admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-09-17 18:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-05T00:55:26.642430+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-05 00:55:30 +00:00
parent 9b83f54b95
commit c1538e8f6f
45 changed files with 2165 additions and 180 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
CVE-2023/CVE-2023-234xx/CVE-2023-23424.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23424",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T03:15:08.843",
"lastModified": "2023-12-29T13:56:44.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:32:25.220",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -38,10 +58,55 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hihonor:nth-an00_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.120\\(c00e120r8p2\\)",
"matchCriteriaId": "EB281C2B-2AED-4E2D-8BF1-3D3BFB8EB16B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hihonor:nth-an00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A086FF80-9CB7-4590-9025-B8757B64E358"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23424/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-234xx/CVE-2023-23426.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23426",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T03:15:09.040",
"lastModified": "2023-12-29T13:56:44.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:31:55.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -38,10 +58,55 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hihonor:fri-an00_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.193\\(sp5c735e190r3p8\\)",
"matchCriteriaId": "8BCCE867-666F-4BD9-B173-BD7B32A4F8C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hihonor:fri-an00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7289351-B417-46F1-8C53-AD9BD8D5A91F"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23426/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-234xx/CVE-2023-23427.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23427",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T03:15:09.203",
"lastModified": "2023-12-29T13:56:44.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:31:07.843",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hihonor:magic_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.0.74",
"matchCriteriaId": "1BB65D32-4626-4926-8F22-EE4FB503846F"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23427/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-234xx/CVE-2023-23428.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23428",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T03:15:09.403",
"lastModified": "2023-12-29T13:56:44.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:30:49.510",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hihonor:magic_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.2.0.102",
"matchCriteriaId": "5D43E386-45BF-4D0E-BD07-8AB734417B6F"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23428/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-234xx/CVE-2023-23429.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23429",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T03:15:09.600",
"lastModified": "2023-12-29T13:56:44.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:30:19.930",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hihonor:magic_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.193",
"matchCriteriaId": "744953B6-9BCB-4E2A-915A-38BA953080D5"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23429/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-234xx/CVE-2023-23430.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23430",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T03:15:09.813",
"lastModified": "2023-12-29T13:56:44.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:29:25.780",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hihonor:magichome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.60.10.303",
"matchCriteriaId": "20922299-FE2F-4D40-B540-10FF48EE50FB"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23430/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-234xx/CVE-2023-23431.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-23431",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T02:15:43.803",
"lastModified": "2023-12-29T03:13:44.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:08:49.337",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\nSome Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file.\n\n"
},
{
"lang": "es",
"value": "Algunos productos Honor se ven afectados por una vulnerabilidad en la administraci\u00f3n de firmas; una explotaci\u00f3n exitosa podr\u00eda causar que el archivo del sistema falsificado sobrescriba el archivo del sistema correcto."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-347"
}
]
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -46,10 +80,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hihonor:nth-an00_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.157",
"matchCriteriaId": "80776BEE-9BF5-4B6A-9F79-6BFF69B058B7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hihonor:nth-an00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A086FF80-9CB7-4590-9025-B8757B64E358"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23431/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-234xx/CVE-2023-23432.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-23432",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T02:15:44.063",
"lastModified": "2023-12-29T03:13:44.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:08:06.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\nSome Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file.\n\n"
},
{
"lang": "es",
"value": "Algunos productos Honor se ven afectados por una vulnerabilidad en la administraci\u00f3n de firmas; una explotaci\u00f3n exitosa podr\u00eda causar que el archivo del sistema falsificado sobrescriba el archivo del sistema correcto."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-347"
}
]
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -46,10 +80,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hihonor:nth-an00_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.157",
"matchCriteriaId": "80776BEE-9BF5-4B6A-9F79-6BFF69B058B7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hihonor:nth-an00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A086FF80-9CB7-4590-9025-B8757B64E358"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23432/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-234xx/CVE-2023-23433.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-23433",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T02:15:44.253",
"lastModified": "2023-12-29T03:13:44.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:07:27.707",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\nSome Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file.\n\n"
},
{
"lang": "es",
"value": "Algunos productos Honor se ven afectados por una vulnerabilidad en la administraci\u00f3n de firmas; una explotaci\u00f3n exitosa podr\u00eda causar que el archivo del sistema falsificado sobrescriba el archivo del sistema correcto."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-347"
}
]
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -46,10 +80,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hihonor:nth-an00_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.157",
"matchCriteriaId": "80776BEE-9BF5-4B6A-9F79-6BFF69B058B7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hihonor:nth-an00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A086FF80-9CB7-4590-9025-B8757B64E358"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23433/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-234xx/CVE-2023-23434.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-23434",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T02:15:44.437",
"lastModified": "2023-12-29T03:13:44.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:06:17.407",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\nSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\n\n"
},
{
"lang": "es",
"value": "Algunos productos Honor se ven afectados por una vulnerabilidad de fuga de informaci\u00f3n; una explotaci\u00f3n exitosa podr\u00eda causar la fuga de informaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -34,10 +58,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hihonor:honorboardapp:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.2.8.100",
"matchCriteriaId": "DE9D14A8-86FF-4BC0-807C-CD3E5C26B701"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23434/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-234xx/CVE-2023-23435.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-23435",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T02:15:44.597",
"lastModified": "2023-12-29T03:13:44.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:04:54.210",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\nSome Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file\n\n"
},
{
"lang": "es",
"value": "Algunos productos Honor se ven afectados por una vulnerabilidad en la administraci\u00f3n de firmas; una explotaci\u00f3n exitosa podr\u00eda causar que el archivo del sistema falsificado sobrescriba el archivo del sistema correcto."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-347"
}
]
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -46,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hihonor:magic_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.0.137",
"matchCriteriaId": "3D29DC64-F14E-43BB-974A-91416C070287"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23435/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-234xx/CVE-2023-23436.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-23436",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T02:15:44.783",
"lastModified": "2023-12-29T03:13:44.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:04:04.897",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\nSome Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file\n\n\n\n\n"
},
{
"lang": "es",
"value": "Algunos productos Honor se ven afectados por una vulnerabilidad en la administraci\u00f3n de firmas; una explotaci\u00f3n exitosa podr\u00eda causar que el archivo del sistema falsificado sobrescriba el archivo del sistema correcto."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-347"
}
]
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -46,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hihonor:magic_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1.0.100",
"matchCriteriaId": "77ACAE84-A866-4338-8CAD-186C2BEE2CE3"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23436/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-234xx/CVE-2023-23437.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23437",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T03:15:10.020",
"lastModified": "2023-12-29T13:56:44.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:28:07.187",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -38,10 +58,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hihonor:vmall:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.3.3.300",
"matchCriteriaId": "000DE90D-431A-4BD4-955A-52CB2149C24F"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23437/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-234xx/CVE-2023-23438.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23438",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T03:15:10.190",
"lastModified": "2023-12-29T13:56:44.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:17:04.077",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -38,10 +58,55 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hihonor:lge-an00_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.0.188",
"matchCriteriaId": "6C128D2B-109F-403E-84E9-EAEC6D311D72"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hihonor:lge-an00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C50BE48C-E685-4F9C-8717-5920D25AC1C4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23438/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-234xx/CVE-2023-23439.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23439",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T03:15:10.353",
"lastModified": "2023-12-29T13:56:44.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:15:43.513",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -38,10 +58,55 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hihonor:lge-an00_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.171",
"matchCriteriaId": "41289B10-D1C1-4A09-ABDB-EC351EE190AE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hihonor:lge-an00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C50BE48C-E685-4F9C-8717-5920D25AC1C4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23439/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-234xx/CVE-2023-23440.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23440",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T03:15:10.520",
"lastModified": "2023-12-29T13:56:44.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:14:18.053",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -38,10 +58,55 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hihonor:lge-an00_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.171",
"matchCriteriaId": "41289B10-D1C1-4A09-ABDB-EC351EE190AE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hihonor:lge-an00:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C50BE48C-E685-4F9C-8717-5920D25AC1C4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23440/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-234xx/CVE-2023-23441.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23441",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T04:15:08.547",
"lastModified": "2023-12-29T13:56:39.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:48:30.330",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -38,10 +58,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hihonor:magic_ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.1.0.500",
"matchCriteriaId": "ED1D4BED-5E6D-4365-853D-E76CB3B12CA9"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23441/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-234xx/CVE-2023-23442.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23442",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T04:15:08.717",
"lastModified": "2023-12-29T13:56:39.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:46:49.527",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -38,10 +58,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hihonor:magic_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.158",
"matchCriteriaId": "F840E76C-1D8A-41E3-ABC3-D8596CA8DBBB"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23442/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-234xx/CVE-2023-23443.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23443",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T04:15:08.883",
"lastModified": "2023-12-29T13:56:39.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:45:33.647",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -38,10 +58,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hihonor:magic_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.156",
"matchCriteriaId": "393692F6-5660-43F4-95B6-A0314C73D79C"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23443/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-312xx/CVE-2023-31296.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31296",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-29T04:15:09.053",
"lastModified": "2023-12-29T13:56:39.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:43:22.250",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,66 @@
"value": "Vulnerabilidad de inyecci\u00f3n CSV en Sesami Cash Point & Transport Optimizer (CPTO) versi\u00f3n 6.3.8.6 (#718), permite a los atacantes obtener informaci\u00f3n confidencial a trav\u00e9s del campo User Name."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1236"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sesami:cash_point_\\&_transport_optimizer:6.3.8.6.718:*:*:*:*:*:*:*",
"matchCriteriaId": "1FF8F540-DE41-4C35-BA23-64A08F2474E7"
}
]
}
]
}
],
"references": [
{
"url": "https://herolab.usd.de/en/security-advisories/usd-2022-0054/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-501xx/CVE-2023-50104.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-50104",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-29T00:15:50.233",
"lastModified": "2023-12-29T03:13:44.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T00:12:12.343",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "ZZCMS 2023 has a file upload vulnerability in 3/E_bak5.1/upload/index.php, allowing attackers to exploit this loophole to gain server privileges and execute arbitrary code."
},
{
"lang": "es",
"value": "ZZCMS 2023 tiene una vulnerabilidad de carga de archivos en 3/E_bak5.1/upload/index.php, lo que permite a los atacantes explotar esta vulnerabilidad para obtener privilegios de servidor y ejecutar c\u00f3digo arbitrario."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zzcms:zzcms:2023:*:*:*:*:*:*:*",
"matchCriteriaId": "654D0493-9784-4B2B-BC05-69B4BB6F86F4"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/zzq66/cve4",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-504xx/CVE-2023-50448.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-50448",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-28T23:15:43.500",
"lastModified": "2023-12-29T03:13:50.730",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:56:47.930",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In ActiveAdmin (aka Active Admin) before 2.12.0, a concurrency issue allows a malicious actor to access potentially private data (that belongs to another user) by making CSV export requests at certain specific times."
},
{
"lang": "es",
"value": "En ActiveAdmin (aka Active Admin) anterior a 2.12.0, un problema de concurrencia permite que un actor malintencionado acceda a datos potencialmente privados (que pertenecen a otro usuario) al realizar solicitudes de exportaci\u00f3n CSV en determinados momentos espec\u00edficos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1236"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:activeadmin:activeadmin:*:*:*:*:*:ruby:*:*",
"versionEndExcluding": "2.12.0",
"matchCriteriaId": "A08E3232-CFEF-40A3-B6DF-DAB5CE641431"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/activeadmin/activeadmin/pull/7336",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/activeadmin/activeadmin/security/advisories/GHSA-356j-hg45-x525",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-511xx/CVE-2023-51154.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51154",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-04T19:15:08.850",
"lastModified": "2024-01-04T19:15:08.850",
"vulnStatus": "Received",
"lastModified": "2024-01-04T23:48:42.333",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

57
CVE-2023/CVE-2023-514xx/CVE-2023-51426.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51426",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T04:15:09.100",
"lastModified": "2023-12-29T13:56:39.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:42:36.860",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hihonor:magic_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.129",
"matchCriteriaId": "D02747F9-9467-480F-B8C9-CFD6B5822243"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-51426/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-514xx/CVE-2023-51427.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51427",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T04:15:09.300",
"lastModified": "2023-12-29T13:56:39.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:40:05.267",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hihonor:magic_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.129",
"matchCriteriaId": "D02747F9-9467-480F-B8C9-CFD6B5822243"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-51427/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-514xx/CVE-2023-51428.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51428",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T04:15:09.503",
"lastModified": "2023-12-29T13:56:39.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:38:22.723",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hihonor:magic_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.129",
"matchCriteriaId": "D02747F9-9467-480F-B8C9-CFD6B5822243"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-51428/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-514xx/CVE-2023-51429.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51429",
"sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"published": "2023-12-29T04:15:09.690",
"lastModified": "2023-12-29T13:56:39.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:36:16.723",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"type": "Secondary",
@ -38,10 +58,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hihonor:magic_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.0.156",
"matchCriteriaId": "393692F6-5660-43F4-95B6-A0314C73D79C"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-51429/",
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4"
"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-518xx/CVE-2023-51812.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51812",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-04T19:15:08.920",
"lastModified": "2024-01-04T19:15:08.920",
"vulnStatus": "Received",
"lastModified": "2024-01-04T23:48:42.333",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

66
CVE-2023/CVE-2023-520xx/CVE-2023-52077.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-52077",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-27T19:15:07.763",
"lastModified": "2023-12-27T21:37:15.710",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:11:39.740",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Nexkey is a lightweight fork of Misskey v12 optimized for small to medium size servers. Prior to 12.23Q4.5, Nexkey allows external apps using tokens issued by administrators and moderators to call admin APIs. This allows malicious third-party apps to perform operations such as updating server settings, as well as compromise object storage and email server credentials. This issue has been patched in 12.23Q4.5."
},
{
"lang": "es",
"value": "Nexkey es una bifurcaci\u00f3n liviana de Misskey v12 optimizada para servidores de tama\u00f1o peque\u00f1o y mediano. Antes de 12.23Q4.5, Nexkey permit\u00eda que aplicaciones externas que utilizaran tokens emitidos por administradores y moderadores llamaran a las API de administraci\u00f3n. Esto permite que aplicaciones maliciosas de terceros realicen operaciones como actualizar la configuraci\u00f3n del servidor, as\u00ed como comprometer el almacenamiento de objetos y las credenciales del servidor de correo electr\u00f3nico. Este problema se solucion\u00f3 en 12.23Q4.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,22 +70,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nexryai:nexkey:*:*:*:*:*:node.js:*:*",
"versionEndExcluding": "12.23q4.5",
"matchCriteriaId": "FC7AC948-828A-4C9A-9010-FC8BBFDBCFC5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/mei23/misskey-v12/commit/78173e376f14fcc1987b02196f5538bf5b18225c",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/misskey-dev/misskey/commit/5150053275594278e9eb23e72d98b16593c4c230",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/nexryai/nexkey/commit/a4e4c9c47c5f84ec7ccd309bde59d4ae5d7e5a98",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/nexryai/nexkey/security/advisories/GHSA-pjj7-7hcj-9cpc",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-520xx/CVE-2023-52083.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-52083",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-28T23:15:43.557",
"lastModified": "2023-12-29T03:13:50.730",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T00:01:33.360",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Winter is a free, open-source content management system. Prior to 1.2.4, users with the `media.manage_media` permission can upload files to the Media Manager and rename them after uploading. Previously, media manager files were only sanitized on upload, not on renaming, which could have allowed a stored XSS attack. This issue has been patched in v1.2.4."
},
{
"lang": "es",
"value": "Winter es un sistema de gesti\u00f3n de contenidos gratuito y de c\u00f3digo abierto. Antes de 1.2.4, los usuarios con el permiso `media.manage_media` pod\u00edan cargar archivos en el Media Manager y cambiarles el nombre despu\u00e9s de cargarlos. Anteriormente, los archivos del Media Manager solo se sanitizaban al cargarlos, no al cambiarles el nombre, lo que podr\u00eda haber permitido un ataque XSS almacenado. Este problema se solucion\u00f3 en la versi\u00f3n 1.2.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +70,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wintercms:winter:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2.4",
"matchCriteriaId": "1EE69DF4-BDE7-4A22-9947-BBD648026BA4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wintercms/winter/commit/2969daeea8dee64d292dbaa3778ea251e2a7e491",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/wintercms/winter/security/advisories/GHSA-4wvw-75qh-fqjp",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-520xx/CVE-2023-52084.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-52084",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-28T23:15:43.777",
"lastModified": "2023-12-29T03:13:50.730",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T00:08:19.287",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Winter is a free, open-source content management system. Prior to 1.2.4, Users with access to backend forms that include a ColorPicker FormWidget can provide a value that would then be rendered unescaped in the backend form, potentially allowing for a stored XSS attack. This issue has been patched in v1.2.4."
},
{
"lang": "es",
"value": "Winter es un sistema de gesti\u00f3n de contenidos gratuito y de c\u00f3digo abierto. Antes de 1.2.4, los usuarios con acceso a formularios de backend que incluyen un FormWidget ColorPicker pueden proporcionar un valor que luego se mostrar\u00eda sin formato de escape en el formulario de backend, lo que podr\u00eda permitir un ataque XSS almacenado. Este problema se solucion\u00f3 en la versi\u00f3n 1.2.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +70,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wintercms:winter:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2.4",
"matchCriteriaId": "1EE69DF4-BDE7-4A22-9947-BBD648026BA4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wintercms/winter/commit/517f65dfae679b57575b047de13c5af48915a5ba",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/wintercms/winter/security/advisories/GHSA-43w4-4j3c-jx29",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-520xx/CVE-2023-52085.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-52085",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-29T00:15:50.300",
"lastModified": "2023-12-29T03:13:44.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T00:30:50.517",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Winter is a free, open-source content management system. Users with access to backend forms that include a ColorPicker FormWidget can provide a value that would then be included without further processing in the compilation of custom stylesheets via LESS. This had the potential to lead to a Local File Inclusion vulnerability. This issue has been patched in v1.2.4."
},
{
"lang": "es",
"value": "Winter es un sistema de gesti\u00f3n de contenidos gratuito y de c\u00f3digo abierto. Los usuarios con acceso a formularios backend que incluyen un ColorPicker FormWidget pueden proporcionar un valor que luego se incluir\u00eda sin procesamiento adicional en la compilaci\u00f3n de hojas de estilo personalizadas a trav\u00e9s de LESS. Esto ten\u00eda el potencial de provocar una vulnerabilidad de inclusi\u00f3n de archivos locales. Este problema se solucion\u00f3 en la versi\u00f3n 1.2.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +70,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wintercms:winter:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2.4",
"matchCriteriaId": "1EE69DF4-BDE7-4A22-9947-BBD648026BA4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wintercms/winter/commit/5bc9257fe2bc47d8b786a1b1bf96bafad23d8ddd",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/wintercms/winter/security/advisories/GHSA-2x7r-93ww-cxrq",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-521xx/CVE-2023-52173.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52173",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-29T04:15:10.847",
"lastModified": "2023-12-29T13:56:39.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:34:46.453",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,18 +11,77 @@
},
{
"lang": "es",
"value": "XnView Classic anterior a 2.51.3 en Windows tiene Write Access Violation en xnview.exe+0x3ADBD0."
"value": "XnView Classic anterior a 2.51.3 en Windows tiene una violaci\u00f3n de acceso de escritura en xnview.exe+0x3ADBD0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xnview:xnview_classic:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.51.3",
"matchCriteriaId": "F4C180C1-D9D1-407B-8D11-9091ED0FD874"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/seyit-sigirci/Vulnerability-Disclosures/blob/main/XNView-Crash-Reports/BOF%5B0x54D%5D%2B3%7B%2B0~3%23460c%7D%20469.15d%20%40%20xnview.exe%2B0x3ADBD0.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://newsgroup.xnview.com/viewtopic.php?f=35&t=46016",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

71
CVE-2023/CVE-2023-521xx/CVE-2023-52174.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52174",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-29T04:15:10.893",
"lastModified": "2023-12-29T13:56:39.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:35:08.563",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,18 +11,77 @@
},
{
"lang": "es",
"value": "XnView Classic anterior a 2.51.3 en Windows tiene Write Access Violation en xnview.exe+0x3125D6."
"value": "XnView Classic anterior a 2.51.3 en Windows tiene una violaci\u00f3n de acceso de escritura en xnview.exe+0x3125D6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xnview:xnview_classic:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.51.3",
"matchCriteriaId": "F4C180C1-D9D1-407B-8D11-9091ED0FD874"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/seyit-sigirci/Vulnerability-Disclosures/blob/main/XNView-Crash-Reports/BOF%5B0x1C94%5D%2B4%7B%2B0~4%231b99%7D%20128.ecf%20%40%20xnview.exe%2B0x3125D6.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://newsgroup.xnview.com/viewtopic.php?f=35&t=46016",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

73
CVE-2023/CVE-2023-71xx/CVE-2023-7131.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-7131",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-28T17:15:09.740",
"lastModified": "2023-12-28T19:05:29.670",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:47:58.357",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Intern Membership Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /user_registration/ of the component User Registration. The manipulation of the argument userName leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-249134 is the identifier assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en code-projects Intern Membership Management System 2.0 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo /user_registration/ del componente User Registration es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento userName conduce a la inyecci\u00f3n de SQL. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. VDB-249134 es el identificador asignado a esta vulnerabilidad."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -60,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +105,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:carmelogarcia:intern_membership_management_system:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BFA694C2-AD8E-43D4-8A1B-9CB5C8CE2D60"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/h4md153v63n/CVEs/blob/main/Intern_Membership_Management_System/Intern_Membership_Management_System-SQL-Injection.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.249134",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.249134",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-71xx/CVE-2023-7132.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-7132",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-28T17:15:09.997",
"lastModified": "2023-12-28T19:05:29.670",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-04T23:50:55.687",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Intern Membership Management System 2.0. It has been classified as problematic. This affects an unknown part of the file /user_registration/ of the component User Registration. The manipulation of the argument userName/firstName/lastName/userEmail with the input \"><ScRiPt>confirm(document.domain)</ScRiPt>h0la leads to cross site scripting. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249135."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en los proyectos de c\u00f3digo Intern Membership Management System 2.0. Ha sido clasificada como problem\u00e1tica. Una parte desconocida del fichero /user_registration/ del componente User Registration afecta a una parte desconocida. La manipulaci\u00f3n del argumento userName/firstName/lastName/userEmail con la entrada \"&gt;h0la conduce a cross site scripting. La explotaci\u00f3n se ha divulgado al p\u00fablico y puede usarse. El identificador asociado de esta vulnerabilidad es VDB-249135."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:carmelogarcia:intern_membership_management_system:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BFA694C2-AD8E-43D4-8A1B-9CB5C8CE2D60"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/h4md153v63n/CVEs/blob/main/Intern_Membership_Management_System/Intern_Membership_Management_System-Stored_Cross_site_Scripting.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.249135",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.249135",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-71xx/CVE-2023-7144.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-7144",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-29T01:15:44.137",
"lastModified": "2023-12-29T03:13:44.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T00:15:42.040",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in gopeak MasterLab up to 3.3.10. This affects the function sqlInject of the file app/ctrl/framework/Feature.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249147."
},
{
"lang": "es",
"value": "Una vulnerabilidad ha sido encontrada en gopeak MasterLab hasta 3.3.10 y clasificada como cr\u00edtica. Esto afecta a la funci\u00f3n sqlInject del archivo app/ctrl/framework/Feature.php del componente HTTP POST Request Handler. La manipulaci\u00f3n del argumento pwd conduce a la inyecci\u00f3n de SQL. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-249147."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -60,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +105,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:masterlab:masterlab:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.10",
"matchCriteriaId": "650AE4B5-39D2-4607-8455-957955DF48AB"
}
]
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/4HDWrBHGCf9e",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.249147",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.249147",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-02xx/CVE-2024-0241.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0241",
"sourceIdentifier": "disclosure@vulncheck.com",
"published": "2024-01-04T21:15:09.267",
"lastModified": "2024-01-04T21:15:09.267",
"vulnStatus": "Received",
"lastModified": "2024-01-04T23:48:42.333",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-216xx/CVE-2024-21636.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21636",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-04T20:15:25.300",
"lastModified": "2024-01-04T20:15:25.300",
"vulnStatus": "Received",
"lastModified": "2024-01-04T23:48:42.333",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-220xx/CVE-2024-22047.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22047",
"sourceIdentifier": "disclosure@vulncheck.com",
"published": "2024-01-04T21:15:09.720",
"lastModified": "2024-01-04T21:15:09.720",
"vulnStatus": "Received",
"lastModified": "2024-01-04T23:48:42.333",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-220xx/CVE-2024-22048.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22048",
"sourceIdentifier": "disclosure@vulncheck.com",
"published": "2024-01-04T21:15:09.940",
"lastModified": "2024-01-04T21:15:09.940",
"vulnStatus": "Received",
"lastModified": "2024-01-04T23:48:42.333",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-220xx/CVE-2024-22049.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22049",
"sourceIdentifier": "disclosure@vulncheck.com",
"published": "2024-01-04T21:15:10.013",
"lastModified": "2024-01-04T21:15:10.013",
"vulnStatus": "Received",
"lastModified": "2024-01-04T23:48:42.333",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-220xx/CVE-2024-22050.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22050",
"sourceIdentifier": "disclosure@vulncheck.com",
"published": "2024-01-04T21:15:10.100",
"lastModified": "2024-01-04T21:15:10.100",
"vulnStatus": "Received",
"lastModified": "2024-01-04T23:48:42.333",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-220xx/CVE-2024-22051.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22051",
"sourceIdentifier": "disclosure@vulncheck.com",
"published": "2024-01-04T21:15:10.173",
"lastModified": "2024-01-04T21:15:10.173",
"vulnStatus": "Received",
"lastModified": "2024-01-04T23:48:42.333",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

64
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-01-04T23:00:25.044682+00:00
2024-01-05T00:55:26.642430+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-01-04T22:15:07.200000+00:00
2024-01-05T00:30:50.517000+00:00
```
### Last Data Feed Release
@ -34,45 +34,39 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### CVEs added in the last Commit
Recently added CVEs: `6`
Recently added CVEs: `0`
* [CVE-2024-0241](CVE-2024/CVE-2024-02xx/CVE-2024-0241.json) (`2024-01-04T21:15:09.267`)
* [CVE-2024-22047](CVE-2024/CVE-2024-220xx/CVE-2024-22047.json) (`2024-01-04T21:15:09.720`)
* [CVE-2024-22048](CVE-2024/CVE-2024-220xx/CVE-2024-22048.json) (`2024-01-04T21:15:09.940`)
* [CVE-2024-22049](CVE-2024/CVE-2024-220xx/CVE-2024-22049.json) (`2024-01-04T21:15:10.013`)
* [CVE-2024-22050](CVE-2024/CVE-2024-220xx/CVE-2024-22050.json) (`2024-01-04T21:15:10.100`)
* [CVE-2024-22051](CVE-2024/CVE-2024-220xx/CVE-2024-22051.json) (`2024-01-04T21:15:10.173`)
### CVEs modified in the last Commit
Recently modified CVEs: `26`
Recently modified CVEs: `44`
* [CVE-2022-22995](CVE-2022/CVE-2022-229xx/CVE-2022-22995.json) (`2024-01-04T22:15:07.200`)
* [CVE-2023-40606](CVE-2023/CVE-2023-406xx/CVE-2023-40606.json) (`2024-01-04T21:21:52.873`)
* [CVE-2023-32095](CVE-2023/CVE-2023-320xx/CVE-2023-32095.json) (`2024-01-04T21:22:08.900`)
* [CVE-2023-25054](CVE-2023/CVE-2023-250xx/CVE-2023-25054.json) (`2024-01-04T21:22:47.873`)
* [CVE-2023-22677](CVE-2023/CVE-2023-226xx/CVE-2023-22677.json) (`2024-01-04T21:25:11.053`)
* [CVE-2023-47840](CVE-2023/CVE-2023-478xx/CVE-2023-47840.json) (`2024-01-04T21:27:45.337`)
* [CVE-2023-46623](CVE-2023/CVE-2023-466xx/CVE-2023-46623.json) (`2024-01-04T21:28:03.787`)
* [CVE-2023-45751](CVE-2023/CVE-2023-457xx/CVE-2023-45751.json) (`2024-01-04T21:28:18.910`)
* [CVE-2023-49229](CVE-2023/CVE-2023-492xx/CVE-2023-49229.json) (`2024-01-04T21:44:26.423`)
* [CVE-2023-50839](CVE-2023/CVE-2023-508xx/CVE-2023-50839.json) (`2024-01-04T21:45:13.850`)
* [CVE-2023-50838](CVE-2023/CVE-2023-508xx/CVE-2023-50838.json) (`2024-01-04T21:45:27.430`)
* [CVE-2023-50847](CVE-2023/CVE-2023-508xx/CVE-2023-50847.json) (`2024-01-04T21:46:42.117`)
* [CVE-2023-50846](CVE-2023/CVE-2023-508xx/CVE-2023-50846.json) (`2024-01-04T21:46:56.987`)
* [CVE-2023-50845](CVE-2023/CVE-2023-508xx/CVE-2023-50845.json) (`2024-01-04T21:47:12.043`)
* [CVE-2023-50844](CVE-2023/CVE-2023-508xx/CVE-2023-50844.json) (`2024-01-04T21:49:15.737`)
* [CVE-2023-50843](CVE-2023/CVE-2023-508xx/CVE-2023-50843.json) (`2024-01-04T21:49:28.800`)
* [CVE-2023-50842](CVE-2023/CVE-2023-508xx/CVE-2023-50842.json) (`2024-01-04T21:50:12.597`)
* [CVE-2023-50841](CVE-2023/CVE-2023-508xx/CVE-2023-50841.json) (`2024-01-04T21:50:31.133`)
* [CVE-2023-50840](CVE-2023/CVE-2023-508xx/CVE-2023-50840.json) (`2024-01-04T21:50:46.303`)
* [CVE-2023-7133](CVE-2023/CVE-2023-71xx/CVE-2023-7133.json) (`2024-01-04T21:51:36.093`)
* [CVE-2023-7146](CVE-2023/CVE-2023-71xx/CVE-2023-7146.json) (`2024-01-04T21:52:53.167`)
* [CVE-2023-7145](CVE-2023/CVE-2023-71xx/CVE-2023-7145.json) (`2024-01-04T21:53:07.467`)
* [CVE-2023-31301](CVE-2023/CVE-2023-313xx/CVE-2023-31301.json) (`2024-01-04T21:53:26.990`)
* [CVE-2023-31298](CVE-2023/CVE-2023-312xx/CVE-2023-31298.json) (`2024-01-04T21:54:55.263`)
* [CVE-2023-31292](CVE-2023/CVE-2023-312xx/CVE-2023-31292.json) (`2024-01-04T21:55:24.063`)
* [CVE-2023-51429](CVE-2023/CVE-2023-514xx/CVE-2023-51429.json) (`2024-01-04T23:36:16.723`)
* [CVE-2023-51428](CVE-2023/CVE-2023-514xx/CVE-2023-51428.json) (`2024-01-04T23:38:22.723`)
* [CVE-2023-51427](CVE-2023/CVE-2023-514xx/CVE-2023-51427.json) (`2024-01-04T23:40:05.267`)
* [CVE-2023-51426](CVE-2023/CVE-2023-514xx/CVE-2023-51426.json) (`2024-01-04T23:42:36.860`)
* [CVE-2023-31296](CVE-2023/CVE-2023-312xx/CVE-2023-31296.json) (`2024-01-04T23:43:22.250`)
* [CVE-2023-23443](CVE-2023/CVE-2023-234xx/CVE-2023-23443.json) (`2024-01-04T23:45:33.647`)
* [CVE-2023-23442](CVE-2023/CVE-2023-234xx/CVE-2023-23442.json) (`2024-01-04T23:46:49.527`)
* [CVE-2023-7131](CVE-2023/CVE-2023-71xx/CVE-2023-7131.json) (`2024-01-04T23:47:58.357`)
* [CVE-2023-23441](CVE-2023/CVE-2023-234xx/CVE-2023-23441.json) (`2024-01-04T23:48:30.330`)
* [CVE-2023-51154](CVE-2023/CVE-2023-511xx/CVE-2023-51154.json) (`2024-01-04T23:48:42.333`)
* [CVE-2023-51812](CVE-2023/CVE-2023-518xx/CVE-2023-51812.json) (`2024-01-04T23:48:42.333`)
* [CVE-2023-7132](CVE-2023/CVE-2023-71xx/CVE-2023-7132.json) (`2024-01-04T23:50:55.687`)
* [CVE-2023-50448](CVE-2023/CVE-2023-504xx/CVE-2023-50448.json) (`2024-01-04T23:56:47.930`)
* [CVE-2023-52083](CVE-2023/CVE-2023-520xx/CVE-2023-52083.json) (`2024-01-05T00:01:33.360`)
* [CVE-2023-52084](CVE-2023/CVE-2023-520xx/CVE-2023-52084.json) (`2024-01-05T00:08:19.287`)
* [CVE-2023-50104](CVE-2023/CVE-2023-501xx/CVE-2023-50104.json) (`2024-01-05T00:12:12.343`)
* [CVE-2023-7144](CVE-2023/CVE-2023-71xx/CVE-2023-7144.json) (`2024-01-05T00:15:42.040`)
* [CVE-2023-52085](CVE-2023/CVE-2023-520xx/CVE-2023-52085.json) (`2024-01-05T00:30:50.517`)
* [CVE-2024-21636](CVE-2024/CVE-2024-216xx/CVE-2024-21636.json) (`2024-01-04T23:48:42.333`)
* [CVE-2024-0241](CVE-2024/CVE-2024-02xx/CVE-2024-0241.json) (`2024-01-04T23:48:42.333`)
* [CVE-2024-22047](CVE-2024/CVE-2024-220xx/CVE-2024-22047.json) (`2024-01-04T23:48:42.333`)
* [CVE-2024-22048](CVE-2024/CVE-2024-220xx/CVE-2024-22048.json) (`2024-01-04T23:48:42.333`)
* [CVE-2024-22049](CVE-2024/CVE-2024-220xx/CVE-2024-22049.json) (`2024-01-04T23:48:42.333`)
* [CVE-2024-22050](CVE-2024/CVE-2024-220xx/CVE-2024-22050.json) (`2024-01-04T23:48:42.333`)
* [CVE-2024-22051](CVE-2024/CVE-2024-220xx/CVE-2024-22051.json) (`2024-01-04T23:48:42.333`)
## Download and Usage