diff --git a/CVE-2013/CVE-2013-01xx/CVE-2013-0169.json b/CVE-2013/CVE-2013-01xx/CVE-2013-0169.json index 08cafe47033..c7549933ac8 100644 --- a/CVE-2013/CVE-2013-01xx/CVE-2013-0169.json +++ b/CVE-2013/CVE-2013-01xx/CVE-2013-0169.json @@ -2,8 +2,8 @@ "id": "CVE-2013-0169", "sourceIdentifier": "secalert@redhat.com", "published": "2013-02-08T19:55:01.030", - "lastModified": "2019-10-09T23:06:34.343", - "vulnStatus": "Modified", + "lastModified": "2023-05-12T12:58:44.970", + "vulnStatus": "Analyzed", "evaluatorComment": "Per http://www.openssl.org/news/vulnerabilities.html:\nFixed in OpenSSL 1.0.1d (Affected 1.0.1c, 1.0.1b, 1.0.1a, 1.0.1) \nFixed in OpenSSL 1.0.0k (Affected 1.0.0j, 1.0.0i, 1.0.0g, 1.0.0f, 1.0.0e, 1.0.0d, 1.0.0c, 1.0.0b, 1.0.0a, 1.0.0) \nFixed in OpenSSL 0.9.8y (Affected 0.9.8x, 0.9.8w, 0.9.8v, 0.9.8u, 0.9.8t, 0.9.8s, 0.9.8r, 0.9.8q, 0.9.8p, 0.9.8o, 0.9.8n, 0.9.8m, 0.9.8l, 0.9.8k, 0.9.8j, 0.9.8i, 0.9.8h, 0.9.8g, 0.9.8f, 0.9.8d, 0.9.8c, 0.9.8b, 0.9.8a, 0.9.8)\n\nAffected users should upgrade to OpenSSL 1.0.1e, 1.0.0k or 0.9.8y\n(The fix in 1.0.1d wasn't complete, so please use 1.0.1e or later)", "descriptions": [ { @@ -94,23 +94,238 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:openjdk:-:*:*:*:*:*:*:*", - "matchCriteriaId": "1A2B679E-F0CC-4BE5-BCA7-007E5089CE65" + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:-:*:*:*:*:*:*", + "matchCriteriaId": "5C58642D-8504-4D3B-A411-96B83CFCD05D" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:*:*:*:*:*:*:*", - "matchCriteriaId": "3A6505E4-8E6A-4888-8B9C-2B2C10546CB6" + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update1:*:*:*:*:*:*", + "matchCriteriaId": "603BED29-3B3F-49AD-A518-E68B40AE8484" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:*:*:*:*:*:*:*", - "matchCriteriaId": "662D4C81-DD97-4A36-8F15-CCE6ADA6456E" + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update10:*:*:*:*:*:*", + "matchCriteriaId": "0F03670F-559C-433D-8AE8-A3C16F05E1D8" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:openjdk:1.8.0:*:*:*:*:*:*:*", - "matchCriteriaId": "2CA81243-2FC7-481B-AFD8-067E3EC9DF77" + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update11:*:*:*:*:*:*", + "matchCriteriaId": "3A294535-7190-4C33-910D-0520F575D800" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update12:*:*:*:*:*:*", + "matchCriteriaId": "52A6300A-98F2-4E5A-909E-895A6C5B1D04" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update13:*:*:*:*:*:*", + "matchCriteriaId": "2280FB93-81A0-4BF4-AD7E-C9EAD277B379" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update14:*:*:*:*:*:*", + "matchCriteriaId": "1E42E405-91ED-4F41-A2EE-CECB27EB4951" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update15:*:*:*:*:*:*", + "matchCriteriaId": "11BCE518-1A35-44DE-9B40-B89E7637F830" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update16:*:*:*:*:*:*", + "matchCriteriaId": "46D0BB1F-FA76-4185-ACD4-587DFB24CFF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update17:*:*:*:*:*:*", + "matchCriteriaId": "D27FDDD5-083F-4A83-836F-BDCEB94894FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update18:*:*:*:*:*:*", + "matchCriteriaId": "30BF0C2F-BF35-41B8-BC6A-F2DACE6A9A32" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update19:*:*:*:*:*:*", + "matchCriteriaId": "EE05CDF7-1C43-46BF-9A7E-56B31BC1C837" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update2:*:*:*:*:*:*", + "matchCriteriaId": "A520D505-7BDC-4E82-8A43-7C50AEE2B222" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update20:*:*:*:*:*:*", + "matchCriteriaId": "5ADF3C32-6663-4003-B7D6-CE3D02AFF45E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update21:*:*:*:*:*:*", + "matchCriteriaId": "F15C4440-6283-433E-998E-856DA7ED4DB5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update22:*:*:*:*:*:*", + "matchCriteriaId": "C729FF50-6E41-4CEB-888A-E0FBD69B7897" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update23:*:*:*:*:*:*", + "matchCriteriaId": "EB0AB341-46CE-4851-899A-B09C81A9792E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update24:*:*:*:*:*:*", + "matchCriteriaId": "68EF7AC1-0179-4E10-89DD-5DA33682B3F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update25:*:*:*:*:*:*", + "matchCriteriaId": "243726CF-F79A-4487-8807-FFA0AC86760B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update26:*:*:*:*:*:*", + "matchCriteriaId": "5DECF6EC-B787-4CBA-936C-527864B504DB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update27:*:*:*:*:*:*", + "matchCriteriaId": "3C70C7D7-4E28-49D9-A007-EB186E85E5B6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update29:*:*:*:*:*:*", + "matchCriteriaId": "99B2B1A1-C3E5-4A32-8F5A-4BA8664E7537" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update3:*:*:*:*:*:*", + "matchCriteriaId": "3F57C81C-446F-462C-BB64-65F87D1AA28F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update30:*:*:*:*:*:*", + "matchCriteriaId": "7CFFA025-08DC-4AEF-AAE3-B20ECCB0946E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update31:*:*:*:*:*:*", + "matchCriteriaId": "ACBA03CE-2EF2-4C51-B796-54C65C3CFBCD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update32:*:*:*:*:*:*", + "matchCriteriaId": "085241E5-F958-43DD-AB0A-35EAF6954CB7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update33:*:*:*:*:*:*", + "matchCriteriaId": "20CD7414-1D66-4311-90FB-5D53C0C22D82" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update34:*:*:*:*:*:*", + "matchCriteriaId": "6DCB646B-3F17-427D-AE89-039FCA1F6D7D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update35:*:*:*:*:*:*", + "matchCriteriaId": "FA2AB84A-05D5-4091-B225-7762A73D45BD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update37:*:*:*:*:*:*", + "matchCriteriaId": "5A5A15F9-5047-4BB9-9B3E-A00998B6E7C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update38:*:*:*:*:*:*", + "matchCriteriaId": "11A0378E-0D41-4FE0-8DAF-A01B66D814DE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update4:*:*:*:*:*:*", + "matchCriteriaId": "942C51A3-87AC-4DB5-BAB9-3771A19C472A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update5:*:*:*:*:*:*", + "matchCriteriaId": "C34819D3-615F-4CEE-BEAA-CE48BC2E53BC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update6:*:*:*:*:*:*", + "matchCriteriaId": "D97A141E-5FC0-4B79-ABAA-82F6DE857625" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.6.0:update7:*:*:*:*:*:*", + "matchCriteriaId": "D32EAE02-B313-47AC-A1A3-BBF58A692E02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:-:*:*:*:*:*:*", + "matchCriteriaId": "81EA5E3B-7EA9-45A4-9B69-2DD96471A731" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:update1:*:*:*:*:*:*", + "matchCriteriaId": "27DED59D-C293-4D36-B194-B1645CD798C0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:update10:*:*:*:*:*:*", + "matchCriteriaId": "DC3ADCB9-C4B7-4D30-932B-415C317870F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:update11:*:*:*:*:*:*", + "matchCriteriaId": "06FB52F8-8702-4795-BA47-28A1D007952F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:update13:*:*:*:*:*:*", + "matchCriteriaId": "3FDD48A5-9956-4AE6-9899-40D0830719FF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:update2:*:*:*:*:*:*", + "matchCriteriaId": "875DAD00-C396-4F45-8C39-843686D5C3DA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:update3:*:*:*:*:*:*", + "matchCriteriaId": "F45FA1E6-D848-482B-BB3F-5B02E837EE60" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:update4:*:*:*:*:*:*", + "matchCriteriaId": "94A59C56-6A9B-4630-ACBD-45359451120D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:update5:*:*:*:*:*:*", + "matchCriteriaId": "795C1133-BF5E-4B07-A448-13EFAFEED9B8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:update6:*:*:*:*:*:*", + "matchCriteriaId": "DF20B7CE-1CD3-4D1E-9C5F-E9594A5135D9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:update7:*:*:*:*:*:*", + "matchCriteriaId": "3206CF31-0EF2-4351-A077-1F8935965492" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:update9:*:*:*:*:*:*", + "matchCriteriaId": "D2E1A163-7376-41C9-A0FF-C8C3B192B73A" } ] } diff --git a/CVE-2020/CVE-2020-223xx/CVE-2020-22334.json b/CVE-2020/CVE-2020-223xx/CVE-2020-22334.json index cb22bd5e567..7be3bf8c658 100644 --- a/CVE-2020/CVE-2020-223xx/CVE-2020-22334.json +++ b/CVE-2020/CVE-2020-223xx/CVE-2020-22334.json @@ -2,23 +2,81 @@ "id": "CVE-2020-22334", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-08T14:15:10.357", - "lastModified": "2023-05-08T14:17:28.107", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T12:49:54.587", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross Site Request Forgery (CSRF) vulnerability in beescms v4 allows attackers to delete the administrator account via crafted request to /admin/admin_admin.php." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:beescms:beescms:4.0:*:*:*:*:*:*:*", + "matchCriteriaId": "25C27AEE-DD4E-4006-8DD1-E4A6160F4D43" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/source-trace/beescms", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/source-trace/beescms/issues/5", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-420xx/CVE-2021-42008.json b/CVE-2021/CVE-2021-420xx/CVE-2021-42008.json index 5e41247d155..3d4b79a2096 100644 --- a/CVE-2021/CVE-2021-420xx/CVE-2021-42008.json +++ b/CVE-2021/CVE-2021-420xx/CVE-2021-42008.json @@ -2,7 +2,7 @@ "id": "CVE-2021-42008", "sourceIdentifier": "cve@mitre.org", "published": "2021-10-05T00:15:07.413", - "lastModified": "2022-03-29T19:08:47.827", + "lastModified": "2023-05-12T12:59:16.287", "vulnStatus": "Analyzed", "descriptions": [ { @@ -86,8 +86,51 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.6.12", + "versionEndExcluding": "4.4.282", + "matchCriteriaId": "57902C44-F9DC-4C23-94A4-B32173CCA0FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.5", + "versionEndExcluding": "4.9.281", + "matchCriteriaId": "286C2303-8862-4B89-BF52-0EB83C7C067C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.245", + "matchCriteriaId": "05DE70B5-762A-4042-8465-8690F02688FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.205", + "matchCriteriaId": "5DFB089B-C0CD-422B-9182-497E5451AD10" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.143", + "matchCriteriaId": "92D4E689-F642-442E-941E-ED513FDAB50E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.61", + "matchCriteriaId": "8231A299-42F7-4FF4-88F2-3586A0334A43" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", "versionEndExcluding": "5.13.13", - "matchCriteriaId": "AA4975E4-6EC3-4531-BCA1-04042F9C9333" + "matchCriteriaId": "8679FC92-58C1-40E5-ABCD-9F513BDFE368" } ] } diff --git a/CVE-2022/CVE-2022-01xx/CVE-2022-0108.json b/CVE-2022/CVE-2022-01xx/CVE-2022-0108.json index baaea96e336..a5cfa975b92 100644 --- a/CVE-2022/CVE-2022-01xx/CVE-2022-0108.json +++ b/CVE-2022/CVE-2022-01xx/CVE-2022-0108.json @@ -2,7 +2,7 @@ "id": "CVE-2022-0108", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2022-02-12T00:15:07.660", - "lastModified": "2023-05-05T17:15:09.343", + "lastModified": "2023-05-12T12:15:09.067", "vulnStatus": "Modified", "descriptions": [ { @@ -141,6 +141,10 @@ "Vendor Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00011.html", + "source": "chrome-cve-admin@google.com" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OKKVEUQAAGH3NHMX3WHWKRPYU4QFKTQ/", "source": "chrome-cve-admin@google.com" diff --git a/CVE-2022/CVE-2022-04xx/CVE-2022-0492.json b/CVE-2022/CVE-2022-04xx/CVE-2022-0492.json index e1bd3420829..41a60125b11 100644 --- a/CVE-2022/CVE-2022-04xx/CVE-2022-0492.json +++ b/CVE-2022/CVE-2022-04xx/CVE-2022-0492.json @@ -2,7 +2,7 @@ "id": "CVE-2022-0492", "sourceIdentifier": "secalert@redhat.com", "published": "2022-03-03T19:15:08.633", - "lastModified": "2022-10-19T17:33:19.877", + "lastModified": "2023-05-12T12:59:46.603", "vulnStatus": "Analyzed", "descriptions": [ { @@ -95,8 +95,51 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionEndExcluding": "5.17", - "matchCriteriaId": "A37A8EE9-3F14-4C7A-A882-DA8A6AD1897C" + "versionStartIncluding": "2.6.24", + "versionEndExcluding": "4.9.301", + "matchCriteriaId": "006C09FF-C563-403E-8723-2A252C409D82" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.266", + "matchCriteriaId": "C53477E7-1AB3-4CCB-BA3A-8CA6D288B41B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.229", + "matchCriteriaId": "E67EAACB-63BB-41E7-9FE0-EC45ECD8CFD0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.177", + "matchCriteriaId": "B42832A3-1D9B-4BE0-8D4C-3AF681B52D98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.97", + "matchCriteriaId": "FB2BE440-BF07-4C49-9A0C-A63E4FA103A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.20", + "matchCriteriaId": "C68FC5B4-CC13-45E9-8050-EF9025F7A9B7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "5.16.6", + "matchCriteriaId": "6739D89E-32C3-479D-B5F6-6865C5061FA5" }, { "vulnerable": true, diff --git a/CVE-2022/CVE-2022-241xx/CVE-2022-24122.json b/CVE-2022/CVE-2022-241xx/CVE-2022-24122.json index fa7b1783f72..20b514677fa 100644 --- a/CVE-2022/CVE-2022-241xx/CVE-2022-24122.json +++ b/CVE-2022/CVE-2022-241xx/CVE-2022-24122.json @@ -2,7 +2,7 @@ "id": "CVE-2022-24122", "sourceIdentifier": "cve@mitre.org", "published": "2022-01-29T22:15:07.487", - "lastModified": "2022-04-01T14:16:20.417", + "lastModified": "2023-05-12T13:28:10.820", "vulnStatus": "Analyzed", "descriptions": [ { @@ -87,8 +87,15 @@ "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.14", - "versionEndIncluding": "5.16.4", - "matchCriteriaId": "E05C7D99-9B29-4197-BF9D-B883C07C04A6" + "versionEndExcluding": "5.15.19", + "matchCriteriaId": "9DAE4918-27E2-4C50-A1A7-270051C4A793" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "5.16.5", + "matchCriteriaId": "1AD9E77E-B27E-450C-8FD8-B64EC5FB002D" } ] } diff --git a/CVE-2022/CVE-2022-352xx/CVE-2022-35256.json b/CVE-2022/CVE-2022-352xx/CVE-2022-35256.json index 0749e91b159..afeec9175f5 100644 --- a/CVE-2022/CVE-2022-352xx/CVE-2022-35256.json +++ b/CVE-2022/CVE-2022-352xx/CVE-2022-35256.json @@ -2,7 +2,7 @@ "id": "CVE-2022-35256", "sourceIdentifier": "support@hackerone.com", "published": "2022-12-05T22:15:10.570", - "lastModified": "2023-03-01T15:04:25.037", + "lastModified": "2023-05-12T13:30:33.190", "vulnStatus": "Analyzed", "descriptions": [ { @@ -74,8 +74,8 @@ "vulnerable": true, "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", "versionStartIncluding": "14.15.0", - "versionEndIncluding": "14.20.1", - "matchCriteriaId": "A545DA7E-476B-4936-8CDA-4C4F372C42D6" + "versionEndExcluding": "14.20.1", + "matchCriteriaId": "1D907C43-56F3-4FB8-8F20-C90C65EE5A08" }, { "vulnerable": true, diff --git a/CVE-2022/CVE-2022-35xx/CVE-2022-3545.json b/CVE-2022/CVE-2022-35xx/CVE-2022-3545.json index 45cb3b3f335..7f4f90a3373 100644 --- a/CVE-2022/CVE-2022-35xx/CVE-2022-3545.json +++ b/CVE-2022/CVE-2022-35xx/CVE-2022-3545.json @@ -2,8 +2,8 @@ "id": "CVE-2022-3545", "sourceIdentifier": "cna@vuldb.com", "published": "2022-10-17T12:15:11.133", - "lastModified": "2023-05-03T14:15:13.337", - "vulnStatus": "Modified", + "lastModified": "2023-05-12T13:28:26.433", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -85,8 +85,37 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionEndExcluding": "6.0", - "matchCriteriaId": "87B81C9D-7173-4FFB-97BC-9C41AB20A53C" + "versionStartIncluding": "4.11", + "versionEndExcluding": "4.14.303", + "matchCriteriaId": "315F99DD-5A8B-4E68-9646-8DB2A62D4B96" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.15", + "versionEndExcluding": "4.19.270", + "matchCriteriaId": "AE8904A3-99BE-4E49-9682-1F90A6373F4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.228", + "matchCriteriaId": "B4C9B19E-CA7E-4B02-ADDD-4D572867804E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.160", + "matchCriteriaId": "C4AE0903-0CA6-451B-AA7C-0F4B588FFB8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.84", + "matchCriteriaId": "1926D676-6FAF-4772-8DD6-796AFC3FC120" } ] } @@ -267,7 +296,11 @@ }, { "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://security.netapp.com/advisory/ntap-20221223-0003/", diff --git a/CVE-2022/CVE-2022-41xx/CVE-2022-4139.json b/CVE-2022/CVE-2022-41xx/CVE-2022-4139.json index 5b36a64559e..6ed7f2861b6 100644 --- a/CVE-2022/CVE-2022-41xx/CVE-2022-4139.json +++ b/CVE-2022/CVE-2022-41xx/CVE-2022-4139.json @@ -2,8 +2,8 @@ "id": "CVE-2022-4139", "sourceIdentifier": "secalert@redhat.com", "published": "2023-01-27T18:15:15.740", - "lastModified": "2023-03-09T19:15:10.727", - "vulnStatus": "Modified", + "lastModified": "2023-05-12T13:28:40.100", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -66,8 +66,30 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionEndExcluding": "6.1", - "matchCriteriaId": "9064B383-DD48-40A2-8947-F5BA6E6B6713" + "versionStartIncluding": "5.4", + "versionEndExcluding": "5.4.226", + "matchCriteriaId": "092FDA34-E818-4950-A40E-76DD0BC7B9A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.157", + "matchCriteriaId": "5EAF291E-0C2B-409D-9D82-59F0C0B67CAB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.81", + "matchCriteriaId": "899FBA32-27B2-4660-BC94-C43ED4349EB5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.0.11", + "matchCriteriaId": "BA01D181-8E71-42E1-ACF4-7A5B65006EC8" }, { "vulnerable": true, @@ -121,7 +143,10 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20230309-0004/", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.openwall.com/lists/oss-security/2022/11/30/1", diff --git a/CVE-2022/CVE-2022-46xx/CVE-2022-4696.json b/CVE-2022/CVE-2022-46xx/CVE-2022-4696.json index 7cacce8ff73..d678a390a08 100644 --- a/CVE-2022/CVE-2022-46xx/CVE-2022-4696.json +++ b/CVE-2022/CVE-2022-46xx/CVE-2022-4696.json @@ -2,7 +2,7 @@ "id": "CVE-2022-4696", "sourceIdentifier": "cve-coordination@google.com", "published": "2023-01-11T13:15:09.307", - "lastModified": "2023-01-19T13:24:23.810", + "lastModified": "2023-05-12T13:30:58.023", "vulnStatus": "Analyzed", "descriptions": [ { @@ -85,8 +85,10 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:5.7:rc1:*:*:*:*:*:*", - "matchCriteriaId": "83CE3BF3-F57D-4AF6-AD37-D29434787772" + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.12", + "matchCriteriaId": "8919F320-7EC7-47EF-AFA9-126CDF30AB7B" } ] } diff --git a/CVE-2022/CVE-2022-475xx/CVE-2022-47518.json b/CVE-2022/CVE-2022-475xx/CVE-2022-47518.json index b3798ab8483..43e199dbb2e 100644 --- a/CVE-2022/CVE-2022-475xx/CVE-2022-47518.json +++ b/CVE-2022/CVE-2022-475xx/CVE-2022-47518.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47518", "sourceIdentifier": "cve@mitre.org", "published": "2022-12-18T06:15:09.300", - "lastModified": "2023-01-30T15:23:03.297", + "lastModified": "2023-05-12T13:31:11.263", "vulnStatus": "Analyzed", "descriptions": [ { @@ -57,8 +57,23 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.2", + "versionEndExcluding": "5.10.157", + "matchCriteriaId": "B6EEDAF9-68D3-4D7D-9C7A-722C1EAEDFDE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.81", + "matchCriteriaId": "899FBA32-27B2-4660-BC94-C43ED4349EB5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", "versionEndExcluding": "6.0.11", - "matchCriteriaId": "250F7A1B-7491-4CCA-BD47-B4E4FD26603E" + "matchCriteriaId": "BA01D181-8E71-42E1-ACF4-7A5B65006EC8" } ] } diff --git a/CVE-2022/CVE-2022-475xx/CVE-2022-47519.json b/CVE-2022/CVE-2022-475xx/CVE-2022-47519.json index cd34e666ab9..3e9bad84300 100644 --- a/CVE-2022/CVE-2022-475xx/CVE-2022-47519.json +++ b/CVE-2022/CVE-2022-475xx/CVE-2022-47519.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47519", "sourceIdentifier": "cve@mitre.org", "published": "2022-12-18T06:15:09.417", - "lastModified": "2023-01-30T15:23:07.253", + "lastModified": "2023-05-12T13:31:33.517", "vulnStatus": "Analyzed", "descriptions": [ { @@ -57,8 +57,23 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.2", + "versionEndExcluding": "5.10.157", + "matchCriteriaId": "B6EEDAF9-68D3-4D7D-9C7A-722C1EAEDFDE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.81", + "matchCriteriaId": "899FBA32-27B2-4660-BC94-C43ED4349EB5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", "versionEndExcluding": "6.0.11", - "matchCriteriaId": "250F7A1B-7491-4CCA-BD47-B4E4FD26603E" + "matchCriteriaId": "BA01D181-8E71-42E1-ACF4-7A5B65006EC8" } ] } diff --git a/CVE-2022/CVE-2022-483xx/CVE-2022-48383.json b/CVE-2022/CVE-2022-483xx/CVE-2022-48383.json index a938594311d..7e85d5cea32 100644 --- a/CVE-2022/CVE-2022-483xx/CVE-2022-48383.json +++ b/CVE-2022/CVE-2022-483xx/CVE-2022-48383.json @@ -2,19 +2,161 @@ "id": "CVE-2022-48383", "sourceIdentifier": "security@unisoc.com", "published": "2023-05-09T02:15:11.737", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T12:54:18.963", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": ".In srtd service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", + "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", + "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", + "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-05xx/CVE-2023-0522.json b/CVE-2023/CVE-2023-05xx/CVE-2023-0522.json index 8f4b0f8f4bd..df7c4b6823e 100644 --- a/CVE-2023/CVE-2023-05xx/CVE-2023-0522.json +++ b/CVE-2023/CVE-2023-05xx/CVE-2023-0522.json @@ -2,15 +2,38 @@ "id": "CVE-2023-0522", "sourceIdentifier": "contact@wpscan.com", "published": "2023-05-08T14:15:11.417", - "lastModified": "2023-05-08T14:17:23.197", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T13:33:51.097", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Enable/Disable Auto Login when Register WordPress plugin through 1.1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,10 +46,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:enable\\/disable_auto_login_when_register_project:enable\\/disable_auto_login_when_register:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.1.0", + "matchCriteriaId": "15419627-DF51-4CB0-8DAD-D770FEC75A0F" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/c7984bfb-86a3-4530-90ae-17ab39af1c54", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-234xx/CVE-2023-23444.json b/CVE-2023/CVE-2023-234xx/CVE-2023-23444.json new file mode 100644 index 00000000000..3d6838fb1c7 --- /dev/null +++ b/CVE-2023/CVE-2023-234xx/CVE-2023-23444.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-23444", + "sourceIdentifier": "psirt@sick.de", + "published": "2023-05-12T13:15:09.350", + "lastModified": "2023-05-12T13:15:09.350", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@sick.de", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.json", + "source": "psirt@sick.de" + }, + { + "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.pdf", + "source": "psirt@sick.de" + }, + { + "url": "https://sick.com/psirt", + "source": "psirt@sick.de" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-253xx/CVE-2023-25309.json b/CVE-2023/CVE-2023-253xx/CVE-2023-25309.json index 376509ddd4d..a53b3537688 100644 --- a/CVE-2023/CVE-2023-253xx/CVE-2023-25309.json +++ b/CVE-2023/CVE-2023-253xx/CVE-2023-25309.json @@ -2,8 +2,8 @@ "id": "CVE-2023-25309", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-11T18:15:12.360", - "lastModified": "2023-05-11T18:15:12.360", - "vulnStatus": "Received", + "lastModified": "2023-05-12T13:15:09.427", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", @@ -20,6 +20,10 @@ "url": "http://rollout-ui.com", "source": "cve@mitre.org" }, + { + "url": "https://cxsecurity.com/issue/WLB-2023050012", + "source": "cve@mitre.org" + }, { "url": "https://packetstormsecurity.com/files/172185/Rollout-UI-0.5-Cross-Site-Scripting.html", "source": "cve@mitre.org" diff --git a/CVE-2023/CVE-2023-266xx/CVE-2023-26605.json b/CVE-2023/CVE-2023-266xx/CVE-2023-26605.json index 6d84685b85a..ab8653591e6 100644 --- a/CVE-2023/CVE-2023-266xx/CVE-2023-26605.json +++ b/CVE-2023/CVE-2023-266xx/CVE-2023-26605.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26605", "sourceIdentifier": "cve@mitre.org", "published": "2023-02-26T23:15:10.827", - "lastModified": "2023-03-16T16:15:12.247", - "vulnStatus": "Modified", + "lastModified": "2023-05-12T13:31:55.560", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -55,8 +55,24 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.0.8:*:*:*:*:*:*:*", - "matchCriteriaId": "C41207B8-D94A-4714-B1E0-66CEFF00FEE0" + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15.75", + "versionEndExcluding": "5.15.81", + "matchCriteriaId": "C15A1592-2D11-489C-A208-5474834B2E80" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.19.17", + "versionEndExcluding": "6.0.0", + "matchCriteriaId": "25175142-441A-4526-B1D9-18913C052F3E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.0.3", + "versionEndExcluding": "6.0.11", + "matchCriteriaId": "73FC69CE-E4BD-4315-AC3C-42B1AD292E2A" } ] } @@ -73,7 +89,10 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20230316-0010/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2682.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2682.json new file mode 100644 index 00000000000..abdc56c6365 --- /dev/null +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2682.json @@ -0,0 +1,84 @@ +{ + "id": "CVE-2023-2682", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-05-12T13:15:09.477", + "lastModified": "2023-05-12T13:15:09.477", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Caton Live up to 2023-04-26 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/ping.cgi of the component Mini_HTTPD. The manipulation of the argument address with the input ;id;uname${IFS}-a leads to command injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-228911. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.228911", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.228911", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27932.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27932.json index 89b2fc5bff7..2e131feb321 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27932.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27932.json @@ -2,8 +2,8 @@ "id": "CVE-2023-27932", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.247", - "lastModified": "2023-05-09T12:47:05.663", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T12:15:09.190", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", @@ -12,6 +12,10 @@ ], "metrics": {}, "references": [ + { + "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00011.html", + "source": "product-security@apple.com" + }, { "url": "https://support.apple.com/en-us/HT213670", "source": "product-security@apple.com" diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27954.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27954.json index 6e2b40387b4..5f609b975c2 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27954.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27954.json @@ -2,8 +2,8 @@ "id": "CVE-2023-27954", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:18.267", - "lastModified": "2023-05-09T12:47:05.663", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T12:15:09.340", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", @@ -12,6 +12,10 @@ ], "metrics": {}, "references": [ + { + "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00011.html", + "source": "product-security@apple.com" + }, { "url": "https://support.apple.com/en-us/HT213670", "source": "product-security@apple.com" diff --git a/CVE-2023/CVE-2023-282xx/CVE-2023-28205.json b/CVE-2023/CVE-2023-282xx/CVE-2023-28205.json index b9772bb05b6..45ef36a7722 100644 --- a/CVE-2023/CVE-2023-282xx/CVE-2023-28205.json +++ b/CVE-2023/CVE-2023-282xx/CVE-2023-28205.json @@ -2,7 +2,7 @@ "id": "CVE-2023-28205", "sourceIdentifier": "product-security@apple.com", "published": "2023-04-10T19:15:07.237", - "lastModified": "2023-05-08T20:15:19.807", + "lastModified": "2023-05-12T12:15:09.467", "vulnStatus": "Modified", "cisaExploitAdd": "2023-04-10", "cisaActionDue": "2023-05-01", @@ -101,6 +101,10 @@ } ], "references": [ + { + "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00011.html", + "source": "product-security@apple.com" + }, { "url": "https://support.apple.com/en-us/HT213720", "source": "product-security@apple.com", diff --git a/CVE-2023/CVE-2023-300xx/CVE-2023-30024.json b/CVE-2023/CVE-2023-300xx/CVE-2023-30024.json index 3b252f6c4bf..45f569089f1 100644 --- a/CVE-2023/CVE-2023-300xx/CVE-2023-30024.json +++ b/CVE-2023/CVE-2023-300xx/CVE-2023-30024.json @@ -2,12 +2,12 @@ "id": "CVE-2023-30024", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-28T13:15:13.920", - "lastModified": "2023-05-10T16:12:16.157", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-12T12:15:09.623", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Insecure Permissions vulnerability found in MagicJack A921 USB Phone Jack Rev 3.0 v.1.4 allows a physically proximate attacker to escalate privileges and gain access to sensitive information via the NAND flash memory." + "value": "The MagicJack device, a VoIP solution for internet phone calls, contains a hidden NAND flash memory partition allowing unauthorized read/write access. Attackers can exploit this by replacing the original software with a malicious version, leading to ransomware deployment on the host computer. Affected devices have firmware versions prior to magicJack A921 USB Phone Jack Rev 3.0 V1.4." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-319xx/CVE-2023-31985.json b/CVE-2023/CVE-2023-319xx/CVE-2023-31985.json new file mode 100644 index 00000000000..22a4d4e7a79 --- /dev/null +++ b/CVE-2023/CVE-2023-319xx/CVE-2023-31985.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-31985", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-12T12:15:09.800", + "lastModified": "2023-05-12T12:15:09.800", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the formAccept function in /bin/webs without any limitations." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Erebua/CVE/blob/main/N300_BR-6428nS%20V4/3/Readme.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 8a93252d8b6..96ff1b4fbde 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-05-12T12:00:23.808260+00:00 +2023-05-12T14:00:24.295716+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-05-12T11:15:13.133000+00:00 +2023-05-12T13:33:51.097000+00:00 ``` ### Last Data Feed Release @@ -29,34 +29,42 @@ Download and Changelog: [Click](releases/latest) ### Total Number of included CVEs ```plain -215126 +215129 ``` ### CVEs added in the last Commit -Recently added CVEs: `14` +Recently added CVEs: `3` -* [CVE-2020-13377](CVE-2020/CVE-2020-133xx/CVE-2020-13377.json) (`2023-05-12T11:15:12.560`) -* [CVE-2023-23169](CVE-2023/CVE-2023-231xx/CVE-2023-23169.json) (`2023-05-12T11:15:12.727`) -* [CVE-2023-2512](CVE-2023/CVE-2023-25xx/CVE-2023-2512.json) (`2023-05-12T11:15:13.033`) -* [CVE-2023-2677](CVE-2023/CVE-2023-26xx/CVE-2023-2677.json) (`2023-05-12T10:15:09.073`) -* [CVE-2023-2678](CVE-2023/CVE-2023-26xx/CVE-2023-2678.json) (`2023-05-12T10:15:09.140`) -* [CVE-2023-27237](CVE-2023/CVE-2023-272xx/CVE-2023-27237.json) (`2023-05-12T11:15:12.773`) -* [CVE-2023-27238](CVE-2023/CVE-2023-272xx/CVE-2023-27238.json) (`2023-05-12T11:15:12.810`) -* [CVE-2023-29657](CVE-2023/CVE-2023-296xx/CVE-2023-29657.json) (`2023-05-12T11:15:12.850`) -* [CVE-2023-29818](CVE-2023/CVE-2023-298xx/CVE-2023-29818.json) (`2023-05-12T11:15:12.887`) -* [CVE-2023-29819](CVE-2023/CVE-2023-298xx/CVE-2023-29819.json) (`2023-05-12T11:15:12.923`) -* [CVE-2023-29820](CVE-2023/CVE-2023-298xx/CVE-2023-29820.json) (`2023-05-12T11:15:12.960`) -* [CVE-2023-29983](CVE-2023/CVE-2023-299xx/CVE-2023-29983.json) (`2023-05-12T11:15:12.997`) -* [CVE-2023-30130](CVE-2023/CVE-2023-301xx/CVE-2023-30130.json) (`2023-05-12T11:15:13.097`) -* [CVE-2023-30246](CVE-2023/CVE-2023-302xx/CVE-2023-30246.json) (`2023-05-12T11:15:13.133`) +* [CVE-2023-23444](CVE-2023/CVE-2023-234xx/CVE-2023-23444.json) (`2023-05-12T13:15:09.350`) +* [CVE-2023-2682](CVE-2023/CVE-2023-26xx/CVE-2023-2682.json) (`2023-05-12T13:15:09.477`) +* [CVE-2023-31985](CVE-2023/CVE-2023-319xx/CVE-2023-31985.json) (`2023-05-12T12:15:09.800`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `20` -* [CVE-2020-24188](CVE-2020/CVE-2020-241xx/CVE-2020-24188.json) (`2023-05-12T11:15:12.613`) +* [CVE-2013-0169](CVE-2013/CVE-2013-01xx/CVE-2013-0169.json) (`2023-05-12T12:58:44.970`) +* [CVE-2020-22334](CVE-2020/CVE-2020-223xx/CVE-2020-22334.json) (`2023-05-12T12:49:54.587`) +* [CVE-2021-42008](CVE-2021/CVE-2021-420xx/CVE-2021-42008.json) (`2023-05-12T12:59:16.287`) +* [CVE-2022-0108](CVE-2022/CVE-2022-01xx/CVE-2022-0108.json) (`2023-05-12T12:15:09.067`) +* [CVE-2022-0492](CVE-2022/CVE-2022-04xx/CVE-2022-0492.json) (`2023-05-12T12:59:46.603`) +* [CVE-2022-24122](CVE-2022/CVE-2022-241xx/CVE-2022-24122.json) (`2023-05-12T13:28:10.820`) +* [CVE-2022-35256](CVE-2022/CVE-2022-352xx/CVE-2022-35256.json) (`2023-05-12T13:30:33.190`) +* [CVE-2022-3545](CVE-2022/CVE-2022-35xx/CVE-2022-3545.json) (`2023-05-12T13:28:26.433`) +* [CVE-2022-4139](CVE-2022/CVE-2022-41xx/CVE-2022-4139.json) (`2023-05-12T13:28:40.100`) +* [CVE-2022-4696](CVE-2022/CVE-2022-46xx/CVE-2022-4696.json) (`2023-05-12T13:30:58.023`) +* [CVE-2022-47518](CVE-2022/CVE-2022-475xx/CVE-2022-47518.json) (`2023-05-12T13:31:11.263`) +* [CVE-2022-47519](CVE-2022/CVE-2022-475xx/CVE-2022-47519.json) (`2023-05-12T13:31:33.517`) +* [CVE-2022-48383](CVE-2022/CVE-2022-483xx/CVE-2022-48383.json) (`2023-05-12T12:54:18.963`) +* [CVE-2023-0522](CVE-2023/CVE-2023-05xx/CVE-2023-0522.json) (`2023-05-12T13:33:51.097`) +* [CVE-2023-25309](CVE-2023/CVE-2023-253xx/CVE-2023-25309.json) (`2023-05-12T13:15:09.427`) +* [CVE-2023-26605](CVE-2023/CVE-2023-266xx/CVE-2023-26605.json) (`2023-05-12T13:31:55.560`) +* [CVE-2023-27932](CVE-2023/CVE-2023-279xx/CVE-2023-27932.json) (`2023-05-12T12:15:09.190`) +* [CVE-2023-27954](CVE-2023/CVE-2023-279xx/CVE-2023-27954.json) (`2023-05-12T12:15:09.340`) +* [CVE-2023-28205](CVE-2023/CVE-2023-282xx/CVE-2023-28205.json) (`2023-05-12T12:15:09.467`) +* [CVE-2023-30024](CVE-2023/CVE-2023-300xx/CVE-2023-30024.json) (`2023-05-12T12:15:09.623`) ## Download and Usage