admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-11 16:13:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-08-04T14:00:27.796323+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-08-04 14:00:31 +00:00
parent 8bceecab4f
commit befadd7192
13 changed files with 687 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
CVE-2023/CVE-2023-340xx/CVE-2023-34037.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-34037",
"sourceIdentifier": "security@vmware.com",
"published": "2023-08-04T12:15:09.703",
"lastModified": "2023-08-04T12:15:09.703",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "VMware Horizon Server contains a HTTP request smuggling vulnerability. A malicious actor with network access may be able to perform HTTP smuggle requests.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@vmware.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0017.html",
"source": "security@vmware.com"
}
]
}

43
CVE-2023/CVE-2023-340xx/CVE-2023-34038.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-34038",
"sourceIdentifier": "security@vmware.com",
"published": "2023-08-04T12:15:10.217",
"lastModified": "2023-08-04T12:15:10.217",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "VMware Horizon Server contains an information disclosure vulnerability. A malicious actor with network access may be able to access information relating to the internal network configuration.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@vmware.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0017.html",
"source": "security@vmware.com"
}
]
}

70
CVE-2023/CVE-2023-349xx/CVE-2023-34916.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-34916",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-31T16:15:10.213",
"lastModified": "2023-07-31T17:30:17.057",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-04T13:59:07.953",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Fuge CMS v1.0 contains an Open Redirect vulnerability via /front/ProcessAct.java."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cms_project:cms:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A3457BA-3319-4B5A-BC49-974B60A7B0CD"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/fuge/cms/issues/4",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://payatu.com/advisory/unvalidated-open-redirection-fuge-cms-v1-0/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-349xx/CVE-2023-34917.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-34917",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-31T16:15:10.270",
"lastModified": "2023-07-31T17:30:17.057",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-04T13:49:09.827",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Fuge CMS v1.0 contains an Open Redirect vulnerability in member/RegisterAct.java."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cms_project:cms:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A3457BA-3319-4B5A-BC49-974B60A7B0CD"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/fuge/cms/issues/3",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://payatu.com/advisory/unvalidated-redirection-vulnerability-in-fuge-cms-v1-0/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-374xx/CVE-2023-37464.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37464",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-14T21:15:08.903",
"lastModified": "2023-07-31T17:15:47.223",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-04T13:15:11.000",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -114,6 +114,10 @@
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00002.html",
"source": "security-advisories@github.com"
}
]
}

69
CVE-2023/CVE-2023-383xx/CVE-2023-38305.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-38305",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-31T15:15:10.607",
"lastModified": "2023-07-31T15:31:16.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-04T12:57:27.330",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Webmin 2.021. The download functionality allows an attacker to exploit a Cross-Site Scripting (XSS) vulnerability. By providing a crafted download path containing a malicious payload, an attacker can inject arbitrary code, which is then executed within the context of the victim's browser when the download link is accessed."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webmin:webmin:2.021:*:*:*:*:*:*:*",
"matchCriteriaId": "80238B58-DA47-4036-900B-61044249B404"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jaysharma786/Webmin-2.021/blob/main/CVE-2023-38305",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://webmin.com/tags/webmin-changelog/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

69
CVE-2023/CVE-2023-383xx/CVE-2023-38306.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-38306",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-31T15:15:10.663",
"lastModified": "2023-07-31T15:31:16.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-04T12:57:14.733",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Webmin 2.021. A Cross-site Scripting (XSS) Bypass vulnerability was discovered in the file upload functionality. Normally, the application restricts the upload of certain file types such as .svg, .php, etc., and displays an error message if a prohibited file type is detected. However, by following certain steps, an attacker can bypass these restrictions and inject malicious code."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webmin:webmin:2.021:*:*:*:*:*:*:*",
"matchCriteriaId": "80238B58-DA47-4036-900B-61044249B404"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jaysharma786/Webmin-2.021/blob/main/CVE-2023-38306",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://webmin.com/tags/webmin-changelog/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

69
CVE-2023/CVE-2023-383xx/CVE-2023-38307.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-38307",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-31T15:15:10.723",
"lastModified": "2023-07-31T15:31:16.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-04T12:56:51.953",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the Users and Groups functionality. The vulnerability occurs when an authenticated user adds a new user and inserts an XSS payload into the user's real name."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webmin:webmin:2.021:*:*:*:*:*:*:*",
"matchCriteriaId": "80238B58-DA47-4036-900B-61044249B404"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jaysharma786/Webmin-2.021/blob/main/CVE-2023-38307",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://webmin.com/tags/webmin-changelog/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

69
CVE-2023/CVE-2023-383xx/CVE-2023-38308.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-38308",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-31T15:15:10.787",
"lastModified": "2023-07-31T15:31:16.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-04T12:56:40.287",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Webmin 2.021. A Cross-Site Scripting (XSS) vulnerability was discovered in the HTTP Tunnel functionality when handling third-party domain URLs. By providing a crafted URL from a third-party domain, an attacker can inject malicious code. leading to the execution of arbitrary JavaScript code within the context of the victim's browser."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webmin:webmin:2.021:*:*:*:*:*:*:*",
"matchCriteriaId": "80238B58-DA47-4036-900B-61044249B404"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jaysharma786/Webmin-2.021/blob/main/CVE-2023-38308",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://webmin.com/tags/webmin-changelog/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

69
CVE-2023/CVE-2023-383xx/CVE-2023-38309.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-38309",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-31T15:15:10.847",
"lastModified": "2023-07-31T15:31:16.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-04T12:56:24.150",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Webmin 2.021. A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the package search functionality. The vulnerability allows an attacker to inject a malicious payload in the \"Search for Package\" field, which gets reflected back in the application's response, leading to the execution of arbitrary JavaScript code within the context of the victim's browser."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webmin:webmin:2.021:*:*:*:*:*:*:*",
"matchCriteriaId": "80238B58-DA47-4036-900B-61044249B404"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jaysharma786/Webmin-2.021/blob/main/CVE-2023-38309",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://webmin.com/tags/webmin-changelog/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

69
CVE-2023/CVE-2023-383xx/CVE-2023-38310.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-38310",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-31T15:15:10.907",
"lastModified": "2023-07-31T15:31:16.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-04T12:56:01.327",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the configuration settings of the system logs functionality. The vulnerability allows an attacker to store an XSS payload in the configuration settings of specific log files. This results in the execution of that payload whenever the affected log files are accessed."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webmin:webmin:2.021:*:*:*:*:*:*:*",
"matchCriteriaId": "80238B58-DA47-4036-900B-61044249B404"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jaysharma786/Webmin-2.021/blob/main/CVE-2023-38310",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://webmin.com/tags/webmin-changelog/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

69
CVE-2023/CVE-2023-383xx/CVE-2023-38311.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-38311",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-31T15:15:10.963",
"lastModified": "2023-07-31T15:31:16.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-04T12:55:45.233",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the System Logs Viewer functionality. The vulnerability allows an attacker to store a malicious payload in the configuration field, triggering the execution of the payload when saving the configuration or when accessing the System Logs Viewer page."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webmin:webmin:2.021:*:*:*:*:*:*:*",
"matchCriteriaId": "80238B58-DA47-4036-900B-61044249B404"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jaysharma786/Webmin-2.021/blob/main/CVE-2023-38311",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://webmin.com/tags/webmin-changelog/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

23
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-08-04T12:00:28.303929+00:00
2023-08-04T14:00:27.796323+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-08-04T10:15:09.870000+00:00
2023-08-04T13:59:07.953000+00:00
```
### Last Data Feed Release
@ -29,20 +29,31 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
221645
221647
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `2`
* [CVE-2023-39379](CVE-2023/CVE-2023-393xx/CVE-2023-39379.json) (`2023-08-04T10:15:09.870`)
* [CVE-2023-34037](CVE-2023/CVE-2023-340xx/CVE-2023-34037.json) (`2023-08-04T12:15:09.703`)
* [CVE-2023-34038](CVE-2023/CVE-2023-340xx/CVE-2023-34038.json) (`2023-08-04T12:15:10.217`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `10`
* [CVE-2023-38311](CVE-2023/CVE-2023-383xx/CVE-2023-38311.json) (`2023-08-04T12:55:45.233`)
* [CVE-2023-38310](CVE-2023/CVE-2023-383xx/CVE-2023-38310.json) (`2023-08-04T12:56:01.327`)
* [CVE-2023-38309](CVE-2023/CVE-2023-383xx/CVE-2023-38309.json) (`2023-08-04T12:56:24.150`)
* [CVE-2023-38308](CVE-2023/CVE-2023-383xx/CVE-2023-38308.json) (`2023-08-04T12:56:40.287`)
* [CVE-2023-38307](CVE-2023/CVE-2023-383xx/CVE-2023-38307.json) (`2023-08-04T12:56:51.953`)
* [CVE-2023-38306](CVE-2023/CVE-2023-383xx/CVE-2023-38306.json) (`2023-08-04T12:57:14.733`)
* [CVE-2023-38305](CVE-2023/CVE-2023-383xx/CVE-2023-38305.json) (`2023-08-04T12:57:27.330`)
* [CVE-2023-37464](CVE-2023/CVE-2023-374xx/CVE-2023-37464.json) (`2023-08-04T13:15:11.000`)
* [CVE-2023-34917](CVE-2023/CVE-2023-349xx/CVE-2023-34917.json) (`2023-08-04T13:49:09.827`)
* [CVE-2023-34916](CVE-2023/CVE-2023-349xx/CVE-2023-34916.json) (`2023-08-04T13:59:07.953`)
## Download and Usage