admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-11-20T17:00:18.322208+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-11-20 17:00:22 +00:00
parent be39202d91
commit c49a9ae489
29 changed files with 797 additions and 79 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CVE-2022/CVE-2022-463xx/CVE-2022-46337.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2022-46337",
"sourceIdentifier": "security@apache.org",
"published": "2023-11-20T09:15:07.180",
"lastModified": "2023-11-20T09:15:07.180",
"vulnStatus": "Received",
"lastModified": "2023-11-20T15:04:56.147",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cleverly devised username might bypass LDAP authentication checks. In \nLDAP-authenticated Derby installations, this could let an attacker fill \nup the disk by creating junk Derby databases. In LDAP-authenticated \nDerby installations, this could also allow the attacker to execute \nmalware which was visible to and executable by the account which booted \nthe Derby server. In LDAP-protected databases which weren't also \nprotected by SQL GRANT/REVOKE authorization, this vulnerability could \nalso let an attacker view and corrupt sensitive data and run sensitive \ndatabase functions and procedures.\n\nMitigation:\n\nUsers should upgrade to Java 21 and Derby 10.17.1.0.\n\nAlternatively, users who wish to remain on older Java versions should \nbuild their own Derby distribution from one of the release families to \nwhich the fix was backported: 10.16, 10.15, and 10.14. Those are the \nreleases which correspond, respectively, with Java LTS versions 17, 11, \nand 8.\n\n"
},
{
"lang": "es",
"value": "Un nombre de usuario inteligentemente dise\u00f1ado podr\u00eda omitir las comprobaciones de autenticaci\u00f3n LDAP. En instalaciones Derby autenticadas por LDAP, esto podr\u00eda permitir que un atacante llene el disco creando bases de datos Derby basura. En instalaciones de Derby autenticadas por LDAP, esto tambi\u00e9n podr\u00eda permitir al atacante ejecutar malware que era visible y ejecutable por la cuenta que arranc\u00f3 el servidor Derby. En bases de datos protegidas por LDAP que tampoco estaban protegidas por la autorizaci\u00f3n SQL GRANT/REVOKE, esta vulnerabilidad tambi\u00e9n podr\u00eda permitir que un atacante vea y corrompa datos confidenciales y ejecute funciones y procedimientos de bases de datos confidenciales. Mitigaci\u00f3n: los usuarios deben actualizar a Java 21 y Derby 10.17.1.0. Alternativamente, los usuarios que deseen permanecer en versiones anteriores de Java deben crear su propia distribuci\u00f3n Derby a partir de una de las familias de versiones a las que se admiti\u00f3 la soluci\u00f3n: 10.16, 10.15 y 10.14. Esas son las versiones que corresponden, respectivamente, a las versiones 17, 11 y 8 de Java LTS."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-31xx/CVE-2023-3116.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3116",
"sourceIdentifier": "scy@openharmony.io",
"published": "2023-11-20T12:15:07.887",
"lastModified": "2023-11-20T12:15:07.887",
"vulnStatus": "Received",
"lastModified": "2023-11-20T15:04:56.147",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information or rewrite sensitive file through incorrect default permissions."
},
{
"lang": "es",
"value": "En OpenHarmony v3.2.2 y versiones anteriores permiten que un atacante local obtenga informaci\u00f3n confidencial o reescriba archivos confidenciales mediante permisos predeterminados incorrectos."
}
],
"metrics": {

8
CVE-2023/CVE-2023-33xx/CVE-2023-3379.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3379",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-11-20T08:15:44.280",
"lastModified": "2023-11-20T08:15:44.280",
"vulnStatus": "Received",
"lastModified": "2023-11-20T15:04:56.147",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Wago web-based management of multiple products has a vulnerability which allows an local authenticated attacker to change the passwords of other non-admin users and thus to escalate non-root privileges."
},
{
"lang": "es",
"value": "La administraci\u00f3n de m\u00faltiples productos basada en web de Wago tiene una vulnerabilidad que permite a un atacante autenticado local cambiar las contrase\u00f1as de otros usuarios que no sean administradores y as\u00ed escalar privilegios no root."
}
],
"metrics": {

43
CVE-2023/CVE-2023-360xx/CVE-2023-36013.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36013",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-11-20T16:15:08.080",
"lastModified": "2023-11-20T16:15:08.080",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "PowerShell Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36013",
"source": "secure@microsoft.com"
}
]
}

8
CVE-2023/CVE-2023-427xx/CVE-2023-42774.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-42774",
"sourceIdentifier": "scy@openharmony.io",
"published": "2023-11-20T12:15:08.157",
"lastModified": "2023-11-20T12:15:08.157",
"vulnStatus": "Received",
"lastModified": "2023-11-20T15:04:56.147",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information through incorrect default permissions."
},
{
"lang": "es",
"value": "En OpenHarmony v3.2.2 y versiones anteriores permiten que un atacante local obtenga informaci\u00f3n confidencial a trav\u00e9s de permisos predeterminados incorrectos."
}
],
"metrics": {

8
CVE-2023/CVE-2023-436xx/CVE-2023-43612.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-43612",
"sourceIdentifier": "scy@openharmony.io",
"published": "2023-11-20T12:15:08.323",
"lastModified": "2023-11-20T12:15:08.323",
"vulnStatus": "Received",
"lastModified": "2023-11-20T15:04:56.147",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary file read and write through improper preservation of permissions."
},
{
"lang": "es",
"value": "En OpenHarmony v3.2.2 y versiones anteriores permiten que un atacante local lea y escriba archivos arbitrarios mediante la preservaci\u00f3n inadecuada de los permisos."
}
],
"metrics": {

75
CVE-2023/CVE-2023-456xx/CVE-2023-45684.json
View File

@ -2,19 +2,86 @@
"id": "CVE-2023-45684",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-14T15:15:07.553",
"lastModified": "2023-11-14T15:15:45.277",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-20T16:36:42.880",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Northern.tech CFEngine Enterprise before 3.21.3 allows SQL Injection. The fixed versions are 3.18.6 and 3.21.3. The earliest affected version is 3.6.0. The issue is in the Mission Portal login page in the CFEngine hub."
},
{
"lang": "es",
"value": "Northern.tech CFEngine Enterprise anterior a 3.21.3 permite la inyecci\u00f3n SQL. Las versiones fijas son 3.18.6 y 3.21.3. La primera versi\u00f3n afectada es la 3.6.0. El problema est\u00e1 en la p\u00e1gina de inicio de sesi\u00f3n del Portal de la Misi\u00f3n en el centro CFEngine."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:northern.tech:cfengine:*:*:*:*:enterprise:*:*:*",
"versionEndExcluding": "3.18.6",
"matchCriteriaId": "67F8886C-B118-40FF-BC20-EA1949E0CF20"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:northern.tech:cfengine:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "3.19.0",
"versionEndExcluding": "3.21.3",
"matchCriteriaId": "32A9DD95-5CFF-49A6-952B-4FC3080ECB50"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cfengine.com/blog/2023/cve-2023-45684/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-460xx/CVE-2023-46099.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46099",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-11-14T11:15:14.840",
"lastModified": "2023-11-14T15:15:45.277",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-20T15:10:25.943",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -50,10 +80,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.1",
"matchCriteriaId": "96D49ACA-BF2E-4C89-8168-E4A95D5B22AA"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-456933.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-461xx/CVE-2023-46100.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-46100",
"sourceIdentifier": "scy@openharmony.io",
"published": "2023-11-20T12:15:08.550",
"lastModified": "2023-11-20T12:15:08.550",
"vulnStatus": "Received",
"lastModified": "2023-11-20T15:04:56.147",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "in OpenHarmony v3.2.2 and prior versions allow a local attacker get sensitive buffer information through use of uninitialized resource."
},
{
"lang": "es",
"value": "En OpenHarmony v3.2.2 y versiones anteriores permiten que un atacante local obtenga informaci\u00f3n confidencial del b\u00fafer mediante el uso de recursos no inicializados."
}
],
"metrics": {

8
CVE-2023/CVE-2023-463xx/CVE-2023-46302.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-46302",
"sourceIdentifier": "security@apache.org",
"published": "2023-11-20T09:15:07.293",
"lastModified": "2023-11-20T09:15:07.293",
"vulnStatus": "Received",
"lastModified": "2023-11-20T15:04:56.147",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Apache Software Foundation Apache Submarine has a bug when serializing against yaml. The bug is caused by snakeyaml https://nvd.nist.gov/vuln/detail/CVE-2022-1471 .\n\nApache Submarine uses JAXRS to define REST endpoints. In order to\nhandle YAML requests (using application/yaml content-type), it defines\na YamlEntityProvider entity provider that will process all incoming\nYAML requests. In order to unmarshal the request, the readFrom method\nis invoked, passing the entityStream containing the user-supplied data in `submarine-server/server-core/src/main/java/org/apache/submarine/server/utils/YamlUtils.java`.\n \nWe have now fixed this issue in the new version by replacing to `jackson-dataformat-yaml`.\nThis issue affects Apache Submarine: from 0.7.0 before 0.8.0.\u00a0Users are recommended to upgrade to version 0.8.0, which fixes this issue.\nIf using the version smaller than 0.8.0 and not want to upgrade, you can try cherry-pick PR https://github.com/apache/submarine/pull/1054 and rebuild the submart-server image to fix this.\n\n"
},
{
"lang": "es",
"value": "Apache Software Foundation Apache Submarine tiene un error al serializar contra yaml. El error es causado por Snakeyaml https://nvd.nist.gov/vuln/detail/CVE-2022-1471. Apache Submarine usa JAXRS para definir endpoints REST. Para manejar solicitudes YAML (usando el tipo de contenido application/yaml), define un proveedor de entidad YamlEntityProvider que procesar\u00e1 todas las solicitudes YAML entrantes. Para desorganizar la solicitud, se invoca el m\u00e9todo readFrom, pasando elentityStream que contiene los datos proporcionados por el usuario en `submarine-server/server-core/src/main/java/org/apache/submarine/server/utils/YamlUtils.java`. Ahora hemos solucionado este problema en la nueva versi\u00f3n reemplaz\u00e1ndolo por `jackson-dataformat-yaml`. Este problema afecta a Apache Submarine: desde 0.7.0 antes de 0.8.0. Se recomienda a los usuarios actualizar a la versi\u00f3n 0.8.0, que soluciona este problema. Si utiliza una versi\u00f3n inferior a 0.8.0 y no desea actualizar, puede intentar seleccionar PR https://github.com/apache/submarine/pull/1054 y reconstruir la imagen del servidor submart para solucionar este problema."
}
],
"metrics": {},

28
CVE-2023/CVE-2023-465xx/CVE-2023-46590.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46590",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-11-14T11:15:15.063",
"lastModified": "2023-11-14T15:15:45.277",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-20T15:18:37.680",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -50,10 +50,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:siemens_opc_ua_modeling_editor:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.8",
"matchCriteriaId": "CE43DF05-67AF-4410-BFB4-3E3A74FA8D7C"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-197270.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-467xx/CVE-2023-46700.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-46700",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-11-20T05:15:08.823",
"lastModified": "2023-11-20T05:15:08.823",
"vulnStatus": "Received",
"lastModified": "2023-11-20T15:04:56.147",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.4M (MySQL version) and LuxCal Web Calendar prior to 5.2.4L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary SQL command by sending a crafted request, and obtain or alter information stored in the database."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en LuxCal Web Calendar anterior a 5.2.4M (versi\u00f3n MySQL) y LuxCal Web Calendar anterior a 5.2.4L (versi\u00f3n SQLite) permite a un atacante remoto no autenticado ejecutar un comando SQL arbitrario enviando una solicitud manipulada y obtener o alterar informaci\u00f3n almacenada en la base de datos."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-467xx/CVE-2023-46705.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-46705",
"sourceIdentifier": "scy@openharmony.io",
"published": "2023-11-20T12:15:08.800",
"lastModified": "2023-11-20T12:15:08.800",
"vulnStatus": "Received",
"lastModified": "2023-11-20T15:04:56.147",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "in OpenHarmony v3.2.2 and prior versions allow a local attacker causes system information leak through type confusion."
},
{
"lang": "es",
"value": "En OpenHarmony v3.2.2 y versiones anteriores permiten que un atacante local provoque una fuga de informaci\u00f3n del sistema a trav\u00e9s de confusi\u00f3n de tipos."
}
],
"metrics": {

16
CVE-2023/CVE-2023-468xx/CVE-2023-46847.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46847",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-03T08:15:08.023",
"lastModified": "2023-11-14T21:15:11.323",
"vulnStatus": "Modified",
"lastModified": "2023-11-20T16:15:08.997",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
@ -41,20 +41,20 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.3
"impactScore": 4.7
}
]
},
@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-400"
"value": "CWE-122"
}
]
}

8
CVE-2023/CVE-2023-471xx/CVE-2023-47175.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-47175",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-11-20T05:15:08.953",
"lastModified": "2023-11-20T05:15:08.953",
"vulnStatus": "Received",
"lastModified": "2023-11-20T15:04:56.147",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.4M (MySQL version) and LuxCal Web Calendar prior to 5.2.4L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is accessing the product."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-site scripting en LuxCal Web Calendar anterior a 5.2.4M (versi\u00f3n MySQL) y LuxCal Web Calendar anterior a 5.2.4L (versi\u00f3n SQLite) permite a un atacante remoto no autenticado ejecutar un script arbitrario en el navegador web del usuario que est\u00e1 acceder al producto."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-472xx/CVE-2023-47217.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-47217",
"sourceIdentifier": "scy@openharmony.io",
"published": "2023-11-20T12:15:08.990",
"lastModified": "2023-11-20T12:15:08.990",
"vulnStatus": "Received",
"lastModified": "2023-11-20T15:04:56.147",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through buffer overflow."
},
{
"lang": "es",
"value": "En OpenHarmony v3.2.2 y versiones anteriores permiten que un atacante local provoque DOS a trav\u00e9s de un desbordamiento del b\u00fafer."
}
],
"metrics": {

51
CVE-2023/CVE-2023-476xx/CVE-2023-47660.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-47660",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-14T17:15:07.820",
"lastModified": "2023-11-14T18:04:30.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-20T16:56:01.590",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP Wham Product Visibility by Country for WooCommerce plugin <=\u00a01.4.9 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento WP Wham Product Visibility by Country for WooCommerce en versiones &lt;= 1.4.9."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpwham:product_visibility_by_country_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.4.9",
"matchCriteriaId": "1F8AFA95-856F-4642-9DA3-322F9B3EFCFF"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/product-visibility-by-country-for-woocommerce/wordpress-product-visibility-by-country-for-woocommerce-plugin-1-4-9-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-477xx/CVE-2023-47772.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-47772",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-20T15:15:09.623",
"lastModified": "2023-11-20T15:15:09.623",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Contributor+\u00a0Stored Cross-Site Scripting (XSS) vulnerability in Slider Revolution <=\u00a06.6.14."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/revslider/wordpress-slider-revolution-plugin-6-6-14-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

20
CVE-2023/CVE-2023-480xx/CVE-2023-48039.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-48039",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-20T15:15:09.820",
"lastModified": "2023-11-20T15:15:09.820",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leak in gf_mpd_parse_string media_tools/mpd.c:75."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/gpac/gpac/issues/2679",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-480xx/CVE-2023-48090.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-48090",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-20T15:15:09.863",
"lastModified": "2023-11-20T15:15:09.863",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leaks in extract_attributes media_tools/m3u8.c:329."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/gpac/gpac/issues/2680",
"source": "cve@mitre.org"
}
]
}

67
CVE-2023/CVE-2023-480xx/CVE-2023-48094.json
View File

@ -2,19 +2,78 @@
"id": "CVE-2023-48094",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-14T17:15:08.013",
"lastModified": "2023-11-14T18:04:30.417",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-20T16:46:43.307",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in CesiumJS v1.111 allows attackers to execute arbitrary code in the context of the victim's browser via sending a crafted payload to /container_files/public_html/doc/index.html."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross-site scripting (XSS) en CesiumJS v1.111 permite a los atacantes ejecutar c\u00f3digo arbitrario en el contexto del navegador de la v\u00edctima enviando un payload dise\u00f1ado a /container_files/public_html/doc/index.html."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cesium:cesiumjs:1.111:*:*:*:*:*:*:*",
"matchCriteriaId": "59F21301-3435-487D-915B-37BB07EFB62D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/cd80/33ab71cc49c42feb55de3e574753320f",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-55xx/CVE-2023-5593.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-5593",
"sourceIdentifier": "security@zyxel.com.tw",
"published": "2023-11-20T12:15:09.180",
"lastModified": "2023-11-20T12:15:09.180",
"vulnStatus": "Received",
"lastModified": "2023-11-20T15:04:56.147",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The out-of-bounds write vulnerability in the Windows-based SecuExtender SSL VPN Client software version 4.0.4.0 could allow an authenticated local user to gain a privilege escalation by sending a crafted CREATE message."
},
{
"lang": "es",
"value": "La vulnerabilidad de escritura fuera de los l\u00edmites en la versi\u00f3n 4.0.4.0 del software SecuExtender SSL VPN Client basado en Windows podr\u00eda permitir que un usuario local autenticado obtenga una escalada de privilegios enviando un mensaje CREATE manipulado."
}
],
"metrics": {

8
CVE-2023/CVE-2023-60xx/CVE-2023-6045.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-6045",
"sourceIdentifier": "scy@openharmony.io",
"published": "2023-11-20T12:15:09.387",
"lastModified": "2023-11-20T12:15:09.387",
"vulnStatus": "Received",
"lastModified": "2023-11-20T15:04:56.147",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through type confusion."
},
{
"lang": "es",
"value": "En OpenHarmony v3.2.2 y versiones anteriores permiten que un atacante local ejecute c\u00f3digo arbitrario en aplicaciones preinstaladas mediante confusi\u00f3n de tipos."
}
],
"metrics": {

69
CVE-2023/CVE-2023-61xx/CVE-2023-6100.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-6100",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-11-13T16:15:28.617",
"lastModified": "2023-11-13T18:44:54.637",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-20T16:12:22.750",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in Maiwei Safety Production Control Platform 4.1. This vulnerability affects unknown code of the file /api/DataDictionary/GetItemList. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-245062 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en Maiwei Safety Production Control Platform 4.1 y clasificada como problem\u00e1tica. Esta vulnerabilidad afecta a c\u00f3digo desconocido del archivo /api/DataDictionary/GetItemList. La manipulaci\u00f3n conduce a la divulgaci\u00f3n de informaci\u00f3n. El ataque se puede iniciar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. VDB-245062 es el identificador asignado a esta vulnerabilidad. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -60,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,14 +105,41 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:maiwei_safety_production_control_platform_project:maiwei_safety_production_control_platform:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EFCBAD4-4497-40BA-8A53-21C5FF28BDDF"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.245062",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.245062",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

69
CVE-2023/CVE-2023-61xx/CVE-2023-6101.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-6101",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-11-13T16:15:28.857",
"lastModified": "2023-11-13T18:44:54.637",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-20T16:11:40.347",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in Maiwei Safety Production Control Platform 4.1. This issue affects some unknown processing of the file /TC/V2.7/ha.html of the component Intelligent Monitoring. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-245063. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en Maiwei Safety Production Control Platform 4.1 y clasificada como problem\u00e1tica. Este problema afecta un procesamiento desconocido del archivo /TC/V2.7/ha.html del componente Intelligent Monitoring. La manipulaci\u00f3n conduce a la divulgaci\u00f3n de informaci\u00f3n. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-245063. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -60,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,14 +105,41 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:maiwei_safety_production_control_platform_project:maiwei_safety_production_control_platform:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EFCBAD4-4497-40BA-8A53-21C5FF28BDDF"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.245063",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.245063",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

58
CVE-2023/CVE-2023-61xx/CVE-2023-6102.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-6102",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-11-13T18:15:08.123",
"lastModified": "2023-11-13T18:44:54.637",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-20T16:10:42.370",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in Maiwei Safety Production Control Platform 4.1. Affected is an unknown function of the file /Content/Plugins/uploader/FileChoose.html?fileUrl=/Upload/File/Pics/&parent. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-245064. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en Maiwei Safety Production Control Platform 4.1 y clasificada como problem\u00e1tica. Una funci\u00f3n desconocida del archivo /Content/Plugins/uploader/FileChoose.html?fileUrl=/Upload/File/Pics/&amp;parent es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce a una carga sin restricciones. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-245064. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,14 +95,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:maiwei_safety_production_control_platform_project:maiwei_safety_production_control_platform:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EFCBAD4-4497-40BA-8A53-21C5FF28BDDF"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.245064",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.245064",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

47
CVE-2023/CVE-2023-61xx/CVE-2023-6196.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-6196",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-11-20T15:15:09.910",
"lastModified": "2023-11-20T15:15:09.910",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Audio Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0.4. This is due to missing or incorrect nonce validation on the function audio_merchant_add_audio_file function. This makes it possible for unauthenticated attackers to upload arbitrary files via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/audio-merchant/trunk/audio-merchant.php#L1298",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/06513dfe-f263-48b7-ba01-2c205247095b?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2023/CVE-2023-61xx/CVE-2023-6197.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-6197",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-11-20T15:15:10.080",
"lastModified": "2023-11-20T15:15:10.080",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Audio Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0.4. This is due to missing or incorrect nonce validation on the audio_merchant_save_settings function. This makes it possible for unauthenticated attackers to modify the plugin's settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/audio-merchant/trunk/audio-merchant.php#L951",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d7911337-57fa-4268-8366-d37ff13fae86?source=cve",
"source": "security@wordfence.com"
}
]
}

49
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-11-20T15:00:18.647575+00:00
2023-11-20T17:00:18.322208+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-11-20T14:48:27.390000+00:00
2023-11-20T16:56:01.590000+00:00
```
### Last Data Feed Release
@ -29,30 +29,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
231130
231136
```
### CVEs added in the last Commit
Recently added CVEs: `0`
Recently added CVEs: `6`
* [CVE-2023-47772](CVE-2023/CVE-2023-477xx/CVE-2023-47772.json) (`2023-11-20T15:15:09.623`)
* [CVE-2023-48039](CVE-2023/CVE-2023-480xx/CVE-2023-48039.json) (`2023-11-20T15:15:09.820`)
* [CVE-2023-48090](CVE-2023/CVE-2023-480xx/CVE-2023-48090.json) (`2023-11-20T15:15:09.863`)
* [CVE-2023-6196](CVE-2023/CVE-2023-61xx/CVE-2023-6196.json) (`2023-11-20T15:15:09.910`)
* [CVE-2023-6197](CVE-2023/CVE-2023-61xx/CVE-2023-6197.json) (`2023-11-20T15:15:10.080`)
* [CVE-2023-36013](CVE-2023/CVE-2023-360xx/CVE-2023-36013.json) (`2023-11-20T16:15:08.080`)
### CVEs modified in the last Commit
Recently modified CVEs: `11`
Recently modified CVEs: `22`
* [CVE-2021-3774](CVE-2021/CVE-2021-37xx/CVE-2021-3774.json) (`2023-11-20T14:15:07.210`)
* [CVE-2021-3833](CVE-2021/CVE-2021-38xx/CVE-2021-3833.json) (`2023-11-20T14:15:07.430`)
* [CVE-2021-3834](CVE-2021/CVE-2021-38xx/CVE-2021-3834.json) (`2023-11-20T14:15:07.650`)
* [CVE-2023-5669](CVE-2023/CVE-2023-56xx/CVE-2023-5669.json) (`2023-11-20T13:15:07.450`)
* [CVE-2023-6103](CVE-2023/CVE-2023-61xx/CVE-2023-6103.json) (`2023-11-20T13:28:52.767`)
* [CVE-2023-46601](CVE-2023/CVE-2023-466xx/CVE-2023-46601.json) (`2023-11-20T13:41:15.747`)
* [CVE-2023-47659](CVE-2023/CVE-2023-476xx/CVE-2023-47659.json) (`2023-11-20T13:45:25.300`)
* [CVE-2023-45794](CVE-2023/CVE-2023-457xx/CVE-2023-45794.json) (`2023-11-20T14:11:34.617`)
* [CVE-2023-46096](CVE-2023/CVE-2023-460xx/CVE-2023-46096.json) (`2023-11-20T14:26:09.223`)
* [CVE-2023-46097](CVE-2023/CVE-2023-460xx/CVE-2023-46097.json) (`2023-11-20T14:38:29.960`)
* [CVE-2023-46098](CVE-2023/CVE-2023-460xx/CVE-2023-46098.json) (`2023-11-20T14:48:27.390`)
* [CVE-2022-46337](CVE-2022/CVE-2022-463xx/CVE-2022-46337.json) (`2023-11-20T15:04:56.147`)
* [CVE-2023-46700](CVE-2023/CVE-2023-467xx/CVE-2023-46700.json) (`2023-11-20T15:04:56.147`)
* [CVE-2023-47175](CVE-2023/CVE-2023-471xx/CVE-2023-47175.json) (`2023-11-20T15:04:56.147`)
* [CVE-2023-3379](CVE-2023/CVE-2023-33xx/CVE-2023-3379.json) (`2023-11-20T15:04:56.147`)
* [CVE-2023-46302](CVE-2023/CVE-2023-463xx/CVE-2023-46302.json) (`2023-11-20T15:04:56.147`)
* [CVE-2023-3116](CVE-2023/CVE-2023-31xx/CVE-2023-3116.json) (`2023-11-20T15:04:56.147`)
* [CVE-2023-42774](CVE-2023/CVE-2023-427xx/CVE-2023-42774.json) (`2023-11-20T15:04:56.147`)
* [CVE-2023-43612](CVE-2023/CVE-2023-436xx/CVE-2023-43612.json) (`2023-11-20T15:04:56.147`)
* [CVE-2023-46100](CVE-2023/CVE-2023-461xx/CVE-2023-46100.json) (`2023-11-20T15:04:56.147`)
* [CVE-2023-46705](CVE-2023/CVE-2023-467xx/CVE-2023-46705.json) (`2023-11-20T15:04:56.147`)
* [CVE-2023-47217](CVE-2023/CVE-2023-472xx/CVE-2023-47217.json) (`2023-11-20T15:04:56.147`)
* [CVE-2023-5593](CVE-2023/CVE-2023-55xx/CVE-2023-5593.json) (`2023-11-20T15:04:56.147`)
* [CVE-2023-6045](CVE-2023/CVE-2023-60xx/CVE-2023-6045.json) (`2023-11-20T15:04:56.147`)
* [CVE-2023-46099](CVE-2023/CVE-2023-460xx/CVE-2023-46099.json) (`2023-11-20T15:10:25.943`)
* [CVE-2023-46590](CVE-2023/CVE-2023-465xx/CVE-2023-46590.json) (`2023-11-20T15:18:37.680`)
* [CVE-2023-6102](CVE-2023/CVE-2023-61xx/CVE-2023-6102.json) (`2023-11-20T16:10:42.370`)
* [CVE-2023-6101](CVE-2023/CVE-2023-61xx/CVE-2023-6101.json) (`2023-11-20T16:11:40.347`)
* [CVE-2023-6100](CVE-2023/CVE-2023-61xx/CVE-2023-6100.json) (`2023-11-20T16:12:22.750`)
* [CVE-2023-46847](CVE-2023/CVE-2023-468xx/CVE-2023-46847.json) (`2023-11-20T16:15:08.997`)
* [CVE-2023-45684](CVE-2023/CVE-2023-456xx/CVE-2023-45684.json) (`2023-11-20T16:36:42.880`)
* [CVE-2023-48094](CVE-2023/CVE-2023-480xx/CVE-2023-48094.json) (`2023-11-20T16:46:43.307`)
* [CVE-2023-47660](CVE-2023/CVE-2023-476xx/CVE-2023-47660.json) (`2023-11-20T16:56:01.590`)
## Download and Usage