From c19d77f60abbcd8fe9139f42f03e18b0255b20ac Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 5 Sep 2023 18:00:28 +0000 Subject: [PATCH] Auto-Update: 2023-09-05T18:00:24.728779+00:00 --- CVE-2019/CVE-2019-134xx/CVE-2019-13473.json | 6 +- CVE-2019/CVE-2019-134xx/CVE-2019-13474.json | 6 +- CVE-2022/CVE-2022-251xx/CVE-2022-25148.json | 54 +++++++++-------- CVE-2023/CVE-2023-24xx/CVE-2023-2453.json | 4 +- CVE-2023/CVE-2023-288xx/CVE-2023-28809.json | 8 ++- CVE-2023/CVE-2023-311xx/CVE-2023-31168.json | 62 ++++++++++++++++++-- CVE-2023/CVE-2023-311xx/CVE-2023-31169.json | 62 ++++++++++++++++++-- CVE-2023/CVE-2023-311xx/CVE-2023-31170.json | 62 ++++++++++++++++++-- CVE-2023/CVE-2023-311xx/CVE-2023-31171.json | 62 ++++++++++++++++++-- CVE-2023/CVE-2023-311xx/CVE-2023-31172.json | 62 ++++++++++++++++++-- CVE-2023/CVE-2023-311xx/CVE-2023-31174.json | 62 ++++++++++++++++++-- CVE-2023/CVE-2023-311xx/CVE-2023-31175.json | 62 ++++++++++++++++++-- CVE-2023/CVE-2023-312xx/CVE-2023-31242.json | 55 +++++++++++++++++ CVE-2023/CVE-2023-322xx/CVE-2023-32271.json | 55 +++++++++++++++++ CVE-2023/CVE-2023-326xx/CVE-2023-32615.json | 55 +++++++++++++++++ CVE-2023/CVE-2023-33xx/CVE-2023-3374.json | 55 +++++++++++++++++ CVE-2023/CVE-2023-33xx/CVE-2023-3375.json | 55 +++++++++++++++++ CVE-2023/CVE-2023-343xx/CVE-2023-34317.json | 55 +++++++++++++++++ CVE-2023/CVE-2023-343xx/CVE-2023-34353.json | 55 +++++++++++++++++ CVE-2023/CVE-2023-343xx/CVE-2023-34392.json | 62 ++++++++++++++++++-- CVE-2023/CVE-2023-349xx/CVE-2023-34994.json | 55 +++++++++++++++++ CVE-2023/CVE-2023-349xx/CVE-2023-34998.json | 55 +++++++++++++++++ CVE-2023/CVE-2023-351xx/CVE-2023-35124.json | 55 +++++++++++++++++ CVE-2023/CVE-2023-363xx/CVE-2023-36361.json | 28 +++++++++ CVE-2023/CVE-2023-390xx/CVE-2023-39026.json | 8 ++- CVE-2023/CVE-2023-407xx/CVE-2023-40743.json | 4 +- CVE-2023/CVE-2023-410xx/CVE-2023-41012.json | 20 +++++++ CVE-2023/CVE-2023-411xx/CVE-2023-41107.json | 24 ++++++++ CVE-2023/CVE-2023-411xx/CVE-2023-41108.json | 24 ++++++++ CVE-2023/CVE-2023-416xx/CVE-2023-41642.json | 65 +++++++++++++++++++-- CVE-2023/CVE-2023-44xx/CVE-2023-4480.json | 4 +- CVE-2023/CVE-2023-46xx/CVE-2023-4678.json | 56 ++++++++++++++++-- CVE-2023/CVE-2023-46xx/CVE-2023-4681.json | 56 ++++++++++++++++-- CVE-2023/CVE-2023-46xx/CVE-2023-4682.json | 56 ++++++++++++++++-- CVE-2023/CVE-2023-47xx/CVE-2023-4778.json | 59 +++++++++++++++++++ README.md | 60 ++++++++++++------- 36 files changed, 1483 insertions(+), 105 deletions(-) create mode 100644 CVE-2023/CVE-2023-312xx/CVE-2023-31242.json create mode 100644 CVE-2023/CVE-2023-322xx/CVE-2023-32271.json create mode 100644 CVE-2023/CVE-2023-326xx/CVE-2023-32615.json create mode 100644 CVE-2023/CVE-2023-33xx/CVE-2023-3374.json create mode 100644 CVE-2023/CVE-2023-33xx/CVE-2023-3375.json create mode 100644 CVE-2023/CVE-2023-343xx/CVE-2023-34317.json create mode 100644 CVE-2023/CVE-2023-343xx/CVE-2023-34353.json create mode 100644 CVE-2023/CVE-2023-349xx/CVE-2023-34994.json create mode 100644 CVE-2023/CVE-2023-349xx/CVE-2023-34998.json create mode 100644 CVE-2023/CVE-2023-351xx/CVE-2023-35124.json create mode 100644 CVE-2023/CVE-2023-363xx/CVE-2023-36361.json create mode 100644 CVE-2023/CVE-2023-410xx/CVE-2023-41012.json create mode 100644 CVE-2023/CVE-2023-411xx/CVE-2023-41107.json create mode 100644 CVE-2023/CVE-2023-411xx/CVE-2023-41108.json create mode 100644 CVE-2023/CVE-2023-47xx/CVE-2023-4778.json diff --git a/CVE-2019/CVE-2019-134xx/CVE-2019-13473.json b/CVE-2019/CVE-2019-134xx/CVE-2019-13473.json index d02b63104a8..6937a7cc5fd 100644 --- a/CVE-2019/CVE-2019-134xx/CVE-2019-13473.json +++ b/CVE-2019/CVE-2019-134xx/CVE-2019-13473.json @@ -2,7 +2,7 @@ "id": "CVE-2019-13473", "sourceIdentifier": "cve@mitre.org", "published": "2019-09-11T19:15:11.593", - "lastModified": "2023-09-05T05:15:07.517", + "lastModified": "2023-09-05T17:15:07.477", "vulnStatus": "Modified", "descriptions": [ { @@ -411,6 +411,10 @@ "VDB Entry" ] }, + { + "url": "http://packetstormsecurity.com/files/174503/Internet-Radio-auna-IR-160-SE-UIProto-DoS-XSS-Missing-Authentication.html", + "source": "cve@mitre.org" + }, { "url": "http://seclists.org/fulldisclosure/2023/Sep/1", "source": "cve@mitre.org" diff --git a/CVE-2019/CVE-2019-134xx/CVE-2019-13474.json b/CVE-2019/CVE-2019-134xx/CVE-2019-13474.json index 9898090f066..162cc9b09a3 100644 --- a/CVE-2019/CVE-2019-134xx/CVE-2019-13474.json +++ b/CVE-2019/CVE-2019-134xx/CVE-2019-13474.json @@ -2,7 +2,7 @@ "id": "CVE-2019-13474", "sourceIdentifier": "cve@mitre.org", "published": "2019-09-16T12:15:10.847", - "lastModified": "2023-09-05T05:15:07.703", + "lastModified": "2023-09-05T17:15:07.937", "vulnStatus": "Modified", "descriptions": [ { @@ -375,6 +375,10 @@ } ], "references": [ + { + "url": "http://packetstormsecurity.com/files/174503/Internet-Radio-auna-IR-160-SE-UIProto-DoS-XSS-Missing-Authentication.html", + "source": "cve@mitre.org" + }, { "url": "http://seclists.org/fulldisclosure/2019/Sep/12", "source": "cve@mitre.org", diff --git a/CVE-2022/CVE-2022-251xx/CVE-2022-25148.json b/CVE-2022/CVE-2022-251xx/CVE-2022-25148.json index 48489a0d584..3111700ad57 100644 --- a/CVE-2022/CVE-2022-251xx/CVE-2022-25148.json +++ b/CVE-2022/CVE-2022-251xx/CVE-2022-25148.json @@ -2,8 +2,8 @@ "id": "CVE-2022-25148", "sourceIdentifier": "security@wordfence.com", "published": "2022-02-24T19:15:10.400", - "lastModified": "2022-03-03T18:33:43.617", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-05T17:15:08.110", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -16,29 +16,9 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH" - }, - "exploitabilityScore": 3.9, - "impactScore": 3.6 - }, { "source": "security@wordfence.com", - "type": "Secondary", + "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", @@ -55,6 +35,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ], "cvssMetricV2": [ @@ -85,7 +85,7 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "security@wordfence.com", "type": "Primary", "description": [ { @@ -95,7 +95,7 @@ ] }, { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { @@ -124,6 +124,10 @@ } ], "references": [ + { + "url": "http://packetstormsecurity.com/files/174482/WordPress-WP-Statistics-13.1.5-SQL-Injection.html", + "source": "security@wordfence.com" + }, { "url": "https://gist.github.com/Xib3rR4dAr/5dbd58b7f57a5037fe461fba8e696042", "source": "security@wordfence.com", diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2453.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2453.json index 394ed925434..36abc0c6d64 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2453.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2453.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2453", "sourceIdentifier": "disclosure@synopsys.com", "published": "2023-09-05T15:15:42.377", - "lastModified": "2023-09-05T15:15:42.377", - "vulnStatus": "Received", + "lastModified": "2023-09-05T17:31:50.810", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-288xx/CVE-2023-28809.json b/CVE-2023/CVE-2023-288xx/CVE-2023-28809.json index 243186d16b2..418a1057d2d 100644 --- a/CVE-2023/CVE-2023-288xx/CVE-2023-28809.json +++ b/CVE-2023/CVE-2023-288xx/CVE-2023-28809.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28809", "sourceIdentifier": "hsrc@hikvision.com", "published": "2023-06-15T19:15:10.537", - "lastModified": "2023-06-30T00:08:59.093", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-05T17:15:08.280", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -781,6 +781,10 @@ } ], "references": [ + { + "url": "http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html", + "source": "hsrc@hikvision.com" + }, { "url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/", "source": "hsrc@hikvision.com", diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31168.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31168.json index 3cbb0f2a94c..4d03c8be18d 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31168.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31168.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31168", "sourceIdentifier": "security@selinc.com", "published": "2023-08-31T16:15:08.937", - "lastModified": "2023-08-31T17:25:54.340", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-05T17:38:34.297", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security@selinc.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-829" + } + ] + }, { "source": "security@selinc.com", "type": "Secondary", @@ -46,14 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:selinc:sel-5030_acselerator_quickset:*:*:*:*:*:*:*:*", + "versionEndIncluding": "7.1.3.0", + "matchCriteriaId": "B7FE991E-8E2F-4B6D-A0F7-E9D67913B5B6" + } + ] + } + ] + } + ], "references": [ { "url": "https://selinc.com/support/security-notifications/external-reports/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.nozominetworks.com/blog/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31169.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31169.json index ca475530369..5a585f072c2 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31169.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31169.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31169", "sourceIdentifier": "security@selinc.com", "published": "2023-08-31T16:15:09.230", - "lastModified": "2023-08-31T17:25:54.340", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-05T17:36:09.717", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.1, + "impactScore": 3.6 + }, { "source": "security@selinc.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-755" + } + ] + }, { "source": "security@selinc.com", "type": "Secondary", @@ -46,14 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:selinc:sel-5030_acselerator_quickset:*:*:*:*:*:*:*:*", + "versionEndIncluding": "7.1.3.0", + "matchCriteriaId": "B7FE991E-8E2F-4B6D-A0F7-E9D67913B5B6" + } + ] + } + ] + } + ], "references": [ { "url": "https://selinc.com/support/security-notifications/external-reports/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.nozominetworks.com/blog/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31170.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31170.json index 24cdb7ab276..8576a3957ba 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31170.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31170.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31170", "sourceIdentifier": "security@selinc.com", "published": "2023-08-31T16:15:09.313", - "lastModified": "2023-08-31T17:25:54.340", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-05T17:35:41.017", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security@selinc.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-829" + } + ] + }, { "source": "security@selinc.com", "type": "Secondary", @@ -46,14 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:selinc:sel-5030_acselerator_quickset:*:*:*:*:*:*:*:*", + "versionEndIncluding": "7.1.3.0", + "matchCriteriaId": "B7FE991E-8E2F-4B6D-A0F7-E9D67913B5B6" + } + ] + } + ] + } + ], "references": [ { "url": "https://selinc.com/support/security-notifications/external-reports/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.nozominetworks.com/blog/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31171.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31171.json index 287edf50653..e86b14673c6 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31171.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31171.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31171", "sourceIdentifier": "security@selinc.com", "published": "2023-08-31T16:15:09.403", - "lastModified": "2023-08-31T17:25:54.340", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-05T16:33:35.107", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security@selinc.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, { "source": "security@selinc.com", "type": "Secondary", @@ -46,14 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:selinc:sel-5030_acselerator_quickset:*:*:*:*:*:*:*:*", + "versionEndIncluding": "7.1.3.0", + "matchCriteriaId": "B7FE991E-8E2F-4B6D-A0F7-E9D67913B5B6" + } + ] + } + ] + } + ], "references": [ { "url": "https://selinc.com/support/security-notifications/external-reports/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.nozominetworks.com/blog/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31172.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31172.json index ba47f4a8fa4..0e044655bc9 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31172.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31172.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31172", "sourceIdentifier": "security@selinc.com", "published": "2023-08-31T16:15:09.487", - "lastModified": "2023-08-31T17:25:54.340", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-05T16:32:59.760", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.4, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.0 + }, { "source": "security@selinc.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "security@selinc.com", "type": "Secondary", @@ -46,14 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:selinc:sel-5030_acselerator_quickset:*:*:*:*:*:*:*:*", + "versionEndIncluding": "7.1.3.0", + "matchCriteriaId": "B7FE991E-8E2F-4B6D-A0F7-E9D67913B5B6" + } + ] + } + ] + } + ], "references": [ { "url": "https://selinc.com/support/security-notifications/external-reports/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.nozominetworks.com/blog/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31174.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31174.json index 98fa9f129ad..2e195e9ff39 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31174.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31174.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31174", "sourceIdentifier": "security@selinc.com", "published": "2023-08-31T16:15:09.827", - "lastModified": "2023-08-31T17:25:54.340", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-05T16:32:06.837", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security@selinc.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + }, { "source": "security@selinc.com", "type": "Secondary", @@ -46,14 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:selinc:sel-5037_sel_grid_configurator:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.5.0.20", + "matchCriteriaId": "8DE1284E-619F-49AC-AE96-0A4ECD76292B" + } + ] + } + ] + } + ], "references": [ { "url": "https://selinc.com/support/security-notifications/external-reports/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.nozominetworks.com/blog/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31175.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31175.json index f301d7163a8..c8926e883db 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31175.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31175.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31175", "sourceIdentifier": "security@selinc.com", "published": "2023-08-31T16:15:09.923", - "lastModified": "2023-08-31T17:25:54.340", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-05T16:31:23.233", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "security@selinc.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + }, { "source": "security@selinc.com", "type": "Secondary", @@ -46,14 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:selinc:sel-5037_sel_grid_configurator:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.5.0.20", + "matchCriteriaId": "8DE1284E-619F-49AC-AE96-0A4ECD76292B" + } + ] + } + ] + } + ], "references": [ { "url": "https://selinc.com/support/security-notifications/external-reports/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.nozominetworks.com/blog/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-312xx/CVE-2023-31242.json b/CVE-2023/CVE-2023-312xx/CVE-2023-31242.json new file mode 100644 index 00000000000..b124c6ac357 --- /dev/null +++ b/CVE-2023/CVE-2023-312xx/CVE-2023-31242.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-31242", + "sourceIdentifier": "talos-cna@cisco.com", + "published": "2023-09-05T17:15:08.517", + "lastModified": "2023-09-05T17:31:50.810", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially-crafted series of network requests can lead to arbitrary authentication. An attacker can send a sequence of requests to trigger this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "talos-cna@cisco.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "talos-cna@cisco.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1769", + "source": "talos-cna@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-322xx/CVE-2023-32271.json b/CVE-2023/CVE-2023-322xx/CVE-2023-32271.json new file mode 100644 index 00000000000..804a5441c65 --- /dev/null +++ b/CVE-2023/CVE-2023-322xx/CVE-2023-32271.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32271", + "sourceIdentifier": "talos-cna@cisco.com", + "published": "2023-09-05T17:15:08.670", + "lastModified": "2023-09-05T17:31:50.810", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An information disclosure vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to a disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "talos-cna@cisco.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "talos-cna@cisco.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1774", + "source": "talos-cna@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-326xx/CVE-2023-32615.json b/CVE-2023/CVE-2023-326xx/CVE-2023-32615.json new file mode 100644 index 00000000000..61d19ddda92 --- /dev/null +++ b/CVE-2023/CVE-2023-326xx/CVE-2023-32615.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32615", + "sourceIdentifier": "talos-cna@cisco.com", + "published": "2023-09-05T17:15:08.777", + "lastModified": "2023-09-05T17:31:50.810", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A file write vulnerability exists in the OAS Engine configuration functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "talos-cna@cisco.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "talos-cna@cisco.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-73" + } + ] + } + ], + "references": [ + { + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1771", + "source": "talos-cna@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-33xx/CVE-2023-3374.json b/CVE-2023/CVE-2023-33xx/CVE-2023-3374.json new file mode 100644 index 00000000000..5d927c8a378 --- /dev/null +++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3374.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-3374", + "sourceIdentifier": "cve@usom.gov.tr", + "published": "2023-09-05T17:15:09.400", + "lastModified": "2023-09-05T17:31:50.810", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Incomplete List of Disallowed Inputs vulnerability in Bookreen allows Privilege Escalation.This issue affects Bookreen: before 3.0.0.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-184" + } + ] + } + ], + "references": [ + { + "url": "https://www.usom.gov.tr/bildirim/tr-23-0489", + "source": "cve@usom.gov.tr" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-33xx/CVE-2023-3375.json b/CVE-2023/CVE-2023-33xx/CVE-2023-3375.json new file mode 100644 index 00000000000..c20b4aec32b --- /dev/null +++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3375.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-3375", + "sourceIdentifier": "cve@usom.gov.tr", + "published": "2023-09-05T17:15:09.497", + "lastModified": "2023-09-05T17:31:50.810", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Bookreen allows OS Command Injection.This issue affects Bookreen: before 3.0.0.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://www.usom.gov.tr/bildirim/tr-23-0489", + "source": "cve@usom.gov.tr" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34317.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34317.json new file mode 100644 index 00000000000..97d879b3a62 --- /dev/null +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34317.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-34317", + "sourceIdentifier": "talos-cna@cisco.com", + "published": "2023-09-05T17:15:08.877", + "lastModified": "2023-09-05T17:31:50.810", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An improper input validation vulnerability exists in the OAS Engine User Creation functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to unexpected data in the configuration. An attacker can send a sequence of requests to trigger this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "talos-cna@cisco.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "talos-cna@cisco.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1772", + "source": "talos-cna@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34353.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34353.json new file mode 100644 index 00000000000..2f149e1ddff --- /dev/null +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34353.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-34353", + "sourceIdentifier": "talos-cna@cisco.com", + "published": "2023-09-05T17:15:08.963", + "lastModified": "2023-09-05T17:31:50.810", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An authentication bypass vulnerability exists in the OAS Engine authentication functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted network sniffing can lead to decryption of sensitive information. An attacker can sniff network traffic to trigger this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "talos-cna@cisco.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "talos-cna@cisco.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-330" + } + ] + } + ], + "references": [ + { + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1776", + "source": "talos-cna@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34392.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34392.json index 2614f35479e..f9623ba8fc4 100644 --- a/CVE-2023/CVE-2023-343xx/CVE-2023-34392.json +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34392.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34392", "sourceIdentifier": "security@selinc.com", "published": "2023-08-31T16:15:10.123", - "lastModified": "2023-08-31T17:25:54.340", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-05T16:27:51.523", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "security@selinc.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + }, { "source": "security@selinc.com", "type": "Secondary", @@ -46,14 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:selinc:sel-5037_sel_grid_configurator:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.5.0.20", + "matchCriteriaId": "8DE1284E-619F-49AC-AE96-0A4ECD76292B" + } + ] + } + ] + } + ], "references": [ { "url": "https://selinc.com/support/security-notifications/external-reports/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.nozominetworks.com/blog/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-349xx/CVE-2023-34994.json b/CVE-2023/CVE-2023-349xx/CVE-2023-34994.json new file mode 100644 index 00000000000..3209213371d --- /dev/null +++ b/CVE-2023/CVE-2023-349xx/CVE-2023-34994.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-34994", + "sourceIdentifier": "talos-cna@cisco.com", + "published": "2023-09-05T17:15:09.053", + "lastModified": "2023-09-05T17:31:50.810", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An improper resource allocation vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to creation of an arbitrary directory. An attacker can send a sequence of requests to trigger this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "talos-cna@cisco.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 3.1, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.6, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "talos-cna@cisco.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-770" + } + ] + } + ], + "references": [ + { + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1773", + "source": "talos-cna@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-349xx/CVE-2023-34998.json b/CVE-2023/CVE-2023-349xx/CVE-2023-34998.json new file mode 100644 index 00000000000..6c3f3307a4e --- /dev/null +++ b/CVE-2023/CVE-2023-349xx/CVE-2023-34998.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-34998", + "sourceIdentifier": "talos-cna@cisco.com", + "published": "2023-09-05T17:15:09.153", + "lastModified": "2023-09-05T17:31:50.810", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary authentication. An attacker can sniff network traffic to trigger this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "talos-cna@cisco.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "talos-cna@cisco.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-319" + } + ] + } + ], + "references": [ + { + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1770", + "source": "talos-cna@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35124.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35124.json new file mode 100644 index 00000000000..40d3416663a --- /dev/null +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35124.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-35124", + "sourceIdentifier": "talos-cna@cisco.com", + "published": "2023-09-05T17:15:09.237", + "lastModified": "2023-09-05T17:31:50.810", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An information disclosure vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to a disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "talos-cna@cisco.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.1, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.6, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "talos-cna@cisco.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-209" + } + ] + } + ], + "references": [ + { + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1775", + "source": "talos-cna@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-363xx/CVE-2023-36361.json b/CVE-2023/CVE-2023-363xx/CVE-2023-36361.json new file mode 100644 index 00000000000..014e7a9e56f --- /dev/null +++ b/CVE-2023/CVE-2023-363xx/CVE-2023-36361.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-36361", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-09-05T16:15:07.567", + "lastModified": "2023-09-05T17:31:50.810", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Audimexee v14.1.7 was discovered to contain a SQL injection vulnerability via the p_table_name parameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://audimex.com", + "source": "cve@mitre.org" + }, + { + "url": "http://audimexee.com", + "source": "cve@mitre.org" + }, + { + "url": "https://gist.github.com/Cameleon037/40b3b6f6729d1d0984d6ce5b6837c46b", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-390xx/CVE-2023-39026.json b/CVE-2023/CVE-2023-390xx/CVE-2023-39026.json index 367cc4d3ef9..5cab48b2b92 100644 --- a/CVE-2023/CVE-2023-390xx/CVE-2023-39026.json +++ b/CVE-2023/CVE-2023-390xx/CVE-2023-39026.json @@ -2,8 +2,8 @@ "id": "CVE-2023-39026", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-22T22:15:08.640", - "lastModified": "2023-08-29T15:35:24.277", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-05T17:15:09.327", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -81,6 +81,10 @@ } ], "references": [ + { + "url": "http://packetstormsecurity.com/files/174491/FileMage-Gateway-1.10.9-Local-File-Inclusion.html", + "source": "cve@mitre.org" + }, { "url": "https://raindayzz.com/technicalblog/2023/08/20/FileMage-Vulnerability.html", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-407xx/CVE-2023-40743.json b/CVE-2023/CVE-2023-407xx/CVE-2023-40743.json index ca67d090874..0c9335a6270 100644 --- a/CVE-2023/CVE-2023-407xx/CVE-2023-40743.json +++ b/CVE-2023/CVE-2023-407xx/CVE-2023-40743.json @@ -2,8 +2,8 @@ "id": "CVE-2023-40743", "sourceIdentifier": "security@apache.org", "published": "2023-09-05T15:15:42.687", - "lastModified": "2023-09-05T15:15:42.687", - "vulnStatus": "Received", + "lastModified": "2023-09-05T17:31:50.810", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-410xx/CVE-2023-41012.json b/CVE-2023/CVE-2023-410xx/CVE-2023-41012.json new file mode 100644 index 00000000000..b17a52f0b4b --- /dev/null +++ b/CVE-2023/CVE-2023-410xx/CVE-2023-41012.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-41012", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-09-05T16:15:07.990", + "lastModified": "2023-09-05T17:31:50.810", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue in China Mobile Communications China Mobile Intelligent Home Gateway v.HG6543C4 allows a remote attacker to execute arbitrary code via the authentication mechanism." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/te5tb99/For-submitting/wiki/Command-Execution-Vulnerability-in-China-Mobile-Intelligent-Home-Gateway-HG6543C4-Identity-verification-has-design-flaws", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-411xx/CVE-2023-41107.json b/CVE-2023/CVE-2023-411xx/CVE-2023-41107.json new file mode 100644 index 00000000000..68303b6bc47 --- /dev/null +++ b/CVE-2023/CVE-2023-411xx/CVE-2023-41107.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-41107", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-09-05T16:15:08.050", + "lastModified": "2023-09-05T17:31:50.810", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "TEF portal 2023-07-17 is vulnerable to a persistent cross site scripting (XSS)attack." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-020.txt", + "source": "cve@mitre.org" + }, + { + "url": "https://www.syss.de/pentest-blog/sicherheitsschwachstellen-im-tef-haendlerportal-syss-2023-020/-021", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-411xx/CVE-2023-41108.json b/CVE-2023/CVE-2023-411xx/CVE-2023-41108.json new file mode 100644 index 00000000000..5641a1a2ea3 --- /dev/null +++ b/CVE-2023/CVE-2023-411xx/CVE-2023-41108.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-41108", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-09-05T16:15:08.110", + "lastModified": "2023-09-05T17:31:50.810", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "TEF portal 2023-07-17 is vulnerable to authenticated remote code execution." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-021.txt", + "source": "cve@mitre.org" + }, + { + "url": "https://www.syss.de/pentest-blog/sicherheitsschwachstellen-im-tef-haendlerportal-syss-2023-020/-021", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-416xx/CVE-2023-41642.json b/CVE-2023/CVE-2023-416xx/CVE-2023-41642.json index fa4f1e0e389..4180b64a9b0 100644 --- a/CVE-2023/CVE-2023-416xx/CVE-2023-41642.json +++ b/CVE-2023/CVE-2023-416xx/CVE-2023-41642.json @@ -2,19 +2,76 @@ "id": "CVE-2023-41642", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-31T14:15:09.033", - "lastModified": "2023-08-31T17:26:00.623", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-05T17:51:45.430", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Multiple reflected cross-site scripting (XSS) vulnerabilities in the ErroreNonGestito.aspx component of GruppoSCAI RealGimm 1.1.37p38 allow attackers to execute arbitrary Javascript in the context of a victim user's browser via a crafted payload injected into the VIEWSTATE parameter." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:grupposcai:realgimm:1.1.37:p38:*:*:*:*:*:*", + "matchCriteriaId": "70F3122E-88F6-4276-B519-07DE78B5B032" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-ID%20%7C%20RealGimm%20%20-%20Reflected%20Cross-site%20Scripting.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-44xx/CVE-2023-4480.json b/CVE-2023/CVE-2023-44xx/CVE-2023-4480.json index dfd1638c076..434a9000253 100644 --- a/CVE-2023/CVE-2023-44xx/CVE-2023-4480.json +++ b/CVE-2023/CVE-2023-44xx/CVE-2023-4480.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4480", "sourceIdentifier": "disclosure@synopsys.com", "published": "2023-09-05T15:15:42.883", - "lastModified": "2023-09-05T15:15:42.883", - "vulnStatus": "Received", + "lastModified": "2023-09-05T17:31:50.810", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-46xx/CVE-2023-4678.json b/CVE-2023/CVE-2023-46xx/CVE-2023-4678.json index c067719bd33..6fb45030d4c 100644 --- a/CVE-2023/CVE-2023-46xx/CVE-2023-4678.json +++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4678.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4678", "sourceIdentifier": "security@huntr.dev", "published": "2023-08-31T16:15:10.417", - "lastModified": "2023-08-31T17:25:54.340", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-05T16:25:18.257", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,14 +68,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.3", + "matchCriteriaId": "422EDAFD-56FE-49AE-ADCF-7D33CFA0C56B" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/gpac/gpac/commit/4607052c482a51dbdacfe1ade10645c181d07b07", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.dev/bounties/688a4a01-8c18-469d-8cbe-a2e79e80c877", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-46xx/CVE-2023-4681.json b/CVE-2023/CVE-2023-46xx/CVE-2023-4681.json index 299962bf9cf..43adfef2b0d 100644 --- a/CVE-2023/CVE-2023-46xx/CVE-2023-4681.json +++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4681.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4681", "sourceIdentifier": "security@huntr.dev", "published": "2023-08-31T16:15:10.520", - "lastModified": "2023-08-31T17:25:54.340", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-05T16:22:15.077", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,14 +68,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.3", + "matchCriteriaId": "422EDAFD-56FE-49AE-ADCF-7D33CFA0C56B" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/gpac/gpac/commit/4bac19ad854159b21ba70d8ab7c4e1cd1db8ea1c", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.dev/bounties/d67c5619-ab36-41cc-93b7-04828e25f60e", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-46xx/CVE-2023-4682.json b/CVE-2023/CVE-2023-46xx/CVE-2023-4682.json index b7bf627cc00..8a362dde0ad 100644 --- a/CVE-2023/CVE-2023-46xx/CVE-2023-4682.json +++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4682.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4682", "sourceIdentifier": "security@huntr.dev", "published": "2023-08-31T16:15:10.670", - "lastModified": "2023-08-31T17:25:54.340", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-05T16:24:54.687", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,14 +68,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.3", + "matchCriteriaId": "422EDAFD-56FE-49AE-ADCF-7D33CFA0C56B" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/gpac/gpac/commit/b1042c3eefca87c4bc32afb404ed6518d693e5be", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.dev/bounties/15232a74-e3b8-43f0-ae8a-4e89d56c474c", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-47xx/CVE-2023-4778.json b/CVE-2023/CVE-2023-47xx/CVE-2023-4778.json new file mode 100644 index 00000000000..8116c165c86 --- /dev/null +++ b/CVE-2023/CVE-2023-47xx/CVE-2023-4778.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-4778", + "sourceIdentifier": "security@huntr.dev", + "published": "2023-09-05T16:15:08.207", + "lastModified": "2023-09-05T17:31:50.810", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.5, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/gpac/gpac/commit/d553698050af478049e1a09e44a15ac884f223ed", + "source": "security@huntr.dev" + }, + { + "url": "https://huntr.dev/bounties/abb450fb-4ab2-49b0-90da-3d878eea5397", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index f2bb4944ebf..e4b9d453867 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-09-05T16:00:25.119859+00:00 +2023-09-05T18:00:24.728779+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-09-05T15:59:01.170000+00:00 +2023-09-05T17:51:45.430000+00:00 ``` ### Last Data Feed Release @@ -29,34 +29,54 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -224196 +224211 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `15` -* [CVE-2023-2453](CVE-2023/CVE-2023-24xx/CVE-2023-2453.json) (`2023-09-05T15:15:42.377`) -* [CVE-2023-32086](CVE-2023/CVE-2023-320xx/CVE-2023-32086.json) (`2023-09-05T15:15:42.600`) -* [CVE-2023-40743](CVE-2023/CVE-2023-407xx/CVE-2023-40743.json) (`2023-09-05T15:15:42.687`) -* [CVE-2023-4480](CVE-2023/CVE-2023-44xx/CVE-2023-4480.json) (`2023-09-05T15:15:42.883`) +* [CVE-2023-36361](CVE-2023/CVE-2023-363xx/CVE-2023-36361.json) (`2023-09-05T16:15:07.567`) +* [CVE-2023-41012](CVE-2023/CVE-2023-410xx/CVE-2023-41012.json) (`2023-09-05T16:15:07.990`) +* [CVE-2023-41107](CVE-2023/CVE-2023-411xx/CVE-2023-41107.json) (`2023-09-05T16:15:08.050`) +* [CVE-2023-41108](CVE-2023/CVE-2023-411xx/CVE-2023-41108.json) (`2023-09-05T16:15:08.110`) +* [CVE-2023-4778](CVE-2023/CVE-2023-47xx/CVE-2023-4778.json) (`2023-09-05T16:15:08.207`) +* [CVE-2023-31242](CVE-2023/CVE-2023-312xx/CVE-2023-31242.json) (`2023-09-05T17:15:08.517`) +* [CVE-2023-32271](CVE-2023/CVE-2023-322xx/CVE-2023-32271.json) (`2023-09-05T17:15:08.670`) +* [CVE-2023-32615](CVE-2023/CVE-2023-326xx/CVE-2023-32615.json) (`2023-09-05T17:15:08.777`) +* [CVE-2023-34317](CVE-2023/CVE-2023-343xx/CVE-2023-34317.json) (`2023-09-05T17:15:08.877`) +* [CVE-2023-34353](CVE-2023/CVE-2023-343xx/CVE-2023-34353.json) (`2023-09-05T17:15:08.963`) +* [CVE-2023-34994](CVE-2023/CVE-2023-349xx/CVE-2023-34994.json) (`2023-09-05T17:15:09.053`) +* [CVE-2023-34998](CVE-2023/CVE-2023-349xx/CVE-2023-34998.json) (`2023-09-05T17:15:09.153`) +* [CVE-2023-35124](CVE-2023/CVE-2023-351xx/CVE-2023-35124.json) (`2023-09-05T17:15:09.237`) +* [CVE-2023-3374](CVE-2023/CVE-2023-33xx/CVE-2023-3374.json) (`2023-09-05T17:15:09.400`) +* [CVE-2023-3375](CVE-2023/CVE-2023-33xx/CVE-2023-3375.json) (`2023-09-05T17:15:09.497`) ### CVEs modified in the last Commit -Recently modified CVEs: `11` +Recently modified CVEs: `20` -* [CVE-2020-19909](CVE-2020/CVE-2020-199xx/CVE-2020-19909.json) (`2023-09-05T14:34:09.187`) -* [CVE-2023-40184](CVE-2023/CVE-2023-401xx/CVE-2023-40184.json) (`2023-09-05T14:02:17.320`) -* [CVE-2023-4004](CVE-2023/CVE-2023-40xx/CVE-2023-4004.json) (`2023-09-05T14:15:09.323`) -* [CVE-2023-41539](CVE-2023/CVE-2023-415xx/CVE-2023-41539.json) (`2023-09-05T14:47:50.673`) -* [CVE-2023-32202](CVE-2023/CVE-2023-322xx/CVE-2023-32202.json) (`2023-09-05T14:52:21.310`) -* [CVE-2023-40178](CVE-2023/CVE-2023-401xx/CVE-2023-40178.json) (`2023-09-05T14:57:10.410`) -* [CVE-2023-41039](CVE-2023/CVE-2023-410xx/CVE-2023-41039.json) (`2023-09-05T15:06:09.130`) -* [CVE-2023-4640](CVE-2023/CVE-2023-46xx/CVE-2023-4640.json) (`2023-09-05T15:22:15.190`) -* [CVE-2023-4571](CVE-2023/CVE-2023-45xx/CVE-2023-4571.json) (`2023-09-05T15:35:34.477`) -* [CVE-2023-20234](CVE-2023/CVE-2023-202xx/CVE-2023-20234.json) (`2023-09-05T15:57:17.487`) -* [CVE-2023-20168](CVE-2023/CVE-2023-201xx/CVE-2023-20168.json) (`2023-09-05T15:59:01.170`) +* [CVE-2019-13473](CVE-2019/CVE-2019-134xx/CVE-2019-13473.json) (`2023-09-05T17:15:07.477`) +* [CVE-2019-13474](CVE-2019/CVE-2019-134xx/CVE-2019-13474.json) (`2023-09-05T17:15:07.937`) +* [CVE-2022-25148](CVE-2022/CVE-2022-251xx/CVE-2022-25148.json) (`2023-09-05T17:15:08.110`) +* [CVE-2023-4681](CVE-2023/CVE-2023-46xx/CVE-2023-4681.json) (`2023-09-05T16:22:15.077`) +* [CVE-2023-4682](CVE-2023/CVE-2023-46xx/CVE-2023-4682.json) (`2023-09-05T16:24:54.687`) +* [CVE-2023-4678](CVE-2023/CVE-2023-46xx/CVE-2023-4678.json) (`2023-09-05T16:25:18.257`) +* [CVE-2023-34392](CVE-2023/CVE-2023-343xx/CVE-2023-34392.json) (`2023-09-05T16:27:51.523`) +* [CVE-2023-31175](CVE-2023/CVE-2023-311xx/CVE-2023-31175.json) (`2023-09-05T16:31:23.233`) +* [CVE-2023-31174](CVE-2023/CVE-2023-311xx/CVE-2023-31174.json) (`2023-09-05T16:32:06.837`) +* [CVE-2023-31172](CVE-2023/CVE-2023-311xx/CVE-2023-31172.json) (`2023-09-05T16:32:59.760`) +* [CVE-2023-31171](CVE-2023/CVE-2023-311xx/CVE-2023-31171.json) (`2023-09-05T16:33:35.107`) +* [CVE-2023-28809](CVE-2023/CVE-2023-288xx/CVE-2023-28809.json) (`2023-09-05T17:15:08.280`) +* [CVE-2023-39026](CVE-2023/CVE-2023-390xx/CVE-2023-39026.json) (`2023-09-05T17:15:09.327`) +* [CVE-2023-2453](CVE-2023/CVE-2023-24xx/CVE-2023-2453.json) (`2023-09-05T17:31:50.810`) +* [CVE-2023-40743](CVE-2023/CVE-2023-407xx/CVE-2023-40743.json) (`2023-09-05T17:31:50.810`) +* [CVE-2023-4480](CVE-2023/CVE-2023-44xx/CVE-2023-4480.json) (`2023-09-05T17:31:50.810`) +* [CVE-2023-31170](CVE-2023/CVE-2023-311xx/CVE-2023-31170.json) (`2023-09-05T17:35:41.017`) +* [CVE-2023-31169](CVE-2023/CVE-2023-311xx/CVE-2023-31169.json) (`2023-09-05T17:36:09.717`) +* [CVE-2023-31168](CVE-2023/CVE-2023-311xx/CVE-2023-31168.json) (`2023-09-05T17:38:34.297`) +* [CVE-2023-41642](CVE-2023/CVE-2023-416xx/CVE-2023-41642.json) (`2023-09-05T17:51:45.430`) ## Download and Usage