admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-09-05T18:00:24.728779+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-09-05 18:00:28 +00:00
parent a3a1b6f7fb
commit c19d77f60a
36 changed files with 1483 additions and 105 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2019/CVE-2019-134xx/CVE-2019-13473.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-13473",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-09-11T19:15:11.593",
"lastModified": "2023-09-05T05:15:07.517",
"lastModified": "2023-09-05T17:15:07.477",
"vulnStatus": "Modified",
"descriptions": [
{
@ -411,6 +411,10 @@
"VDB Entry"
]
},
{
"url": "http://packetstormsecurity.com/files/174503/Internet-Radio-auna-IR-160-SE-UIProto-DoS-XSS-Missing-Authentication.html",
"source": "cve@mitre.org"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Sep/1",
"source": "cve@mitre.org"

6
CVE-2019/CVE-2019-134xx/CVE-2019-13474.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-13474",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-09-16T12:15:10.847",
"lastModified": "2023-09-05T05:15:07.703",
"lastModified": "2023-09-05T17:15:07.937",
"vulnStatus": "Modified",
"descriptions": [
{
@ -375,6 +375,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/174503/Internet-Radio-auna-IR-160-SE-UIProto-DoS-XSS-Missing-Authentication.html",
"source": "cve@mitre.org"
},
{
"url": "http://seclists.org/fulldisclosure/2019/Sep/12",
"source": "cve@mitre.org",

54
CVE-2022/CVE-2022-251xx/CVE-2022-25148.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-25148",
"sourceIdentifier": "security@wordfence.com",
"published": "2022-02-24T19:15:10.400",
"lastModified": "2022-03-03T18:33:43.617",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-05T17:15:08.110",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -16,29 +16,9 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
@ -55,6 +35,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -85,7 +85,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
@ -95,7 +95,7 @@
]
},
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
@ -124,6 +124,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/174482/WordPress-WP-Statistics-13.1.5-SQL-Injection.html",
"source": "security@wordfence.com"
},
{
"url": "https://gist.github.com/Xib3rR4dAr/5dbd58b7f57a5037fe461fba8e696042",
"source": "security@wordfence.com",

4
CVE-2023/CVE-2023-24xx/CVE-2023-2453.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2453",
"sourceIdentifier": "disclosure@synopsys.com",
"published": "2023-09-05T15:15:42.377",
"lastModified": "2023-09-05T15:15:42.377",
"vulnStatus": "Received",
"lastModified": "2023-09-05T17:31:50.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2023/CVE-2023-288xx/CVE-2023-28809.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28809",
"sourceIdentifier": "hsrc@hikvision.com",
"published": "2023-06-15T19:15:10.537",
"lastModified": "2023-06-30T00:08:59.093",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-05T17:15:08.280",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -781,6 +781,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html",
"source": "hsrc@hikvision.com"
},
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/",
"source": "hsrc@hikvision.com",

62
CVE-2023/CVE-2023-311xx/CVE-2023-31168.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31168",
"sourceIdentifier": "security@selinc.com",
"published": "2023-08-31T16:15:08.937",
"lastModified": "2023-08-31T17:25:54.340",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-05T17:38:34.297",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-829"
}
]
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -46,14 +76,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:selinc:sel-5030_acselerator_quickset:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.1.3.0",
"matchCriteriaId": "B7FE991E-8E2F-4B6D-A0F7-E9D67913B5B6"
}
]
}
]
}
],
"references": [
{
"url": "https://selinc.com/support/security-notifications/external-reports/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.nozominetworks.com/blog/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-311xx/CVE-2023-31169.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31169",
"sourceIdentifier": "security@selinc.com",
"published": "2023-08-31T16:15:09.230",
"lastModified": "2023-08-31T17:25:54.340",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-05T17:36:09.717",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-755"
}
]
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -46,14 +76,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:selinc:sel-5030_acselerator_quickset:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.1.3.0",
"matchCriteriaId": "B7FE991E-8E2F-4B6D-A0F7-E9D67913B5B6"
}
]
}
]
}
],
"references": [
{
"url": "https://selinc.com/support/security-notifications/external-reports/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.nozominetworks.com/blog/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-311xx/CVE-2023-31170.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31170",
"sourceIdentifier": "security@selinc.com",
"published": "2023-08-31T16:15:09.313",
"lastModified": "2023-08-31T17:25:54.340",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-05T17:35:41.017",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-829"
}
]
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -46,14 +76,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:selinc:sel-5030_acselerator_quickset:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.1.3.0",
"matchCriteriaId": "B7FE991E-8E2F-4B6D-A0F7-E9D67913B5B6"
}
]
}
]
}
],
"references": [
{
"url": "https://selinc.com/support/security-notifications/external-reports/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.nozominetworks.com/blog/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-311xx/CVE-2023-31171.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31171",
"sourceIdentifier": "security@selinc.com",
"published": "2023-08-31T16:15:09.403",
"lastModified": "2023-08-31T17:25:54.340",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-05T16:33:35.107",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -46,14 +76,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:selinc:sel-5030_acselerator_quickset:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.1.3.0",
"matchCriteriaId": "B7FE991E-8E2F-4B6D-A0F7-E9D67913B5B6"
}
]
}
]
}
],
"references": [
{
"url": "https://selinc.com/support/security-notifications/external-reports/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.nozominetworks.com/blog/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-311xx/CVE-2023-31172.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31172",
"sourceIdentifier": "security@selinc.com",
"published": "2023-08-31T16:15:09.487",
"lastModified": "2023-08-31T17:25:54.340",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-05T16:32:59.760",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -46,14 +76,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:selinc:sel-5030_acselerator_quickset:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.1.3.0",
"matchCriteriaId": "B7FE991E-8E2F-4B6D-A0F7-E9D67913B5B6"
}
]
}
]
}
],
"references": [
{
"url": "https://selinc.com/support/security-notifications/external-reports/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.nozominetworks.com/blog/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-311xx/CVE-2023-31174.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31174",
"sourceIdentifier": "security@selinc.com",
"published": "2023-08-31T16:15:09.827",
"lastModified": "2023-08-31T17:25:54.340",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-05T16:32:06.837",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -46,14 +76,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:selinc:sel-5037_sel_grid_configurator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.20",
"matchCriteriaId": "8DE1284E-619F-49AC-AE96-0A4ECD76292B"
}
]
}
]
}
],
"references": [
{
"url": "https://selinc.com/support/security-notifications/external-reports/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.nozominetworks.com/blog/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-311xx/CVE-2023-31175.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31175",
"sourceIdentifier": "security@selinc.com",
"published": "2023-08-31T16:15:09.923",
"lastModified": "2023-08-31T17:25:54.340",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-05T16:31:23.233",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -46,14 +76,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:selinc:sel-5037_sel_grid_configurator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.20",
"matchCriteriaId": "8DE1284E-619F-49AC-AE96-0A4ECD76292B"
}
]
}
]
}
],
"references": [
{
"url": "https://selinc.com/support/security-notifications/external-reports/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.nozominetworks.com/blog/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-312xx/CVE-2023-31242.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-31242",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-09-05T17:15:08.517",
"lastModified": "2023-09-05T17:31:50.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially-crafted series of network requests can lead to arbitrary authentication. An attacker can send a sequence of requests to trigger this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1769",
"source": "talos-cna@cisco.com"
}
]
}

55
CVE-2023/CVE-2023-322xx/CVE-2023-32271.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-32271",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-09-05T17:15:08.670",
"lastModified": "2023-09-05T17:31:50.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to a disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1774",
"source": "talos-cna@cisco.com"
}
]
}

55
CVE-2023/CVE-2023-326xx/CVE-2023-32615.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-32615",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-09-05T17:15:08.777",
"lastModified": "2023-09-05T17:31:50.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A file write vulnerability exists in the OAS Engine configuration functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-73"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1771",
"source": "talos-cna@cisco.com"
}
]
}

55
CVE-2023/CVE-2023-33xx/CVE-2023-3374.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-3374",
"sourceIdentifier": "cve@usom.gov.tr",
"published": "2023-09-05T17:15:09.400",
"lastModified": "2023-09-05T17:31:50.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Incomplete List of Disallowed Inputs vulnerability in Bookreen allows Privilege Escalation.This issue affects Bookreen: before 3.0.0.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cve@usom.gov.tr",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-184"
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0489",
"source": "cve@usom.gov.tr"
}
]
}

55
CVE-2023/CVE-2023-33xx/CVE-2023-3375.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-3375",
"sourceIdentifier": "cve@usom.gov.tr",
"published": "2023-09-05T17:15:09.497",
"lastModified": "2023-09-05T17:31:50.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Bookreen allows OS Command Injection.This issue affects Bookreen: before 3.0.0.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "cve@usom.gov.tr",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0489",
"source": "cve@usom.gov.tr"
}
]
}

55
CVE-2023/CVE-2023-343xx/CVE-2023-34317.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34317",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-09-05T17:15:08.877",
"lastModified": "2023-09-05T17:31:50.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An improper input validation vulnerability exists in the OAS Engine User Creation functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to unexpected data in the configuration. An attacker can send a sequence of requests to trigger this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1772",
"source": "talos-cna@cisco.com"
}
]
}

55
CVE-2023/CVE-2023-343xx/CVE-2023-34353.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34353",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-09-05T17:15:08.963",
"lastModified": "2023-09-05T17:31:50.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability exists in the OAS Engine authentication functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted network sniffing can lead to decryption of sensitive information. An attacker can sniff network traffic to trigger this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-330"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1776",
"source": "talos-cna@cisco.com"
}
]
}

62
CVE-2023/CVE-2023-343xx/CVE-2023-34392.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34392",
"sourceIdentifier": "security@selinc.com",
"published": "2023-08-31T16:15:10.123",
"lastModified": "2023-08-31T17:25:54.340",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-05T16:27:51.523",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -46,14 +76,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:selinc:sel-5037_sel_grid_configurator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.20",
"matchCriteriaId": "8DE1284E-619F-49AC-AE96-0A4ECD76292B"
}
]
}
]
}
],
"references": [
{
"url": "https://selinc.com/support/security-notifications/external-reports/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.nozominetworks.com/blog/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-349xx/CVE-2023-34994.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34994",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-09-05T17:15:09.053",
"lastModified": "2023-09-05T17:31:50.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An improper resource allocation vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to creation of an arbitrary directory. An attacker can send a sequence of requests to trigger this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1773",
"source": "talos-cna@cisco.com"
}
]
}

55
CVE-2023/CVE-2023-349xx/CVE-2023-34998.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34998",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-09-05T17:15:09.153",
"lastModified": "2023-09-05T17:31:50.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary authentication. An attacker can sniff network traffic to trigger this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1770",
"source": "talos-cna@cisco.com"
}
]
}

55
CVE-2023/CVE-2023-351xx/CVE-2023-35124.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-35124",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-09-05T17:15:09.237",
"lastModified": "2023-09-05T17:31:50.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to a disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-209"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1775",
"source": "talos-cna@cisco.com"
}
]
}

28
CVE-2023/CVE-2023-363xx/CVE-2023-36361.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-36361",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-05T16:15:07.567",
"lastModified": "2023-09-05T17:31:50.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Audimexee v14.1.7 was discovered to contain a SQL injection vulnerability via the p_table_name parameter."
}
],
"metrics": {},
"references": [
{
"url": "http://audimex.com",
"source": "cve@mitre.org"
},
{
"url": "http://audimexee.com",
"source": "cve@mitre.org"
},
{
"url": "https://gist.github.com/Cameleon037/40b3b6f6729d1d0984d6ce5b6837c46b",
"source": "cve@mitre.org"
}
]
}

8
CVE-2023/CVE-2023-390xx/CVE-2023-39026.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39026",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T22:15:08.640",
"lastModified": "2023-08-29T15:35:24.277",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-05T17:15:09.327",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -81,6 +81,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/174491/FileMage-Gateway-1.10.9-Local-File-Inclusion.html",
"source": "cve@mitre.org"
},
{
"url": "https://raindayzz.com/technicalblog/2023/08/20/FileMage-Vulnerability.html",
"source": "cve@mitre.org",

4
CVE-2023/CVE-2023-407xx/CVE-2023-40743.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40743",
"sourceIdentifier": "security@apache.org",
"published": "2023-09-05T15:15:42.687",
"lastModified": "2023-09-05T15:15:42.687",
"vulnStatus": "Received",
"lastModified": "2023-09-05T17:31:50.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

20
CVE-2023/CVE-2023-410xx/CVE-2023-41012.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-41012",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-05T16:15:07.990",
"lastModified": "2023-09-05T17:31:50.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue in China Mobile Communications China Mobile Intelligent Home Gateway v.HG6543C4 allows a remote attacker to execute arbitrary code via the authentication mechanism."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/te5tb99/For-submitting/wiki/Command-Execution-Vulnerability-in-China-Mobile-Intelligent-Home-Gateway-HG6543C4-Identity-verification-has-design-flaws",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-411xx/CVE-2023-41107.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-41107",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-05T16:15:08.050",
"lastModified": "2023-09-05T17:31:50.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "TEF portal 2023-07-17 is vulnerable to a persistent cross site scripting (XSS)attack."
}
],
"metrics": {},
"references": [
{
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-020.txt",
"source": "cve@mitre.org"
},
{
"url": "https://www.syss.de/pentest-blog/sicherheitsschwachstellen-im-tef-haendlerportal-syss-2023-020/-021",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-411xx/CVE-2023-41108.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-41108",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-05T16:15:08.110",
"lastModified": "2023-09-05T17:31:50.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "TEF portal 2023-07-17 is vulnerable to authenticated remote code execution."
}
],
"metrics": {},
"references": [
{
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-021.txt",
"source": "cve@mitre.org"
},
{
"url": "https://www.syss.de/pentest-blog/sicherheitsschwachstellen-im-tef-haendlerportal-syss-2023-020/-021",
"source": "cve@mitre.org"
}
]
}

65
CVE-2023/CVE-2023-416xx/CVE-2023-41642.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-41642",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-31T14:15:09.033",
"lastModified": "2023-08-31T17:26:00.623",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-05T17:51:45.430",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Multiple reflected cross-site scripting (XSS) vulnerabilities in the ErroreNonGestito.aspx component of GruppoSCAI RealGimm 1.1.37p38 allow attackers to execute arbitrary Javascript in the context of a victim user's browser via a crafted payload injected into the VIEWSTATE parameter."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:grupposcai:realgimm:1.1.37:p38:*:*:*:*:*:*",
"matchCriteriaId": "70F3122E-88F6-4276-B519-07DE78B5B032"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-ID%20%7C%20RealGimm%20%20-%20Reflected%20Cross-site%20Scripting.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-44xx/CVE-2023-4480.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4480",
"sourceIdentifier": "disclosure@synopsys.com",
"published": "2023-09-05T15:15:42.883",
"lastModified": "2023-09-05T15:15:42.883",
"vulnStatus": "Received",
"lastModified": "2023-09-05T17:31:50.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

56
CVE-2023/CVE-2023-46xx/CVE-2023-4678.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4678",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-08-31T16:15:10.417",
"lastModified": "2023-08-31T17:25:54.340",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-05T16:25:18.257",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.3",
"matchCriteriaId": "422EDAFD-56FE-49AE-ADCF-7D33CFA0C56B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gpac/gpac/commit/4607052c482a51dbdacfe1ade10645c181d07b07",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/688a4a01-8c18-469d-8cbe-a2e79e80c877",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-46xx/CVE-2023-4681.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4681",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-08-31T16:15:10.520",
"lastModified": "2023-08-31T17:25:54.340",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-05T16:22:15.077",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.3",
"matchCriteriaId": "422EDAFD-56FE-49AE-ADCF-7D33CFA0C56B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gpac/gpac/commit/4bac19ad854159b21ba70d8ab7c4e1cd1db8ea1c",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/d67c5619-ab36-41cc-93b7-04828e25f60e",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-46xx/CVE-2023-4682.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4682",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-08-31T16:15:10.670",
"lastModified": "2023-08-31T17:25:54.340",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-05T16:24:54.687",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.3",
"matchCriteriaId": "422EDAFD-56FE-49AE-ADCF-7D33CFA0C56B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gpac/gpac/commit/b1042c3eefca87c4bc32afb404ed6518d693e5be",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/15232a74-e3b8-43f0-ae8a-4e89d56c474c",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-47xx/CVE-2023-4778.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-4778",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-09-05T16:15:08.207",
"lastModified": "2023-09-05T17:31:50.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://github.com/gpac/gpac/commit/d553698050af478049e1a09e44a15ac884f223ed",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.dev/bounties/abb450fb-4ab2-49b0-90da-3d878eea5397",
"source": "security@huntr.dev"
}
]
}

60
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-09-05T16:00:25.119859+00:00
2023-09-05T18:00:24.728779+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-09-05T15:59:01.170000+00:00
2023-09-05T17:51:45.430000+00:00
```
### Last Data Feed Release
@ -29,34 +29,54 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
224196
224211
```
### CVEs added in the last Commit
Recently added CVEs: `4`
Recently added CVEs: `15`
* [CVE-2023-2453](CVE-2023/CVE-2023-24xx/CVE-2023-2453.json) (`2023-09-05T15:15:42.377`)
* [CVE-2023-32086](CVE-2023/CVE-2023-320xx/CVE-2023-32086.json) (`2023-09-05T15:15:42.600`)
* [CVE-2023-40743](CVE-2023/CVE-2023-407xx/CVE-2023-40743.json) (`2023-09-05T15:15:42.687`)
* [CVE-2023-4480](CVE-2023/CVE-2023-44xx/CVE-2023-4480.json) (`2023-09-05T15:15:42.883`)
* [CVE-2023-36361](CVE-2023/CVE-2023-363xx/CVE-2023-36361.json) (`2023-09-05T16:15:07.567`)
* [CVE-2023-41012](CVE-2023/CVE-2023-410xx/CVE-2023-41012.json) (`2023-09-05T16:15:07.990`)
* [CVE-2023-41107](CVE-2023/CVE-2023-411xx/CVE-2023-41107.json) (`2023-09-05T16:15:08.050`)
* [CVE-2023-41108](CVE-2023/CVE-2023-411xx/CVE-2023-41108.json) (`2023-09-05T16:15:08.110`)
* [CVE-2023-4778](CVE-2023/CVE-2023-47xx/CVE-2023-4778.json) (`2023-09-05T16:15:08.207`)
* [CVE-2023-31242](CVE-2023/CVE-2023-312xx/CVE-2023-31242.json) (`2023-09-05T17:15:08.517`)
* [CVE-2023-32271](CVE-2023/CVE-2023-322xx/CVE-2023-32271.json) (`2023-09-05T17:15:08.670`)
* [CVE-2023-32615](CVE-2023/CVE-2023-326xx/CVE-2023-32615.json) (`2023-09-05T17:15:08.777`)
* [CVE-2023-34317](CVE-2023/CVE-2023-343xx/CVE-2023-34317.json) (`2023-09-05T17:15:08.877`)
* [CVE-2023-34353](CVE-2023/CVE-2023-343xx/CVE-2023-34353.json) (`2023-09-05T17:15:08.963`)
* [CVE-2023-34994](CVE-2023/CVE-2023-349xx/CVE-2023-34994.json) (`2023-09-05T17:15:09.053`)
* [CVE-2023-34998](CVE-2023/CVE-2023-349xx/CVE-2023-34998.json) (`2023-09-05T17:15:09.153`)
* [CVE-2023-35124](CVE-2023/CVE-2023-351xx/CVE-2023-35124.json) (`2023-09-05T17:15:09.237`)
* [CVE-2023-3374](CVE-2023/CVE-2023-33xx/CVE-2023-3374.json) (`2023-09-05T17:15:09.400`)
* [CVE-2023-3375](CVE-2023/CVE-2023-33xx/CVE-2023-3375.json) (`2023-09-05T17:15:09.497`)
### CVEs modified in the last Commit
Recently modified CVEs: `11`
Recently modified CVEs: `20`
* [CVE-2020-19909](CVE-2020/CVE-2020-199xx/CVE-2020-19909.json) (`2023-09-05T14:34:09.187`)
* [CVE-2023-40184](CVE-2023/CVE-2023-401xx/CVE-2023-40184.json) (`2023-09-05T14:02:17.320`)
* [CVE-2023-4004](CVE-2023/CVE-2023-40xx/CVE-2023-4004.json) (`2023-09-05T14:15:09.323`)
* [CVE-2023-41539](CVE-2023/CVE-2023-415xx/CVE-2023-41539.json) (`2023-09-05T14:47:50.673`)
* [CVE-2023-32202](CVE-2023/CVE-2023-322xx/CVE-2023-32202.json) (`2023-09-05T14:52:21.310`)
* [CVE-2023-40178](CVE-2023/CVE-2023-401xx/CVE-2023-40178.json) (`2023-09-05T14:57:10.410`)
* [CVE-2023-41039](CVE-2023/CVE-2023-410xx/CVE-2023-41039.json) (`2023-09-05T15:06:09.130`)
* [CVE-2023-4640](CVE-2023/CVE-2023-46xx/CVE-2023-4640.json) (`2023-09-05T15:22:15.190`)
* [CVE-2023-4571](CVE-2023/CVE-2023-45xx/CVE-2023-4571.json) (`2023-09-05T15:35:34.477`)
* [CVE-2023-20234](CVE-2023/CVE-2023-202xx/CVE-2023-20234.json) (`2023-09-05T15:57:17.487`)
* [CVE-2023-20168](CVE-2023/CVE-2023-201xx/CVE-2023-20168.json) (`2023-09-05T15:59:01.170`)
* [CVE-2019-13473](CVE-2019/CVE-2019-134xx/CVE-2019-13473.json) (`2023-09-05T17:15:07.477`)
* [CVE-2019-13474](CVE-2019/CVE-2019-134xx/CVE-2019-13474.json) (`2023-09-05T17:15:07.937`)
* [CVE-2022-25148](CVE-2022/CVE-2022-251xx/CVE-2022-25148.json) (`2023-09-05T17:15:08.110`)
* [CVE-2023-4681](CVE-2023/CVE-2023-46xx/CVE-2023-4681.json) (`2023-09-05T16:22:15.077`)
* [CVE-2023-4682](CVE-2023/CVE-2023-46xx/CVE-2023-4682.json) (`2023-09-05T16:24:54.687`)
* [CVE-2023-4678](CVE-2023/CVE-2023-46xx/CVE-2023-4678.json) (`2023-09-05T16:25:18.257`)
* [CVE-2023-34392](CVE-2023/CVE-2023-343xx/CVE-2023-34392.json) (`2023-09-05T16:27:51.523`)
* [CVE-2023-31175](CVE-2023/CVE-2023-311xx/CVE-2023-31175.json) (`2023-09-05T16:31:23.233`)
* [CVE-2023-31174](CVE-2023/CVE-2023-311xx/CVE-2023-31174.json) (`2023-09-05T16:32:06.837`)
* [CVE-2023-31172](CVE-2023/CVE-2023-311xx/CVE-2023-31172.json) (`2023-09-05T16:32:59.760`)
* [CVE-2023-31171](CVE-2023/CVE-2023-311xx/CVE-2023-31171.json) (`2023-09-05T16:33:35.107`)
* [CVE-2023-28809](CVE-2023/CVE-2023-288xx/CVE-2023-28809.json) (`2023-09-05T17:15:08.280`)
* [CVE-2023-39026](CVE-2023/CVE-2023-390xx/CVE-2023-39026.json) (`2023-09-05T17:15:09.327`)
* [CVE-2023-2453](CVE-2023/CVE-2023-24xx/CVE-2023-2453.json) (`2023-09-05T17:31:50.810`)
* [CVE-2023-40743](CVE-2023/CVE-2023-407xx/CVE-2023-40743.json) (`2023-09-05T17:31:50.810`)
* [CVE-2023-4480](CVE-2023/CVE-2023-44xx/CVE-2023-4480.json) (`2023-09-05T17:31:50.810`)
* [CVE-2023-31170](CVE-2023/CVE-2023-311xx/CVE-2023-31170.json) (`2023-09-05T17:35:41.017`)
* [CVE-2023-31169](CVE-2023/CVE-2023-311xx/CVE-2023-31169.json) (`2023-09-05T17:36:09.717`)
* [CVE-2023-31168](CVE-2023/CVE-2023-311xx/CVE-2023-31168.json) (`2023-09-05T17:38:34.297`)
* [CVE-2023-41642](CVE-2023/CVE-2023-416xx/CVE-2023-41642.json) (`2023-09-05T17:51:45.430`)
## Download and Usage