admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-12T04:00:27.415061+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-12 04:00:31 +00:00
parent 3794460085
commit c4ca0c71b7
214 changed files with 8397 additions and 814 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CVE-2017/CVE-2017-165xx/CVE-2017-16516.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-16516",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-11-03T15:29:00.233",
"lastModified": "2020-03-10T13:10:55.207",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-11T20:15:09.333",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -123,6 +123,10 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00013.html",
"source": "cve@mitre.org"
},
{
"url": "https://rubygems.org/gems/yajl-ruby",
"source": "cve@mitre.org",

6
CVE-2019/CVE-2019-72xx/CVE-2019-7214.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-7214",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-04-24T15:29:02.107",
"lastModified": "2020-12-09T19:15:11.157",
"lastModified": "2023-07-11T18:15:11.990",
"vulnStatus": "Modified",
"descriptions": [
{
@ -99,6 +99,10 @@
"url": "http://packetstormsecurity.com/files/160416/SmarterMail-6985-Remote-Code-Execution.html",
"source": "cve@mitre.org"
},
{
"url": "http://packetstormsecurity.com/files/173388/SmarterTools-SmarterMail-Remote-Code-Execution.html",
"source": "cve@mitre.org"
},
{
"url": "https://www.nccgroup.trust/uk/our-research/technical-advisory-multiple-vulnerabilities-in-smartermail/",
"source": "cve@mitre.org",

16
CVE-2021/CVE-2021-214xx/CVE-2021-21424.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-21424",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-05-13T16:15:07.777",
"lastModified": "2022-10-21T22:43:59.147",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-12T01:15:08.783",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -85,22 +85,22 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-203"
"value": "CWE-200"
}
]
},
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
"value": "CWE-203"
}
]
}
@ -175,6 +175,10 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html",
"source": "security-advisories@github.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KENRNLB3FYXYGDWRBH2PDBOZZKOD7VY4/",
"source": "security-advisories@github.com",

15
CVE-2021/CVE-2021-39xx/CVE-2021-3979.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-3979",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-08-25T20:15:09.473",
"lastModified": "2023-02-12T23:42:59.537",
"vulnStatus": "Modified",
"lastModified": "2023-07-11T20:21:32.900",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -40,17 +40,17 @@
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-327"
"value": "CWE-287"
}
]
},
{
"source": "nvd@nist.gov",
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
@ -237,7 +237,10 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPOK44BESMIFW6BIOGCN452AKKOIIT6Q/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://tracker.ceph.com/issues/54006",

595
CVE-2021/CVE-2021-43xx/CVE-2021-4342.json
View File

@ -2,599 +2,14 @@
"id": "CVE-2021-4342",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:13.190",
"lastModified": "2023-06-22T16:10:02.977",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-11T20:15:10.320",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "Over 70 plugins and themes were vulnerable to Cross-Site Request Forgery due to improperly implemented nonce protection that could be bypassed."
"value": "** REJECT ** CVE split into individual CVE IDs for each software record."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:10up:elasticpress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.5.4",
"matchCriteriaId": "76483A4F-33B3-4C3B-A0B2-B26A2B8B790A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:10web:10webanalytics:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.2.9",
"matchCriteriaId": "8C19ED2D-4B6F-463A-A75B-0732450AD92A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amministrazione_trasparente_project:amministrazione_trasparente:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "7.1.1",
"matchCriteriaId": "BB66A3CD-FA38-4FCC-B978-FCB83E4C79AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:analogwp:style_kits:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.8.1",
"matchCriteriaId": "A656A631-91A9-480B-A1E4-BBF514BB6E59"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ashstonestudios:absolute_reviews:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.9",
"matchCriteriaId": "EB71E443-0FF2-4A32-8012-85EDE744CD1C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ashstonestudios:advanced_popups:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.1.2",
"matchCriteriaId": "F78E1F1F-C072-49A3-9D20-CB3B181EA180"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:brainstormforce:import_\\/_export_customizer_settings:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.4",
"matchCriteriaId": "92FE5F0E-6963-4EA7-9F5D-2F60B54CD34F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:brainstormforce:lightweight_sidebar_manager:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.1.4",
"matchCriteriaId": "6FF22447-3DE1-4C1E-BCB6-AFB8DC114F5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:c7style:contact_form_7_style:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.2",
"matchCriteriaId": "5271201F-DD29-49A2-BF23-30D0445782E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cartflows:funnel_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.5.16",
"matchCriteriaId": "6BDF68D5-6643-46F1-9DD2-DDD802F644BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cm-wp:woody_code_snippets:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.3.10",
"matchCriteriaId": "B3A50441-F251-456A-8C4F-B1B325AF9F23"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:coolplugins:cool_timeline:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.0.3",
"matchCriteriaId": "4F98B8C9-83A9-4BCE-A0A6-7327B8402806"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:coolplugins:process_steps_template_designer:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3",
"matchCriteriaId": "3BDC58F5-2A43-46C2-BC20-6857F9B773EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:designwall:dw_question_\\&_answer:*:*:*:*:pro:wordpress:*:*",
"versionEndIncluding": "1.5.7",
"matchCriteriaId": "482E557E-F6BE-4402-A601-6F68770CF274"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:edwiser:bridge:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.0.7",
"matchCriteriaId": "9BEFF9DC-954D-4A7E-A331-D4B5D0B907D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eventespresso:event_espresso:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.10.11.decaf",
"matchCriteriaId": "35143CE3-2DC1-4B32-9DB7-E2D625358257"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ewww:image_optimizer:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "5.9.0",
"matchCriteriaId": "8A192470-C4D1-403A-979C-623C4A9478B8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exportfeed:woocommerce_etsy_integration:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.3.1",
"matchCriteriaId": "CD0B8855-250A-42BF-AA73-A21506383B57"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flippercode:custom_css-js-php:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.0.7",
"matchCriteriaId": "16741D09-F7FB-4495-802D-EB54CF97E13C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flippercode:photo_gallery_-_image_gallery:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.6",
"matchCriteriaId": "2C14BD79-119C-4389-89B5-90DC4D5F4EBB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flippercode:wp_security_question:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.5",
"matchCriteriaId": "2168E8FA-E537-4026-9D2E-C9E465E106D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:goldplugins:custom_banners:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.3",
"matchCriteriaId": "2167B4A9-C6B5-47CC-BE4F-0B1005BCFAE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:goldplugins:easy_testimonials:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.7",
"matchCriteriaId": "B51C469A-DD80-4141-B183-BA20B6E7059B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:goldplugins:locations:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.0",
"matchCriteriaId": "7E8EB9E1-E2AD-4F09-A41B-1EBC7B59D16D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:goldplugins:staff_directory_plugin:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.0",
"matchCriteriaId": "BBDF2297-5EE3-4842-A404-FF0C4F010F14"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:goprayer:wp_prayer:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.6.6",
"matchCriteriaId": "CA4ED87A-193A-41E3-8070-2292FEBD3F78"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:graphpaperpress:sell_media:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.5.5",
"matchCriteriaId": "9854AE9A-B2D2-4075-86DA-6367D760186F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:implecode:ecommerce_product_catalog:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.9.44",
"matchCriteriaId": "CA5382C0-6626-493A-9545-DA9E93533FD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:implecode:ecommerce_product_catalog:*:*:*:*:*:wordpress:*:*",
"versionStartIncluding": "3.0.1",
"versionEndExcluding": "3.0.18",
"matchCriteriaId": "1152D381-B9E3-451E-B99A-256DC219E69B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:implecode:product_catalog_simple:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.5.13",
"matchCriteriaId": "4EC3A9B2-3EE8-48DD-9838-92D3CF329C4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:incsub:forminator:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.13.5",
"matchCriteriaId": "399AF121-2EA4-4F53-8D46-63B8C528BEB7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:incsub:forminator:*:*:*:*:*:wordpress:*:*",
"versionStartIncluding": "1.14.0",
"versionEndExcluding": "1.14.9",
"matchCriteriaId": "B9968B11-D2CB-4B57-8061-BDB76B7471F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:inoplugs:wp-backgrounds_lite:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.3",
"matchCriteriaId": "5779C1F4-2A98-4950-AD46-3DFA5106CA4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jesseeproductions:coupon_creator:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.1.1",
"matchCriteriaId": "21406ABF-1B7D-4E4A-943F-82607B8216FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:menu_swapper_project:menu_swapper:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.1.1",
"matchCriteriaId": "5EDE1F15-C493-4587-951C-43596E60FE2C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:multiple_roles_project:multiple_roles:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.3.1",
"matchCriteriaId": "F91F571D-9CD5-44B2-B87E-3014A1D2018B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:multivendorx:multivendorx:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.5.8",
"matchCriteriaId": "B828FB80-4671-4C5A-BEA1-E4598C9C1BFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:multivendorx:multivendorx:*:*:*:*:*:wordpress:*:*",
"versionStartIncluding": "3.5.9",
"versionEndExcluding": "3.7.8",
"matchCriteriaId": "5D8CA1F9-6E76-4038-ACD3-70075A8FFC55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oceanwp:ocean_extra:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.6.6",
"matchCriteriaId": "997B75FE-42AD-42A2-A610-2DAAE3178269"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:paidmembershipspro:paid_memberships_pro:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.4.3",
"matchCriteriaId": "5199CAC6-EC4A-43CB-BF9B-2BC133CD4694"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:presscustomizr:customizr:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.3.1",
"matchCriteriaId": "D00DC651-C4C9-443F-B5BE-98F899860AFE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:presscustomizr:hueman:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.6.2",
"matchCriteriaId": "C5B21252-4403-44B3-B5A5-6BE04A9FE35D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qtranslate_slug_project:qtranslate_slug:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.18",
"matchCriteriaId": "203C24EE-0502-46A4-A8E9-DAAE5079F435"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:quantumcloud:slider_hero:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "8.2.1",
"matchCriteriaId": "521B20A4-4EF0-45D3-A71E-AD801F611945"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:radio_buttons_for_taxonomies_project:radio_buttons_for_taxonomies:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.0.6",
"matchCriteriaId": "6D11655A-3D0B-4B5E-8D97-689EAD60A343"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rays_grid_project:rays_grid:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.2",
"matchCriteriaId": "6503AB81-B673-40F3-9228-A5CCDF48FB3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rucy_project:rucy:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.4.4",
"matchCriteriaId": "664FD7AA-A9CF-4A31-9415-AF8762FB021F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:slickremix:feed_them_social:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.8.7",
"matchCriteriaId": "1661552C-22B1-4EDD-92EA-E513E0DFE4D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sunshinephotocart:sunshine_photo_cart:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.8.29",
"matchCriteriaId": "45365F1E-492A-4858-A551-8DAA8BCD64E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:themeisle:rss_aggregator_by_feedzy:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.4.3",
"matchCriteriaId": "CBAAD1F0-7F2B-4C88-9AFC-11AB78E443EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:thimpress:wp_hotel_booking:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.10.2",
"matchCriteriaId": "D9700448-3FDF-4832-9901-9E25BD29CD88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tychesoftwares:abandoned_cart_lite_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "5.8.6",
"matchCriteriaId": "E9A968A8-41D7-4553-BDBD-2001BFFEACF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:villatheme:abandoned_cart_recovery_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.4.1",
"matchCriteriaId": "5FDF3006-40FD-44F5-9B87-3BB682A01A7F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vuukle:vuukle_comments\\,_reactions\\,_share_bar\\,_revenue:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.0",
"matchCriteriaId": "7C482CEB-F521-4371-B681-35ACB104DE07"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webberzone:better_search:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.5.3",
"matchCriteriaId": "71D7F44A-129A-4FA2-8834-1F7D363AF156"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webberzone:top_10:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.9.5",
"matchCriteriaId": "3C40381E-5527-49AC-8F84-D328BCCBD668"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:websitescanner:remove_schema:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.6",
"matchCriteriaId": "BF02D93E-C46D-4041-9C1C-41F2173C4AF3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wedevs:dokan:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.0.9",
"matchCriteriaId": "E0FF6D6A-C648-4765-AD34-9345209DC2F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wedevs:dokan:*:*:*:*:*:wordpress:*:*",
"versionStartIncluding": "3.1.0",
"versionEndExcluding": "3.2.1",
"matchCriteriaId": "777829E9-6994-4A66-AD10-6344A1E11964"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wedevs:wp_erp:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.6.4",
"matchCriteriaId": "BF13C363-59EF-4A8A-B737-CFB00C01575B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wedevs:wp_erp:*:*:*:*:*:wordpress:*:*",
"versionStartIncluding": "1.7.0",
"versionEndExcluding": "1.7.5",
"matchCriteriaId": "03D19C1D-F61B-4A83-BA55-B2BD8EC21DD7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wedevs:wp_project_manager:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.4.1",
"matchCriteriaId": "69982CDA-49C2-45E5-9315-88030D68264D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wedevs:wp_project_manager:*:*:*:*:*:wordpress:*:*",
"versionStartIncluding": "2.4.2",
"versionEndExcluding": "2.4.10",
"matchCriteriaId": "44494FB5-828F-4F94-8F6F-4AA2DCE8C861"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wmpudev:defender_security:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.4.6.1",
"matchCriteriaId": "5AD53D82-60A0-4C13-842C-E6179FCC1158"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp-mpdf_project:wp-mpdf:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.5.2",
"matchCriteriaId": "3440E9DF-69E8-418E-BC75-24118734EA2C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpconcern:coming_soon_\\&_maintenance_mode_page:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.58",
"matchCriteriaId": "1610943D-0510-4414-AD5C-D49814BA5292"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:notificationx:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.8.3",
"matchCriteriaId": "94CC22BF-42C1-4E1D-965E-E782219287B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpeasypay:wp_easypay:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.2.3",
"matchCriteriaId": "3F44C639-EA09-4993-A956-7221648E8967"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpexpertdeveloper:wp_private_content_plus:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.2",
"matchCriteriaId": "CA5C9571-5F46-4A00-9283-3E3E79784F5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpexperts:post_smtp_mailer:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.0.21",
"matchCriteriaId": "0F1BA93E-B037-4BBB-92A2-F29BA1902FDC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpgogo:custom_field_template:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.5.2",
"matchCriteriaId": "2D75ADDB-288B-4C07-8D18-5E2E10F28D88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpopal:opal_estate:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.6.11",
"matchCriteriaId": "475FC3B2-6A28-48F1-8975-734362398BEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpswings:ultimate_gift_cards_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.1.2",
"matchCriteriaId": "0A1A9265-A4DB-4F57-BACD-C6F4639CE0E0"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1b3d9251-9824-4bd0-aa2f-5a967ef01de3?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
"metrics": {},
"references": []
}

4
CVE-2022/CVE-2022-229xx/CVE-2022-22990.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-22990",
"sourceIdentifier": "psirt@wdc.com",
"published": "2022-01-13T21:15:08.917",
"lastModified": "2022-03-17T17:57:34.557",
"lastModified": "2023-07-11T19:56:29.410",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-287"
"value": "CWE-697"
}
]
},

4
CVE-2022/CVE-2022-229xx/CVE-2022-22992.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-22992",
"sourceIdentifier": "psirt@wdc.com",
"published": "2022-01-28T20:15:12.707",
"lastModified": "2022-02-04T02:30:54.923",
"lastModified": "2023-07-11T20:21:53.707",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-77"
"value": "CWE-116"
}
]
}

4
CVE-2022/CVE-2022-234xx/CVE-2022-23432.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-23432",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2022-02-11T18:15:11.637",
"lastModified": "2022-02-18T20:27:34.370",
"lastModified": "2023-07-11T20:41:17.567",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "CWE-787"
}
]
},

14
CVE-2022/CVE-2022-234xx/CVE-2022-23471.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-23471",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-12-07T23:15:09.763",
"lastModified": "2022-12-12T14:53:58.623",
"lastModified": "2023-07-11T21:02:41.090",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -56,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",

14
CVE-2022/CVE-2022-235xx/CVE-2022-23553.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-23553",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-12-28T19:15:09.163",
"lastModified": "2023-01-06T15:53:41.237",
"lastModified": "2023-07-11T20:42:40.767",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -56,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",

14
CVE-2022/CVE-2022-235xx/CVE-2022-23554.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-23554",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-12-28T19:15:09.260",
"lastModified": "2023-01-06T15:47:34.523",
"lastModified": "2023-07-11T20:41:41.257",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -56,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-697"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",

22
CVE-2022/CVE-2022-236xx/CVE-2022-23633.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-23633",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-02-11T21:15:11.990",
"lastModified": "2023-03-14T08:15:12.723",
"vulnStatus": "Modified",
"lastModified": "2023-07-11T20:41:55.303",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -85,22 +85,22 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
"value": "CWE-212"
}
]
},
{
"source": "nvd@nist.gov",
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "CWE-200"
}
]
}
@ -154,6 +154,11 @@
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
@ -197,7 +202,10 @@
},
{
"url": "https://www.debian.org/security/2023/dsa-5372",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

13
CVE-2022/CVE-2022-236xx/CVE-2022-23648.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-23648",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-03-03T14:15:07.973",
"lastModified": "2022-04-25T19:21:42.230",
"lastModified": "2023-07-11T20:51:40.870",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,22 +85,22 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "nvd@nist.gov",
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
"value": "CWE-200"
}
]
}
@ -173,7 +173,8 @@
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
"Third Party Advisory",
"VDB Entry"
]
},
{

8
CVE-2022/CVE-2022-247xx/CVE-2022-24795.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-24795",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-04-05T16:15:14.050",
"lastModified": "2022-04-18T10:05:33.230",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-11T20:15:10.393",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -141,6 +141,10 @@
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00013.html",
"source": "security-advisories@github.com"
}
]
}

10
CVE-2022/CVE-2022-248xx/CVE-2022-24894.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24894",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-02-03T22:15:10.823",
"lastModified": "2023-02-14T16:24:34.673",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-12T01:15:08.913",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony HTTP cache system, acts as a reverse proxy: It caches entire responses (including headers) and returns them to the clients. In a recent change in the `AbstractSessionListener`, the response might contain a `Set-Cookie` header. If the Symfony HTTP cache system is enabled, this response might bill stored and return to the next clients. An attacker can use this vulnerability to retrieve the victim's session. This issue has been patched and is available for branch 4.4."
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony HTTP cache system, acts as a reverse proxy: It caches entire responses (including headers) and returns them to the clients. In a recent change in the `AbstractSessionListener`, the response might contain a `Set-Cookie` header. If the Symfony HTTP cache system is enabled, this response might bill stored and return to the next clients. An attacker can use this vulnerability to retrieve the victim's session. This issue has been patched and is available for branch 4.4.\n"
}
],
"metrics": {
@ -127,6 +127,10 @@
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html",
"source": "security-advisories@github.com"
}
]
}

18
CVE-2022/CVE-2022-248xx/CVE-2022-24895.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-24895",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-02-03T22:15:11.273",
"lastModified": "2023-06-23T19:39:19.693",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-12T01:15:09.027",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. When authenticating users Symfony by default regenerates the session ID upon login, but preserves the rest of session attributes. Because this does not clear CSRF tokens upon login, this might enables same-site attackers to bypass the CSRF protection mechanism by performing an attack similar to a session-fixation. This issue has been fixed in the 4.4 branch."
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. When authenticating users Symfony by default regenerates the session ID upon login, but preserves the rest of session attributes. Because this does not clear CSRF tokens upon login, this might enables same-site attackers to bypass the CSRF protection mechanism by performing an attack similar to a session-fixation. This issue has been fixed in the 4.4 branch. \n\n"
}
],
"metrics": {
@ -56,22 +56,22 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-613"
"value": "CWE-384"
}
]
},
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-384"
"value": "CWE-613"
}
]
}
@ -152,6 +152,10 @@
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00014.html",
"source": "security-advisories@github.com"
}
]
}

18
CVE-2022/CVE-2022-258xx/CVE-2022-25883.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-25883",
"sourceIdentifier": "report@snyk.io",
"published": "2023-06-21T05:15:09.060",
"lastModified": "2023-07-05T15:49:56.963",
"lastModified": "2023-07-12T00:53:23.427",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -76,8 +76,22 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:npmjs:semver:*:*:*:*:*:node.js:*:*",
"versionEndExcluding": "5.7.2",
"matchCriteriaId": "3DBCA81E-C65B-40E4-8274-83F6B4F07217"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:npmjs:semver:*:*:*:*:*:node.js:*:*",
"versionStartIncluding": "6.0.0",
"versionEndExcluding": "6.3.1",
"matchCriteriaId": "E9EE5F81-D456-411C-8E1F-9D0D555B6FEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:npmjs:semver:*:*:*:*:*:node.js:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.5.2",
"matchCriteriaId": "0567A5E5-9098-41E3-AB28-569127D89FA8"
"matchCriteriaId": "93EADF33-E83B-43EA-83CF-BC13AA5393EE"
}
]
}

4
CVE-2022/CVE-2022-275xx/CVE-2022-27583.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-27583",
"sourceIdentifier": "psirt@sick.de",
"published": "2022-10-31T20:15:12.580",
"lastModified": "2022-11-02T15:49:10.723",
"lastModified": "2023-07-11T19:56:15.537",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -41,7 +41,7 @@
"description": [
{
"lang": "en",
"value": "CWE-863"
"value": "NVD-CWE-Other"
}
]
},

4
CVE-2022/CVE-2022-281xx/CVE-2022-28127.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-28127",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2022-06-30T19:15:08.223",
"lastModified": "2022-07-12T19:31:42.473",
"lastModified": "2023-07-11T20:21:44.840",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -92,7 +92,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "CWE-22"
}
]
},

4
CVE-2022/CVE-2022-392xx/CVE-2022-39209.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39209",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-09-15T18:15:12.260",
"lastModified": "2023-01-20T12:34:33.713",
"lastModified": "2023-07-11T20:54:13.747",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -65,7 +65,7 @@
"description": [
{
"lang": "en",
"value": "CWE-400"
"value": "CWE-407"
}
]
},

4
CVE-2022/CVE-2022-392xx/CVE-2022-39219.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39219",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-09-26T14:15:10.180",
"lastModified": "2022-09-28T13:31:34.443",
"lastModified": "2023-07-11T20:54:19.200",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -65,7 +65,7 @@
"description": [
{
"lang": "en",
"value": "CWE-732"
"value": "CWE-287"
}
]
},

10
CVE-2022/CVE-2022-392xx/CVE-2022-39222.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39222",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-10-06T18:16:09.037",
"lastModified": "2022-12-03T02:33:47.447",
"lastModified": "2023-07-11T21:02:16.363",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -60,22 +60,22 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
"value": "CWE-862"
}
]
},
{
"source": "nvd@nist.gov",
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "CWE-200"
}
]
}

14
CVE-2022/CVE-2022-392xx/CVE-2022-39232.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39232",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-09-29T21:15:11.210",
"lastModified": "2022-10-05T15:43:40.480",
"lastModified": "2023-07-11T21:02:11.580",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -60,8 +60,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2022/CVE-2022-392xx/CVE-2022-39280.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39280",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-10-06T18:16:18.007",
"lastModified": "2022-11-10T04:26:56.237",
"lastModified": "2023-07-11T21:01:55.217",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -60,22 +60,22 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
"value": "CWE-1333"
}
]
},
{
"source": "nvd@nist.gov",
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-400"
}
]
}

14
CVE-2022/CVE-2022-392xx/CVE-2022-39284.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39284",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-10-06T20:15:35.560",
"lastModified": "2022-10-11T16:26:10.823",
"lastModified": "2023-07-11T20:51:50.347",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -60,8 +60,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",

4
CVE-2022/CVE-2022-392xx/CVE-2022-39294.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39294",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-10-31T19:15:10.593",
"lastModified": "2022-11-02T12:57:39.973",
"lastModified": "2023-07-11T20:51:44.913",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -61,7 +61,7 @@
"description": [
{
"lang": "en",
"value": "CWE-400"
"value": "CWE-1284"
}
]
},

14
CVE-2022/CVE-2022-393xx/CVE-2022-39397.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39397",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-11-22T21:15:10.737",
"lastModified": "2022-11-28T14:56:16.053",
"lastModified": "2023-07-11T20:41:50.193",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -56,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",

14
CVE-2022/CVE-2022-39xx/CVE-2022-3974.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3974",
"sourceIdentifier": "cna@vuldb.com",
"published": "2022-11-13T10:15:10.333",
"lastModified": "2022-11-17T20:47:11.210",
"lastModified": "2023-07-11T20:41:59.450",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -56,8 +56,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",

10
CVE-2022/CVE-2022-412xx/CVE-2022-41263.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-41263",
"sourceIdentifier": "cna@sap.com",
"published": "2022-12-12T22:15:10.417",
"lastModified": "2023-07-10T18:24:13.153",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-11T22:15:09.530",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -56,7 +56,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -66,12 +66,12 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
"value": "CWE-352"
}
]
}

6
CVE-2022/CVE-2022-436xx/CVE-2022-43684.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43684",
"sourceIdentifier": "psirt@servicenow.com",
"published": "2023-06-13T19:15:09.243",
"lastModified": "2023-07-08T02:15:09.343",
"lastModified": "2023-07-11T18:15:12.140",
"vulnStatus": "Modified",
"descriptions": [
{
@ -454,6 +454,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/173354/ServiceNow-Insecure-Access-Control-Full-Admin-Compromise.html",
"source": "psirt@servicenow.com"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/11",
"source": "psirt@servicenow.com"

16
CVE-2022/CVE-2022-463xx/CVE-2022-46334.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-46334",
"sourceIdentifier": "security@proofpoint.com",
"published": "2022-12-21T21:15:09.360",
"lastModified": "2023-01-04T02:33:52.347",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-11T22:15:09.647",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Proofpoint Enterprise Protection (PPS/PoD) contains a vulnerability which allows the pps user to escalate to root privileges due to unnecessary permissions. This affects all versions 8.19.0 and below."
"value": "Proofpoint Enterprise Protection (PPS/PoD) contains a vulnerability which allows the pps user to escalate to root privileges due to unnecessary permissions. This affects all versions 8.19.0 and below.\n\n"
}
],
"metrics": {
@ -37,19 +37,19 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.8,
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]

20
CVE-2022/CVE-2022-485xx/CVE-2022-48521.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-48521",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-11T20:15:10.523",
"lastModified": "2023-07-11T20:15:10.523",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in OpenDKIM through 2.10.3, and 2.11.x through 2.11.0-Beta2. It fails to keep track of ordinal numbers when removing fake Authentication-Results header fields, which allows a remote attacker to craft an e-mail message with a fake sender address such that programs that rely on Authentication-Results from OpenDKIM will treat the message as having a valid DKIM signature when in fact it has none."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/trusteddomainproject/OpenDKIM/issues/148",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-205xx/CVE-2023-20575.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-20575",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-07-11T19:15:09.547",
"lastModified": "2023-07-11T19:15:09.547",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA potential power side-channel vulnerability in some AMD processors may allow an authenticated attacker to use the power reporting functionality to monitor a program\u2019s execution inside an AMD SEV VM potentially resulting in a leak of sensitive information.\n\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3004",
"source": "psirt@amd.com"
}
]
}

43
CVE-2023/CVE-2023-215xx/CVE-2023-21526.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-21526",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:12.260",
"lastModified": "2023-07-11T18:15:12.260",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Netlogon Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21526",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-217xx/CVE-2023-21756.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-21756",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:12.320",
"lastModified": "2023-07-11T18:15:12.320",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Win32k Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21756",
"source": "secure@microsoft.com"
}
]
}

8
CVE-2023/CVE-2023-226xx/CVE-2023-22665.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22665",
"sourceIdentifier": "security@apache.org",
"published": "2023-04-25T07:15:08.137",
"lastModified": "2023-05-05T17:15:38.370",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-11T21:15:08.973",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -65,6 +65,10 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/11/11",
"source": "security@apache.org"
},
{
"url": "https://lists.apache.org/thread/s0dmpsxcwqs57l4qfs415klkgmhdxq7s",
"source": "security@apache.org",

32
CVE-2023/CVE-2023-237xx/CVE-2023-23756.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-23756",
"sourceIdentifier": "security@joomla.org",
"published": "2023-07-11T20:15:10.573",
"lastModified": "2023-07-11T20:15:10.573",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in advcomsys.com oneVote component for Joomla. It allows XSS Targeting Non-Script Elements."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@joomla.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://extensions.joomla.org/vulnerable-extensions/vulnerable/one-vote-1-7-xss-cross-site-scripting/",
"source": "security@joomla.org"
}
]
}

55
CVE-2023/CVE-2023-244xx/CVE-2023-24491.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-24491",
"sourceIdentifier": "secure@citrix.com",
"published": "2023-07-11T22:15:09.750",
"lastModified": "2023-07-11T22:15:09.750",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA vulnerability has been discovered in the Citrix Secure Access client for Windows\n\n\n\nwhich, if exploited, could allow an attacker with access to an endpoint with Standard User Account that has the vulnerable client installed to escalate their local privileges to that of\u00a0NT AUTHORITY\\SYSTEM.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@citrix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@citrix.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://support.citrix.com/article/CTX561480/citrix-secure-access-client-for-windows-security-bulletin-for-cve202324491",
"source": "secure@citrix.com"
}
]
}

55
CVE-2023/CVE-2023-244xx/CVE-2023-24492.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-24492",
"sourceIdentifier": "secure@citrix.com",
"published": "2023-07-11T22:15:09.817",
"lastModified": "2023-07-11T22:15:09.817",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA vulnerability has been discovered in the Citrix Secure Access client for Ubuntu\u00a0which, if exploited, could allow an attacker to remotely execute code if a victim user opens an attacker-crafted link and accepts further prompts.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@citrix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "secure@citrix.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://support.citrix.com/article/CTX564169/citrix-secure-access-client-for-ubuntu-security-bulletin-for-cve202324492",
"source": "secure@citrix.com"
}
]
}

87
CVE-2023/CVE-2023-253xx/CVE-2023-25399.json
View File

@ -2,27 +2,92 @@
"id": "CVE-2023-25399",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-05T17:15:09.320",
"lastModified": "2023-07-05T20:14:23.587",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-11T19:14:10.753",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in Py_FindObjects() function."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "http://www.square16.org/achievement/cve-2023-25399/",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://github.com/scipy/scipy/issues/16235",
"source": "cve@mitre.org"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://github.com/scipy/scipy/pull/16397",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:scipy:scipy:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.11.1",
"matchCriteriaId": "DE57F752-50C6-4FEB-BBDB-340B6AFC0566"
}
]
}
]
}
],
"references": [
{
"url": "http://www.square16.org/achievement/cve-2023-25399/",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/scipy/scipy/issues/16235",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://github.com/scipy/scipy/pull/16397",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
}
]
}

79
CVE-2023/CVE-2023-271xx/CVE-2023-27197.json
View File

@ -2,19 +2,86 @@
"id": "CVE-2023-27197",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-05T20:15:10.013",
"lastModified": "2023-07-05T20:31:30.957",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-11T19:54:40.947",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "PAX A930 device with PayDroid_7.1.1_Virgo_V04.5.02_20220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/wr3nchsr/PAX-Paydroid-Advisories/blob/master/advisories/2023/CVEs/CVE-2023-27197.md",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paxtechnology:pax_a930_firmware:paydroid_7.1.1_virgo_v04.5.02_20220722:*:*:*:*:*:*:*",
"matchCriteriaId": "357A0C6F-E5B5-4A3B-975F-9F8A1DEFEB3E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paxtechnology:pax_a930:-:*:*:*:*:*:*:*",
"matchCriteriaId": "989E7380-5493-4A0D-81E9-3AEAA0F4FA73"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wr3nchsr/PAX-Paydroid-Advisories/blob/master/advisories/2023/CVEs/CVE-2023-27197.md",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

30
CVE-2023/CVE-2023-275xx/CVE-2023-27590.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27590",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-03-14T21:15:10.763",
"lastModified": "2023-03-21T15:00:44.043",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-12T03:15:08.943",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -55,19 +55,9 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
@ -78,6 +68,16 @@
"value": "CWE-121"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
@ -135,6 +135,10 @@
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WW3JXI4TIJIR7PGFP74SN7GQYHW2F46Y/",
"source": "security-advisories@github.com"
}
]
}

6
CVE-2023/CVE-2023-284xx/CVE-2023-28489.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-28489",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-04-11T10:15:18.280",
"lastModified": "2023-07-07T20:15:10.007",
"lastModified": "2023-07-11T18:15:12.383",
"vulnStatus": "Modified",
"descriptions": [
{
@ -135,6 +135,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/173370/Siemens-A8000-CP-8050-CP-8031-Code-Execution-Command-Injection.html",
"source": "productcert@siemens.com"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/14",
"source": "productcert@siemens.com"

43
CVE-2023/CVE-2023-293xx/CVE-2023-29347.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-29347",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:12.477",
"lastModified": "2023-07-11T18:15:12.477",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Admin Center Spoofing Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.3,
"impactScore": 5.8
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29347",
"source": "secure@microsoft.com"
}
]
}

44
CVE-2023/CVE-2023-294xx/CVE-2023-29406.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2023-29406",
"sourceIdentifier": "security@golang.org",
"published": "2023-07-11T20:15:10.643",
"lastModified": "2023-07-11T20:15:10.643",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@golang.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-113"
}
]
}
],
"references": [
{
"url": "https://go.dev/cl/506996",
"source": "security@golang.org"
},
{
"url": "https://go.dev/issue/60374",
"source": "security@golang.org"
},
{
"url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0",
"source": "security@golang.org"
},
{
"url": "https://pkg.go.dev/vuln/GO-2023-1878",
"source": "security@golang.org"
}
]
}

8
CVE-2023/CVE-2023-298xx/CVE-2023-29824.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-29824",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-06T21:15:09.060",
"lastModified": "2023-07-07T12:50:22.490",
"lastModified": "2023-07-11T18:15:12.537",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free issue was discovered in Py_FindObjects() function in SciPy versions prior to 1.8.0."
"value": "** DISPUTED ** A use-after-free issue was discovered in Py_FindObjects() function in SciPy versions prior to 1.8.0. NOTE: the vendor and discoverer indicate that this is not a security issue."
}
],
"metrics": {},
@ -20,6 +20,10 @@
"url": "https://github.com/scipy/scipy/issues/14713",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/scipy/scipy/issues/14713#issuecomment-1629468565",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/scipy/scipy/pull/15013",
"source": "cve@mitre.org"

28
CVE-2023/CVE-2023-299xx/CVE-2023-29984.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-29984",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-11T20:15:10.700",
"lastModified": "2023-07-11T20:15:10.700",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Null pointer dereference vulnerability exists in multiple vendors MFPs and printers which implement Debut web server 1.2 or 1.3. Processing a specially crafted request may lead an affected product to a denial-of-service (DoS) condition. As for the affected products/models/versions, see the detailed information provided by each vendor."
}
],
"metrics": {},
"references": [
{
"url": "http://brother.com",
"source": "cve@mitre.org"
},
{
"url": "https://jvn.jp/en/vu/JVNVU93767756/index.html",
"source": "cve@mitre.org"
},
{
"url": "https://www.fujifilm.com/fbglobal/eng/company/news/notice/2023/browser_announce.html",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-302xx/CVE-2023-30226.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-30226",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-12T02:15:09.090",
"lastModified": "2023-07-12T02:15:09.090",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in function get_gnu_verneed in rizinorg Rizin prior to 0.5.0 verneed_entry allows attackers to cause a denial of service via crafted elf file."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/ifyGecko/CVE-2023-30226",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/rizinorg/rizin/commit/a6d89de0d44e776f9bccc3a168fdc79f604e14ed",
"source": "cve@mitre.org"
}
]
}

70
CVE-2023/CVE-2023-306xx/CVE-2023-30607.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30607",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-05T18:15:10.070",
"lastModified": "2023-07-05T20:14:23.587",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-11T18:16:32.070",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +66,46 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/Icinga/icingaweb2-module-jira/commit/7f0c53b7a3e87be2f4c2e8840805d7b7c9762424",
"source": "security-advisories@github.com"
},
"nodes": [
{
"url": "https://github.com/Icinga/icingaweb2-module-jira/releases/tag/v1.3.2",
"source": "security-advisories@github.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://github.com/Icinga/icingaweb2-module-jira/security/advisories/GHSA-gh7w-7f7j-gwp5",
"source": "security-advisories@github.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:icinga:icinga_web_jira_integration:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.3.0",
"versionEndExcluding": "1.3.2",
"matchCriteriaId": "D88AABE1-39B8-4D52-AE35-33C401F14E34"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Icinga/icingaweb2-module-jira/commit/7f0c53b7a3e87be2f4c2e8840805d7b7c9762424",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/Icinga/icingaweb2-module-jira/releases/tag/v1.3.2",
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/Icinga/icingaweb2-module-jira/security/advisories/GHSA-gh7w-7f7j-gwp5",
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

78
CVE-2023/CVE-2023-312xx/CVE-2023-31248.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31248",
"sourceIdentifier": "security@ubuntu.com",
"published": "2023-07-05T19:15:09.713",
"lastModified": "2023-07-05T21:15:09.467",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-11T18:53:22.787",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "security@ubuntu.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "security@ubuntu.com",
"type": "Secondary",
@ -46,18 +76,44 @@
]
}
],
"references": [
"configurations": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/05/2",
"source": "security@ubuntu.com"
},
"nodes": [
{
"url": "https://lore.kernel.org/netfilter-devel/20230705121627.GC19489@breakpoint.cc/T/",
"source": "security@ubuntu.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://www.openwall.com/lists/oss-security/2023/07/05/2",
"source": "security@ubuntu.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.9.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "21F51360-AF61-433B-9FD9-D7DE742FABF9"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/05/2",
"source": "security@ubuntu.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lore.kernel.org/netfilter-devel/20230705121627.GC19489@breakpoint.cc/T/",
"source": "security@ubuntu.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/07/05/2",
"source": "security@ubuntu.com",
"tags": [
"Mailing List"
]
}
]
}

59
CVE-2023/CVE-2023-31xx/CVE-2023-3127.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-3127",
"sourceIdentifier": "productsecurity@jci.com",
"published": "2023-07-11T22:15:09.907",
"lastModified": "2023-07-11T22:15:09.907",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated user could log into iSTAR Ultra, iSTAR Ultra LT, iSTAR Ultra G2, and iSTAR Edge G2 with administrator rights."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "productsecurity@jci.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.3
}
]
},
"weaknesses": [
{
"source": "productsecurity@jci.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-192-02",
"source": "productsecurity@jci.com"
},
{
"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
"source": "productsecurity@jci.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32033.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32033",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:12.590",
"lastModified": "2023-07-11T18:15:12.590",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Failover Cluster Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32033",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32034.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32034",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:12.650",
"lastModified": "2023-07-11T18:15:12.650",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Remote Procedure Call Runtime Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32034",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32035.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32035",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:12.710",
"lastModified": "2023-07-11T18:15:12.710",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Remote Procedure Call Runtime Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32035",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32037.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32037",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:12.777",
"lastModified": "2023-07-11T18:15:12.777",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Layer-2 Bridge Network Driver Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32037",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32038.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32038",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:12.840",
"lastModified": "2023-07-11T18:15:12.840",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft ODBC Driver Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32038",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32039.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32039",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:12.900",
"lastModified": "2023-07-11T18:15:12.900",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32039",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32040.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32040",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:12.957",
"lastModified": "2023-07-11T18:15:12.957",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32040",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32041.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32041",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:13.017",
"lastModified": "2023-07-11T18:15:13.017",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Update Orchestrator Service Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32041",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32042.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32042",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:13.077",
"lastModified": "2023-07-11T18:15:13.077",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "OLE Automation Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32042",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32043.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32043",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:13.133",
"lastModified": "2023-07-11T18:15:13.133",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Remote Desktop Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32043",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32044.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32044",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:13.190",
"lastModified": "2023-07-11T18:15:13.190",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32044",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32045.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32045",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:13.253",
"lastModified": "2023-07-11T18:15:13.253",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32045",
"source": "secure@microsoft.com"
}
]
}

47
CVE-2023/CVE-2023-320xx/CVE-2023-32046.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-32046",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:13.313",
"lastModified": "2023-07-11T18:15:13.313",
"vulnStatus": "Received",
"cisaExploitAdd": "2023-07-11",
"cisaActionDue": "2023-08-01",
"cisaRequiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.",
"cisaVulnerabilityName": "Microsoft Windows MSHTML Platform Privilege Escalation Vulnerability",
"descriptions": [
{
"lang": "en",
"value": "Windows MSHTML Platform Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32046",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32047.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32047",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:13.367",
"lastModified": "2023-07-11T18:15:13.367",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Paint 3D Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32047",
"source": "secure@microsoft.com"
}
]
}

47
CVE-2023/CVE-2023-320xx/CVE-2023-32049.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-32049",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:13.430",
"lastModified": "2023-07-11T18:15:13.430",
"vulnStatus": "Received",
"cisaExploitAdd": "2023-07-11",
"cisaActionDue": "2023-08-01",
"cisaRequiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.",
"cisaVulnerabilityName": "Microsoft Windows Defender SmartScreen Security Feature Bypass Vulnerability",
"descriptions": [
{
"lang": "en",
"value": "Windows SmartScreen Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32049",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32050.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32050",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:13.490",
"lastModified": "2023-07-11T18:15:13.490",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Installer Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32050",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32051.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32051",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:13.547",
"lastModified": "2023-07-11T18:15:13.547",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Raw Image Extension Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32051",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32052.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32052",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:13.607",
"lastModified": "2023-07-11T18:15:13.607",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Power Apps Spoofing Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32052",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32053.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32053",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:13.667",
"lastModified": "2023-07-11T18:15:13.667",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Installer Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32053",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32054.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32054",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:13.723",
"lastModified": "2023-07-11T18:15:13.723",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Volume Shadow Copy Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32054",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32055.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32055",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:13.780",
"lastModified": "2023-07-11T18:15:13.780",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Active Template Library Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32055",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32056.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32056",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:13.843",
"lastModified": "2023-07-11T18:15:13.843",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32056",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32057.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32057",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:13.903",
"lastModified": "2023-07-11T18:15:13.903",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32057",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32083.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32083",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:13.967",
"lastModified": "2023-07-11T18:15:13.967",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Failover Cluster Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32083",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32084.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32084",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:14.023",
"lastModified": "2023-07-11T18:15:14.023",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "HTTP.sys Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32084",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-320xx/CVE-2023-32085.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-32085",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:14.087",
"lastModified": "2023-07-11T18:15:14.087",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32085",
"source": "secure@microsoft.com"
}
]
}

63
CVE-2023/CVE-2023-326xx/CVE-2023-32693.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-32693",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-11T18:15:14.147",
"lastModified": "2023-07-11T18:15:14.147",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. The external link feature is susceptible to cross-site scripting. This allows a remote attacker to execute JavaScript code in the context of a currently logged-in user. An attacker could use this vulnerability to make other users endorse or support proposals they have no intention of supporting or endorsing. The problem was patched in versions 0.27.3 and 0.26.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/decidim/decidim/releases/tag/v0.26.6",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/decidim/decidim/releases/tag/v0.27.3",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/decidim/decidim/security/advisories/GHSA-469h-mqg8-535r",
"source": "security-advisories@github.com"
}
]
}

6
CVE-2023/CVE-2023-32xx/CVE-2023-3269.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-3269",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-11T12:15:10.047",
"lastModified": "2023-07-11T12:43:16.387",
"lastModified": "2023-07-12T03:15:09.210",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -43,6 +43,10 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215268",
"source": "secalert@redhat.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6AAA64CUPSMBW6XDTXPQJ3KQWYQ4K7L/",
"source": "secalert@redhat.com"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/07/05/1",
"source": "secalert@redhat.com"

43
CVE-2023/CVE-2023-331xx/CVE-2023-33127.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33127",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:14.213",
"lastModified": "2023-07-11T18:15:14.213",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": ".NET and Visual Studio Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33127",
"source": "secure@microsoft.com"
}
]
}

8
CVE-2023/CVE-2023-331xx/CVE-2023-33131.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33131",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-14T00:15:12.087",
"lastModified": "2023-06-21T19:42:39.463",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-11T18:15:14.270",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -104,6 +104,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/173361/Microsoft-365-MSO-2306-Build-16.0.16529.20100-Remote-Code-Execution.html",
"source": "secure@microsoft.com"
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33131",
"source": "secure@microsoft.com",

43
CVE-2023/CVE-2023-331xx/CVE-2023-33134.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33134",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:14.343",
"lastModified": "2023-07-11T18:15:14.343",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft SharePoint Server Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33134",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-331xx/CVE-2023-33148.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33148",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:14.403",
"lastModified": "2023-07-11T18:15:14.403",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33148",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-331xx/CVE-2023-33149.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33149",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:14.457",
"lastModified": "2023-07-11T18:15:14.457",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Graphics Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33149",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-331xx/CVE-2023-33150.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33150",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:14.513",
"lastModified": "2023-07-11T18:15:14.513",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33150",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-331xx/CVE-2023-33151.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33151",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:14.570",
"lastModified": "2023-07-11T18:15:14.570",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Outlook Spoofing Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33151",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-331xx/CVE-2023-33152.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33152",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:14.627",
"lastModified": "2023-07-11T18:15:14.627",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft ActiveX Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33152",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-331xx/CVE-2023-33153.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33153",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:14.680",
"lastModified": "2023-07-11T18:15:14.680",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Outlook Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33153",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-331xx/CVE-2023-33154.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33154",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:14.737",
"lastModified": "2023-07-11T18:15:14.737",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Partition Management Driver Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33154",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-331xx/CVE-2023-33155.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33155",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:14.793",
"lastModified": "2023-07-11T18:15:14.793",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33155",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-331xx/CVE-2023-33156.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33156",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:14.850",
"lastModified": "2023-07-11T18:15:14.850",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Defender Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 5.2
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33156",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-331xx/CVE-2023-33157.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33157",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:14.910",
"lastModified": "2023-07-11T18:15:14.910",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft SharePoint Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33157",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-331xx/CVE-2023-33158.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33158",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:14.970",
"lastModified": "2023-07-11T18:15:14.970",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Excel Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33158",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-331xx/CVE-2023-33159.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33159",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:15.030",
"lastModified": "2023-07-11T18:15:15.030",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft SharePoint Server Spoofing Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33159",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-331xx/CVE-2023-33160.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33160",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:15.090",
"lastModified": "2023-07-11T18:15:15.090",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft SharePoint Server Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33160",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-331xx/CVE-2023-33161.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33161",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:15.150",
"lastModified": "2023-07-11T18:15:15.150",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Excel Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33161",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-331xx/CVE-2023-33162.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33162",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:15.200",
"lastModified": "2023-07-11T18:15:15.200",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Excel Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33162",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-331xx/CVE-2023-33163.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33163",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:15.257",
"lastModified": "2023-07-11T18:15:15.257",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Windows Network Load Balancing Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33163",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-331xx/CVE-2023-33164.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33164",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:15.317",
"lastModified": "2023-07-11T18:15:15.317",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Remote Procedure Call Runtime Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33164",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-331xx/CVE-2023-33165.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33165",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:15.373",
"lastModified": "2023-07-11T18:15:15.373",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Microsoft SharePoint Server Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33165",
"source": "secure@microsoft.com"
}
]
}

Some files were not shown because too many files have changed in this diff Show More