admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-11-21T23:00:17.744219+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-11-21 23:00:21 +00:00
parent 62f95da7a5
commit cae69a46d9
23 changed files with 2049 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
CVE-2021/CVE-2021-39xx/CVE-2021-3947.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-3947",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-02-18T18:15:09.750",
"lastModified": "2022-10-25T20:16:19.427",
"lastModified": "2023-11-21T21:38:40.057",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -95,8 +95,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndIncluding": "6.1.0",
"matchCriteriaId": "EC80910C-B342-4E0D-AC78-7F5118A8DDC8"
"matchCriteriaId": "6FF46C11-37A3-4254-87C0-B118ABC43E92"
},
{
"vulnerable": true,

645
CVE-2023/CVE-2023-235xx/CVE-2023-23549.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-23549",
"sourceIdentifier": "security@checkmk.com",
"published": "2023-11-15T11:15:08.173",
"lastModified": "2023-11-15T13:54:23.007",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-21T22:01:31.960",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Input Validation in Checkmk <2.2.0p15, <2.1.0p37, <=2.0.0p39 allows priviledged attackers to cause partial denial of service of the UI via too long hostnames."
},
{
"lang": "es",
"value": "La validaci\u00f3n de entrada inadecuada en Checkmk &lt;2.2.0p15, &lt;2.1.0p37, &lt;=2.0.0p39 permite a atacantes privilegiados provocar una denegaci\u00f3n parcial de servicio de la interfaz de usuario a trav\u00e9s de nombres de host demasiado largos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 2.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
},
{
"source": "security@checkmk.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@checkmk.com",
"type": "Secondary",
@ -46,10 +80,615 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E5138E25-A5AF-495D-A713-B8BDACC133D8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "7AE78B5E-2D00-462B-AC0E-5E68BC36ED1B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b2:*:*:*:*:*:*",
"matchCriteriaId": "9D69AA9A-C6FF-4A9F-8B02-2F207C4150FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b3:*:*:*:*:*:*",
"matchCriteriaId": "452F359B-BCB5-46E0-A77A-383C3C2E2D60"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b4:*:*:*:*:*:*",
"matchCriteriaId": "D9A66C28-A2BA-4091-AB4C-05CDB1D3777F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b5:*:*:*:*:*:*",
"matchCriteriaId": "463A4A68-810B-4C20-A696-4F94DB20224B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b6:*:*:*:*:*:*",
"matchCriteriaId": "F4459581-214F-423B-A29D-31C789FD7F1C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b7:*:*:*:*:*:*",
"matchCriteriaId": "CC0CFABC-A53C-4FD3-A57A-CB72C87A034B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b8:*:*:*:*:*:*",
"matchCriteriaId": "F96B08FA-8129-4880-86FE-47B08C2B6964"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:i1:*:*:*:*:*:*",
"matchCriteriaId": "CAEB960C-5A5E-4F7C-8588-3F6737AE5DCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "3CB134CD-0746-47C8-BAB8-2AE9C083C4D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p10:*:*:*:*:*:*",
"matchCriteriaId": "E4B5DDAA-F7B5-4BFD-836E-F7DA0FC7B0C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p11:*:*:*:*:*:*",
"matchCriteriaId": "A4DA5440-F376-4952-ABCB-AC557C5944A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p12:*:*:*:*:*:*",
"matchCriteriaId": "DB7DB93B-CDD2-4662-893B-6E36F9EDA7FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p13:*:*:*:*:*:*",
"matchCriteriaId": "81DFD64A-FEFD-4EBA-B6EC-28D3F0EEC33B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p14:*:*:*:*:*:*",
"matchCriteriaId": "918ACC6A-2EE8-401F-B18A-94B8757B202E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p15:*:*:*:*:*:*",
"matchCriteriaId": "1B6AE143-5A29-4EE8-AF7D-5D495A2248D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p16:*:*:*:*:*:*",
"matchCriteriaId": "9B678D96-5987-4423-A713-57812B896380"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p17:*:*:*:*:*:*",
"matchCriteriaId": "A16EA6BD-003D-416E-B6C7-EBE5AA4AC2B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p18:*:*:*:*:*:*",
"matchCriteriaId": "7A016627-9BF2-4D25-AB97-172EAEC4C187"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p19:*:*:*:*:*:*",
"matchCriteriaId": "333FBE01-E5C1-4668-B50F-B64A34E799A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "FE7C4821-74F2-442C-B51F-A52788FC61F4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p20:*:*:*:*:*:*",
"matchCriteriaId": "168E2F68-E3EA-407F-8DCE-BDB1F557FFFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p21:*:*:*:*:*:*",
"matchCriteriaId": "D7A74CB5-CC6E-4166-B884-498F2CF1A33E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p22:*:*:*:*:*:*",
"matchCriteriaId": "42DCB139-5BBE-45F3-80F5-3A43D95A58BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p23:*:*:*:*:*:*",
"matchCriteriaId": "1A3E3E6C-DCC0-466D-A505-5F80379CF0AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p24:*:*:*:*:*:*",
"matchCriteriaId": "1542CDC8-9697-44DE-8F6A-3EB25D07EEE9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p25:*:*:*:*:*:*",
"matchCriteriaId": "1A5B33FF-EA21-4AEB-8D9A-21DA9DB5892A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p26:*:*:*:*:*:*",
"matchCriteriaId": "78616E5A-E1FF-40AA-8E13-0B2E84CE6F8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p27:*:*:*:*:*:*",
"matchCriteriaId": "5D956394-C3F3-4C88-A791-364AE555D522"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p28:*:*:*:*:*:*",
"matchCriteriaId": "25E96088-0FA2-49FD-B93D-5AFC9605289E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p29:*:*:*:*:*:*",
"matchCriteriaId": "EDB60B12-F724-40C7-8EB2-1270484E88F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "1982ED3B-A0FA-476A-BFB2-5B7B53289496"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p30:*:*:*:*:*:*",
"matchCriteriaId": "F646D243-433E-46F9-9E8E-E4F734F9E648"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p31:*:*:*:*:*:*",
"matchCriteriaId": "D1C14080-79C9-4620-AD1F-6CB46F0F74D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p32:*:*:*:*:*:*",
"matchCriteriaId": "4AECE1FE-F3D1-4FF0-BDF9-F39FFCBF52E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p33:*:*:*:*:*:*",
"matchCriteriaId": "C2F79F99-5F46-48A7-BEE7-1551CD56C2F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p34:*:*:*:*:*:*",
"matchCriteriaId": "2EB6F9D4-13D2-4218-96EF-64C2126369DC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p35:*:*:*:*:*:*",
"matchCriteriaId": "62841559-BDA0-4B67-932A-007D91BFBD14"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p36:*:*:*:*:*:*",
"matchCriteriaId": "F6F22F4E-4A8A-4A7B-A01A-50E9BEA019DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p37:*:*:*:*:*:*",
"matchCriteriaId": "C1467012-F4CD-4547-A761-50B5F478A055"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p38:*:*:*:*:*:*",
"matchCriteriaId": "200EE0FA-D641-4612-8048-3B00997CBB42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p39:*:*:*:*:*:*",
"matchCriteriaId": "62ACFC37-4F2A-4C2F-B960-D7AEEADBDDBB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "AA60BF44-AF52-458A-BD3F-9FD5D8408575"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p5:*:*:*:*:*:*",
"matchCriteriaId": "9BFE55DC-89EA-404F-8DDF-93E351366789"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p6:*:*:*:*:*:*",
"matchCriteriaId": "C62D8997-DD3B-4B83-B6A5-DFC2408A9164"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p7:*:*:*:*:*:*",
"matchCriteriaId": "80B4A77F-F636-49BB-8CB6-60064984463F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p8:*:*:*:*:*:*",
"matchCriteriaId": "356E5744-AB8E-4FBA-992F-74ED8F9086CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p9:*:*:*:*:*:*",
"matchCriteriaId": "41FB6FFA-F38F-4754-A1E6-35073D84069E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "BC0AC5A2-3724-4942-ABE2-CA9F3B9B4BDA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "E3AAC1AD-C2F5-4171-BD92-95A8BA09E79A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b2:*:*:*:*:*:*",
"matchCriteriaId": "8CB8C4BB-4AE6-4EA2-8F38-780B627721ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b3:*:*:*:*:*:*",
"matchCriteriaId": "D0F14106-2A3D-4FC7-A0C7-6EDA75D1A8F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b4:*:*:*:*:*:*",
"matchCriteriaId": "F8C2DA36-8419-4846-BFA0-A729BE7D72C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b5:*:*:*:*:*:*",
"matchCriteriaId": "8AA4FA3D-7A59-4597-9D79-B6B020D86BD1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b6:*:*:*:*:*:*",
"matchCriteriaId": "79F0CF88-FF11-4741-AFF6-9F88F57C2140"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b7:*:*:*:*:*:*",
"matchCriteriaId": "8E93629E-C0CB-4636-B343-1C0646D8228E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b8:*:*:*:*:*:*",
"matchCriteriaId": "58102464-E66F-49CD-8952-3F3F9A6A45CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b9:*:*:*:*:*:*",
"matchCriteriaId": "9C98E509-8466-4F95-ABE7-7ECC91640E04"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "A7B89F71-ABD2-4B2D-AE6B-C0F243E89443"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p10:*:*:*:*:*:*",
"matchCriteriaId": "002EF417-C702-42E2-9C8F-C9593B43AB03"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p11:*:*:*:*:*:*",
"matchCriteriaId": "B8E358A9-0430-4EF1-8557-7F1C088FFF48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p12:*:*:*:*:*:*",
"matchCriteriaId": "4B0AF395-FDC7-4321-9E00-C935641C138B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p13:*:*:*:*:*:*",
"matchCriteriaId": "59B9CCED-806F-47EF-B5B6-441AADCB4B81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p14:*:*:*:*:*:*",
"matchCriteriaId": "FAED2CD5-A2CE-438C-8ED7-338D9D61FBD9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p15:*:*:*:*:*:*",
"matchCriteriaId": "F08A96EF-FD2E-4D45-884B-349869649C3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p16:*:*:*:*:*:*",
"matchCriteriaId": "E80D718E-66B6-4FC6-911D-C264F2C891C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p17:*:*:*:*:*:*",
"matchCriteriaId": "174BF76A-00C5-4ECD-937D-FE66851D3979"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p18:*:*:*:*:*:*",
"matchCriteriaId": "F43DBAE4-FEF9-431E-AE82-31C7944CA830"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p19:*:*:*:*:*:*",
"matchCriteriaId": "7AF612FF-7441-41C4-96C2-36A15E45FF93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "960DF373-EDE6-4318-B6E9-07573ED5907A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p20:*:*:*:*:*:*",
"matchCriteriaId": "5FFBF793-48E0-48DB-9C12-1C4A5805009E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p21:*:*:*:*:*:*",
"matchCriteriaId": "B6A2F0DB-CA73-4F14-8099-7A29BADC1F4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p22:*:*:*:*:*:*",
"matchCriteriaId": "5D23ECB8-9C2C-4BA5-ADD6-248FD2CFF37A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p23:*:*:*:*:*:*",
"matchCriteriaId": "9958D126-EF50-4ED7-85A3-6E5120EFB931"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p24:*:*:*:*:*:*",
"matchCriteriaId": "5D9B3F5F-158A-4C43-A894-1A55D1D758FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p25:*:*:*:*:*:*",
"matchCriteriaId": "17729C6D-3DD1-4082-B3AF-B53770304F7B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p26:*:*:*:*:*:*",
"matchCriteriaId": "2E34014C-90A0-4ABB-A15F-73E83F312246"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p27:*:*:*:*:*:*",
"matchCriteriaId": "C0DCB95E-CC14-40BF-A7E4-1CD9075E2785"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p28:*:*:*:*:*:*",
"matchCriteriaId": "E1AA25FE-FA1B-4525-99B8-1098E75BDC5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p29:*:*:*:*:*:*",
"matchCriteriaId": "073ED1BF-B3FE-4CC4-A279-15981DBC0BE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "3144AABF-74CB-44EE-A618-8529A8ACFCF6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p30:*:*:*:*:*:*",
"matchCriteriaId": "BA067A60-3B6A-4C3B-8934-E2725199EE39"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p31:*:*:*:*:*:*",
"matchCriteriaId": "DD42912A-092C-4FD9-9874-5B04989164C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p32:*:*:*:*:*:*",
"matchCriteriaId": "E26E5640-8396-4B9C-890F-E9598CEB08FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p33:*:*:*:*:*:*",
"matchCriteriaId": "82CBA4CB-FCEE-4D33-8127-944D914A8F5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p34:*:*:*:*:*:*",
"matchCriteriaId": "DE6414DD-DA34-4FE7-B976-A6898B454E60"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p35:*:*:*:*:*:*",
"matchCriteriaId": "0CB08010-2416-469D-8B27-212F28BF62EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p36:*:*:*:*:*:*",
"matchCriteriaId": "8F66346B-4A8A-4323-B197-B5D4D949FCEE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "88AC7AB0-40DF-44D1-83EA-FDD4D5346BBD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p5:*:*:*:*:*:*",
"matchCriteriaId": "4285A4A3-3DED-456D-93D4-1B9FDB42C1EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p6:*:*:*:*:*:*",
"matchCriteriaId": "098FD286-B6CB-4428-9A62-A5F24B4D9E92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p7:*:*:*:*:*:*",
"matchCriteriaId": "8400088B-E56E-4D0B-86D5-76D884C8031A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p8:*:*:*:*:*:*",
"matchCriteriaId": "29554684-FEFF-42B2-B62E-6523782F537C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p9:*:*:*:*:*:*",
"matchCriteriaId": "91AE66E4-AE6B-4F25-9312-6418FC3E221F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "8EC2C076-C4C6-4C9A-84FE-B47E835AA0E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "A954DDB4-ACF5-4D74-B735-0BB14762457C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b2:*:*:*:*:*:*",
"matchCriteriaId": "F4E9D8E0-ECFF-4987-8189-F6A5917D39B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b3:*:*:*:*:*:*",
"matchCriteriaId": "7CDF16A7-E9BC-488B-A0DF-91B7F79C2D7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b4:*:*:*:*:*:*",
"matchCriteriaId": "EF3C4AB5-966A-46CD-8774-7BD4115FC80B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b5:*:*:*:*:*:*",
"matchCriteriaId": "580C70A7-387E-4650-9DBA-D7AA0BFDB1BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b6:*:*:*:*:*:*",
"matchCriteriaId": "343C5CD6-48ED-4693-BC2A-549A43F02931"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b7:*:*:*:*:*:*",
"matchCriteriaId": "18F1E6EC-5866-4338-9772-92EB01E0A184"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b8:*:*:*:*:*:*",
"matchCriteriaId": "57C08697-674F-4924-A5A2-40F1E2BF2059"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:i1:*:*:*:*:*:*",
"matchCriteriaId": "AB444D23-88E8-4AFE-9F1E-56AE4ADF7644"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "050E9020-9E83-4198-B550-F554686DCC36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p10:*:*:*:*:*:*",
"matchCriteriaId": "5D3DFD03-89BF-433F-B14C-8B46AD5146F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p11:*:*:*:*:*:*",
"matchCriteriaId": "50D06254-A368-4DE1-8734-1DC49002FBB1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p12:*:*:*:*:*:*",
"matchCriteriaId": "489B86C6-FDD3-4569-B330-86CF51B533B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p13:*:*:*:*:*:*",
"matchCriteriaId": "50456E0E-0597-4E90-9BFC-1384800ED073"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "E9F4C18C-D62E-47F5-A309-D0BC9CFB990C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "DAFBA752-75C7-4514-AC75-CE7D78AE9F96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "57BA8394-7755-45E0-8B4D-B37A8A5B5DB8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p5:*:*:*:*:*:*",
"matchCriteriaId": "D6A02DB9-71F6-429F-A084-D811AD016CBA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p6:*:*:*:*:*:*",
"matchCriteriaId": "AC520584-54C8-445C-8898-CEFE1E1CC59F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p7:*:*:*:*:*:*",
"matchCriteriaId": "DA73CA36-D5F7-4C8D-B574-7DBF29220C82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p8:*:*:*:*:*:*",
"matchCriteriaId": "32F5CD0B-98FD-4076-A33A-A12FA8F89F24"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p9:*:*:*:*:*:*",
"matchCriteriaId": "46DC1573-56A8-48E7-ABB8-45406AA252AE"
}
]
}
]
}
],
"references": [
{
"url": "https://checkmk.com/werk/16219",
"source": "security@checkmk.com"
"source": "security@checkmk.com",
"tags": [
"Vendor Advisory"
]
}
]
}

91
CVE-2023/CVE-2023-456xx/CVE-2023-45616.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-45616",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-11-14T23:15:09.663",
"lastModified": "2023-11-15T02:28:40.150",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-21T21:04:37.297",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "There is a buffer overflow vulnerability in the underlying AirWave client service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.\n\n"
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de desbordamiento del b\u00fafer en AirWave Client Service subyacente que podr\u00eda conducir a la ejecuci\u00f3n remota de c\u00f3digo no autenticado mediante el env\u00edo de paquetes especialmente manipulados destinados al puerto UDP (8211) PAPI (protocolo de administraci\u00f3n de puntos de acceso de Aruba). La explotaci\u00f3n exitosa de esta vulnerabilidad da como resultado la capacidad de ejecutar c\u00f3digo arbitrario como usuario privilegiado en el sistema operativo subyacente."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +58,71 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.3.0.0",
"versionEndExcluding": "10.4.0.3",
"matchCriteriaId": "0C237FC8-2B47-4070-96DD-54D68F9BD5EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "23C407BC-FF30-4EBE-9084-67943E6D62E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:instantos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.0.0",
"versionEndExcluding": "8.6.0.23",
"matchCriteriaId": "DF39B093-B7A9-4657-A7F0-343E7CE7D59D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:instantos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.10.0.0",
"versionEndExcluding": "8.10.0.9",
"matchCriteriaId": "B3B1AE0D-0B1E-4B75-8815-9C0D46A6B44F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:instantos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.11.0.0",
"versionEndExcluding": "8.11.2.0",
"matchCriteriaId": "73FB686A-47E8-4900-AC7A-7A37152FD543"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-017.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

91
CVE-2023/CVE-2023-456xx/CVE-2023-45617.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-45617",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-11-14T23:15:09.827",
"lastModified": "2023-11-15T02:28:40.150",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-21T21:08:47.293",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "There are arbitrary file deletion vulnerabilities in the CLI service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the access point.\n\n"
},
{
"lang": "es",
"value": "Existen vulnerabilidades de eliminaci\u00f3n de archivos arbitrarios en CLI Service al que accede PAPI (el protocolo de administraci\u00f3n de puntos de acceso de Aruba). La explotaci\u00f3n exitosa de estas vulnerabilidades da como resultado la capacidad de eliminar archivos arbitrarios en el sistema operativo subyacente, lo que podr\u00eda llevar a la capacidad de interrumpir el funcionamiento normal y afectar la integridad del punto de acceso."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +58,71 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.3.0.0",
"versionEndExcluding": "10.4.0.3",
"matchCriteriaId": "0C237FC8-2B47-4070-96DD-54D68F9BD5EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "23C407BC-FF30-4EBE-9084-67943E6D62E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:instantos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.0.0",
"versionEndExcluding": "8.6.0.23",
"matchCriteriaId": "DF39B093-B7A9-4657-A7F0-343E7CE7D59D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:instantos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.10.0.0",
"versionEndExcluding": "8.10.0.9",
"matchCriteriaId": "B3B1AE0D-0B1E-4B75-8815-9C0D46A6B44F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:instantos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.11.0.0",
"versionEndExcluding": "8.11.2.0",
"matchCriteriaId": "73FB686A-47E8-4900-AC7A-7A37152FD543"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-017.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

91
CVE-2023/CVE-2023-456xx/CVE-2023-45618.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-45618",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-11-14T23:15:09.997",
"lastModified": "2023-11-15T02:28:40.150",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-21T21:13:51.230",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "There are arbitrary file deletion vulnerabilities in the AirWave client service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the access point.\n\n"
},
{
"lang": "es",
"value": "Existen vulnerabilidades de eliminaci\u00f3n arbitraria de archivos en AirWave Client Service al que accede PAPI (el protocolo de gesti\u00f3n de puntos de acceso de Aruba). La explotaci\u00f3n exitosa de estas vulnerabilidades da como resultado la capacidad de eliminar archivos arbitrarios en el sistema operativo subyacente, lo que podr\u00eda llevar a la capacidad de interrumpir el funcionamiento normal y afectar la integridad del punto de acceso."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +58,71 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.3.0.0",
"versionEndExcluding": "10.4.0.3",
"matchCriteriaId": "0C237FC8-2B47-4070-96DD-54D68F9BD5EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "23C407BC-FF30-4EBE-9084-67943E6D62E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:instantos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.0.0",
"versionEndExcluding": "8.6.0.23",
"matchCriteriaId": "DF39B093-B7A9-4657-A7F0-343E7CE7D59D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:instantos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.10.0.0",
"versionEndExcluding": "8.10.0.9",
"matchCriteriaId": "B3B1AE0D-0B1E-4B75-8815-9C0D46A6B44F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:instantos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.11.0.0",
"versionEndExcluding": "8.11.2.0",
"matchCriteriaId": "73FB686A-47E8-4900-AC7A-7A37152FD543"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-017.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

91
CVE-2023/CVE-2023-456xx/CVE-2023-45619.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-45619",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-11-14T23:15:10.167",
"lastModified": "2023-11-15T02:28:40.150",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-21T21:17:47.173",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "There is an arbitrary file deletion vulnerability in the RSSI service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the access point.\n\n"
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de eliminaci\u00f3n arbitraria de archivos en RSSI Service al que accede PAPI (el protocolo de gesti\u00f3n de puntos de acceso de Aruba). La explotaci\u00f3n exitosa de esta vulnerabilidad da como resultado la capacidad de eliminar archivos arbitrarios en el sistema operativo subyacente, lo que podr\u00eda llevar a la capacidad de interrumpir el funcionamiento normal y afectar la integridad del punto de acceso."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +58,71 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.3.0.0",
"versionEndExcluding": "10.4.0.3",
"matchCriteriaId": "0C237FC8-2B47-4070-96DD-54D68F9BD5EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "23C407BC-FF30-4EBE-9084-67943E6D62E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:instantos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.0.0",
"versionEndExcluding": "8.6.0.23",
"matchCriteriaId": "DF39B093-B7A9-4657-A7F0-343E7CE7D59D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:instantos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.10.0.0",
"versionEndExcluding": "8.10.0.9",
"matchCriteriaId": "B3B1AE0D-0B1E-4B75-8815-9C0D46A6B44F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:instantos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.11.0.0",
"versionEndExcluding": "8.11.2.0",
"matchCriteriaId": "73FB686A-47E8-4900-AC7A-7A37152FD543"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-017.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

80
CVE-2023/CVE-2023-475xx/CVE-2023-47584.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47584",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-11-15T06:15:28.213",
"lastModified": "2023-11-15T13:54:23.007",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-21T21:28:21.167",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,87 @@
"value": "Existe una vulnerabilidad de escritura fuera de los l\u00edmites en V-Server V4.0.18.0 y anteriores y en V-Server Lite V4.0.18.0 y anteriores. Si un usuario abre un archivo VPR especialmente manipulado, se puede revelar informaci\u00f3n y/o se puede ejecutar c\u00f3digo arbitrario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fujielectric:v-server:*:*:*:*:-:*:*:*",
"versionEndIncluding": "4.0.18.0",
"matchCriteriaId": "64415646-1087-4D64-B9D5-9BC3B46B8FA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fujielectric:v-server:*:*:*:*:lite:*:*:*",
"versionEndIncluding": "4.0.18.0",
"matchCriteriaId": "6ABDE61D-26F7-4F70-90AE-E67A10DCA794"
}
]
}
]
}
],
"references": [
{
"url": "https://hakko-elec.co.jp/site/download/03tellus_inf/index.php",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://jvn.jp/en/vu/JVNVU93840158/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://monitouch.fujielectric.com/site/download-e/03tellus_inf/index.php",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
}
]
}

80
CVE-2023/CVE-2023-475xx/CVE-2023-47585.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47585",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-11-15T06:15:28.260",
"lastModified": "2023-11-15T13:54:23.007",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-21T21:32:45.827",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,87 @@
"value": "Vulnerabilidad de lectura fuera de los l\u00edmites existe en V-Server V4.0.18.0 y anteriores y en V-Server Lite V4.0.18.0 y anteriores. Si un usuario abre un archivo VPR especialmente manipulado, se puede revelar informaci\u00f3n y/o se puede ejecutar c\u00f3digo arbitrario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fujielectric:v-server:*:*:*:*:-:*:*:*",
"versionEndIncluding": "4.0.18.0",
"matchCriteriaId": "64415646-1087-4D64-B9D5-9BC3B46B8FA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fujielectric:v-server:*:*:*:*:lite:*:*:*",
"versionEndIncluding": "4.0.18.0",
"matchCriteriaId": "6ABDE61D-26F7-4F70-90AE-E67A10DCA794"
}
]
}
]
}
],
"references": [
{
"url": "https://hakko-elec.co.jp/site/download/03tellus_inf/index.php",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://jvn.jp/en/vu/JVNVU93840158/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://monitouch.fujielectric.com/site/download-e/03tellus_inf/index.php",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
}
]
}

80
CVE-2023/CVE-2023-475xx/CVE-2023-47586.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47586",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-11-15T06:15:28.303",
"lastModified": "2023-11-15T13:54:23.007",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-21T21:49:07.800",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,87 @@
"value": "Existen m\u00faltiples vulnerabilidades de desbordamiento del b\u00fafer en V-Server V4.0.18.0 y anteriores y V-Server Lite V4.0.18.0 y anteriores. Si un usuario abre un archivo VPR especialmente manipulado, se puede revelar informaci\u00f3n y/o se puede ejecutar c\u00f3digo arbitrario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fujielectric:v-server:*:*:*:*:-:*:*:*",
"versionEndIncluding": "4.0.18.0",
"matchCriteriaId": "64415646-1087-4D64-B9D5-9BC3B46B8FA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fujielectric:v-server:*:*:*:*:lite:*:*:*",
"versionEndIncluding": "4.0.18.0",
"matchCriteriaId": "6ABDE61D-26F7-4F70-90AE-E67A10DCA794"
}
]
}
]
}
],
"references": [
{
"url": "https://hakko-elec.co.jp/site/download/03tellus_inf/index.php",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://jvn.jp/en/vu/JVNVU93840158/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://monitouch.fujielectric.com/site/download-e/03tellus_inf/index.php",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
}
]
}

91
CVE-2023/CVE-2023-482xx/CVE-2023-48228.json Normal file
View File

@ -0,0 +1,91 @@
{
"id": "CVE-2023-48228",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-21T21:15:08.477",
"lastModified": "2023-11-21T21:15:08.477",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "authentik is an open-source identity provider. When initialising a oauth2 flow with a `code_challenge` and `code_method` (thus requesting PKCE), the single sign-on provider (authentik) must check if there is a matching and existing `code_verifier` during the token step. Prior to versions 2023.10.4 and 2023.8.5, authentik checks if the contents of `code_verifier` is matching only when it is provided. When it is left out completely, authentik simply accepts the token request with out it; even when the flow was started with a `code_challenge`. authentik 2023.8.5 and 2023.10.4 fix this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://github.com/goauthentik/authentik/blob/dd4e9030b4e667d3720be2feda24c08972602274/authentik/providers/oauth2/views/token.py#L225",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/goauthentik/authentik/commit/3af77ab3821fe9c7df8055ba5eade3d1ecea03a6",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/goauthentik/authentik/commit/6b9afed21f7c39f171a4a445654cfe415bba37d5",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/goauthentik/authentik/commit/b88e39411c12e3f9e04125a7887f12354f760a14",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/goauthentik/authentik/pull/7666",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/goauthentik/authentik/pull/7668",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/goauthentik/authentik/pull/7669",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/goauthentik/authentik/releases/tag/version%2F2023.10.4",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/goauthentik/authentik/releases/tag/version%2F2023.8.5",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/goauthentik/authentik/security/advisories/GHSA-fm34-v8xq-f2c3",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-482xx/CVE-2023-48230.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-48230",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-21T21:15:08.683",
"lastModified": "2023-11-21T21:15:08.683",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not attacker-controlled, likely resulting in a crash, enabling a remote denial-of-service attack. Most Cap'n Proto and KJ users are unlikely to have this functionality enabled and so unlikely to be affected. Maintainers suspect only the Cloudflare Workers Runtime is affected.\n\nIf KJ HTTP is used with WebSocket compression enabled, a malicious peer may be able to cause a buffer underrun on a heap-allocated buffer. KJ HTTP is an optional library bundled with Cap'n Proto, but is not directly used by Cap'n Proto. WebSocket compression is disabled by default. It must be enabled via a setting passed to the KJ HTTP library via `HttpClientSettings` or `HttpServerSettings`. The bytes written out-of-bounds are always a specific constant 4-byte string `{ 0x00, 0x00, 0xFF, 0xFF }`. Because this string is not controlled by the attacker, maintainers believe it is unlikely that remote code execution is possible. However, it cannot be ruled out. This functionality first appeared in Cap'n Proto 1.0. Previous versions are not affected.\n\nThis issue is fixed in Cap'n Proto 1.0.1.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-124"
}
]
}
],
"references": [
{
"url": "https://github.com/capnproto/capnproto/commit/75c5c1499aa6e7690b741204ff9af91cce526c59",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/capnproto/capnproto/commit/e7f22da9c01286a2b0e1e5fbdf3ec9ab3aa128ff",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/capnproto/capnproto/security/advisories/GHSA-r89h-f468-62w3",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-482xx/CVE-2023-48239.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-48239",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-21T21:15:08.880",
"lastModified": "2023-11-21T21:15:08.880",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Server and starting in version 20.0.0 and prior to versions 20.0.14.16, 21.0.9.13, 22.2.10.15, 23.0.12.12, 24.0.12.8, 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Enterprise Server, a malicious user could update any personal or global external storage, making them inaccessible for everyone else as well. Nextcloud Server 25.0.13, 26.0.8, and 27.1.3 and Nextcloud Enterprise Server is upgraded to 20.0.14.16, 21.0.9.13, 22.2.10.15, 23.0.12.12, 24.0.12.8, 25.0.13, 26.0.8, and 27.1.3 contain a patch for this issue. As a workaround, disable app files_external. This workaround also makes the external storage inaccessible but retains the configurations until a patched version has been deployed."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-f962-hw26-g267",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/nextcloud/server/pull/41123",
"source": "security-advisories@github.com"
},
{
"url": "https://hackerone.com/reports/2212627",
"source": "security-advisories@github.com"
}
]
}

67
CVE-2023/CVE-2023-482xx/CVE-2023-48299.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-48299",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-21T21:15:09.077",
"lastModified": "2023-11-21T21:15:09.077",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "TorchServe is a tool for serving and scaling PyTorch models in production. Starting in version 0.1.0 and prior to version 0.9.0, using the model/workflow management API, there is a chance of uploading potentially harmful archives that contain files that are extracted to any location on the filesystem that is within the process permissions. Leveraging this issue could aid third-party actors in hiding harmful code in open-source/public models, which can be downloaded from the internet, and take advantage of machines running Torchserve. The ZipSlip issue in TorchServe has been fixed by validating the paths of files contained within a zip archive before extracting them. TorchServe release 0.9.0 includes fixes to address the ZipSlip vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://github.com/pytorch/serve/commit/bfb3d42396727614aef625143b4381e64142f9bb",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/pytorch/serve/pull/2634",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/pytorch/serve/releases/tag/v0.9.0",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/pytorch/serve/security/advisories/GHSA-m2mj-pr4f-h9jp",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-483xx/CVE-2023-48301.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-48301",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-21T22:15:07.490",
"lastModified": "2023-11-21T22:15:07.490",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Server and Nextcloud Enterprise Server, an attacker could insert links into circles name that would be opened when clicking the circle name in a search filter. Nextcloud Server and Nextcloud Enterprise Server versions 25.0.13, 26.0.8, and 27.1.3 contain a fix for this issue. As a workaround, disable app circles."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/nextcloud/circles/pull/1415",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wgpw-qqq2-gwv6",
"source": "security-advisories@github.com"
},
{
"url": "https://hackerone.com/reports/2210038",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-483xx/CVE-2023-48302.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-48302",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-21T22:15:07.697",
"lastModified": "2023-11-21T22:15:07.697",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Server and Nextcloud Enterprise Server, when a user is tricked into copy pasting HTML code without markup (Ctrl+Shift+V) the markup will actually render. Nextcloud Server and Nextcloud Enterprise Server versions 25.0.13, 26.0.8, and 27.1.3 contain a fix for this issue. As a workaround, disable app text."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-p7g9-x25m-4h87",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/nextcloud/text/pull/4877",
"source": "security-advisories@github.com"
},
{
"url": "https://hackerone.com/reports/2211561",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-483xx/CVE-2023-48303.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-48303",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-21T22:15:07.893",
"lastModified": "2023-11-21T22:15:07.893",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and Nextcloud Enterprise Server, admins can change authentication details of user configured external storage. Nextcloud Server and Nextcloud Enterprise Server versions 25.0.11, 26.0.6, and 27.1.0 contain a patch for this issue. No known workarounds are available."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-2448-44rp-c7hh",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/nextcloud/server/pull/39895",
"source": "security-advisories@github.com"
},
{
"url": "https://hackerone.com/reports/2107934",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-483xx/CVE-2023-48304.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-48304",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-21T22:15:08.087",
"lastModified": "2023-11-21T22:15:08.087",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and starting in version 22.0.0 and prior to versions 22.2.10.16, 23.0.12.11, 24.0.12.7, 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Enterprise Server, an attacker could enable and disable the birthday calendar for any user on the same server. Nextcloud Server 25.0.11, 26.0.6, and 27.1.0 and Nextcloud Enterprise Server 22.2.10.16, 23.0.12.11, 24.0.12.7, 25.0.11, 26.0.6, and 27.1.0 contain patches for this issue. No known workarounds are available."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"references": [
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8jwv-c8c8-9fr3",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/nextcloud/server/pull/40292",
"source": "security-advisories@github.com"
},
{
"url": "https://hackerone.com/reports/2112973",
"source": "security-advisories@github.com"
}
]
}

47
CVE-2023/CVE-2023-491xx/CVE-2023-49103.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-49103",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-21T22:15:08.277",
"lastModified": "2023-11-21T22:15:08.277",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"references": [
{
"url": "https://owncloud.com/security-advisories/disclosure-of-sensitive-credentials-and-configuration-in-containerized-deployments/",
"source": "cve@mitre.org"
},
{
"url": "https://owncloud.org/security",
"source": "cve@mitre.org"
}
]
}

47
CVE-2023/CVE-2023-491xx/CVE-2023-49104.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-49104",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-21T22:15:08.450",
"lastModified": "2023-11-21T22:15:08.450",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ownCloud owncloud/oauth2 before 0.6.1, when Allow Subdomains is enabled. An attacker is able to pass in a crafted redirect-url that bypasses validation, and consequently allows an attacker to redirect callbacks to a Top Level Domain controlled by the attacker."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.8
}
]
},
"references": [
{
"url": "https://owncloud.com/security-advisories/subdomain-validation-bypass/",
"source": "cve@mitre.org"
},
{
"url": "https://owncloud.org/security",
"source": "cve@mitre.org"
}
]
}

47
CVE-2023/CVE-2023-491xx/CVE-2023-49105.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-49105",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-21T22:15:08.613",
"lastModified": "2023-11-21T22:15:08.613",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ownCloud owncloud/core before 10.13.1. An attacker can access, modify, or delete any file without authentication if the username of a victim is known, and the victim has no signing-key configured. This occurs because pre-signed URLs can be accepted even when no signing-key is configured for the owner of the files. The earliest affected version is 10.6.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://owncloud.com/security-advisories/webdav-api-authentication-bypass-using-pre-signed-urls/",
"source": "cve@mitre.org"
},
{
"url": "https://owncloud.org/security",
"source": "cve@mitre.org"
}
]
}

59
CVE-2023/CVE-2023-62xx/CVE-2023-6238.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-6238",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-21T21:15:09.273",
"lastModified": "2023-11-21T21:15:09.273",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. An unprivileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes and memory corruption."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6238",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250834",
"source": "secalert@redhat.com"
}
]
}

67
CVE-2023/CVE-2023-62xx/CVE-2023-6248.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-6248",
"sourceIdentifier": "cve@asrg.io",
"published": "2023-11-21T22:15:08.787",
"lastModified": "2023-11-21T22:15:08.787",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Syrus4 IoT gateway utilizes an unsecured MQTT server to download and execute arbitrary commands, allowing a remote unauthenticated attacker to execute code on any Syrus4 device connected to the cloud service. The MQTT server also leaks the location, video and diagnostic data from each connected device. An attacker who knows the IP address of the server is able to connect and perform the following operations:\n\n * Get location data of the vehicle the device is connected to\n * Send CAN bus messages via the ECU module ( https://syrus.digitalcomtech.com/docs/ecu-1 https://syrus.digitalcomtech.com/docs/ecu-1 )\n\n * Immobilize the vehicle via the safe-immobilizer module ( https://syrus.digitalcomtech.com/docs/system-tools#safe-immobilization https://syrus.digitalcomtech.com/docs/system-tools#safe-immobilization )\n\n * Get live video through the connected video camera\n\n * Send audio messages to the driver ( https://syrus.digitalcomtech.com/docs/system-tools#apx-tts https://syrus.digitalcomtech.com/docs/system-tools#apx-tts )\n\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
},
{
"lang": "en",
"value": "CWE-287"
},
{
"lang": "en",
"value": "CWE-319"
},
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://www.digitalcomtech.com/product/syrus-4g-iot-telematics-gateway/",
"source": "cve@asrg.io"
}
]
}

64
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-11-21T21:00:17.887493+00:00
2023-11-21T23:00:17.744219+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-11-21T20:53:21.610000+00:00
2023-11-21T22:15:08.787000+00:00
```
### Last Data Feed Release
@ -29,51 +29,41 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
231231
231244
```
### CVEs added in the last Commit
Recently added CVEs: `7`
Recently added CVEs: `13`
* [CVE-2021-38405](CVE-2021/CVE-2021-384xx/CVE-2021-38405.json) (`2023-11-21T19:15:07.647`)
* [CVE-2023-20208](CVE-2023/CVE-2023-202xx/CVE-2023-20208.json) (`2023-11-21T19:15:08.567`)
* [CVE-2023-20265](CVE-2023/CVE-2023-202xx/CVE-2023-20265.json) (`2023-11-21T19:15:08.747`)
* [CVE-2023-20272](CVE-2023/CVE-2023-202xx/CVE-2023-20272.json) (`2023-11-21T19:15:08.920`)
* [CVE-2023-20274](CVE-2023/CVE-2023-202xx/CVE-2023-20274.json) (`2023-11-21T19:15:09.087`)
* [CVE-2023-47643](CVE-2023/CVE-2023-476xx/CVE-2023-47643.json) (`2023-11-21T20:15:07.270`)
* [CVE-2023-48226](CVE-2023/CVE-2023-482xx/CVE-2023-48226.json) (`2023-11-21T20:15:07.543`)
* [CVE-2023-48228](CVE-2023/CVE-2023-482xx/CVE-2023-48228.json) (`2023-11-21T21:15:08.477`)
* [CVE-2023-48230](CVE-2023/CVE-2023-482xx/CVE-2023-48230.json) (`2023-11-21T21:15:08.683`)
* [CVE-2023-48239](CVE-2023/CVE-2023-482xx/CVE-2023-48239.json) (`2023-11-21T21:15:08.880`)
* [CVE-2023-48299](CVE-2023/CVE-2023-482xx/CVE-2023-48299.json) (`2023-11-21T21:15:09.077`)
* [CVE-2023-6238](CVE-2023/CVE-2023-62xx/CVE-2023-6238.json) (`2023-11-21T21:15:09.273`)
* [CVE-2023-48301](CVE-2023/CVE-2023-483xx/CVE-2023-48301.json) (`2023-11-21T22:15:07.490`)
* [CVE-2023-48302](CVE-2023/CVE-2023-483xx/CVE-2023-48302.json) (`2023-11-21T22:15:07.697`)
* [CVE-2023-48303](CVE-2023/CVE-2023-483xx/CVE-2023-48303.json) (`2023-11-21T22:15:07.893`)
* [CVE-2023-48304](CVE-2023/CVE-2023-483xx/CVE-2023-48304.json) (`2023-11-21T22:15:08.087`)
* [CVE-2023-49103](CVE-2023/CVE-2023-491xx/CVE-2023-49103.json) (`2023-11-21T22:15:08.277`)
* [CVE-2023-49104](CVE-2023/CVE-2023-491xx/CVE-2023-49104.json) (`2023-11-21T22:15:08.450`)
* [CVE-2023-49105](CVE-2023/CVE-2023-491xx/CVE-2023-49105.json) (`2023-11-21T22:15:08.613`)
* [CVE-2023-6248](CVE-2023/CVE-2023-62xx/CVE-2023-6248.json) (`2023-11-21T22:15:08.787`)
### CVEs modified in the last Commit
Recently modified CVEs: `56`
Recently modified CVEs: `9`
* [CVE-2023-34997](CVE-2023/CVE-2023-349xx/CVE-2023-34997.json) (`2023-11-21T19:57:40.767`)
* [CVE-2023-45626](CVE-2023/CVE-2023-456xx/CVE-2023-45626.json) (`2023-11-21T19:58:43.770`)
* [CVE-2023-47384](CVE-2023/CVE-2023-473xx/CVE-2023-47384.json) (`2023-11-21T19:58:59.553`)
* [CVE-2023-26222](CVE-2023/CVE-2023-262xx/CVE-2023-26222.json) (`2023-11-21T19:59:20.710`)
* [CVE-2023-34060](CVE-2023/CVE-2023-340xx/CVE-2023-34060.json) (`2023-11-21T19:59:44.507`)
* [CVE-2023-36437](CVE-2023/CVE-2023-364xx/CVE-2023-36437.json) (`2023-11-21T20:00:37.933`)
* [CVE-2023-45627](CVE-2023/CVE-2023-456xx/CVE-2023-45627.json) (`2023-11-21T20:00:49.907`)
* [CVE-2023-36558](CVE-2023/CVE-2023-365xx/CVE-2023-36558.json) (`2023-11-21T20:01:19.307`)
* [CVE-2023-5189](CVE-2023/CVE-2023-51xx/CVE-2023-5189.json) (`2023-11-21T20:05:17.837`)
* [CVE-2023-5985](CVE-2023/CVE-2023-59xx/CVE-2023-5985.json) (`2023-11-21T20:08:25.323`)
* [CVE-2023-34062](CVE-2023/CVE-2023-340xx/CVE-2023-34062.json) (`2023-11-21T20:11:45.330`)
* [CVE-2023-41570](CVE-2023/CVE-2023-415xx/CVE-2023-41570.json) (`2023-11-21T20:13:07.453`)
* [CVE-2023-47308](CVE-2023/CVE-2023-473xx/CVE-2023-47308.json) (`2023-11-21T20:14:36.287`)
* [CVE-2023-47581](CVE-2023/CVE-2023-475xx/CVE-2023-47581.json) (`2023-11-21T20:17:19.600`)
* [CVE-2023-47582](CVE-2023/CVE-2023-475xx/CVE-2023-47582.json) (`2023-11-21T20:23:46.320`)
* [CVE-2023-20519](CVE-2023/CVE-2023-205xx/CVE-2023-20519.json) (`2023-11-21T20:27:42.837`)
* [CVE-2023-20596](CVE-2023/CVE-2023-205xx/CVE-2023-20596.json) (`2023-11-21T20:28:27.040`)
* [CVE-2023-4889](CVE-2023/CVE-2023-48xx/CVE-2023-4889.json) (`2023-11-21T20:28:48.533`)
* [CVE-2023-32641](CVE-2023/CVE-2023-326xx/CVE-2023-32641.json) (`2023-11-21T20:29:33.007`)
* [CVE-2023-22516](CVE-2023/CVE-2023-225xx/CVE-2023-22516.json) (`2023-11-21T20:31:33.013`)
* [CVE-2023-22521](CVE-2023/CVE-2023-225xx/CVE-2023-22521.json) (`2023-11-21T20:31:33.013`)
* [CVE-2023-5055](CVE-2023/CVE-2023-50xx/CVE-2023-5055.json) (`2023-11-21T20:31:33.013`)
* [CVE-2023-47580](CVE-2023/CVE-2023-475xx/CVE-2023-47580.json) (`2023-11-21T20:36:59.427`)
* [CVE-2023-45614](CVE-2023/CVE-2023-456xx/CVE-2023-45614.json) (`2023-11-21T20:41:44.020`)
* [CVE-2023-45615](CVE-2023/CVE-2023-456xx/CVE-2023-45615.json) (`2023-11-21T20:53:21.610`)
* [CVE-2021-3947](CVE-2021/CVE-2021-39xx/CVE-2021-3947.json) (`2023-11-21T21:38:40.057`)
* [CVE-2023-45616](CVE-2023/CVE-2023-456xx/CVE-2023-45616.json) (`2023-11-21T21:04:37.297`)
* [CVE-2023-45617](CVE-2023/CVE-2023-456xx/CVE-2023-45617.json) (`2023-11-21T21:08:47.293`)
* [CVE-2023-45618](CVE-2023/CVE-2023-456xx/CVE-2023-45618.json) (`2023-11-21T21:13:51.230`)
* [CVE-2023-45619](CVE-2023/CVE-2023-456xx/CVE-2023-45619.json) (`2023-11-21T21:17:47.173`)
* [CVE-2023-47584](CVE-2023/CVE-2023-475xx/CVE-2023-47584.json) (`2023-11-21T21:28:21.167`)
* [CVE-2023-47585](CVE-2023/CVE-2023-475xx/CVE-2023-47585.json) (`2023-11-21T21:32:45.827`)
* [CVE-2023-47586](CVE-2023/CVE-2023-475xx/CVE-2023-47586.json) (`2023-11-21T21:49:07.800`)
* [CVE-2023-23549](CVE-2023/CVE-2023-235xx/CVE-2023-23549.json) (`2023-11-21T22:01:31.960`)
## Download and Usage