admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-12-22T17:00:24.786578+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-12-22 17:00:28 +00:00
parent 00fda99e09
commit c197a359c2
70 changed files with 2201 additions and 241 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
CVE-2016/CVE-2016-108xx/CVE-2016-10893.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-10893",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-08-20T15:15:11.603",
"lastModified": "2023-10-31T21:15:08.257",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T16:37:03.360",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -96,11 +96,18 @@
"references": [
{
"url": "https://github.com/aramk/crayon-syntax-highlighter/commit/7fdb2e6b4c65178b4ed01ff08a8a38afe5a5151e",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/aramk/crayon-syntax-highlighter/issues/347",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://wordpress.org/plugins/crayon-syntax-highlighter/#developers",

669
CVE-2019/CVE-2019-139xx/CVE-2019-13990.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-13990",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-07-26T19:15:11.730",
"lastModified": "2023-11-07T03:04:32.100",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-22T16:35:35.523",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -415,12 +415,635 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.0:*:*:*:data_center:*:*:*",
"matchCriteriaId": "E70C8416-E4F6-44BC-BDF9-BB1BAE7E185F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.0:*:*:*:server:*:*:*",
"matchCriteriaId": "1363F683-E350-4639-A973-A82BDD83A3A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.1:*:*:*:data_center:*:*:*",
"matchCriteriaId": "7BAB5016-8439-4E01-8911-8B472EF38E13"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.1:*:*:*:server:*:*:*",
"matchCriteriaId": "F8EF8DCE-7266-49B1-AE2E-96079A2AD6E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.2:*:*:*:data_center:*:*:*",
"matchCriteriaId": "029B8E7F-65EF-4984-A27B-8198D8EB18DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.2:*:*:*:server:*:*:*",
"matchCriteriaId": "55C7B96B-2A2F-47F9-BBBD-0E25F8AF8F02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.3:*:*:*:data_center:*:*:*",
"matchCriteriaId": "160B6A9E-41DC-4999-B3CC-A16B3A16D2A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.3:*:*:*:server:*:*:*",
"matchCriteriaId": "FC59154D-036C-4F22-B5F1-891527A3EC6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.4:*:*:*:data_center:*:*:*",
"matchCriteriaId": "6AD2CA00-9D6C-4DAC-90E6-BE1D93555C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.4:*:*:*:server:*:*:*",
"matchCriteriaId": "2FDF2DF4-B0EE-4179-AF98-B21EBB2E1D6F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.5:*:*:*:data_center:*:*:*",
"matchCriteriaId": "AF85E227-F167-4CCB-A039-D96CC080B032"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.5:*:*:*:server:*:*:*",
"matchCriteriaId": "EDA3B2B5-C9EA-4D26-AEF4-F86792FB9ADC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.6:*:*:*:data_center:*:*:*",
"matchCriteriaId": "93DDAE6E-DB31-429A-B4EB-955E080A4545"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.6:*:*:*:server:*:*:*",
"matchCriteriaId": "DF994E6C-6262-4230-BBC6-E464EBC1B0F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.7:*:*:*:data_center:*:*:*",
"matchCriteriaId": "25DA87CA-362C-4558-AA42-265DA1F8C26D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.7:*:*:*:server:*:*:*",
"matchCriteriaId": "EF410408-CD38-408A-97C4-1103EF8AF68D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.8:*:*:*:data_center:*:*:*",
"matchCriteriaId": "037D6CB0-959B-468E-87DD-8B1110A14ED0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.8:*:*:*:server:*:*:*",
"matchCriteriaId": "1B885DB6-2DEA-4EB4-97BC-2BF30BC45544"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.9:*:*:*:data_center:*:*:*",
"matchCriteriaId": "C83E3571-CD54-40A2-AAC0-20F67954642B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.9:*:*:*:server:*:*:*",
"matchCriteriaId": "B69320FF-4E93-475C-B995-85CF1A03DBDA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.10:*:*:*:data_center:*:*:*",
"matchCriteriaId": "FD430022-C74D-4340-88F9-21AB69485966"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.10:*:*:*:server:*:*:*",
"matchCriteriaId": "549E2860-25D9-468C-891D-AD9BEADA08B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.11:*:*:*:data_center:*:*:*",
"matchCriteriaId": "5C03D422-521C-48B2-B293-247232D1ED3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.11:*:*:*:server:*:*:*",
"matchCriteriaId": "2B0DBCC1-2D1F-4DB3-A693-DA0FA18B9A5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.12:*:*:*:data_center:*:*:*",
"matchCriteriaId": "34515441-AE13-4492-A08E-6521D840F689"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.12:*:*:*:server:*:*:*",
"matchCriteriaId": "6FABE527-FED5-4BA3-ABF0-C89AD1228ED2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.13:*:*:*:data_center:*:*:*",
"matchCriteriaId": "6BE5E85B-7725-4DB9-8357-9097F777705D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.13:*:*:*:server:*:*:*",
"matchCriteriaId": "910A2B29-3502-499B-892F-F6AD473CA6F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.14:*:*:*:data_center:*:*:*",
"matchCriteriaId": "2BAB1FDD-C213-48CB-B28B-802F0D1278A7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.14:*:*:*:server:*:*:*",
"matchCriteriaId": "59D09ED0-E31D-4C6B-A217-A3C58C209782"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.15:*:*:*:data_center:*:*:*",
"matchCriteriaId": "746CCD4F-5411-4249-8A71-A47AD598498A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.15:*:*:*:server:*:*:*",
"matchCriteriaId": "A055705E-4F63-4EB9-BABC-8888041D1E1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.16:*:*:*:data_center:*:*:*",
"matchCriteriaId": "AFA32156-893E-44A7-9F18-73586F2E21AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.16:*:*:*:server:*:*:*",
"matchCriteriaId": "631D10DC-9F03-4BEE-98DD-0759746825A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.17:*:*:*:data_center:*:*:*",
"matchCriteriaId": "AFAC053F-3A53-4AD8-9393-49A837A38A8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.17:*:*:*:server:*:*:*",
"matchCriteriaId": "FE355EB5-A0C4-471C-8E47-1898746D89C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.18:*:*:*:data_center:*:*:*",
"matchCriteriaId": "CC230B1E-AA5E-4E76-92E5-41130C56DD34"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.18:*:*:*:server:*:*:*",
"matchCriteriaId": "B764FD56-DBFF-46EE-9108-CF88591DC7A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.19:*:*:*:data_center:*:*:*",
"matchCriteriaId": "3F369AD5-25DB-43E4-ADB5-22A774FC6F91"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.19:*:*:*:server:*:*:*",
"matchCriteriaId": "454804E1-9C4C-41AA-ACB4-0150BB39669C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.20:*:*:*:data_center:*:*:*",
"matchCriteriaId": "79A73328-B3BF-4682-9B60-12A4039F9D1E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.20:*:*:*:server:*:*:*",
"matchCriteriaId": "2A75238E-A82C-4BE9-8300-2BE8B40C31CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.21:*:*:*:data_center:*:*:*",
"matchCriteriaId": "1E7B8908-7F72-495B-B562-81E789643A60"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.21:*:*:*:server:*:*:*",
"matchCriteriaId": "55A04426-7D52-4F90-9623-109F201223AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.22:*:*:*:data_center:*:*:*",
"matchCriteriaId": "2CC10DC7-1B0B-41E6-B903-DC7E59F68517"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.22:*:*:*:server:*:*:*",
"matchCriteriaId": "E7A19BC6-3F2B-4248-8255-BBA729F941C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.23:*:*:*:data_center:*:*:*",
"matchCriteriaId": "DC4936AD-0B95-4687-B0A8-290E76D3ED7C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.23:*:*:*:server:*:*:*",
"matchCriteriaId": "33A3BC88-F6CC-4CDD-8842-2DC5C4706AC3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.24:*:*:*:data_center:*:*:*",
"matchCriteriaId": "AE05DF9B-2F49-45E9-AB47-A5FA18B6847E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.24:*:*:*:server:*:*:*",
"matchCriteriaId": "29F7D306-FC7F-4748-BC1D-6280654B8409"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.25:*:*:*:data_center:*:*:*",
"matchCriteriaId": "C82EA42D-1583-4B6D-840E-69B804BD2902"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.20.25:*:*:*:server:*:*:*",
"matchCriteriaId": "22D1EEB6-D4D1-46FC-BB60-CF33EE970E43"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.21.0:*:*:*:data_center:*:*:*",
"matchCriteriaId": "F1992CBB-135C-4CD7-8D9B-037EEE0530BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.21.0:*:*:*:server:*:*:*",
"matchCriteriaId": "D8232A74-B1DA-48DD-9DF1-4D04F6091BE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.21.1:*:*:*:data_center:*:*:*",
"matchCriteriaId": "F81B63AA-1086-448A-8D60-F5CF41BB1226"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.21.1:*:*:*:server:*:*:*",
"matchCriteriaId": "2B8BBC24-532A-46AB-9D7D-241C43082E95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.22.0:*:*:*:data_center:*:*:*",
"matchCriteriaId": "F629DC1E-E044-4D84-8D60-B4E6C139EE98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.22.0:*:*:*:server:*:*:*",
"matchCriteriaId": "4BDBC59C-C5C7-4848-8CCA-D4DF0354BFCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.22.1:*:*:*:data_center:*:*:*",
"matchCriteriaId": "D2E75D91-EC8E-4BAC-B989-403120F84BAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.22.1:*:*:*:server:*:*:*",
"matchCriteriaId": "FEA2A29A-D2AA-4688-888D-02923EEBFF4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.22.2:*:*:*:data_center:*:*:*",
"matchCriteriaId": "93EEA37B-7E96-455D-9131-2CDB77889080"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.22.2:*:*:*:server:*:*:*",
"matchCriteriaId": "71D2DC08-B93D-474B-9332-793A47E0A792"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.22.3:*:*:*:data_center:*:*:*",
"matchCriteriaId": "9263586C-D6A5-48F4-8F36-F672377AAFAD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.22.3:*:*:*:server:*:*:*",
"matchCriteriaId": "01F142BF-C557-4D27-A263-0A77D3FBAA27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.22.4:*:*:*:data_center:*:*:*",
"matchCriteriaId": "BC250698-AA6D-46FC-923D-9A3EB0742697"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.22.4:*:*:*:server:*:*:*",
"matchCriteriaId": "755B605C-E032-435B-90C3-FEB1EEBD43E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.22.6:*:*:*:data_center:*:*:*",
"matchCriteriaId": "728DE946-60C8-433A-807B-45720C668B37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:4.22.6:*:*:*:server:*:*:*",
"matchCriteriaId": "F24C4029-A2D5-4B95-AE2B-10B035B28420"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.0.0:*:*:*:data_center:*:*:*",
"matchCriteriaId": "52672DE1-9B0D-4689-93AD-FF4B8A59E5EC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.0.0:*:*:*:server:*:*:*",
"matchCriteriaId": "D802B4FE-F56F-46C4-A84B-EB89931EC16E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.1.0:*:*:*:data_center:*:*:*",
"matchCriteriaId": "17E30F04-14EF-4F4D-8124-D0DD04E9EDF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.1.0:*:*:*:server:*:*:*",
"matchCriteriaId": "538503C1-F947-4BCF-836F-A609A601E064"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.1.1:*:*:*:data_center:*:*:*",
"matchCriteriaId": "07105957-FEBE-4E02-88FB-A8DDAE67E8A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.1.1:*:*:*:server:*:*:*",
"matchCriteriaId": "E40B10B9-F8C3-4279-A9AC-2E25AEF46D7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.2.0:*:*:*:data_center:*:*:*",
"matchCriteriaId": "C7D685CD-9CAD-42B5-B721-26203854F396"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.2.0:*:*:*:server:*:*:*",
"matchCriteriaId": "269B2F72-56A3-4750-8665-7DE03DAE3DAA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.2.1:*:*:*:data_center:*:*:*",
"matchCriteriaId": "C600291E-2EDC-4F61-9FC1-C2C34C20EA4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.2.1:*:*:*:server:*:*:*",
"matchCriteriaId": "C8D33E70-8A27-46A2-BB14-87181F8DA0F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.3.0:*:*:*:data_center:*:*:*",
"matchCriteriaId": "F09CAEB7-4C1F-4B5B-9921-6DD06FF9EB9D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.3.0:*:*:*:server:*:*:*",
"matchCriteriaId": "7E9F4E2A-E450-496C-B3E8-B0817BAD8817"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.3.1:*:*:*:data_center:*:*:*",
"matchCriteriaId": "964CB4B7-1502-4E92-B7D2-D864C13E338B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.3.1:*:*:*:server:*:*:*",
"matchCriteriaId": "A9EFBC53-7C0B-408E-A745-0C83E9E38DAD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.3.2:*:*:*:data_center:*:*:*",
"matchCriteriaId": "18A70517-84A8-4866-9FE8-06D0608391E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.3.2:*:*:*:server:*:*:*",
"matchCriteriaId": "E504A879-B312-4E8F-ADF9-8C1623B023AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.3.3:*:*:*:data_center:*:*:*",
"matchCriteriaId": "9EE1449F-6F38-4677-9DB9-AF2D9A7C2AE2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.3.3:*:*:*:server:*:*:*",
"matchCriteriaId": "2BC5B994-25C4-4C00-8871-F3664878C83B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.4.0:*:*:*:data_center:*:*:*",
"matchCriteriaId": "4484C6ED-659F-47F5-BFE2-7E9794FA51C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.4.0:*:*:*:server:*:*:*",
"matchCriteriaId": "F4449121-125E-49D9-BF3E-2A6EA169B796"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.4.1:*:*:*:data_center:*:*:*",
"matchCriteriaId": "C940817F-B265-4F42-AE19-DA2B49AC1D53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.4.1:*:*:*:server:*:*:*",
"matchCriteriaId": "099869F1-BC95-4828-A0F5-9BBADDC3F6F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.4.2:*:*:*:data_center:*:*:*",
"matchCriteriaId": "601B5811-B1B8-4FF0-984B-62F07366615A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.4.2:*:*:*:server:*:*:*",
"matchCriteriaId": "0D82DFCD-964E-406E-8329-E31A76FCFC64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.4.3:*:*:*:data_center:*:*:*",
"matchCriteriaId": "ED8B7E12-9139-4BCB-9A5A-C8B23A6F8628"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.4.3:*:*:*:server:*:*:*",
"matchCriteriaId": "08F237B7-4C22-4A35-BC82-6B6E892B7EB3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.4.4:*:*:*:data_center:*:*:*",
"matchCriteriaId": "0EC83F47-180C-481B-88A8-0E3C6654774C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.4.4:*:*:*:server:*:*:*",
"matchCriteriaId": "2A3EA15F-DEBB-44A2-8CEA-B137AE8089CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.4.5:*:*:*:data_center:*:*:*",
"matchCriteriaId": "428B70AC-35A2-4D4F-9670-43B601426DD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.4.5:*:*:*:server:*:*:*",
"matchCriteriaId": "6314E670-88E8-4B09-9AF4-95E669A68A5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.4.6:*:*:*:data_center:*:*:*",
"matchCriteriaId": "4486E929-E1A8-4731-BE7E-A8BCCE594ADA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.4.6:*:*:*:server:*:*:*",
"matchCriteriaId": "D24437F8-2B3A-4A0D-8C6C-A8B9E90457DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.4.7:*:*:*:data_center:*:*:*",
"matchCriteriaId": "06843035-CE98-48C8-BCB1-02976D233077"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.4.7:*:*:*:server:*:*:*",
"matchCriteriaId": "B98060AC-32A2-4F5A-A490-3E23F883D5A7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.4.8:*:*:*:data_center:*:*:*",
"matchCriteriaId": "9681965F-AD13-420C-8845-A544520042DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.4.8:*:*:*:server:*:*:*",
"matchCriteriaId": "C9D2A5F2-F91C-4DA3-9EB6-441D17A6AB9F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.4.9:*:*:*:data_center:*:*:*",
"matchCriteriaId": "6F3F93E1-8BB2-40BD-B4A9-D4136B742F82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.4.9:*:*:*:server:*:*:*",
"matchCriteriaId": "549B3ADB-BAEF-4E45-856C-4B07F9FBB12A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.5.1:*:*:*:data_center:*:*:*",
"matchCriteriaId": "941AD6CA-3F4E-43E5-AA68-95AB7C84F297"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.5.1:*:*:*:server:*:*:*",
"matchCriteriaId": "4630E46A-817F-4238-989F-93C633A10058"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.6.0:*:*:*:data_center:*:*:*",
"matchCriteriaId": "25D8E4A5-2AB6-42D4-B6D4-54484149BE75"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.6.0:*:*:*:server:*:*:*",
"matchCriteriaId": "9BA9FF1F-8F8C-47DD-9E7B-8B48FB453A83"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.7.0:*:*:*:data_center:*:*:*",
"matchCriteriaId": "D28343BD-5440-425E-AFEB-FC79EFB3C531"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.7.0:*:*:*:server:*:*:*",
"matchCriteriaId": "F29E98F7-4768-48C8-9D1C-448006DF0FFE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.7.1:*:*:*:data_center:*:*:*",
"matchCriteriaId": "E8B3B4C6-4E76-4184-BE92-A6EF2B4CB8D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.7.1:*:*:*:server:*:*:*",
"matchCriteriaId": "1320F61E-A562-438E-A19D-90C816920B63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.8.0:*:*:*:data_center:*:*:*",
"matchCriteriaId": "35D28C45-8C74-4131-A2C5-1F1CE009BDED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.8.0:*:*:*:server:*:*:*",
"matchCriteriaId": "64D7B52D-46CA-4769-9631-9E3E45927003"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.8.1:*:*:*:data_center:*:*:*",
"matchCriteriaId": "027F98AD-B508-4079-A1BD-EFDBDBA78331"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.8.1:*:*:*:server:*:*:*",
"matchCriteriaId": "D80A8C83-C8B1-4ADF-B45B-550E6BA45AEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.9.0:*:*:*:data_center:*:*:*",
"matchCriteriaId": "54EB831D-3D4C-4807-AF42-DFF7D9176773"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.9.0:*:*:*:server:*:*:*",
"matchCriteriaId": "031A34D6-C522-4301-BE02-83D3BADC8C7E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.10.0:*:*:*:data_center:*:*:*",
"matchCriteriaId": "109D37D3-3FC7-4443-974A-7D668ABE97D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:jira_service_management:5.10.0:*:*:*:server:*:*:*",
"matchCriteriaId": "30D20E35-0BAC-4D43-A619-10B6A4572CBB"
}
]
}
]
}
],
"references": [
{
"url": "https://confluence.atlassian.com/security/ssot-117-cve-2019-13990-xxe-xml-external-entity-injection-vulnerability-in-jira-service-management-data-center-and-jira-service-management-server-1295385959.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/quartz-scheduler/quartz/issues/467",
@ -432,35 +1055,59 @@
},
{
"url": "https://lists.apache.org/thread.html/172d405e556e2f1204be126bb3eb28c5115af91bcc1651b4e870bb82%40%3Cdev.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/1870324fea41ea68cff2fd1bf6ee2747432dc1d9d22a22cc681e0ec3%40%3Cdev.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://lists.apache.org/thread.html/6b6e3480b19856365fb5eef03aa0915a4679de4b019a1e975502d949%40%3Cdev.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://lists.apache.org/thread.html/e493e718a50f21201e05e82d42a8796b4046e83f0d286b90e58e0629%40%3Cdev.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://lists.apache.org/thread.html/f74b170d3d58d7a24db1afd3908bb0ab58a3900e16e73275674cdfaf%40%3Ccommits.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r21df13c8bd2c2eae4b9661aae814c4a2a814d1f7875c765b8b115c9a%40%3Ccommits.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread.html/r3a6884e8d819f32cde8c07b98934de3e80467859880f784950bf44cf%40%3Ccommits.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://lists.apache.org/thread.html/re9b56ac1934d7bf16afc83eac1c39c98c1b20b4b15891dce923bf8aa%40%3Ccommits.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20221028-0002/",

14
CVE-2021/CVE-2021-286xx/CVE-2021-28676.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-28676",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-06-02T16:15:08.797",
"lastModified": "2023-11-16T23:15:08.007",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T15:15:07.550",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -111,7 +111,10 @@
"references": [
{
"url": "https://github.com/python-pillow/Pillow/commit/bb6c11fb889e6c11b0ee122b828132ee763b5856",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/python-pillow/Pillow/pull/5377",
@ -129,7 +132,10 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-28676-fix-fli-dos",

9
CVE-2021/CVE-2021-316xx/CVE-2021-31606.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31606",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-09-27T06:15:07.863",
"lastModified": "2023-11-16T22:15:27.690",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T15:15:17.913",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -104,7 +104,10 @@
},
{
"url": "https://github.com/furlongm/openvpn-monitor/commit/ddb9d31ef0ec56f578bdacf99ebe9d68455ed8ca",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/furlongm/openvpn-monitor/releases",

9
CVE-2022/CVE-2022-12xx/CVE-2022-1274.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-1274",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-03-29T21:15:07.853",
"lastModified": "2023-04-08T01:55:55.163",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-22T16:15:07.353",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -58,7 +58,6 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -186,6 +185,10 @@
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://herolab.usd.de/security-advisories/usd-2021-0033/",
"source": "secalert@redhat.com"
}
]
}

8
CVE-2022/CVE-2022-272xx/CVE-2022-27209.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-27209",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-03-15T17:15:11.753",
"lastModified": "2023-10-25T18:16:59.167",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T16:37:26.647",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kubernetes:continuous_deploy:*:*:*:*:*:jenkins:*:*",
"criteria": "cpe:2.3:a:jenkins:kubernetes_continuous_deploy:*:*:*:*:*:jenkins:*:*",
"versionEndIncluding": "2.3.1",
"matchCriteriaId": "39AC6F7F-5ED0-427E-B3FB-39DA76ABB944"
"matchCriteriaId": "EE490F18-B41E-466C-AE7D-B797034C76EF"
}
]
}

4
CVE-2022/CVE-2022-272xx/CVE-2022-27213.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-27213",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-03-15T17:15:12.263",
"lastModified": "2023-10-25T18:16:59.463",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T16:23:42.343",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-272xx/CVE-2022-27214.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-27214",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-03-15T17:15:12.433",
"lastModified": "2023-10-25T18:16:59.523",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T16:23:46.820",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-272xx/CVE-2022-27215.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-27215",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-03-15T17:15:12.523",
"lastModified": "2023-10-25T18:16:59.580",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T16:23:50.363",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-272xx/CVE-2022-27216.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-27216",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-03-15T17:15:12.637",
"lastModified": "2023-10-25T18:16:59.640",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T16:23:53.603",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-281xx/CVE-2022-28134.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-28134",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-03-29T13:15:08.090",
"lastModified": "2023-10-25T18:16:59.927",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T16:23:56.647",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-281xx/CVE-2022-28137.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-28137",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-03-29T13:15:08.233",
"lastModified": "2023-10-25T18:17:00.150",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T16:23:08.167",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-290xx/CVE-2022-29050.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-29050",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-04-12T20:15:09.760",
"lastModified": "2023-10-25T18:17:02.620",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T16:23:11.757",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-290xx/CVE-2022-29051.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-29051",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-04-12T20:15:09.807",
"lastModified": "2023-10-25T18:17:02.680",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T16:23:15.557",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-290xx/CVE-2022-29052.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-29052",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-04-12T20:15:09.850",
"lastModified": "2023-10-25T18:17:02.743",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T16:23:18.697",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",

9
CVE-2022/CVE-2022-309xx/CVE-2022-30930.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-30930",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-06-14T17:15:08.287",
"lastModified": "2023-11-14T16:30:23.447",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T15:15:22.080",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -95,7 +95,10 @@
"references": [
{
"url": "https://medium.com/%40pmmali/my-second-cve-2022-30930-4f9aab047518",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://www.acunetix.com/vulnerabilities/web/possible-csrf-cross-site-request-forgery/",

4
CVE-2022/CVE-2022-309xx/CVE-2022-30946.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-30946",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-05-17T15:15:08.737",
"lastModified": "2023-10-25T18:17:02.877",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T16:22:05.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",

71
CVE-2022/CVE-2022-393xx/CVE-2022-39337.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2022-39337",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-22T15:15:07.810",
"lastModified": "2023-12-22T15:15:07.810",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Hertzbeat is an open source, real-time monitoring system with custom-monitoring, high performance cluster, prometheus-like and agentless. Hertzbeat versions 1.20 and prior have a permission bypass vulnerability. System authentication can be bypassed and invoke interfaces without authorization. Version 1.2.1 contains a patch for this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
},
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://github.com/dromara/hertzbeat/commit/ac5970c6ceb64fafe237fc895243df5f21e40876",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/dromara/hertzbeat/issues/377",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/dromara/hertzbeat/pull/382",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/dromara/hertzbeat/security/advisories/GHSA-434f-f5cw-3rj6",
"source": "security-advisories@github.com"
}
]
}

10
CVE-2023/CVE-2023-200xx/CVE-2023-20086.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20086",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-11-01T17:15:11.057",
"lastModified": "2023-11-09T00:44:44.573",
"lastModified": "2023-12-22T15:00:40.447",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -21,20 +21,20 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
"impactScore": 4.0
},
{
"source": "ykramarz@cisco.com",

10
CVE-2023/CVE-2023-200xx/CVE-2023-20095.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20095",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-11-01T18:15:09.207",
"lastModified": "2023-11-09T17:26:33.230",
"lastModified": "2023-12-22T15:01:03.280",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -21,20 +21,20 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
"impactScore": 4.0
},
{
"source": "ykramarz@cisco.com",

24
CVE-2023/CVE-2023-220xx/CVE-2023-22068.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22068",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-10-17T22:15:12.617",
"lastModified": "2023-10-27T15:15:10.617",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-22T16:40:16.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -72,12 +72,30 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20231027-0009/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2023.html",

24
CVE-2023/CVE-2023-220xx/CVE-2023-22070.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22070",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-10-17T22:15:12.763",
"lastModified": "2023-10-27T15:15:10.697",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-22T16:40:25.350",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -72,12 +72,30 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20231027-0009/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2023.html",

24
CVE-2023/CVE-2023-220xx/CVE-2023-22078.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22078",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-10-17T22:15:13.357",
"lastModified": "2023-10-27T15:15:10.787",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-22T16:40:30.590",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -72,12 +72,30 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20231027-0009/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2023.html",

24
CVE-2023/CVE-2023-220xx/CVE-2023-22079.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22079",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-10-17T22:15:13.430",
"lastModified": "2023-10-27T15:15:10.873",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-22T16:40:41.727",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -67,12 +67,30 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20231027-0009/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2023.html",

64
CVE-2023/CVE-2023-220xx/CVE-2023-22084.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22084",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-10-17T22:15:13.793",
"lastModified": "2023-11-26T04:15:07.127",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-22T16:46:50.903",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -79,24 +79,76 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OR7GNQAJZ7NMHT4HRDNROR3DS272KKET/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UCGSAQFWYIJRIYLZLHPS3MRUS4AQ5JQH/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YZL2AT2ZUKB6K22UTISHEZ4JKG4VZ3VO/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20231027-0009/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2023.html",

24
CVE-2023/CVE-2023-220xx/CVE-2023-22092.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22092",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-10-17T22:15:14.370",
"lastModified": "2023-10-27T15:15:11.590",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-22T16:45:08.800",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -67,12 +67,30 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20231027-0009/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2023.html",

24
CVE-2023/CVE-2023-220xx/CVE-2023-22095.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22095",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-10-17T22:15:14.590",
"lastModified": "2023-10-27T15:15:11.957",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-22T16:45:04.303",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -65,12 +65,30 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20231027-0009/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2023.html",

24
CVE-2023/CVE-2023-220xx/CVE-2023-22097.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22097",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-10-17T22:15:14.740",
"lastModified": "2023-10-27T15:15:12.057",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-22T16:44:59.347",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -72,12 +72,30 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20231027-0009/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2023.html",

24
CVE-2023/CVE-2023-221xx/CVE-2023-22103.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22103",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-10-17T22:15:15.173",
"lastModified": "2023-10-27T15:15:12.283",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-22T16:44:54.207",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -72,12 +72,30 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20231027-0009/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2023.html",

24
CVE-2023/CVE-2023-221xx/CVE-2023-22104.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22104",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-10-17T22:15:15.243",
"lastModified": "2023-10-27T15:15:12.410",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-22T16:44:49.393",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -67,12 +67,30 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20231027-0009/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2023.html",

24
CVE-2023/CVE-2023-221xx/CVE-2023-22110.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22110",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-10-17T22:15:15.643",
"lastModified": "2023-10-27T15:15:12.510",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-22T16:44:43.860",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -67,12 +67,30 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20231027-0009/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2023.html",

24
CVE-2023/CVE-2023-221xx/CVE-2023-22111.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22111",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-10-17T22:15:15.717",
"lastModified": "2023-10-27T15:15:12.600",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-22T16:44:38.237",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -67,12 +67,30 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20231027-0009/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2023.html",

24
CVE-2023/CVE-2023-221xx/CVE-2023-22112.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22112",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-10-17T22:15:15.793",
"lastModified": "2023-10-27T15:15:12.693",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-22T16:39:13.467",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -67,12 +67,30 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20231027-0009/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2023.html",

24
CVE-2023/CVE-2023-221xx/CVE-2023-22113.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22113",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-10-17T22:15:15.873",
"lastModified": "2023-10-27T15:15:12.787",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-22T16:40:56.410",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -67,12 +67,30 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20231027-0009/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2023.html",

8
CVE-2023/CVE-2023-283xx/CVE-2023-28322.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-28322",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-05-26T21:15:16.153",
"lastModified": "2023-11-07T04:10:28.767",
"lastModified": "2023-12-22T16:15:07.493",
"vulnStatus": "Modified",
"descriptions": [
{
@ -46,7 +46,7 @@
]
},
{
"source": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"source": "support@hackerone.com",
"type": "Secondary",
"description": [
{
@ -287,6 +287,10 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html",
"source": "support@hackerone.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/",
"source": "support@hackerone.com"

14
CVE-2023/CVE-2023-363xx/CVE-2023-36375.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36375",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-10T17:15:09.263",
"lastModified": "2023-11-14T16:36:13.640",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T15:16:04.310",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -66,13 +66,19 @@
"references": [
{
"url": "https://medium.com/%40ridheshgohil1092/cve-2023-36375-xss-on-hostel-management-system-d654e6df26bc",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://packetstormsecurity.com",
"source": "cve@mitre.org",
"tags": [
"Mitigation"
"Mitigation",
"Third Party Advisory",
"VDB Entry"
]
}
]

14
CVE-2023/CVE-2023-363xx/CVE-2023-36376.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36376",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-10T16:15:53.307",
"lastModified": "2023-11-14T16:36:13.640",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T15:14:04.297",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -66,13 +66,19 @@
"references": [
{
"url": "https://medium.com/%40ridheshgohil1092/cve-2023-36376-xss-on-hostel-management-system-c6891993527",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://packetstormsecurity.com",
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
"Not Applicable",
"Third Party Advisory",
"VDB Entry"
]
}
]

24
CVE-2023/CVE-2023-368xx/CVE-2023-36823.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36823",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-06T16:15:10.147",
"lastModified": "2023-11-14T16:15:27.467",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T15:15:50.307",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -83,6 +83,21 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
@ -109,7 +124,10 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00008.html",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
}
]
}

10
CVE-2023/CVE-2023-369xx/CVE-2023-36939.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36939",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-10T18:15:10.963",
"lastModified": "2023-11-14T16:36:13.640",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T15:16:15.693",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -66,7 +66,11 @@
"references": [
{
"url": "https://medium.com/%40ridheshgohil1092/cve-2023-36939-xss-online-security-guards-hiring-system-7547ee114134",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://packetstormsecurity.com",

7
CVE-2023/CVE-2023-36xx/CVE-2023-3605.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3605",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-10T20:15:15.377",
"lastModified": "2023-11-14T16:47:19.710",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T15:16:22.337",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -113,8 +113,7 @@
"url": "https://vuldb.com/?ctiid.233467",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
"Permissions Required"
]
},
{

13
CVE-2023/CVE-2023-375xx/CVE-2023-37580.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37580",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-31T16:15:10.327",
"lastModified": "2023-11-17T15:15:11.693",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-22T15:16:27.810",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-07-27",
"cisaActionDue": "2023-08-17",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
@ -137,14 +137,17 @@
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/11/17/2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://wiki.zimbra.com/wiki/Security_Center",
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
"Release Notes"
]
},
{

22
CVE-2023/CVE-2023-385xx/CVE-2023-38532.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38532",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-08-08T10:15:16.403",
"lastModified": "2023-11-14T11:15:10.847",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T15:16:50.043",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -104,6 +104,13 @@
"versionEndExcluding": "35.1.171",
"matchCriteriaId": "EA7FF725-2396-492A-8B97-CA77B4EFCC48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.1",
"versionEndExcluding": "14.1.0.11",
"matchCriteriaId": "9EF3388B-D057-4DB9-96AE-B6F4678FE5B8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
@ -113,13 +120,10 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F859B7F9-2AD8-4B2E-9E26-7DEE54160348"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:14.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8048B948-FD64-44FA-B5C3-52966997A1A4"
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.3",
"versionEndExcluding": "14.3.0.3",
"matchCriteriaId": "99F0D457-7D65-40DC-BCFA-339FA5648709"
}
]
}

24
CVE-2023/CVE-2023-386xx/CVE-2023-38605.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38605",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-06T21:15:12.783",
"lastModified": "2023-11-01T00:15:08.950",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T16:22:47.960",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -63,12 +63,26 @@
"versionEndExcluding": "15.7.8",
"matchCriteriaId": "5E276423-4032-4E12-AB11-88F7047E35EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.6",
"matchCriteriaId": "33013784-1828-4402-81CF-2794D94A7C48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.8",
"matchCriteriaId": "8635FA0F-1876-4E3A-B02D-31AEA459C38E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.6",
"matchCriteriaId": "4C67BFEB-764A-4C07-A02A-117C6AFAAC6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
@ -98,7 +112,11 @@
},
{
"url": "https://support.apple.com/kb/HT213841",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213842",

24
CVE-2023/CVE-2023-403xx/CVE-2023-40392.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40392",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-06T21:15:13.560",
"lastModified": "2023-11-01T00:15:09.037",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T15:18:01.370",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -63,12 +63,26 @@
"versionEndExcluding": "15.7.8",
"matchCriteriaId": "5E276423-4032-4E12-AB11-88F7047E35EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.6",
"matchCriteriaId": "33013784-1828-4402-81CF-2794D94A7C48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.8",
"matchCriteriaId": "8635FA0F-1876-4E3A-B02D-31AEA459C38E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.6",
"matchCriteriaId": "4C67BFEB-764A-4C07-A02A-117C6AFAAC6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
@ -112,7 +126,11 @@
},
{
"url": "https://support.apple.com/kb/HT213841",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213842",

36
CVE-2023/CVE-2023-404xx/CVE-2023-40400.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40400",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:07.467",
"lastModified": "2023-11-01T00:15:09.097",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T16:10:51.593",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -60,14 +60,14 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
"versionEndExcluding": "16.6",
"matchCriteriaId": "F362BEC4-90C7-4305-BFF9-645FE6C52DFE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
"versionEndExcluding": "16.6",
"matchCriteriaId": "DB63BAC2-C756-428C-8BAC-BAD39FBE5EF4"
},
{
"vulnerable": true,
@ -103,15 +103,27 @@
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/3",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/8",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/9",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213936",
@ -147,7 +159,11 @@
},
{
"url": "https://support.apple.com/kb/HT213841",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-404xx/CVE-2023-40442.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40442",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-12T00:15:09.203",
"lastModified": "2023-11-01T00:15:09.180",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T16:10:36.647",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -63,12 +63,26 @@
"versionEndExcluding": "15.7.8",
"matchCriteriaId": "5E276423-4032-4E12-AB11-88F7047E35EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.6",
"matchCriteriaId": "33013784-1828-4402-81CF-2794D94A7C48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.8",
"matchCriteriaId": "8635FA0F-1876-4E3A-B02D-31AEA459C38E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.6",
"matchCriteriaId": "4C67BFEB-764A-4C07-A02A-117C6AFAAC6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
@ -115,7 +129,11 @@
},
{
"url": "https://support.apple.com/kb/HT213841",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-418xx/CVE-2023-41892.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41892",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-13T20:15:08.187",
"lastModified": "2023-09-19T01:38:16.567",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-22T16:15:07.630",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -90,6 +90,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/176303/Craft-CMS-4.4.14-Remote-Code-Execution.html",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/craftcms/cms/blob/develop/CHANGELOG.md#4415---2023-07-03-critical",
"source": "security-advisories@github.com",

18
CVE-2023/CVE-2023-419xx/CVE-2023-41995.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41995",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:32.353",
"lastModified": "2023-11-01T00:15:09.243",
"vulnStatus": "Modified",
"lastModified": "2023-12-22T16:15:29.073",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -60,14 +60,14 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
"versionEndExcluding": "16.6",
"matchCriteriaId": "F362BEC4-90C7-4305-BFF9-645FE6C52DFE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
"versionEndExcluding": "16.6",
"matchCriteriaId": "DB63BAC2-C756-428C-8BAC-BAD39FBE5EF4"
},
{
"vulnerable": true,
@ -115,7 +115,11 @@
},
{
"url": "https://support.apple.com/kb/HT213841",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-420xx/CVE-2023-42017.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-42017",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-22T16:15:07.767",
"lastModified": "2023-12-22T16:15:07.767",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "IBM Planning Analytics Local 2.0 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious script, which could allow the attacker to execute arbitrary code on the vulnerable system. IBM X-Force ID: 265567."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/265567",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7096528",
"source": "psirt@us.ibm.com"
}
]
}

36
CVE-2023/CVE-2023-424xx/CVE-2023-42465.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-42465",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-22T16:15:08.057",
"lastModified": "2023-12-22T16:15:08.057",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit."
}
],
"metrics": {},
"references": [
{
"url": "https://arxiv.org/abs/2309.02545",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/sudo-project/sudo/commit/7873f8334c8d31031f8cfa83bd97ac6029309e4f",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/sudo-project/sudo/releases/tag/SUDO_1_9_15",
"source": "cve@mitre.org"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/12/21/9",
"source": "cve@mitre.org"
},
{
"url": "https://www.sudo.ws/releases/changelog/",
"source": "cve@mitre.org"
}
]
}

59
CVE-2023/CVE-2023-451xx/CVE-2023-45165.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-45165",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-22T16:15:08.137",
"lastModified": "2023-12-22T16:15:08.137",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "IBM AIX 7.2 and 7.3 could allow a non-privileged local user to exploit a vulnerability in the AIX SMB client to cause a denial of service. IBM X-Force ID: 267963."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/267963",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7100970",
"source": "psirt@us.ibm.com"
}
]
}

28
CVE-2023/CVE-2023-459xx/CVE-2023-45957.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-45957",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-22T16:15:08.327",
"lastModified": "2023-12-22T16:15:08.327",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability in the component admin/AdminRequestSqlController.php of thirty bees before 1.5.0 allows attackers to execute arbitrary web script or HTML via $e->getMessage() error mishandling."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/thirtybees/thirtybees/commit/f5b2c1e0094ce53fded1443bab99a604ae8e2968",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/thirtybees/thirtybees/compare/1.4.0...1.5.0",
"source": "cve@mitre.org"
},
{
"url": "https://zigrin.com/advisories/thirty-bees-stored-cross-site-scripting-xss/",
"source": "cve@mitre.org"
}
]
}

6
CVE-2023/CVE-2023-462xx/CVE-2023-46218.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-46218",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-12-07T01:15:07.160",
"lastModified": "2023-12-15T03:15:44.970",
"lastModified": "2023-12-22T16:15:08.380",
"vulnStatus": "Modified",
"descriptions": [
{
@ -103,6 +103,10 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html",
"source": "support@hackerone.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ZX3VW67N4ACRAPMV2QS2LVYGD7H2MVE/",
"source": "support@hackerone.com",

36
CVE-2023/CVE-2023-483xx/CVE-2023-48372.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48372",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2023-12-15T05:15:07.897",
"lastModified": "2023-12-15T13:42:13.817",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T16:48:41.477",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -39,6 +39,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "twcert@cert.org.tw",
"type": "Secondary",
@ -50,10 +60,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:itpison:omicard_edm:6.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E83A71-074E-41B5-908A-3A227F4DB884"
}
]
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-7591-07c51-1.html",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}
]
}

36
CVE-2023/CVE-2023-483xx/CVE-2023-48373.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48373",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2023-12-15T05:15:08.153",
"lastModified": "2023-12-15T13:42:13.817",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T16:45:41.510",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -39,6 +39,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "twcert@cert.org.tw",
"type": "Secondary",
@ -50,10 +60,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:itpison:omicard_edm:6.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E83A71-074E-41B5-908A-3A227F4DB884"
}
]
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-7592-998bf-1.html",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}
]
}

36
CVE-2023/CVE-2023-483xx/CVE-2023-48384.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48384",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2023-12-15T09:15:08.160",
"lastModified": "2023-12-15T13:42:13.817",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T15:14:12.400",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -39,6 +39,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "twcert@cert.org.tw",
"type": "Secondary",
@ -50,10 +60,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:armorxgt:spamtrap:8.15.2-2.872.088-1.90.027:*:*:*:*:*:*:*",
"matchCriteriaId": "74C3135E-A96B-48A5-8BF3-4A352E573AAE"
}
]
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-7601-71c94-1.html",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-483xx/CVE-2023-48387.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48387",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2023-12-15T09:15:08.357",
"lastModified": "2023-12-15T13:42:13.817",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T15:19:34.833",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "twcert@cert.org.tw",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "twcert@cert.org.tw",
"type": "Secondary",
@ -50,10 +80,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:twca:jcicsecuritytool:4.2.3.32:*:*:*:*:*:*:*",
"matchCriteriaId": "8601F7E8-1B40-426B-BAC2-6E12BAE93686"
}
]
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-7602-a47a2-1.html",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}
]
}

48
CVE-2023/CVE-2023-483xx/CVE-2023-48388.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48388",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2023-12-15T09:15:08.550",
"lastModified": "2023-12-15T13:42:13.817",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T16:07:01.780",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -39,6 +39,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
},
{
"source": "twcert@cert.org.tw",
"type": "Secondary",
@ -50,10 +60,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:multisuns:easylog_web\\+_firmware:1.13.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D46B245C-B4C9-4844-B0B6-2B45380CC06A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:multisuns:easylog_web\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A3D987D-BC2E-43B5-84D0-CFE2BA754DF4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-7603-b1061-1.html",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}
]
}

48
CVE-2023/CVE-2023-483xx/CVE-2023-48389.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48389",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2023-12-15T09:15:08.760",
"lastModified": "2023-12-15T13:42:13.817",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T16:12:50.417",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -39,6 +39,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "twcert@cert.org.tw",
"type": "Secondary",
@ -50,10 +60,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:multisuns:easylog_web\\+_firmware:1.13.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D46B245C-B4C9-4844-B0B6-2B45380CC06A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:multisuns:easylog_web\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A3D987D-BC2E-43B5-84D0-CFE2BA754DF4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-7604-ab0fd-1.html",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}
]
}

48
CVE-2023/CVE-2023-483xx/CVE-2023-48390.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48390",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2023-12-15T09:15:08.950",
"lastModified": "2023-12-15T13:42:13.817",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T16:05:04.157",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -39,6 +39,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{
"source": "twcert@cert.org.tw",
"type": "Secondary",
@ -50,10 +60,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:multisuns:easylog_web\\+_firmware:1.13.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D46B245C-B4C9-4844-B0B6-2B45380CC06A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:multisuns:easylog_web\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A3D987D-BC2E-43B5-84D0-CFE2BA754DF4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-7605-2d86d-1.html",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}
]
}

36
CVE-2023/CVE-2023-483xx/CVE-2023-48392.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48392",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2023-12-15T10:15:07.590",
"lastModified": "2023-12-15T13:42:13.817",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T15:46:03.297",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -39,6 +39,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
},
{
"source": "twcert@cert.org.tw",
"type": "Secondary",
@ -50,10 +60,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kaifa:webitr_attendance_system:2.1.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "0B300C11-0A7F-409F-9D3C-3CE08E366D75"
}
]
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-7622-57e5f-1.html",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}
]
}

36
CVE-2023/CVE-2023-483xx/CVE-2023-48393.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48393",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2023-12-15T10:15:07.927",
"lastModified": "2023-12-15T13:42:13.817",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T15:43:05.987",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -39,6 +39,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-209"
}
]
},
{
"source": "twcert@cert.org.tw",
"type": "Secondary",
@ -50,10 +60,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kaifa:webitr_attendance_system:2.1.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "0B300C11-0A7F-409F-9D3C-3CE08E366D75"
}
]
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-7623-5660d-1.html",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}
]
}

36
CVE-2023/CVE-2023-483xx/CVE-2023-48394.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48394",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2023-12-15T10:15:08.237",
"lastModified": "2023-12-15T13:42:13.817",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T15:33:02.573",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -39,6 +39,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
},
{
"source": "twcert@cert.org.tw",
"type": "Secondary",
@ -50,10 +60,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kaifa:webitr_attendance_system:2.1.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "0B300C11-0A7F-409F-9D3C-3CE08E366D75"
}
]
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-7624-d0300-1.html",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}
]
}

36
CVE-2023/CVE-2023-483xx/CVE-2023-48395.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48395",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2023-12-15T10:15:08.590",
"lastModified": "2023-12-15T13:42:13.817",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T15:28:27.923",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -39,6 +39,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "twcert@cert.org.tw",
"type": "Secondary",
@ -50,10 +60,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kaifa:webitr_attendance_system:2.1.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "0B300C11-0A7F-409F-9D3C-3CE08E366D75"
}
]
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-7625-a0b9c-1.html",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-486xx/CVE-2023-48670.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-48670",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-12-22T16:15:08.457",
"lastModified": "2023-12-22T16:15:08.457",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nDell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation vulnerability in the installer. A local low privileged authenticated attacker may potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with elevated privileges.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-426"
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000220677/dsa-2023-468-security-update-for-dell-supportassist-for-home-pcs-installer-file-local-privilege-escalation-vulnerability",
"source": "security_alert@emc.com"
}
]
}

63
CVE-2023/CVE-2023-487xx/CVE-2023-48704.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-48704",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-22T16:15:08.680",
"lastModified": "2023-12-22T16:15:08.680",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "ClickHouse is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issue was discovered in ClickHouse server. An attacker could send a specially crafted payload to the native interface exposed by default on port 9000/tcp, triggering a bug in the decompression logic of Gorilla codec that crashes the ClickHouse server process. This attack does not require authentication. This issue has been addressed in ClickHouse Cloud version 23.9.2.47551 and ClickHouse versions 23.10.5.20, 23.3.18.15, 23.8.8.20, and 23.9.6.20."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
},
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://github.com/ClickHouse/ClickHouse/pull/57107",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/ClickHouse/ClickHouse/security/advisories/GHSA-5rmf-5g48-xv63",
"source": "security-advisories@github.com"
}
]
}

52
CVE-2023/CVE-2023-487xx/CVE-2023-48795.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-48795",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-18T16:15:10.897",
"lastModified": "2023-12-22T13:15:08.900",
"lastModified": "2023-12-22T15:15:08.143",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust; and there could be effects on Bitvise SSH through 9.31."
"value": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust."
},
{
"lang": "es",
@ -56,6 +56,10 @@
"url": "https://crates.io/crates/thrussh/versions",
"source": "cve@mitre.org"
},
{
"url": "https://filezilla-project.org/versions.php",
"source": "cve@mitre.org"
},
{
"url": "https://forum.netgate.com/topic/184941/terrapin-ssh-attack",
"source": "cve@mitre.org"
@ -68,6 +72,14 @@
"url": "https://github.com/NixOS/nixpkgs/pull/275249",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2189",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0",
"source": "cve@mitre.org"
@ -92,6 +104,10 @@
"url": "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/cyd01/KiTTY/issues/520",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6",
"source": "cve@mitre.org"
@ -200,6 +216,10 @@
"url": "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg",
"source": "cve@mitre.org"
},
{
"url": "https://help.panic.com/releasenotes/transmit5/",
"source": "cve@mitre.org"
},
{
"url": "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/",
"source": "cve@mitre.org"
@ -224,10 +244,18 @@
"url": "https://news.ycombinator.com/item?id=38685286",
"source": "cve@mitre.org"
},
{
"url": "https://nova.app/releases/#v11.8",
"source": "cve@mitre.org"
},
{
"url": "https://oryx-embedded.com/download/#changelog",
"source": "cve@mitre.org"
},
{
"url": "https://roumenpetrov.info/secsh/#news20231220",
"source": "cve@mitre.org"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2023-48795",
"source": "cve@mitre.org"
@ -256,6 +284,14 @@
"url": "https://ubuntu.com/security/CVE-2023-48795",
"source": "cve@mitre.org"
},
{
"url": "https://winscp.net/eng/docs/history#6.2.2",
"source": "cve@mitre.org"
},
{
"url": "https://www.bitvise.com/ssh-client-version-history#933",
"source": "cve@mitre.org"
},
{
"url": "https://www.bitvise.com/ssh-server-version-history",
"source": "cve@mitre.org"
@ -276,6 +312,10 @@
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc",
"source": "cve@mitre.org"
},
{
"url": "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508",
"source": "cve@mitre.org"
},
{
"url": "https://www.netsarang.com/en/xshell-update-history/",
"source": "cve@mitre.org"
@ -311,6 +351,14 @@
{
"url": "https://www.terrapin-attack.com",
"source": "cve@mitre.org"
},
{
"url": "https://www.theregister.com/2023/12/20/terrapin_attack_ssh",
"source": "cve@mitre.org"
},
{
"url": "https://www.vandyke.com/products/securecrt/history.txt",
"source": "cve@mitre.org"
}
]
}

63
CVE-2023/CVE-2023-516xx/CVE-2023-51661.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-51661",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-22T15:15:08.377",
"lastModified": "2023-12-22T15:15:08.377",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Wasmer is a WebAssembly runtime that enables containers to run anywhere: from Desktop to the Cloud, Edge and even the browser. Wasm programs can access the filesystem outside of the sandbox. Service providers running untrusted Wasm code on Wasmer can unexpectedly expose the host filesystem. This vulnerability has been patched in version 4.2.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://github.com/wasmerio/wasmer/commit/4d63febf9d8b257b0531963b85df48d45d0dbf3c",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/wasmerio/wasmer/issues/4267",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/wasmerio/wasmer/security/advisories/GHSA-4mq4-7rw3-vm5j",
"source": "security-advisories@github.com"
}
]
}

8
CVE-2023/CVE-2023-68xx/CVE-2023-6817.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6817",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2023-12-18T15:15:10.210",
"lastModified": "2023-12-21T20:32:50.380",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-22T15:15:08.653",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -141,6 +141,10 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/12/22/6",
"source": "cve-coordination@google.com"
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=317eb9685095678f2c9f5a8189de698c5354316a",
"source": "cve-coordination@google.com",

69
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-12-22T15:00:24.651577+00:00
2023-12-22T17:00:24.786578+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-12-22T15:00:05.587000+00:00
2023-12-22T16:48:41.477000+00:00
```
### Last Data Feed Release
@ -29,45 +29,52 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
234079
234087
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `8`
* [CVE-2023-7076](CVE-2023/CVE-2023-70xx/CVE-2023-7076.json) (`2023-12-22T14:15:07.093`)
* [CVE-2022-39337](CVE-2022/CVE-2022-393xx/CVE-2022-39337.json) (`2023-12-22T15:15:07.810`)
* [CVE-2023-51661](CVE-2023/CVE-2023-516xx/CVE-2023-51661.json) (`2023-12-22T15:15:08.377`)
* [CVE-2023-42017](CVE-2023/CVE-2023-420xx/CVE-2023-42017.json) (`2023-12-22T16:15:07.767`)
* [CVE-2023-42465](CVE-2023/CVE-2023-424xx/CVE-2023-42465.json) (`2023-12-22T16:15:08.057`)
* [CVE-2023-45165](CVE-2023/CVE-2023-451xx/CVE-2023-45165.json) (`2023-12-22T16:15:08.137`)
* [CVE-2023-45957](CVE-2023/CVE-2023-459xx/CVE-2023-45957.json) (`2023-12-22T16:15:08.327`)
* [CVE-2023-48670](CVE-2023/CVE-2023-486xx/CVE-2023-48670.json) (`2023-12-22T16:15:08.457`)
* [CVE-2023-48704](CVE-2023/CVE-2023-487xx/CVE-2023-48704.json) (`2023-12-22T16:15:08.680`)
### CVEs modified in the last Commit
Recently modified CVEs: `59`
Recently modified CVEs: `61`
* [CVE-2023-5483](CVE-2023/CVE-2023-54xx/CVE-2023-5483.json) (`2023-12-22T13:15:11.210`)
* [CVE-2023-5484](CVE-2023/CVE-2023-54xx/CVE-2023-5484.json) (`2023-12-22T13:15:11.330`)
* [CVE-2023-5485](CVE-2023/CVE-2023-54xx/CVE-2023-5485.json) (`2023-12-22T13:15:11.477`)
* [CVE-2023-5486](CVE-2023/CVE-2023-54xx/CVE-2023-5486.json) (`2023-12-22T13:15:11.593`)
* [CVE-2023-5487](CVE-2023/CVE-2023-54xx/CVE-2023-5487.json) (`2023-12-22T13:15:11.650`)
* [CVE-2023-5849](CVE-2023/CVE-2023-58xx/CVE-2023-5849.json) (`2023-12-22T13:15:11.717`)
* [CVE-2023-5850](CVE-2023/CVE-2023-58xx/CVE-2023-5850.json) (`2023-12-22T13:15:11.783`)
* [CVE-2023-5851](CVE-2023/CVE-2023-58xx/CVE-2023-5851.json) (`2023-12-22T13:15:11.847`)
* [CVE-2023-5852](CVE-2023/CVE-2023-58xx/CVE-2023-5852.json) (`2023-12-22T13:15:11.923`)
* [CVE-2023-5853](CVE-2023/CVE-2023-58xx/CVE-2023-5853.json) (`2023-12-22T13:15:12.047`)
* [CVE-2023-5854](CVE-2023/CVE-2023-58xx/CVE-2023-5854.json) (`2023-12-22T13:15:12.133`)
* [CVE-2023-5855](CVE-2023/CVE-2023-58xx/CVE-2023-5855.json) (`2023-12-22T13:15:12.210`)
* [CVE-2023-5856](CVE-2023/CVE-2023-58xx/CVE-2023-5856.json) (`2023-12-22T13:15:12.273`)
* [CVE-2023-5857](CVE-2023/CVE-2023-58xx/CVE-2023-5857.json) (`2023-12-22T13:15:12.350`)
* [CVE-2023-5858](CVE-2023/CVE-2023-58xx/CVE-2023-5858.json) (`2023-12-22T13:15:12.413`)
* [CVE-2023-5859](CVE-2023/CVE-2023-58xx/CVE-2023-5859.json) (`2023-12-22T13:15:12.480`)
* [CVE-2023-5996](CVE-2023/CVE-2023-59xx/CVE-2023-5996.json) (`2023-12-22T13:15:12.557`)
* [CVE-2023-5997](CVE-2023/CVE-2023-59xx/CVE-2023-5997.json) (`2023-12-22T13:15:12.693`)
* [CVE-2023-6112](CVE-2023/CVE-2023-61xx/CVE-2023-6112.json) (`2023-12-22T13:15:12.793`)
* [CVE-2023-51385](CVE-2023/CVE-2023-513xx/CVE-2023-51385.json) (`2023-12-22T14:15:06.983`)
* [CVE-2023-47789](CVE-2023/CVE-2023-477xx/CVE-2023-47789.json) (`2023-12-22T14:31:39.947`)
* [CVE-2023-47787](CVE-2023/CVE-2023-477xx/CVE-2023-47787.json) (`2023-12-22T14:32:43.010`)
* [CVE-2023-6778](CVE-2023/CVE-2023-67xx/CVE-2023-6778.json) (`2023-12-22T14:54:34.047`)
* [CVE-2023-20169](CVE-2023/CVE-2023-201xx/CVE-2023-20169.json) (`2023-12-22T14:59:47.780`)
* [CVE-2023-20042](CVE-2023/CVE-2023-200xx/CVE-2023-20042.json) (`2023-12-22T15:00:05.587`)
* [CVE-2023-48388](CVE-2023/CVE-2023-483xx/CVE-2023-48388.json) (`2023-12-22T16:07:01.780`)
* [CVE-2023-40442](CVE-2023/CVE-2023-404xx/CVE-2023-40442.json) (`2023-12-22T16:10:36.647`)
* [CVE-2023-40400](CVE-2023/CVE-2023-404xx/CVE-2023-40400.json) (`2023-12-22T16:10:51.593`)
* [CVE-2023-48389](CVE-2023/CVE-2023-483xx/CVE-2023-48389.json) (`2023-12-22T16:12:50.417`)
* [CVE-2023-28322](CVE-2023/CVE-2023-283xx/CVE-2023-28322.json) (`2023-12-22T16:15:07.493`)
* [CVE-2023-41892](CVE-2023/CVE-2023-418xx/CVE-2023-41892.json) (`2023-12-22T16:15:07.630`)
* [CVE-2023-46218](CVE-2023/CVE-2023-462xx/CVE-2023-46218.json) (`2023-12-22T16:15:08.380`)
* [CVE-2023-41995](CVE-2023/CVE-2023-419xx/CVE-2023-41995.json) (`2023-12-22T16:15:29.073`)
* [CVE-2023-38605](CVE-2023/CVE-2023-386xx/CVE-2023-38605.json) (`2023-12-22T16:22:47.960`)
* [CVE-2023-22112](CVE-2023/CVE-2023-221xx/CVE-2023-22112.json) (`2023-12-22T16:39:13.467`)
* [CVE-2023-22068](CVE-2023/CVE-2023-220xx/CVE-2023-22068.json) (`2023-12-22T16:40:16.323`)
* [CVE-2023-22070](CVE-2023/CVE-2023-220xx/CVE-2023-22070.json) (`2023-12-22T16:40:25.350`)
* [CVE-2023-22078](CVE-2023/CVE-2023-220xx/CVE-2023-22078.json) (`2023-12-22T16:40:30.590`)
* [CVE-2023-22079](CVE-2023/CVE-2023-220xx/CVE-2023-22079.json) (`2023-12-22T16:40:41.727`)
* [CVE-2023-22113](CVE-2023/CVE-2023-221xx/CVE-2023-22113.json) (`2023-12-22T16:40:56.410`)
* [CVE-2023-22111](CVE-2023/CVE-2023-221xx/CVE-2023-22111.json) (`2023-12-22T16:44:38.237`)
* [CVE-2023-22110](CVE-2023/CVE-2023-221xx/CVE-2023-22110.json) (`2023-12-22T16:44:43.860`)
* [CVE-2023-22104](CVE-2023/CVE-2023-221xx/CVE-2023-22104.json) (`2023-12-22T16:44:49.393`)
* [CVE-2023-22103](CVE-2023/CVE-2023-221xx/CVE-2023-22103.json) (`2023-12-22T16:44:54.207`)
* [CVE-2023-22097](CVE-2023/CVE-2023-220xx/CVE-2023-22097.json) (`2023-12-22T16:44:59.347`)
* [CVE-2023-22095](CVE-2023/CVE-2023-220xx/CVE-2023-22095.json) (`2023-12-22T16:45:04.303`)
* [CVE-2023-22092](CVE-2023/CVE-2023-220xx/CVE-2023-22092.json) (`2023-12-22T16:45:08.800`)
* [CVE-2023-48373](CVE-2023/CVE-2023-483xx/CVE-2023-48373.json) (`2023-12-22T16:45:41.510`)
* [CVE-2023-22084](CVE-2023/CVE-2023-220xx/CVE-2023-22084.json) (`2023-12-22T16:46:50.903`)
* [CVE-2023-48372](CVE-2023/CVE-2023-483xx/CVE-2023-48372.json) (`2023-12-22T16:48:41.477`)
## Download and Usage