"lastModified": "2023-10-26T00:15:11.477",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-02T18:08:23.333",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,43 +14,147 @@
"value": "Este problema se solucion\u00f3 mejorando el manejo de los enlaces simb\u00f3licos. Este problema se solucion\u00f3 en macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. Un sitio web puede acceder a datos confidenciales del usuario al resolver enlaces simb\u00f3licos."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.7.1",
"matchCriteriaId": "7C0B29FA-3C4E-4F6E-A39E-D7B46CD5A614"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6.1",
"matchCriteriaId": "85B6F336-AA76-4706-AD68-BCDFFB48358B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.1",
"matchCriteriaId": "F9F52915-10F1-4514-B839-F6DC74B53555"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/21",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/24",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/26",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213983",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213985",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213983",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213985",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

110
CVE-2023/CVE-2023-428xx/CVE-2023-42845.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42845",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-10-25T19:15:10.587",
"lastModified": "2023-10-26T00:15:11.527",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-02T18:08:38.750",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,31 +14,123 @@
"value": "Se solucion\u00f3 un problema de autenticaci\u00f3n con una gesti\u00f3n del estado mejorada. Este problema se solucion\u00f3 en macOS Sonoma 14.1, iOS 17.1 y iPadOS 17.1. Las fotos del \u00c1lbum de Fotos Ocultas se pueden ver sin autenticaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.1",
"matchCriteriaId": "387C5D63-833F-4407-A402-501DEF4E15AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.1",
"matchCriteriaId": "F53A32D0-DB67-40D7-B14E-3963E696A77E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.1",
"matchCriteriaId": "F9F52915-10F1-4514-B839-F6DC74B53555"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/19",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/24",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213982",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213982",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

163
CVE-2023/CVE-2023-428xx/CVE-2023-42846.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42846",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-10-25T19:15:10.637",
"lastModified": "2023-10-26T00:15:11.577",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-02T18:13:54.607",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,55 +14,188 @@
"value": "Este problema se solucion\u00f3 eliminando el c\u00f3digo vulnerable. Este problema se solucion\u00f3 en watchOS 10.1, iOS 16.7.2 y iPadOS 16.7.2, tvOS 17.1, iOS 17.1 y iPadOS 17.1. Un dispositivo puede ser rastreado pasivamente por su direcci\u00f3n MAC de Wi-Fi."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.2",
"matchCriteriaId": "3DFB829A-82EA-40BB-81F9-AD4F69F24ABA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.1",
"matchCriteriaId": "387C5D63-833F-4407-A402-501DEF4E15AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.2",
"matchCriteriaId": "5EB9EAAE-441A-4844-BCB2-1716FD9ACE85"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.1",
"matchCriteriaId": "F53A32D0-DB67-40D7-B14E-3963E696A77E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.1",
"matchCriteriaId": "6B71C095-CFB3-42E1-8582-0AD365DA7855"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.1",
"matchCriteriaId": "F88E7355-ECFB-4EB0-9579-0C954C25355F"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/19",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/22",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/23",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/25",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213981",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213982",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213987",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213988",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213981",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213982",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213987",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213988",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

110
CVE-2023/CVE-2023-428xx/CVE-2023-42847.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42847",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-10-25T19:15:10.687",
"lastModified": "2023-10-26T00:15:11.623",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-02T18:14:06.320",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,31 +14,123 @@
"value": "Se solucion\u00f3 un problema de l\u00f3gica con controles mejorados. Este problema se solucion\u00f3 en macOS Sonoma 14.1, iOS 17.1 y iPadOS 17.1. Un atacante puede acceder a las claves de acceso sin autenticaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.1",
"matchCriteriaId": "387C5D63-833F-4407-A402-501DEF4E15AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.1",
"matchCriteriaId": "F53A32D0-DB67-40D7-B14E-3963E696A77E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.1",
"matchCriteriaId": "F9F52915-10F1-4514-B839-F6DC74B53555"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/19",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/24",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213982",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213982",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

214
CVE-2023/CVE-2023-428xx/CVE-2023-42849.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42849",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-10-25T19:15:10.737",
"lastModified": "2023-10-26T00:15:11.673",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-02T18:16:45.047",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,79 +14,251 @@
"value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en iOS 17.1 y iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 y iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. Un atacante que ya haya logrado la ejecuci\u00f3n del c\u00f3digo del kernel puede evitar las mitigaciones de memoria del kernel."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.2",
"matchCriteriaId": "3DFB829A-82EA-40BB-81F9-AD4F69F24ABA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.1",
"matchCriteriaId": "387C5D63-833F-4407-A402-501DEF4E15AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.2",
"matchCriteriaId": "5EB9EAAE-441A-4844-BCB2-1716FD9ACE85"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.1",
"matchCriteriaId": "F53A32D0-DB67-40D7-B14E-3963E696A77E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.7.1",
"matchCriteriaId": "7C0B29FA-3C4E-4F6E-A39E-D7B46CD5A614"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6.1",
"matchCriteriaId": "85B6F336-AA76-4706-AD68-BCDFFB48358B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.1",
"matchCriteriaId": "F9F52915-10F1-4514-B839-F6DC74B53555"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.1",
"matchCriteriaId": "F88E7355-ECFB-4EB0-9579-0C954C25355F"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/19",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/21",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/23",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/24",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/25",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/26",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213981",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213982",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213983",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213985",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213988",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213981",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213982",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213983",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213985",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213988",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

78
CVE-2023/CVE-2023-428xx/CVE-2023-42850.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42850",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-10-25T19:15:10.793",
"lastModified": "2023-10-26T00:15:11.723",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-02T18:25:04.260",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,85 @@
"value": "El problema se solucion\u00f3 con una l\u00f3gica de permisos mejorada. Este problema se solucion\u00f3 en macOS Sonoma 14.1. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.1",
"matchCriteriaId": "F9F52915-10F1-4514-B839-F6DC74B53555"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/24",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

176
CVE-2023/CVE-2023-428xx/CVE-2023-42852.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42852",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-10-25T19:15:10.843",
"lastModified": "2023-10-26T00:15:11.773",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-02T18:25:16.560",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,55 +14,201 @@
"value": "Se solucion\u00f3 un problema l\u00f3gico con controles mejorados. Este problema se solucion\u00f3 en iOS 17.1 y iPadOS 17.1, watchOS 10.1, iOS 16.7.2 y iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. El procesamiento de contenido web puede dar lugar a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.1",
"matchCriteriaId": "84250563-E42D-4F36-ACB0-081804E27FA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.2",
"matchCriteriaId": "3DFB829A-82EA-40BB-81F9-AD4F69F24ABA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.1",
"matchCriteriaId": "387C5D63-833F-4407-A402-501DEF4E15AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7.2",
"matchCriteriaId": "5EB9EAAE-441A-4844-BCB2-1716FD9ACE85"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.1",
"matchCriteriaId": "F53A32D0-DB67-40D7-B14E-3963E696A77E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.1",
"matchCriteriaId": "F9F52915-10F1-4514-B839-F6DC74B53555"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.1",
"matchCriteriaId": "6B71C095-CFB3-42E1-8582-0AD365DA7855"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.1",
"matchCriteriaId": "F88E7355-ECFB-4EB0-9579-0C954C25355F"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/19",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/22",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/23",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/24",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/25",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/27",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213981",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213982",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213986",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213987",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213988",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

128
CVE-2023/CVE-2023-428xx/CVE-2023-42854.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42854",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-10-25T19:15:10.890",
"lastModified": "2023-10-26T00:15:11.827",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-02T17:59:51.330",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,43 +14,147 @@
"value": "Este problema se solucion\u00f3 eliminando el c\u00f3digo vulnerable. Este problema se solucion\u00f3 en macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. Es posible que una aplicaci\u00f3n pueda provocar una denegaci\u00f3n de servicio a los clientes de Endpoint Security."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.7.1",
"matchCriteriaId": "BA796DD3-80AF-4E65-8080-EC309577F00D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6.1",
"matchCriteriaId": "85B6F336-AA76-4706-AD68-BCDFFB48358B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.1",
"matchCriteriaId": "F9F52915-10F1-4514-B839-F6DC74B53555"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/21",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/24",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/26",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213983",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Product",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Product",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213985",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Product",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213983",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Product",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Product",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213985",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Product",
"Vendor Advisory"
]
}
]
}

128
CVE-2023/CVE-2023-428xx/CVE-2023-42856.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42856",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-10-25T19:15:10.937",
"lastModified": "2023-10-26T00:15:11.877",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-02T18:00:05.630",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,43 +14,147 @@
"value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. El procesamiento de un archivo puede provocar la finalizaci\u00f3n inesperada de la aplicaci\u00f3n o la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.7.1",
"matchCriteriaId": "BA796DD3-80AF-4E65-8080-EC309577F00D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6.1",
"matchCriteriaId": "85B6F336-AA76-4706-AD68-BCDFFB48358B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.1",
"matchCriteriaId": "F9F52915-10F1-4514-B839-F6DC74B53555"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/21",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/24",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/26",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213983",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213985",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213983",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213985",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

108
CVE-2023/CVE-2023-428xx/CVE-2023-42857.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42857",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-10-25T19:15:10.983",
"lastModified": "2023-10-26T00:15:11.927",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-02T18:00:33.847",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,31 +14,121 @@
"value": "Se solucion\u00f3 un problema de privacidad mejorando la redacci\u00f3n de datos privados para las entradas de registro. Este problema se solucion\u00f3 en macOS Sonoma 14.1, iOS 17.1 y iPadOS 17.1. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.1",
"matchCriteriaId": "184CC207-6594-4A52-AC99-B74BCF8A2A35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.1",
"matchCriteriaId": "434A55CA-5660-4F40-B4A2-5ABAF4CA7263"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.1",
"matchCriteriaId": "F9F52915-10F1-4514-B839-F6DC74B53555"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/19",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/24",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213982",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213982",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

78
CVE-2023/CVE-2023-428xx/CVE-2023-42861.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42861",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-10-25T19:15:11.027",
"lastModified": "2023-10-26T00:15:11.970",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-02T18:00:52.297",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,85 @@
"value": "Se abord\u00f3 una cuesti\u00f3n l\u00f3gica con una mejor gesti\u00f3n del estado. Este problema se solucion\u00f3 en macOS Sonoma 14.1. Un atacante con conocimiento de las credenciales de un usuario est\u00e1ndar puede desbloquear la pantalla bloqueada de otro usuario est\u00e1ndar en la misma Mac."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.1",
"matchCriteriaId": "F9F52915-10F1-4514-B839-F6DC74B53555"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/24",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213984",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-42xx/CVE-2023-4217.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-4217",
"sourceIdentifier": "psirt@moxa.com",
"published": "2023-11-02T17:15:11.610",
"lastModified": "2023-11-02T18:21:28.383",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized access and manipulation.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@moxa.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@moxa.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1004"
}
]
}
],
"references": [
{
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230203-pt-g503-series-multiple-vulnerabilities",
"source": "psirt@moxa.com"
}
]
}

16
CVE-2023/CVE-2023-438xx/CVE-2023-43800.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43800",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-18T22:15:09.173",
"lastModified": "2023-10-30T12:25:25.967",
"vulnStatus": "Analyzed",
"lastModified": "2023-11-02T18:15:09.043",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -60,7 +60,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -70,7 +70,7 @@
]
},
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
@ -99,12 +99,20 @@
}
],
"references": [
{
"url": "https://github.com/arduino/arduino-create-agent/releases/tag/1.3.3",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/arduino/arduino-create-agent/security/advisories/GHSA-4x5q-q7wc-q22p",
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.nozominetworks.com/blog/security-flaws-affect-a-component-of-the-arduino-create-cloud-ide",
"source": "security-advisories@github.com"
}
]
}

16
CVE-2023/CVE-2023-438xx/CVE-2023-43801.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43801",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-18T22:15:09.247",
"lastModified": "2023-10-30T12:38:24.330",
"vulnStatus": "Analyzed",
"lastModified": "2023-11-02T18:15:09.133",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -60,7 +60,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -70,7 +70,7 @@
]
},
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
@ -99,12 +99,20 @@
}
],
"references": [
{
"url": "https://github.com/arduino/arduino-create-agent/releases/tag/1.3.3",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/arduino/arduino-create-agent/security/advisories/GHSA-mjq6-pv9c-qppq",
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.nozominetworks.com/blog/security-flaws-affect-a-component-of-the-arduino-create-cloud-ide",
"source": "security-advisories@github.com"
}
]
}

16
CVE-2023/CVE-2023-438xx/CVE-2023-43802.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43802",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-18T21:15:09.187",
"lastModified": "2023-10-30T12:58:20.887",
"vulnStatus": "Analyzed",
"lastModified": "2023-11-02T18:15:09.217",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -60,7 +60,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -70,7 +70,7 @@
]
},
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
@ -99,12 +99,20 @@
}
],
"references": [
{
"url": "https://github.com/arduino/arduino-create-agent/releases/tag/1.3.3",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/arduino/arduino-create-agent/security/advisories/GHSA-75j7-w798-cwwx",
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.nozominetworks.com/blog/security-flaws-affect-a-component-of-the-arduino-create-cloud-ide",
"source": "security-advisories@github.com"
}
]
}

16
CVE-2023/CVE-2023-438xx/CVE-2023-43803.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43803",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-18T21:15:09.260",
"lastModified": "2023-10-30T12:46:57.553",
"vulnStatus": "Analyzed",
"lastModified": "2023-11-02T18:15:09.303",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -60,7 +60,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -70,7 +70,7 @@
]
},
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
@ -99,12 +99,20 @@
}
],
"references": [
{
"url": "https://github.com/arduino/arduino-create-agent/releases/tag/1.3.3",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/arduino/arduino-create-agent/security/advisories/GHSA-m5jc-r4gf-c6p8",
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.nozominetworks.com/blog/security-flaws-affect-a-component-of-the-arduino-create-cloud-ide",
"source": "security-advisories@github.com"
}
]
}

139
CVE-2023/CVE-2023-451xx/CVE-2023-45134.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45134",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-25T20:15:11.860",
"lastModified": "2023-10-25T20:31:55.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-02T18:06:10.833",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,18 +80,117 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.1.1",
"versionEndExcluding": "13.4",
"matchCriteriaId": "8A146D81-B4C9-40D7-9780-8E4DFF51951A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.10",
"versionEndExcluding": "14.10.2",
"matchCriteriaId": "5338BB78-3138-4025-8C58-C1F500A716B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:2.4:milestone2:*:*:*:*:*:*",
"matchCriteriaId": "9FAFF67A-3777-44B7-B460-7A309D8B0CA2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:2.5:milestone2:*:*:*:*:*:*",
"matchCriteriaId": "37D367C2-4799-4133-AEAC-18B6269481FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "B80CC851-2324-437A-B4A5-06A5EB2FE180"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:3.0:milestone_2:*:*:*:*:*:*",
"matchCriteriaId": "F5F1C457-1591-4025-BD49-BABB9BA9762F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:3.0:milestone1:*:*:*:*:*:*",
"matchCriteriaId": "7BEE764B-ED54-43D8-9748-DE57B5F1D701"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:3.0:milestone2:*:*:*:*:*:*",
"matchCriteriaId": "90C4A1EA-8B6A-4FE8-985B-EB924DA3A826"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:3.0:milestone3:*:*:*:*:*:*",
"matchCriteriaId": "A45A230D-909F-42D3-836D-95660805B094"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:3.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6400CA62-5250-4BA5-A94B-7D529CDBE38E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "354538B6-6468-4BFE-AA82-62664F8F17A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:3.1:-:*:*:*:*:*:*",
"matchCriteriaId": "DEEE5DB5-54FC-40D2-891C-70E41115A464"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:3.1:milestone1:*:*:*:*:*:*",
"matchCriteriaId": "951DC6B5-F7BE-4FF4-9B2B-5ECCD2A07FE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:3.1:milestone2:*:*:*:*:*:*",
"matchCriteriaId": "E4D018E2-67B9-4D5A-AF97-4804EE834B68"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/commit/ba56fda175156dd35035f2b8c86cbd8ef1f90c2e",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-gr82-8fj2-ggc3",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20962",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
]
}
]
}

90
CVE-2023/CVE-2023-451xx/CVE-2023-45135.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45135",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-25T20:15:11.933",
"lastModified": "2023-10-25T20:31:55.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-02T18:06:56.367",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-116"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,18 +80,68 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.3",
"versionEndExcluding": "14.10.12",
"matchCriteriaId": "F42D13DD-5877-438F-9976-AC8DC0EA5ADA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.5",
"matchCriteriaId": "CC654D33-71EE-4374-84CD-B964D1D135BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:7.2:milestone2:*:*:*:*:*:*",
"matchCriteriaId": "C2A06C6F-1DBA-4E6D-901A-096F16C08D49"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:7.2:milestone3:*:*:*:*:*:*",
"matchCriteriaId": "470D146C-5EBF-4399-BF0C-26D9CC48DE0F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/commit/199e27ce7016757e66fa7cea99e718044a1b639b",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-ghf6-2f42-mjh9",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20869",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
]
}
]
}

84
CVE-2023/CVE-2023-451xx/CVE-2023-45136.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45136",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-25T20:15:12.007",
"lastModified": "2023-10-25T20:31:55.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-02T18:07:17.137",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,18 +80,62 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "14.10.12",
"matchCriteriaId": "4873A05F-61F3-4A1D-8514-A2C2E9EE84F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.5",
"matchCriteriaId": "CC654D33-71EE-4374-84CD-B964D1D135BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:15.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "40634997-806A-4E47-A58C-CE20ADD02134"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/commit/ba56fda175156dd35035f2b8c86cbd8ef1f90c2e",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-qcj9-gcpg-4w2w",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20854",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-453xx/CVE-2023-45338.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45338",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T15:15:08.433",
"lastModified": "2023-11-02T15:15:08.433",
"vulnStatus": "Received",
"lastModified": "2023-11-02T18:21:28.383",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-453xx/CVE-2023-45345.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45345",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T15:15:08.537",
"lastModified": "2023-11-02T15:15:08.537",
"vulnStatus": "Received",
"lastModified": "2023-11-02T18:21:28.383",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-453xx/CVE-2023-45346.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45346",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T15:15:08.640",
"lastModified": "2023-11-02T15:15:08.640",
"vulnStatus": "Received",
"lastModified": "2023-11-02T18:21:28.383",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-453xx/CVE-2023-45347.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45347",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T15:15:08.747",
"lastModified": "2023-11-02T15:15:08.747",
"vulnStatus": "Received",
"lastModified": "2023-11-02T18:21:28.383",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2023/CVE-2023-462xx/CVE-2023-46255.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-46255",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-31T16:15:10.007",
"lastModified": "2023-10-31T17:07:44.967",
"lastModified": "2023-11-02T17:15:11.483",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Prior to version 1.27.0, when the provided datastore URI is malformed (e.g. by having a password which contains `:`) the full URI (including the provided password) is printed, so that the password is shown in the logs. Version 1.27.0 patches this issue."
"value": "SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Prior to version 1.27.0-rc1, when the provided datastore URI is malformed (e.g. by having a password which contains `:`) the full URI (including the provided password) is printed, so that the password is shown in the logs. Version 1.27.0-rc1 patches this issue."
},
{
"lang": "es",
"value": "SpiceDB es una base de datos de c\u00f3digo abierto inspirada en Google Zanz\u00edbar para crear y administrar permisos de aplicaciones cr\u00edticas para la seguridad. Antes de la versi\u00f3n 1.27.0-rc1, cuando el URI del almac\u00e9n de datos proporcionado tiene un formato incorrecto (por ejemplo, al tener una contrase\u00f1a que contiene `:`), se imprime el URI completo (incluida la contrase\u00f1a proporcionada), de modo que la contrase\u00f1a se muestra en los registros. La versi\u00f3n 1.27.0-rc1 soluciona este problema."
}
],
"metrics": {

4
CVE-2023/CVE-2023-467xx/CVE-2023-46725.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46725",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-02T15:15:08.847",
"lastModified": "2023-11-02T15:15:08.847",
"vulnStatus": "Received",
"lastModified": "2023-11-02T18:21:28.383",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

20
CVE-2023/CVE-2023-469xx/CVE-2023-46925.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-46925",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-02T17:15:11.567",
"lastModified": "2023-11-02T18:21:28.383",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Reportico 7.1.21 is vulnerable to Cross Site Scripting (XSS)."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/reportico-web/reportico/issues/47",
"source": "cve@mitre.org"
}
]
}

55
CVE-2023/CVE-2023-50xx/CVE-2023-5035.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-5035",
"sourceIdentifier": "psirt@moxa.com",
"published": "2023-11-02T17:15:11.677",
"lastModified": "2023-11-02T18:21:28.383",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in PT-G503 Series firmware versions prior to v5.2, where the Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the cookie to be transmitted in plaintext over an HTTP session. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized access and manipulation.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@moxa.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@moxa.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-614"
}
]
}
],
"references": [
{
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230203-pt-g503-series-multiple-vulnerabilities",
"source": "psirt@moxa.com"
}
]
}

71
CVE-2023/CVE-2023-50xx/CVE-2023-5043.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5043",
"sourceIdentifier": "jordan@liggitt.net",
"published": "2023-10-25T20:15:18.037",
"lastModified": "2023-10-25T21:15:10.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-02T17:54:38.423",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "jordan@liggitt.net",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
},
{
"source": "jordan@liggitt.net",
"type": "Secondary",
@ -50,18 +80,49 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kubernetes:ingress-nginx:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.9.0",
"matchCriteriaId": "B1FAA6D4-954E-4E5F-AB9A-61E1A3F9CD9B"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/25/4",
"source": "jordan@liggitt.net"
"source": "jordan@liggitt.net",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://github.com/kubernetes/ingress-nginx/issues/10571",
"source": "jordan@liggitt.net"
"source": "jordan@liggitt.net",
"tags": [
"Issue Tracking",
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://groups.google.com/g/kubernetes-security-announce/c/pVsXsOpxYZo",
"source": "jordan@liggitt.net"
"source": "jordan@liggitt.net",
"tags": [
"Mailing List",
"Mitigation"
]
}
]
}

71
CVE-2023/CVE-2023-50xx/CVE-2023-5044.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5044",
"sourceIdentifier": "jordan@liggitt.net",
"published": "2023-10-25T20:15:18.187",
"lastModified": "2023-10-25T21:15:10.457",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-02T17:45:26.790",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "jordan@liggitt.net",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{
"source": "jordan@liggitt.net",
"type": "Secondary",
@ -50,18 +80,49 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kubernetes:ingress-nginx:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.9.0",
"matchCriteriaId": "B1FAA6D4-954E-4E5F-AB9A-61E1A3F9CD9B"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/25/3",
"source": "jordan@liggitt.net"
"source": "jordan@liggitt.net",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://github.com/kubernetes/ingress-nginx/issues/10572",
"source": "jordan@liggitt.net"
"source": "jordan@liggitt.net",
"tags": [
"Issue Tracking",
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://groups.google.com/g/kubernetes-security-announce/c/ukuYYvRNel0",
"source": "jordan@liggitt.net"
"source": "jordan@liggitt.net",
"tags": [
"Mailing List",
"Mitigation"
]
}
]
}

62
CVE-2023/CVE-2023-51xx/CVE-2023-5126.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5126",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-10-25T18:17:42.807",
"lastModified": "2023-10-25T20:31:55.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-02T18:15:22.590",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -50,14 +80,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cmc3215:delete_me:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.0",
"matchCriteriaId": "98BFC825-6F97-49F2-A803-B4506CC1086D"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/delete-me/tags/3.0/inc/shortcode.php#L83",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7a5123a7-8eb4-481e-88fe-6310be37a077?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

152
CVE-2023/CVE-2023-53xx/CVE-2023-5367.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5367",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-25T20:15:18.323",
"lastModified": "2023-10-29T04:15:11.430",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-02T17:21:49.773",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -38,30 +58,146 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "21.1.9",
"matchCriteriaId": "B4D6FB0F-4CC4-4BFD-95A5-F98390B90BAA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*",
"versionEndExcluding": "23.2.2",
"matchCriteriaId": "113473EA-6098-4731-A8A0-4A7F4C5E5896"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5367",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243091",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEDJN4VFN57K5POOC7BNVD6L6WUUCSG6/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN6KV4XGQJRVAOSM5C3CWMVAXO53COIP/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.x.org/archives/xorg-announce/2023-October/003430.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5534",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}
]
}

146
CVE-2023/CVE-2023-53xx/CVE-2023-5380.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5380",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-25T20:15:18.503",
"lastModified": "2023-10-29T04:15:11.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-02T17:16:32.940",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -38,26 +58,138 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "21.1.9",
"matchCriteriaId": "B4D6FB0F-4CC4-4BFD-95A5-F98390B90BAA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*",
"versionEndExcluding": "23.2.2",
"matchCriteriaId": "113473EA-6098-4731-A8A0-4A7F4C5E5896"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5380",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244736",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN6KV4XGQJRVAOSM5C3CWMVAXO53COIP/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.x.org/archives/xorg-announce/2023-October/003430.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5534",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}
]
}

91
CVE-2023/CVE-2023-55xx/CVE-2023-5574.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5574",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-25T20:15:18.717",
"lastModified": "2023-10-25T20:31:55.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-02T17:15:06.813",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -38,18 +58,79 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "21.1.9",
"matchCriteriaId": "B4D6FB0F-4CC4-4BFD-95A5-F98390B90BAA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*",
"versionEndExcluding": "23.2.2",
"matchCriteriaId": "113473EA-6098-4731-A8A0-4A7F4C5E5896"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5574",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244735",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://lists.x.org/archives/xorg-announce/2023-October/003430.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

67
CVE-2023/CVE-2023-57xx/CVE-2023-5740.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5740",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-10-25T18:17:44.550",
"lastModified": "2023-10-25T20:31:55.900",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-02T18:26:46.600",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -50,18 +80,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ninjateam:live_chat_with_facebook_messenger:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0",
"matchCriteriaId": "13650758-D290-49B8-9E8A-4DDB2F59B1B2"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-facebook-messenger/trunk/frontend/shortcode.php#L22",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/wp-facebook-messenger/trunk/frontend/shortcode.php#L32",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/aa32a790-242f-4142-9f4d-e1b2a07045bb?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2023/CVE-2023-57xx/CVE-2023-5744.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5744",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-10-25T18:17:44.627",
"lastModified": "2023-10-25T20:31:55.900",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-02T18:32:10.630",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -50,18 +80,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:very_simple_google_maps_project:very_simple_google_maps:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.9",
"matchCriteriaId": "095A785B-0F0E-43E1-B06D-42FED37B187F"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/very-simple-google-maps/trunk/very-simple-google-maps.php?rev=2941389#L22",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2982539/very-simple-google-maps#file1",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fca7837c-ad24-44ce-b073-7df3f8bc4300?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-58xx/CVE-2023-5846.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-5846",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-11-02T17:15:11.747",
"lastModified": "2023-11-02T18:21:28.383",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nFranklin Fueling System TS-550 versions prior to 1.9.23.8960 are vulnerable to attackers decoding admin credentials, resulting in unauthenticated access to the device.\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-916"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-306-04",
"source": "ics-cert@hq.dhs.gov"
}
]
}

70
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-11-02T17:00:19.547330+00:00
2023-11-02T19:00:19.346614+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-11-02T16:15:08.773000+00:00
2023-11-02T18:32:10.630000+00:00
```
### Last Data Feed Release
@ -29,50 +29,48 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
229635
229639
```
### CVEs added in the last Commit
Recently added CVEs: `11`
Recently added CVEs: `4`
* [CVE-2022-4900](CVE-2022/CVE-2022-49xx/CVE-2022-4900.json) (`2023-11-02T16:15:08.700`)
* [CVE-2023-38469](CVE-2023/CVE-2023-384xx/CVE-2023-38469.json) (`2023-11-02T15:15:08.167`)
* [CVE-2023-38470](CVE-2023/CVE-2023-384xx/CVE-2023-38470.json) (`2023-11-02T15:15:08.237`)
* [CVE-2023-38471](CVE-2023/CVE-2023-384xx/CVE-2023-38471.json) (`2023-11-02T15:15:08.300`)
* [CVE-2023-38472](CVE-2023/CVE-2023-384xx/CVE-2023-38472.json) (`2023-11-02T15:15:08.363`)
* [CVE-2023-45338](CVE-2023/CVE-2023-453xx/CVE-2023-45338.json) (`2023-11-02T15:15:08.433`)
* [CVE-2023-45345](CVE-2023/CVE-2023-453xx/CVE-2023-45345.json) (`2023-11-02T15:15:08.537`)
* [CVE-2023-45346](CVE-2023/CVE-2023-453xx/CVE-2023-45346.json) (`2023-11-02T15:15:08.640`)
* [CVE-2023-45347](CVE-2023/CVE-2023-453xx/CVE-2023-45347.json) (`2023-11-02T15:15:08.747`)
* [CVE-2023-46725](CVE-2023/CVE-2023-467xx/CVE-2023-46725.json) (`2023-11-02T15:15:08.847`)
* [CVE-2023-38473](CVE-2023/CVE-2023-384xx/CVE-2023-38473.json) (`2023-11-02T16:15:08.773`)
* [CVE-2023-46925](CVE-2023/CVE-2023-469xx/CVE-2023-46925.json) (`2023-11-02T17:15:11.567`)
* [CVE-2023-4217](CVE-2023/CVE-2023-42xx/CVE-2023-4217.json) (`2023-11-02T17:15:11.610`)
* [CVE-2023-5035](CVE-2023/CVE-2023-50xx/CVE-2023-5035.json) (`2023-11-02T17:15:11.677`)
* [CVE-2023-5846](CVE-2023/CVE-2023-58xx/CVE-2023-5846.json) (`2023-11-02T17:15:11.747`)
### CVEs modified in the last Commit
Recently modified CVEs: `20`
Recently modified CVEs: `49`
* [CVE-2021-39289](CVE-2021/CVE-2021-392xx/CVE-2021-39289.json) (`2023-11-02T15:45:31.337`)
* [CVE-2021-39291](CVE-2021/CVE-2021-392xx/CVE-2021-39291.json) (`2023-11-02T15:47:22.630`)
* [CVE-2021-39290](CVE-2021/CVE-2021-392xx/CVE-2021-39290.json) (`2023-11-02T15:48:19.867`)
* [CVE-2023-46396](CVE-2023/CVE-2023-463xx/CVE-2023-46396.json) (`2023-11-02T15:03:59.683`)
* [CVE-2023-41072](CVE-2023/CVE-2023-410xx/CVE-2023-41072.json) (`2023-11-02T15:05:05.677`)
* [CVE-2023-41077](CVE-2023/CVE-2023-410xx/CVE-2023-41077.json) (`2023-11-02T15:14:27.267`)
* [CVE-2023-41254](CVE-2023/CVE-2023-412xx/CVE-2023-41254.json) (`2023-11-02T15:20:39.743`)
* [CVE-2023-41975](CVE-2023/CVE-2023-419xx/CVE-2023-41975.json) (`2023-11-02T15:22:55.217`)
* [CVE-2023-41976](CVE-2023/CVE-2023-419xx/CVE-2023-41976.json) (`2023-11-02T15:25:34.153`)
* [CVE-2023-41977](CVE-2023/CVE-2023-419xx/CVE-2023-41977.json) (`2023-11-02T15:26:41.280`)
* [CVE-2023-41982](CVE-2023/CVE-2023-419xx/CVE-2023-41982.json) (`2023-11-02T15:27:31.617`)
* [CVE-2023-41983](CVE-2023/CVE-2023-419xx/CVE-2023-41983.json) (`2023-11-02T15:30:23.233`)
* [CVE-2023-5745](CVE-2023/CVE-2023-57xx/CVE-2023-5745.json) (`2023-11-02T15:43:50.047`)
* [CVE-2023-46070](CVE-2023/CVE-2023-460xx/CVE-2023-46070.json) (`2023-11-02T15:44:40.137`)
* [CVE-2023-0861](CVE-2023/CVE-2023-08xx/CVE-2023-0861.json) (`2023-11-02T15:44:53.700`)
* [CVE-2023-46306](CVE-2023/CVE-2023-463xx/CVE-2023-46306.json) (`2023-11-02T15:47:02.097`)
* [CVE-2023-0862](CVE-2023/CVE-2023-08xx/CVE-2023-0862.json) (`2023-11-02T15:47:45.223`)
* [CVE-2023-5085](CVE-2023/CVE-2023-50xx/CVE-2023-5085.json) (`2023-11-02T15:48:39.863`)
* [CVE-2023-45990](CVE-2023/CVE-2023-459xx/CVE-2023-45990.json) (`2023-11-02T15:56:06.930`)
* [CVE-2023-46137](CVE-2023/CVE-2023-461xx/CVE-2023-46137.json) (`2023-11-02T15:57:53.777`)
* [CVE-2023-42845](CVE-2023/CVE-2023-428xx/CVE-2023-42845.json) (`2023-11-02T18:08:38.750`)
* [CVE-2023-42438](CVE-2023/CVE-2023-424xx/CVE-2023-42438.json) (`2023-11-02T18:10:51.867`)
* [CVE-2023-42846](CVE-2023/CVE-2023-428xx/CVE-2023-42846.json) (`2023-11-02T18:13:54.607`)
* [CVE-2023-42847](CVE-2023/CVE-2023-428xx/CVE-2023-42847.json) (`2023-11-02T18:14:06.320`)
* [CVE-2023-1177](CVE-2023/CVE-2023-11xx/CVE-2023-1177.json) (`2023-11-02T18:15:08.913`)
* [CVE-2023-43800](CVE-2023/CVE-2023-438xx/CVE-2023-43800.json) (`2023-11-02T18:15:09.043`)
* [CVE-2023-43801](CVE-2023/CVE-2023-438xx/CVE-2023-43801.json) (`2023-11-02T18:15:09.133`)
* [CVE-2023-43802](CVE-2023/CVE-2023-438xx/CVE-2023-43802.json) (`2023-11-02T18:15:09.217`)
* [CVE-2023-43803](CVE-2023/CVE-2023-438xx/CVE-2023-43803.json) (`2023-11-02T18:15:09.303`)
* [CVE-2023-5126](CVE-2023/CVE-2023-51xx/CVE-2023-5126.json) (`2023-11-02T18:15:22.590`)
* [CVE-2023-42849](CVE-2023/CVE-2023-428xx/CVE-2023-42849.json) (`2023-11-02T18:16:45.047`)
* [CVE-2023-38469](CVE-2023/CVE-2023-384xx/CVE-2023-38469.json) (`2023-11-02T18:21:28.383`)
* [CVE-2023-38470](CVE-2023/CVE-2023-384xx/CVE-2023-38470.json) (`2023-11-02T18:21:28.383`)
* [CVE-2023-38471](CVE-2023/CVE-2023-384xx/CVE-2023-38471.json) (`2023-11-02T18:21:28.383`)
* [CVE-2023-38472](CVE-2023/CVE-2023-384xx/CVE-2023-38472.json) (`2023-11-02T18:21:28.383`)
* [CVE-2023-45338](CVE-2023/CVE-2023-453xx/CVE-2023-45338.json) (`2023-11-02T18:21:28.383`)
* [CVE-2023-45345](CVE-2023/CVE-2023-453xx/CVE-2023-45345.json) (`2023-11-02T18:21:28.383`)
* [CVE-2023-45346](CVE-2023/CVE-2023-453xx/CVE-2023-45346.json) (`2023-11-02T18:21:28.383`)
* [CVE-2023-45347](CVE-2023/CVE-2023-453xx/CVE-2023-45347.json) (`2023-11-02T18:21:28.383`)
* [CVE-2023-46725](CVE-2023/CVE-2023-467xx/CVE-2023-46725.json) (`2023-11-02T18:21:28.383`)
* [CVE-2023-38473](CVE-2023/CVE-2023-384xx/CVE-2023-38473.json) (`2023-11-02T18:21:28.383`)
* [CVE-2023-42850](CVE-2023/CVE-2023-428xx/CVE-2023-42850.json) (`2023-11-02T18:25:04.260`)
* [CVE-2023-42852](CVE-2023/CVE-2023-428xx/CVE-2023-42852.json) (`2023-11-02T18:25:16.560`)
* [CVE-2023-5740](CVE-2023/CVE-2023-57xx/CVE-2023-5740.json) (`2023-11-02T18:26:46.600`)
* [CVE-2023-5744](CVE-2023/CVE-2023-57xx/CVE-2023-5744.json) (`2023-11-02T18:32:10.630`)
## Download and Usage