admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 10:42:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-08-25T20:00:33.871247+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-08-25 20:00:37 +00:00
parent 6c05af780a
commit cb4e4fa91e
36 changed files with 6017 additions and 176 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
CVE-2019/CVE-2019-136xx/CVE-2019-13689.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2019-13689",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-25T19:15:07.920",
"lastModified": "2023-08-25T19:15:07.920",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform arbitrary read/write via a malicious file. (Chromium security severity: Critical)"
}
],
"metrics": {},
"references": [
{
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=960109",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/960109",
"source": "chrome-cve-admin@google.com"
}
]
}

24
CVE-2019/CVE-2019-136xx/CVE-2019-13690.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2019-13690",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-25T19:15:08.117",
"lastModified": "2023-08-25T19:15:08.117",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=960111",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/960111",
"source": "chrome-cve-admin@google.com"
}
]
}

70
CVE-2020/CVE-2020-215xx/CVE-2020-21528.json
View File

@ -2,19 +2,81 @@
"id": "CVE-2020-21528",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:13.803",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T18:05:21.120",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A Segmentation Fault issue discovered in in ieee_segment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service via crafted assembly file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nasm:netwide_assembler:2.14.03:rc2:*:*:*:*:*:*",
"matchCriteriaId": "D96F3D38-7D25-4625-B31F-9FEE9D249EF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nasm:netwide_assembler:2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E1B969-F71C-4770-B43C-C173D45C379F"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392637",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

64
CVE-2020/CVE-2020-216xx/CVE-2020-21679.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2020-21679",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:13.990",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T18:11:08.683",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service via converting of crafted image file to pcx format."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "506A5A58-0AD2-4F2B-80E0-82C7C09BDD52"
}
]
}
]
}
],
"references": [
{
"url": "https://sourceforge.net/p/graphicsmagick/bugs/619/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

65
CVE-2020/CVE-2020-216xx/CVE-2020-21685.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2020-21685",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:14.087",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T18:03:57.177",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in hash_findi function in hashtbl.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nasm:netwide_assembler:2.15:rc0:*:*:*:*:*:*",
"matchCriteriaId": "7E3030CB-7432-4496-BE6E-FBB1265DE60E"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392644",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

65
CVE-2020/CVE-2020-216xx/CVE-2020-21687.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2020-21687",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:15.000",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T18:30:42.440",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in scan function in stdscan.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nasm:netwide_assembler:2.15:rc0:*:*:*:*:*:*",
"matchCriteriaId": "7E3030CB-7432-4496-BE6E-FBB1265DE60E"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392645",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

69
CVE-2020/CVE-2020-217xx/CVE-2020-21722.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2020-21722",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:17.080",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T18:21:24.527",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in oggvideotools 0.9.1 allows remote attackers to run arbitrary code via opening of crafted ogg file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ogg_video_tools_project:ogg_video_tools:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2602E422-4447-434D-BCF6-2FF0E45D0F31"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xiaoxiongwang/security/tree/master/oggvideotools#segv-and-heap-use-after-free-detected-in-line-17-of-streamextractorcpp",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://sourceforge.net/p/oggvideotools/bugs/11/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

69
CVE-2020/CVE-2020-217xx/CVE-2020-21723.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2020-21723",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:18.233",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T18:19:53.093",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A Segmentation Fault issue discovered StreamSerializer::extractStreams function in streamSerializer.cpp in oggvideotools 0.9.1 allows remote attackers to cause a denial of service (crash) via opening of crafted ogg file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ogg_video_tools_project:ogg_video_tools:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2602E422-4447-434D-BCF6-2FF0E45D0F31"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xiaoxiongwang/security/tree/master/oggvideotools#segv-occurs-in-function-streamserializerextractstreams-in-streamserializercpp",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://sourceforge.net/p/oggvideotools/bugs/10/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

69
CVE-2020/CVE-2020-217xx/CVE-2020-21724.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2020-21724",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:18.657",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T18:17:45.607",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in ExtractorInformation function in streamExtractor.cpp in oggvideotools 0.9.1 allows remaote attackers to run arbitrary code via opening of crafted ogg file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ogg_video_tools_project:ogg_video_tools:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2602E422-4447-434D-BCF6-2FF0E45D0F31"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xiaoxiongwang/security/tree/master/oggvideotools#segv-and-heap-overflow-detected-in-line-17-of-streamextractorcpp",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://sourceforge.net/p/oggvideotools/bugs/9/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

66
CVE-2020/CVE-2020-218xx/CVE-2020-21896.json
View File

@ -2,19 +2,77 @@
"id": "CVE-2020-21896",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:18.793",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T18:15:18.393",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A Use After Free vulnerability in svg_dev_text_span_as_paths_defs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote attackers to cause a denial of service via opening of a crafted PDF file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:artifex:mupdf:1.16.0:-:*:*:*:*:*:*",
"matchCriteriaId": "BA9B18AE-B971-43B8-938A-A73F759FCD02"
}
]
}
]
}
],
"references": [
{
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=701294",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
]
}
]
}

65
CVE-2020/CVE-2020-222xx/CVE-2020-22219.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2020-22219",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:19.190",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T19:05:32.963",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in function bitwriter_grow_ in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the encoder."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flac_project:flac:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.4.0",
"matchCriteriaId": "13B55CB3-C5B9-46DF-B36A-EB50126F50C7"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xiph/flac/issues/215",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

66
CVE-2020/CVE-2020-225xx/CVE-2020-22570.json
View File

@ -2,19 +2,77 @@
"id": "CVE-2020-22570",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:19.297",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T19:06:16.767",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Memcached 1.6.0 before 1.6.3 allows remote attackers to cause a denial of service (daemon crash) via a crafted meta command."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:memcached:memcached:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.6.0",
"versionEndExcluding": "1.6.3",
"matchCriteriaId": "9CDEE25B-32D1-4097-BDAB-3C5673C6CE5B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/memcached/memcached/issues/636",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

67
CVE-2020/CVE-2020-226xx/CVE-2020-22628.json
View File

@ -2,19 +2,78 @@
"id": "CVE-2020-22628",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:19.353",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T19:07:04.110",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in LibRaw::stretch() function in libraw\\src\\postprocessing\\aspect_ratio.cpp."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:libraw:libraw:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2019-11-20",
"matchCriteriaId": "44528D09-3056-4121-8B00-3F4DC795A57C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/LibRaw/LibRaw/issues/269",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
}
]
}

66
CVE-2020/CVE-2020-238xx/CVE-2020-23804.json
View File

@ -2,19 +2,77 @@
"id": "CVE-2020-23804",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:19.520",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T19:08:14.600",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-674"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freedesktop:poppler:0.89.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37F154FB-CCC1-4CA4-8124-767AE24BC59D"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/936",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
]
}
]
}

64
CVE-2020/CVE-2020-258xx/CVE-2020-25887.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2020-25887",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:19.887",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T19:09:07.537",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in mg_resolve_from_hosts_file in Mongoose 6.18, when reading from a crafted hosts file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cesanta:mongoose:6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1F4949BC-D04D-4DB8-9E7E-4459648D712E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/cesanta/mongoose/issues/1140",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

69
CVE-2020/CVE-2020-274xx/CVE-2020-27418.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2020-27418",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:20.047",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T18:12:55.850",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A Use After Free vulnerability in Fedora Linux kernel 5.9.0-rc9 allows attackers to obatin sensitive information via vgacon_invert_region() function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fedoraproject:fedora_linux_kernel:5.9.0:rc9:*:*:*:*:*:*",
"matchCriteriaId": "74ED0E71-78FA-49CF-8D16-B2B3291F352E"
}
]
}
]
}
],
"references": [
{
"url": "http://fedora.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://patchwork.freedesktop.org/patch/356372/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
]
}
]
}

65
CVE-2021/CVE-2021-300xx/CVE-2021-30047.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2021-30047",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:20.290",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T19:55:41.143",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "VSFTPD 3.0.3 allows attackers to cause a denial of service due to limited number of connections allowed."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vsftpd_project:vsftpd:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "52E96797-4F16-4478-B9CA-847E469AD982"
}
]
}
]
}
],
"references": [
{
"url": "https://www.exploit-db.com/exploits/49719",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

65
CVE-2021/CVE-2021-322xx/CVE-2021-32292.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2021-32292",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:20.350",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T19:34:03.133",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in json-c through 0.15-20200726. A stack-buffer-overflow exists in the function parseit located in json_parse.c. It allows an attacker to cause code Execution."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c_project:json-c:*:*:*:*:*:*:*:*",
"versionEndIncluding": "0.15-20200726",
"matchCriteriaId": "033EAA23-8493-4B45-982C-6BAA1BB7EF70"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/json-c/json-c/issues/654",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

65
CVE-2021/CVE-2021-402xx/CVE-2021-40211.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2021-40211",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:21.427",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T19:22:18.900",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered with ImageMagick 7.1.0-4 via Division by zero in function ReadEnhMetaFile of coders/emf.c."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-369"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:imagemagick:imagemagick:7.1.0-4:*:*:*:*:*:*:*",
"matchCriteriaId": "7C1767C6-89C1-4D1E-93E0-AC04EF098E16"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ImageMagick/ImageMagick/issues/4097",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
}
]
}

65
CVE-2021/CVE-2021-402xx/CVE-2021-40262.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2021-40262",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:21.487",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T18:11:00.690",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A stack exhaustion issue was discovered in FreeImage before 1.18.0 via the Validate function in PluginRAW.cpp."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freeimage_project:freeimage:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.18.0",
"matchCriteriaId": "15B5725B-CAA0-426F-A33D-ADFB6148FFC3"
}
]
}
]
}
],
"references": [
{
"url": "https://sourceforge.net/p/freeimage/bugs/338/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

65
CVE-2021/CVE-2021-402xx/CVE-2021-40264.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2021-40264",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:21.597",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T18:07:41.327",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "NULL pointer dereference vulnerability in FreeImage before 1.18.0 via the FreeImage_CloneTag function inFreeImageTag.cpp."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freeimage_project:freeimage:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.18.0",
"matchCriteriaId": "15B5725B-CAA0-426F-A33D-ADFB6148FFC3"
}
]
}
]
}
],
"references": [
{
"url": "https://sourceforge.net/p/freeimage/bugs/335/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

65
CVE-2021/CVE-2021-402xx/CVE-2021-40265.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2021-40265",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:21.650",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T18:07:07.530",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A heap overflow bug exists FreeImage before 1.18.0 via ofLoad function in PluginJPEG.cpp."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freeimage_project:freeimage:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.18.0",
"matchCriteriaId": "15B5725B-CAA0-426F-A33D-ADFB6148FFC3"
}
]
}
]
}
],
"references": [
{
"url": "https://sourceforge.net/p/freeimage/bugs/337/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

65
CVE-2021/CVE-2021-402xx/CVE-2021-40266.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2021-40266",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:21.707",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T19:10:40.183",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "FreeImage before 1.18.0, ReadPalette function in PluginTIFF.cpp is vulnerabile to null pointer dereference."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freeimage_project:freeimage:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.18.0",
"matchCriteriaId": "15B5725B-CAA0-426F-A33D-ADFB6148FFC3"
}
]
}
]
}
],
"references": [
{
"url": "https://sourceforge.net/p/freeimage/bugs/334/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

65
CVE-2021/CVE-2021-461xx/CVE-2021-46174.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2021-46174",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:21.820",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T19:40:48.257",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gnu:binutils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.38",
"matchCriteriaId": "A33B4FE0-167D-46DC-AB1D-0BFECBB0E14D"
}
]
}
]
}
],
"references": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28753",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

65
CVE-2021/CVE-2021-461xx/CVE-2021-46179.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2021-46179",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:21.883",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T19:52:59.843",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Reachable Assertion vulnerability in upx before 4.0.0 allows attackers to cause a denial of service via crafted file passed to the the readx function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-617"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:upx_project:upx:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0",
"matchCriteriaId": "1E4C95CD-E2A9-47E3-9866-FD4B7ECF14AA"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/upx/upx/issues/545",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
]
}
]
}

82
CVE-2022/CVE-2022-250xx/CVE-2022-25024.json
View File

@ -2,31 +2,99 @@
"id": "CVE-2022-25024",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:22.173",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T19:20:05.170",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The json2xml package through 3.12.0 for Python allows an error in typecode decoding enabling a remote attack that can lead to an exception, causing a denial of service."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vinitkumar:json2xml:*:*:*:*:*:python:*:*",
"versionEndIncluding": "3.12.0",
"matchCriteriaId": "FD4849CA-C0B1-486D-B26D-E383B997A949"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/vinitkumar/json2xml/issues/106",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/vinitkumar/json2xml/pull/107",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/vinitkumar/json2xml/pull/107/files",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://packaging.python.org/en/latest/guides/analyzing-pypi-package-downloads/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

75
CVE-2022/CVE-2022-296xx/CVE-2022-29654.json
View File

@ -2,27 +2,90 @@
"id": "CVE-2022-29654",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:22.940",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T19:14:18.403",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nasm:netwide_assembler:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.15.05",
"matchCriteriaId": "2776578B-0F9C-4941-BE31-8DE2165B10AB"
}
]
}
]
}
],
"references": [
{
"url": "https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://gist.github.com/naihsin/b96e2c5c2c81621b46557fd7aacd165f",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.nasm.us/pub/nasm/releasebuilds/2.15.05/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

104
CVE-2023/CVE-2023-201xx/CVE-2023-20197.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20197",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-08-16T22:15:10.510",
"lastModified": "2023-08-22T19:16:32.447",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T18:27:24.600",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -34,14 +54,90 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*",
"versionEndExcluding": "1.22.0",
"matchCriteriaId": "FD7E5997-8229-4DE1-A1F7-0C3A2A65C71A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*",
"versionEndExcluding": "1.22.0",
"matchCriteriaId": "AC26FA0D-54D5-4600-A2F1-D715236CDCF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "7.5.13.21586",
"matchCriteriaId": "973542E7-2835-46C0-B99D-BA294BBC5563"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "8.0.1.21160",
"versionEndExcluding": "8.1.7.21585",
"matchCriteriaId": "E7C7440F-C62E-43F4-943E-161D9AB24C22"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:secure_endpoint_private_cloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.8.0",
"matchCriteriaId": "D10B7EE9-96DE-4761-834A-FA5C31326A23"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IISWNZUBAQL4MNBRKLDYG3SHTEGP5KEO/",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-rNwNEEee",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

78
CVE-2023/CVE-2023-202xx/CVE-2023-20217.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20217",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-08-16T22:15:11.437",
"lastModified": "2023-08-18T17:15:09.630",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T18:27:11.443",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -34,18 +54,66 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:thousandeyes_enterprise_agent:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.230",
"matchCriteriaId": "7F8C5493-77A8-471C-8C40-20B48D378F68"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:thousandeyes_recorder:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7640A521-7D82-4BA0-9450-F2786BFEC83B"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/174232/Cisco-ThousandEyes-Enterprise-Agent-Virtual-Appliance-Arbitrary-File-Read.html",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/19",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-te-va-priv-esc-PUdgrx8E",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

3965
CVE-2023/CVE-2023-202xx/CVE-2023-20221.json
View File

File diff suppressed because it is too large Load Diff

14
CVE-2023/CVE-2023-228xx/CVE-2023-22815.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-22815",
"sourceIdentifier": "psirt@wdc.com",
"published": "2023-06-30T22:15:09.817",
"lastModified": "2023-07-07T23:05:38.877",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-25T19:15:08.300",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "\nPost-authentication remote command injection vulnerabilities in Western Digital My Cloud OS 5 devices that could allow an attacker to execute code in the context of the root user on vulnerable CGI files.\n\n\n\nThis issue affects My Cloud OS 5 devices: before 5.26.300.\n\n"
"value": "\nPost-authentication remote command injection vulnerability in Western Digital My Cloud OS 5 devices that could allow an attacker to execute code in the context of the root user on vulnerable CGI files. This vulnerability can only be exploited over the network and the attacker must already have admin/root privileges to carry out the exploit. An authentication bypass is required for this exploit, thereby making it more complex. The attack may not require user interaction. Since an attacker must already be authenticated, the confidentiality impact is low while the integrity and availability impact is high.\u00a0\n\nThis issue affects My Cloud OS 5 devices: before 5.26.300.\n\n"
}
],
"metrics": {
@ -37,19 +37,19 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseScore": 6.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.5,
"exploitabilityScore": 0.7,
"impactScore": 5.5
}
]

55
CVE-2023/CVE-2023-258xx/CVE-2023-25848.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-25848",
"sourceIdentifier": "psirt@esri.com",
"published": "2023-08-25T19:15:08.670",
"lastModified": "2023-08-25T19:15:08.670",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\nArcGIS Enterprise Server versions 11.0 and below have an information disclosure vulnerability where a remote, unauthorized attacker may submit a crafted query that may result in a low severity information disclosure issue. \n\nThe information disclosed is limited to a single attribute in a database connection string. No business data is disclosed.\n\n\n\n\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
}
],
"references": [
{
"url": "https://www.esri.com/arcgis-blog/products/trust-arcgis/announcements/arcgis-server-map-and-feature-service-security-2023-update-1-patch/",
"source": "psirt@esri.com"
}
]
}

52
CVE-2023/CVE-2023-400xx/CVE-2023-40033.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40033",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-16T21:15:09.987",
"lastModified": "2023-08-17T12:53:44.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T18:10:15.893",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +66,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flarum:flarum:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.8.0",
"matchCriteriaId": "A2171054-A339-41DC-9280-C90AD2727BBC"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/flarum/framework/commit/d1059c1cc79fe61f9538f3da55e8f42abbede570",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/flarum/framework/security/advisories/GHSA-67c6-q4j4-hccg",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-403xx/CVE-2023-40352.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40352",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-21T19:15:08.607",
"lastModified": "2023-08-22T12:41:26.783",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T18:15:49.973",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,74 @@
"value": "McAfee Safe Connect anterior a la versi\u00f3n 2.16.1.126 puede permitir a un adversario con privilegios de sistema conseguir una escalada de privilegios cargando DLLs arbitrarias. "
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mcafee:safe_connect:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.16.1.126",
"matchCriteriaId": "A73157F9-CAD4-4EA4-9F11-D39F5586E864"
}
]
}
]
}
],
"references": [
{
"url": "https://www.mcafee.com/en-us/consumer-corporate/mcafee-labs/product-security-bulletins.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mcafee.com/support/?articleId=TS103462&page=shell&shell=article-view",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-44xx/CVE-2023-4456.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4456",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-08-21T17:15:50.283",
"lastModified": "2023-08-21T18:35:09.707",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-25T18:25:09.557",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -34,14 +54,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_logging:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA067793-34BC-4B09-81BB-CDAB559597BF"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4456",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2233087",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

68
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-08-25T18:00:33.975572+00:00
2023-08-25T20:00:33.871247+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-08-25T17:58:28.547000+00:00
2023-08-25T19:55:41.143000+00:00
```
### Last Data Feed Release
@ -29,49 +29,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
223455
223458
```
### CVEs added in the last Commit
Recently added CVEs: `5`
Recently added CVEs: `3`
* [CVE-2020-11711](CVE-2020/CVE-2020-117xx/CVE-2020-11711.json) (`2023-08-25T16:15:07.857`)
* [CVE-2023-40796](CVE-2023/CVE-2023-407xx/CVE-2023-40796.json) (`2023-08-25T16:15:08.323`)
* [CVE-2023-40797](CVE-2023/CVE-2023-407xx/CVE-2023-40797.json) (`2023-08-25T16:15:08.427`)
* [CVE-2023-40798](CVE-2023/CVE-2023-407xx/CVE-2023-40798.json) (`2023-08-25T16:15:08.510`)
* [CVE-2023-38201](CVE-2023/CVE-2023-382xx/CVE-2023-38201.json) (`2023-08-25T17:15:08.530`)
* [CVE-2019-13689](CVE-2019/CVE-2019-136xx/CVE-2019-13689.json) (`2023-08-25T19:15:07.920`)
* [CVE-2019-13690](CVE-2019/CVE-2019-136xx/CVE-2019-13690.json) (`2023-08-25T19:15:08.117`)
* [CVE-2023-25848](CVE-2023/CVE-2023-258xx/CVE-2023-25848.json) (`2023-08-25T19:15:08.670`)
### CVEs modified in the last Commit
Recently modified CVEs: `39`
Recently modified CVEs: `32`
* [CVE-2023-37250](CVE-2023/CVE-2023-372xx/CVE-2023-37250.json) (`2023-08-25T16:15:00.827`)
* [CVE-2023-40273](CVE-2023/CVE-2023-402xx/CVE-2023-40273.json) (`2023-08-25T16:15:08.150`)
* [CVE-2023-39666](CVE-2023/CVE-2023-396xx/CVE-2023-39666.json) (`2023-08-25T16:15:17.530`)
* [CVE-2023-3954](CVE-2023/CVE-2023-39xx/CVE-2023-3954.json) (`2023-08-25T16:16:42.747`)
* [CVE-2023-4446](CVE-2023/CVE-2023-44xx/CVE-2023-4446.json) (`2023-08-25T16:26:29.003`)
* [CVE-2023-20237](CVE-2023/CVE-2023-202xx/CVE-2023-20237.json) (`2023-08-25T16:32:21.537`)
* [CVE-2023-3604](CVE-2023/CVE-2023-36xx/CVE-2023-3604.json) (`2023-08-25T16:35:44.563`)
* [CVE-2023-20229](CVE-2023/CVE-2023-202xx/CVE-2023-20229.json) (`2023-08-25T16:45:26.260`)
* [CVE-2023-3667](CVE-2023/CVE-2023-36xx/CVE-2023-3667.json) (`2023-08-25T17:00:11.147`)
* [CVE-2023-3936](CVE-2023/CVE-2023-39xx/CVE-2023-3936.json) (`2023-08-25T17:02:58.830`)
* [CVE-2023-4435](CVE-2023/CVE-2023-44xx/CVE-2023-4435.json) (`2023-08-25T17:34:31.577`)
* [CVE-2023-40034](CVE-2023/CVE-2023-400xx/CVE-2023-40034.json) (`2023-08-25T17:43:47.567`)
* [CVE-2023-38909](CVE-2023/CVE-2023-389xx/CVE-2023-38909.json) (`2023-08-25T17:48:53.440`)
* [CVE-2023-38908](CVE-2023/CVE-2023-389xx/CVE-2023-38908.json) (`2023-08-25T17:50:42.373`)
* [CVE-2023-38906](CVE-2023/CVE-2023-389xx/CVE-2023-38906.json) (`2023-08-25T17:51:19.590`)
* [CVE-2023-40799](CVE-2023/CVE-2023-407xx/CVE-2023-40799.json) (`2023-08-25T17:51:53.297`)
* [CVE-2023-40800](CVE-2023/CVE-2023-408xx/CVE-2023-40800.json) (`2023-08-25T17:51:53.297`)
* [CVE-2023-40801](CVE-2023/CVE-2023-408xx/CVE-2023-40801.json) (`2023-08-25T17:51:53.297`)
* [CVE-2023-40802](CVE-2023/CVE-2023-408xx/CVE-2023-40802.json) (`2023-08-25T17:51:53.297`)
* [CVE-2023-40915](CVE-2023/CVE-2023-409xx/CVE-2023-40915.json) (`2023-08-25T17:51:53.297`)
* [CVE-2023-4534](CVE-2023/CVE-2023-45xx/CVE-2023-4534.json) (`2023-08-25T17:51:53.297`)
* [CVE-2023-20224](CVE-2023/CVE-2023-202xx/CVE-2023-20224.json) (`2023-08-25T17:52:52.807`)
* [CVE-2023-4417](CVE-2023/CVE-2023-44xx/CVE-2023-4417.json) (`2023-08-25T17:55:22.950`)
* [CVE-2023-4373](CVE-2023/CVE-2023-43xx/CVE-2023-4373.json) (`2023-08-25T17:57:11.583`)
* [CVE-2023-4434](CVE-2023/CVE-2023-44xx/CVE-2023-4434.json) (`2023-08-25T17:57:45.133`)
* [CVE-2020-21722](CVE-2020/CVE-2020-217xx/CVE-2020-21722.json) (`2023-08-25T18:21:24.527`)
* [CVE-2020-21687](CVE-2020/CVE-2020-216xx/CVE-2020-21687.json) (`2023-08-25T18:30:42.440`)
* [CVE-2020-22219](CVE-2020/CVE-2020-222xx/CVE-2020-22219.json) (`2023-08-25T19:05:32.963`)
* [CVE-2020-22570](CVE-2020/CVE-2020-225xx/CVE-2020-22570.json) (`2023-08-25T19:06:16.767`)
* [CVE-2020-22628](CVE-2020/CVE-2020-226xx/CVE-2020-22628.json) (`2023-08-25T19:07:04.110`)
* [CVE-2020-23804](CVE-2020/CVE-2020-238xx/CVE-2020-23804.json) (`2023-08-25T19:08:14.600`)
* [CVE-2020-25887](CVE-2020/CVE-2020-258xx/CVE-2020-25887.json) (`2023-08-25T19:09:07.537`)
* [CVE-2021-40265](CVE-2021/CVE-2021-402xx/CVE-2021-40265.json) (`2023-08-25T18:07:07.530`)
* [CVE-2021-40264](CVE-2021/CVE-2021-402xx/CVE-2021-40264.json) (`2023-08-25T18:07:41.327`)
* [CVE-2021-40262](CVE-2021/CVE-2021-402xx/CVE-2021-40262.json) (`2023-08-25T18:11:00.690`)
* [CVE-2021-40266](CVE-2021/CVE-2021-402xx/CVE-2021-40266.json) (`2023-08-25T19:10:40.183`)
* [CVE-2021-40211](CVE-2021/CVE-2021-402xx/CVE-2021-40211.json) (`2023-08-25T19:22:18.900`)
* [CVE-2021-32292](CVE-2021/CVE-2021-322xx/CVE-2021-32292.json) (`2023-08-25T19:34:03.133`)
* [CVE-2021-46174](CVE-2021/CVE-2021-461xx/CVE-2021-46174.json) (`2023-08-25T19:40:48.257`)
* [CVE-2021-46179](CVE-2021/CVE-2021-461xx/CVE-2021-46179.json) (`2023-08-25T19:52:59.843`)
* [CVE-2021-30047](CVE-2021/CVE-2021-300xx/CVE-2021-30047.json) (`2023-08-25T19:55:41.143`)
* [CVE-2022-29654](CVE-2022/CVE-2022-296xx/CVE-2022-29654.json) (`2023-08-25T19:14:18.403`)
* [CVE-2022-25024](CVE-2022/CVE-2022-250xx/CVE-2022-25024.json) (`2023-08-25T19:20:05.170`)
* [CVE-2023-40033](CVE-2023/CVE-2023-400xx/CVE-2023-40033.json) (`2023-08-25T18:10:15.893`)
* [CVE-2023-40352](CVE-2023/CVE-2023-403xx/CVE-2023-40352.json) (`2023-08-25T18:15:49.973`)
* [CVE-2023-4456](CVE-2023/CVE-2023-44xx/CVE-2023-4456.json) (`2023-08-25T18:25:09.557`)
* [CVE-2023-20221](CVE-2023/CVE-2023-202xx/CVE-2023-20221.json) (`2023-08-25T18:26:44.460`)
* [CVE-2023-20217](CVE-2023/CVE-2023-202xx/CVE-2023-20217.json) (`2023-08-25T18:27:11.443`)
* [CVE-2023-20197](CVE-2023/CVE-2023-201xx/CVE-2023-20197.json) (`2023-08-25T18:27:24.600`)
* [CVE-2023-22815](CVE-2023/CVE-2023-228xx/CVE-2023-22815.json) (`2023-08-25T19:15:08.300`)
## Download and Usage