admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-09T21:00:25.209956+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-09 21:00:29 +00:00
parent 01f1a6de7b
commit cbf08bc94b
114 changed files with 57876 additions and 486 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2020/CVE-2020-10xx/CVE-2020-1025.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2020-1025",
"sourceIdentifier": "secure@microsoft.com",
"published": "2020-07-14T23:15:11.447",
"lastModified": "2021-07-21T11:39:23.747",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-09T20:15:42.577",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "An elevation of privilege vulnerability exists when Microsoft SharePoint Server and Skype for Business Server improperly handle OAuth token validation, aka 'Microsoft Office Elevation of Privilege Vulnerability'."
"value": "<p>An elevation of privilege vulnerability exists when Microsoft SharePoint Server and Skype for Business Server improperly handle OAuth token validation. An attacker who successfully exploited the vulnerability could bypass authentication and achieve improper access.</p>\n<p>To exploit this vulnerability, an attacker would need to modify the token.</p>\n<p>The update addresses the vulnerability by modifying how Microsoft SharePoint Server and Skype for Business Server validate tokens.</p>\n"
},
{
"lang": "es",

28
CVE-2020/CVE-2020-13xx/CVE-2020-1336.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2020-1336",
"sourceIdentifier": "secure@microsoft.com",
"published": "2020-07-14T23:15:12.650",
"lastModified": "2021-07-21T11:39:23.747",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-09T20:15:42.717",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1411."
"value": "<p>An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p>\n<p>To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.</p>\n<p>The security update addresses the vulnerability by ensuring the Windows Kernel properly handles objects in memory.</p>\n"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

6
CVE-2021/CVE-2021-386xx/CVE-2021-38606.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-38606",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-08-12T16:15:10.647",
"lastModified": "2022-07-12T17:42:04.277",
"lastModified": "2024-01-09T19:11:59.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rengine_project:rengine:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:yogeshojha:rengine:*:*:*:*:*:*:*:*",
"versionEndIncluding": "0.5",
"matchCriteriaId": "91A91932-773D-47B5-970B-76E2F1418150"
"matchCriteriaId": "AC07F4CC-92BB-4A9F-A6A0-25FB5122E4C9"
}
]
}

6
CVE-2022/CVE-2022-289xx/CVE-2022-28995.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-28995",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-05-20T19:15:08.027",
"lastModified": "2022-05-26T16:05:06.453",
"lastModified": "2024-01-09T19:11:59.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rengine_project:rengine:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "882271A8-0CAC-459E-82C9-9A258F4A9C4D"
"criteria": "cpe:2.3:a:yogeshojha:rengine:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4DBB0A-5133-439C-9DDA-AC51EE0CC501"
}
]
}

6
CVE-2022/CVE-2022-365xx/CVE-2022-36566.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-36566",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-08-31T18:15:08.607",
"lastModified": "2022-09-06T17:20:54.187",
"lastModified": "2024-01-09T19:11:59.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -59,8 +59,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rengine_project:rengine:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7FF0D875-FB26-4DEC-8F36-716CA84A443C"
"criteria": "cpe:2.3:a:yogeshojha:rengine:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7EC7544-DE01-459C-AAEE-BA6815D98AFB"
}
]
}

4
CVE-2022/CVE-2022-367xx/CVE-2022-36763.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-36763",
"sourceIdentifier": "infosec@edk2.groups.io",
"published": "2024-01-09T16:15:43.053",
"lastModified": "2024-01-09T16:15:43.053",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-367xx/CVE-2022-36764.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-36764",
"sourceIdentifier": "infosec@edk2.groups.io",
"published": "2024-01-09T16:15:43.327",
"lastModified": "2024-01-09T16:15:43.327",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-367xx/CVE-2022-36765.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-36765",
"sourceIdentifier": "infosec@edk2.groups.io",
"published": "2024-01-09T16:15:43.500",
"lastModified": "2024-01-09T16:15:43.500",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-486xx/CVE-2022-48618.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48618",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-01-09T18:15:45.120",
"lastModified": "2024-01-09T18:15:45.120",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

162
CVE-2023/CVE-2023-217xx/CVE-2023-21739.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-21739",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-01-10T22:15:17.727",
"lastModified": "2023-11-02T02:08:12.617",
"lastModified": "2024-01-09T20:45:31.460",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -75,163 +75,105 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19685:*:*:*:*:*:x64:*",
"matchCriteriaId": "4EF03226-E552-4918-8E3B-263C04833E51"
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.19685",
"matchCriteriaId": "2C1346B1-2E6B-43BA-B4FE-921668FE7FA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19685:*:*:*:*:*:x86:*",
"matchCriteriaId": "9CCB4FD1-2BF5-4250-BA84-98DA767CEF39"
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.19685",
"matchCriteriaId": "837328F0-3327-4282-A052-4B2B70A32AD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.5648:*:*:*:*:*:*:*",
"matchCriteriaId": "533CA2F7-49A6-499E-B1C0-DE8962E3F986"
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.5648",
"matchCriteriaId": "ACFC4492-F6E5-4E87-9ACD-73AFCBF83549"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.5648:*:*:*:*:*:x64:*",
"matchCriteriaId": "EC842EAE-67EE-4F97-8849-A38C3FB99CED"
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.5648",
"matchCriteriaId": "9010C07B-7688-4847-9847-6FCD52F57EFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3887:*:*:*:*:*:arm64:*",
"matchCriteriaId": "F6A715BA-4DBB-4B48-815A-26BD09D0B202"
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3887",
"matchCriteriaId": "A7F8B54C-4564-497A-9786-876A516219C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3887:*:*:*:*:*:x64:*",
"matchCriteriaId": "92D8DD3D-7B29-4890-9CE1-2CBEE03E11B8"
"criteria": "cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19042.2486",
"matchCriteriaId": "AED7EFB9-EC40-46C7-B7E2-B0FE245D83E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3887:*:*:*:*:*:x86:*",
"matchCriteriaId": "CCE069BB-B1E6-4073-8CB4-A9DE9947B646"
"criteria": "cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19042.2486",
"matchCriteriaId": "940EAE2A-CF3C-4372-B00C-0E078FDA4998"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_20h2:10.0.19042.2486:*:*:*:*:*:arm64:*",
"matchCriteriaId": "4E1A9751-EA93-4518-8A15-5BC5AC41082F"
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19044.2486",
"matchCriteriaId": "05BF289F-51FE-4CE5-8487-D909E4CA3D77"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_20h2:10.0.19042.2486:*:*:*:*:*:x64:*",
"matchCriteriaId": "FC76854F-C863-4A7C-99C5-33EFD65F6281"
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.2486",
"matchCriteriaId": "127FA76C-101B-4DAB-9034-1B893016D06A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_20h2:10.0.19042.2486:*:*:*:*:*:x86:*",
"matchCriteriaId": "730D9CA9-A32B-4F27-97C8-1286100FB23A"
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.1455",
"matchCriteriaId": "0EB4809B-34A4-4F53-A0AF-689638CF2F91"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:10.0.19042.2486:*:*:*:*:*:arm64:*",
"matchCriteriaId": "B2AC0E93-C49B-472C-B857-63DD2D9F9422"
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.1455",
"matchCriteriaId": "A809468E-4FB6-4421-924E-246A2A447F92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:10.0.19042.2486:*:*:*:*:*:x64:*",
"matchCriteriaId": "61678F7A-EF72-403D-B4CD-9786C329B28B"
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.1105",
"matchCriteriaId": "088C88B9-1BAD-49B2-8E7C-7003C207E311"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:10.0.19042.2486:*:*:*:*:*:x86:*",
"matchCriteriaId": "0F70AA06-7CAB-46A0-8602-2F1F41D5A967"
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.1105",
"matchCriteriaId": "829629EE-33A6-405B-972E-EF0AD42A3574"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.2486:*:*:*:*:*:arm64:*",
"matchCriteriaId": "F8835197-7B83-4EA9-9EAD-6977B36B5A1A"
"criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.20778",
"matchCriteriaId": "774117D4-07C8-49B6-A2CA-842FD898CFF6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.2486:*:*:*:*:*:x64:*",
"matchCriteriaId": "7F30BBC3-2E3E-4082-8CE3-24472501A565"
"criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.3.9600.20778",
"matchCriteriaId": "DCD363DB-4667-472D-832F-760AE785E607"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.2486:*:*:*:*:*:x86:*",
"matchCriteriaId": "C4E35864-4DC0-4E9B-9CA8-F4649B4C7419"
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.20778",
"matchCriteriaId": "943EF503-E48A-4756-A78D-C26F8CC3417F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:10.0.19045.2486:*:*:*:*:*:arm64:*",
"matchCriteriaId": "E7D61F30-97C8-4A38-9441-734740397DCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:10.0.19045.2486:*:*:*:*:*:x64:*",
"matchCriteriaId": "7B557E35-6FF2-4038-904C-E1BA679AE86F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:10.0.19045.2486:*:*:*:*:*:x86:*",
"matchCriteriaId": "43446317-4447-4208-AC07-ED21878209EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:10.0.19042.2486:*:*:*:*:*:arm64:*",
"matchCriteriaId": "AFB81763-AEB6-4733-B68C-F0B8CCAFDE83"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:10.0.19042.2486:*:*:*:*:*:x86:*",
"matchCriteriaId": "2D1AA2E8-1229-454C-8DD4-D4A7AF748968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:10.0.19044.2486:*:*:*:*:*:arm64:*",
"matchCriteriaId": "E0949547-D42E-4E5B-AF68-5B6D3E10F4E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:10.0.19044.2486:*:*:*:*:*:x86:*",
"matchCriteriaId": "EEC27516-320C-44F1-8145-2F4368B20EFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:10.0.19045.2486:*:*:*:*:*:arm64:*",
"matchCriteriaId": "EBF07ADF-112F-4BE6-9F76-8720A3325316"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:10.0.19045.2486:*:*:*:*:*:x64:*",
"matchCriteriaId": "20B9E184-BF28-4BCD-B05E-29C53953184D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:10.0.19045.2486:*:*:*:*:*:x86:*",
"matchCriteriaId": "C395E019-9BAA-4B4E-844A-8383CA94ED66"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:10.0.22000.1455:*:*:*:*:*:arm64:*",
"matchCriteriaId": "C091F8D0-5308-4B29-A7AB-BF69872A368A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:10.0.22000.1455:*:*:*:*:*:x64:*",
"matchCriteriaId": "90C6D8F1-B549-49D5-8493-5E66EE5BCFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:10.0.22621.1105:*:*:*:*:*:arm64:*",
"matchCriteriaId": "DC3E3BC5-A39F-4FB3-8B5E-E2B96CAB023C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:10.0.22621.1105:*:*:*:*:*:x64:*",
"matchCriteriaId": "C7B12E02-FF47-40CB-A71C-40A739E634BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "1D2D3DB5-D2F4-4424-BB2D-004DAAE697F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "238C6C42-CF64-4BC7-9AA4-5DA5DBCBCBC8"
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "6.3.9600.20778",
"matchCriteriaId": "5095B736-5803-4695-ADD9-7AEC06F72C83"
}
]
}

8172
CVE-2023/CVE-2023-330xx/CVE-2023-33030.json
View File

File diff suppressed because it is too large Load Diff

2286
CVE-2023/CVE-2023-330xx/CVE-2023-33037.json
View File

File diff suppressed because it is too large Load Diff

4014
CVE-2023/CVE-2023-330xx/CVE-2023-33038.json
View File

File diff suppressed because it is too large Load Diff

3992
CVE-2023/CVE-2023-330xx/CVE-2023-33040.json
View File

File diff suppressed because it is too large Load Diff

7934
CVE-2023/CVE-2023-330xx/CVE-2023-33062.json
View File

File diff suppressed because it is too large Load Diff

3420
CVE-2023/CVE-2023-330xx/CVE-2023-33094.json
View File

File diff suppressed because it is too large Load Diff

8474
CVE-2023/CVE-2023-331xx/CVE-2023-33109.json
View File

File diff suppressed because it is too large Load Diff

3447
CVE-2023/CVE-2023-331xx/CVE-2023-33110.json
View File

File diff suppressed because it is too large Load Diff

3452
CVE-2023/CVE-2023-331xx/CVE-2023-33112.json
View File

File diff suppressed because it is too large Load Diff

3474
CVE-2023/CVE-2023-331xx/CVE-2023-33113.json
View File

File diff suppressed because it is too large Load Diff

6287
CVE-2023/CVE-2023-331xx/CVE-2023-33120.json
View File

File diff suppressed because it is too large Load Diff

86
CVE-2023/CVE-2023-376xx/CVE-2023-37607.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37607",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-03T14:15:08.747",
"lastModified": "2024-01-03T17:26:57.957",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T20:34:24.857",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,93 @@
"value": "Directory Traversal en sistemas autom\u00e1ticos SOC FL9600 FastLine lego_T04E00 permite a un atacante remoto obtener informaci\u00f3n confidencial."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:automaticsystems:soc_fl9600_firstlane_firmware:06:*:*:*:*:*:*:*",
"matchCriteriaId": "830A05D0-771A-4459-AB3F-2CF52CEEAB35"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:automaticsystems:soc_fl9600_firstlane:-:*:*:*:*:*:*:*",
"matchCriteriaId": "224B999C-43BB-4CDC-8C9B-6DEBF74F27B4"
}
]
}
]
}
],
"references": [
{
"url": "http://automatic-systems.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "http://soc.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
]
},
{
"url": "https://github.com/CQURE/CVEs/blob/main/CVE-2023-37607/README.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

90
CVE-2023/CVE-2023-376xx/CVE-2023-37608.json
View File

@ -2,27 +2,105 @@
"id": "CVE-2023-37608",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-03T13:15:08.393",
"lastModified": "2024-01-03T13:48:00.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T20:44:29.203",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in Automatic Systems SOC FL9600 FastLine v.lego_T04E00 allows a remote attacker to obtain sensitive information via the admin login credentials."
},
{
"lang": "es",
"value": "Un problema en Automatic Systems SOC FL9600 FastLine v.lego_T04E00 permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s de las credenciales de inicio de sesi\u00f3n del administrador."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:automaticsystems:soc_fl9600_firstlane_firmware:06:*:*:*:*:*:*:*",
"matchCriteriaId": "830A05D0-771A-4459-AB3F-2CF52CEEAB35"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:automaticsystems:soc_fl9600_firstlane:-:*:*:*:*:*:*:*",
"matchCriteriaId": "224B999C-43BB-4CDC-8C9B-6DEBF74F27B4"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://automatic-systems.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "http://soc.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://github.com/CQURE/CVEs/tree/main/CVE-2023-37608",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-396xx/CVE-2023-39655.json
View File

@ -2,23 +2,86 @@
"id": "CVE-2023-39655",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-03T13:15:08.467",
"lastModified": "2024-01-03T13:48:00.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T19:28:44.537",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A host header injection vulnerability exists in the NPM package @perfood/couch-auth versions <= 0.20.0. By sending a specially crafted host header in the forgot password request, it is possible to send password reset links to users which, once clicked, lead to an attacker-controlled server and thus leak the password reset token. This may allow an attacker to reset other users' passwords and take over their accounts."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de inyecci\u00f3n de encabezado de host en las versiones del paquete NPM @perfood/couch-auth &lt;= 0.20.0. Al enviar un encabezado de host especialmente manipulado en la solicitud de contrase\u00f1a olvidada, es posible enviar enlaces de restablecimiento de contrase\u00f1a a los usuarios que, una vez que se hace clic en ellos, conducen a un servidor controlado por el atacante y, por lo tanto, filtran el token de restablecimiento de contrase\u00f1a. Esto puede permitir que un atacante restablezca las contrase\u00f1as de otros usuarios y se apodere de sus cuentas."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:perfood:couchauth:*:*:*:*:*:node.js:*:*",
"versionEndIncluding": "0.20.0",
"matchCriteriaId": "CCE0E93C-6557-4DBC-AEB2-97236D1609C1"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-39655",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.npmjs.com/package/%40perfood/couch-auth",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

69
CVE-2023/CVE-2023-417xx/CVE-2023-41776.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41776",
"sourceIdentifier": "psirt@zte.com.cn",
"published": "2024-01-03T02:15:42.993",
"lastModified": "2024-01-03T13:48:00.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T20:01:33.210",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@zte.com.cn",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
},
{
"source": "psirt@zte.com.cn",
"type": "Secondary",
@ -50,10 +80,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zte:zxcloud_irai_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.23.32",
"matchCriteriaId": "FC0DCC6B-32B8-4C28-BDAF-37604BA1ABFC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zte:zxcloud_irai:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D48BE8C-7C78-41D7-87F1-22BFB91E3A5C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034404",
"source": "psirt@zte.com.cn"
"source": "psirt@zte.com.cn",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-417xx/CVE-2023-41779.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41779",
"sourceIdentifier": "psirt@zte.com.cn",
"published": "2024-01-03T02:15:43.217",
"lastModified": "2024-01-03T13:48:00.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T20:01:09.923",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "psirt@zte.com.cn",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
},
{
"source": "psirt@zte.com.cn",
"type": "Secondary",
@ -50,10 +80,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zte:zxcloud_irai_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.23.32",
"matchCriteriaId": "FC0DCC6B-32B8-4C28-BDAF-37604BA1ABFC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zte:zxcloud_irai:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D48BE8C-7C78-41D7-87F1-22BFB91E3A5C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034404",
"source": "psirt@zte.com.cn"
"source": "psirt@zte.com.cn",
"tags": [
"Vendor Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-417xx/CVE-2023-41780.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41780",
"sourceIdentifier": "psirt@zte.com.cn",
"published": "2024-01-03T02:15:43.403",
"lastModified": "2024-01-03T13:48:00.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T20:00:36.170",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@zte.com.cn",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
},
{
"source": "psirt@zte.com.cn",
"type": "Secondary",
@ -50,10 +80,44 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zte:zxcloud_irai_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.23.32",
"matchCriteriaId": "FC0DCC6B-32B8-4C28-BDAF-37604BA1ABFC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zte:zxcloud_irai:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D48BE8C-7C78-41D7-87F1-22BFB91E3A5C"
}
]
}
]
}
],
"references": [
{
"url": "https://https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034404",
"source": "psirt@zte.com.cn"
"source": "psirt@zte.com.cn",
"tags": [
"Broken Link",
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-417xx/CVE-2023-41783.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41783",
"sourceIdentifier": "psirt@zte.com.cn",
"published": "2024-01-03T02:15:43.573",
"lastModified": "2024-01-03T13:48:00.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T20:00:01.497",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@zte.com.cn",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{
"source": "psirt@zte.com.cn",
"type": "Secondary",
@ -50,10 +80,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zte:zxcloud_irai_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.23.32",
"matchCriteriaId": "FC0DCC6B-32B8-4C28-BDAF-37604BA1ABFC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zte:zxcloud_irai:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D48BE8C-7C78-41D7-87F1-22BFB91E3A5C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034404",
"source": "psirt@zte.com.cn"
"source": "psirt@zte.com.cn",
"tags": [
"Vendor Advisory"
]
}
]
}

86
CVE-2023/CVE-2023-439xx/CVE-2023-43955.json
View File

@ -2,31 +2,103 @@
"id": "CVE-2023-43955",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-27T21:15:08.050",
"lastModified": "2023-12-27T21:37:15.710",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T20:06:56.977",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView. This allows attackers to execute arbitrary code, create arbitrary files. and perform arbitrary downloads via JavaScript that uses takeBlobDownloadData."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n com.phlox.tvwebbrowser TV Bro hasta la versi\u00f3n 2.0.0 para Android maneja mal los intents externos a trav\u00e9s de WebView. Esto permite a los atacantes ejecutar c\u00f3digo arbitrario y crear archivos arbitrarios. y realizar descargas arbitrarias a trav\u00e9s de JavaScript que utiliza takeBlobDownloadData."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fedirtsapana:tv_bro:*:*:*:*:*:android:*:*",
"versionEndIncluding": "2.0.0",
"matchCriteriaId": "BCBF560F-1E13-4991-82E9-664F72FF144B"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/actuator/com.phlox.tvwebbrowser",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/CWE-94.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/actuator/com.phlox.tvwebbrowser/blob/main/poc.apk",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/truefedex/tv-bro/pull/182#issue-1901769895",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
]
}
]
}

68
CVE-2023/CVE-2023-457xx/CVE-2023-45722.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45722",
"sourceIdentifier": "psirt@hcl.com",
"published": "2024-01-03T03:15:09.200",
"lastModified": "2024-01-03T13:48:00.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T19:41:37.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "psirt@hcl.com",
"type": "Secondary",
@ -38,10 +58,52 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:dryice_myxalytics:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D13FF107-A7BD-4925-B5A2-B44983C3713B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:dryice_myxalytics:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F872BB54-B3D7-4C48-A8AB-893B566380E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:dryice_myxalytics:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8533C9-FB63-45EE-8FD4-5C69CB19F362"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608",
"source": "psirt@hcl.com"
"source": "psirt@hcl.com",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-478xx/CVE-2023-47882.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-47882",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-27T21:15:08.147",
"lastModified": "2023-12-27T21:37:15.710",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T20:06:32.880",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Kami Vision YI IoT com.yunyi.smartcamera application through 4.1.9_20231127 for Android allows a remote attacker to execute arbitrary JavaScript code via an implicit intent to the com.ants360.yicamera.activity.WebViewActivity component."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n Kami Vision YI IoT com.yunyi.smartcamera hasta 4.1.9_20231127 para Android permite a un atacante remoto ejecutar c\u00f3digo JavaScript arbitrario a trav\u00e9s de un intent impl\u00edcito en el componente com.ants360.yicamera.activity.WebViewActivity."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kamivision:yi_iot:*:*:*:*:*:android:*:*",
"versionEndIncluding": "4.1.9_20231127",
"matchCriteriaId": "598CDC5D-A15E-496B-A32D-96AFE829677A"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/actuator/yi/blob/main/CWE-319.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://play.google.com/store/apps/details?id=com.yunyi.smartcamera",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

81
CVE-2023/CVE-2023-478xx/CVE-2023-47883.json
View File

@ -2,27 +2,96 @@
"id": "CVE-2023-47883",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-27T21:15:08.193",
"lastModified": "2023-12-27T21:37:15.710",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T20:04:45.153",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The com.altamirano.fabricio.tvbrowser TV browser application through 4.5.1 for Android is vulnerable to JavaScript code execution via an explicit intent due to an exposed MainActivity."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n de navegador de TV com.altamirano.fabricio.tvbrowser hasta 4.5.1 para Android es vulnerable a la ejecuci\u00f3n de c\u00f3digo JavaScript mediante un intent expl\u00edcito debido a una MainActivity expuesta."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vladymix:tv_browser:*:*:*:*:*:android:*:*",
"versionEndIncluding": "4.5.1",
"matchCriteriaId": "BF750F5F-07F4-4BEE-9E20-1411CD4EF062"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/actuator/com.altamirano.fabricio.tvbrowser/blob/main/AFC-POC.apk",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/actuator/com.altamirano.fabricio.tvbrowser/blob/main/CWE-94.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/actuator/com.altamirano.fabricio.tvbrowser/blob/main/TVBrowserDemo.gif",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-500xx/CVE-2023-50092.json
View File

@ -2,23 +2,86 @@
"id": "CVE-2023-50092",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-03T13:15:08.523",
"lastModified": "2024-01-03T13:48:00.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T19:39:59.947",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "APIIDA API Gateway Manager for Broadcom Layer7 v2023.2 is vulnerable to Cross Site Scripting (XSS)."
},
{
"lang": "es",
"value": "APIIDA API Gateway Manager para Broadcom Layer7 v2023.2 es vulnerable a Cross Site Scripting (XSS)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apiida:api_gateway_manager:2023.02.02:*:*:*:*:*:*:*",
"matchCriteriaId": "14F0AD5C-2E26-4314-859A-9AAFB18F45A4"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://apiida.com/product/apiida-api-gateway-manager/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://senscybersecurity.nl/cve-2023-50092-explained/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-500xx/CVE-2023-50093.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50093",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-03T14:15:08.840",
"lastModified": "2024-01-03T17:26:57.957",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T19:50:01.367",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,74 @@
"value": "APIIDA API Gateway Manager para Broadcom Layer7 v2023.2.2 es vulnerable a la inyecci\u00f3n de encabezado de host."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apiida:api_gateway_manager:2023.02.02:*:*:*:*:*:*:*",
"matchCriteriaId": "14F0AD5C-2E26-4314-859A-9AAFB18F45A4"
}
]
}
]
}
],
"references": [
{
"url": "https://apiida.com/product/apiida-api-gateway-manager/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://senscybersecurity.nl/cve-2023-50093-explained/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

80
CVE-2023/CVE-2023-500xx/CVE-2023-50094.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50094",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-01T18:15:09.130",
"lastModified": "2024-01-02T13:47:38.167",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T20:48:00.660",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,23 +14,89 @@
"value": "reNgine hasta 2.0.2 permite la inyecci\u00f3n de comandos del sistema operativo si un adversario tiene una ID de sesi\u00f3n v\u00e1lida. El ataque coloca metacaracteres del shell en una cadena api/tools/waf_detector/?url=. Los comandos se ejecutan como root a trav\u00e9s de subprocess.check_output."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:yogeshojha:rengine:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.0.2",
"matchCriteriaId": "157845CF-1B64-4A38-988A-4FA073AD48E2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/yogeshojha/rengine/blob/5e120bd5f9dfbd1da82a193e8c9702e483d38d22/web/api/views.py#L195",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/yogeshojha/rengine/releases",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/yogeshojha/rengine/security",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.mattz.io/posts/cve-2023-50094/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-503xx/CVE-2023-50345.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50345",
"sourceIdentifier": "psirt@hcl.com",
"published": "2024-01-03T02:15:43.757",
"lastModified": "2024-01-03T13:48:00.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T19:50:11.817",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "psirt@hcl.com",
"type": "Secondary",
@ -38,10 +58,52 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:dryice_myxalytics:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D13FF107-A7BD-4925-B5A2-B44983C3713B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:dryice_myxalytics:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F872BB54-B3D7-4C48-A8AB-893B566380E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:dryice_myxalytics:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8533C9-FB63-45EE-8FD4-5C69CB19F362"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608",
"source": "psirt@hcl.com"
"source": "psirt@hcl.com",
"tags": [
"Vendor Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-503xx/CVE-2023-50346.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50346",
"sourceIdentifier": "psirt@hcl.com",
"published": "2024-01-03T02:15:43.913",
"lastModified": "2024-01-03T13:48:00.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T19:50:45.653",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "psirt@hcl.com",
"type": "Secondary",
@ -38,10 +58,52 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:dryice_myxalytics:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D13FF107-A7BD-4925-B5A2-B44983C3713B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:dryice_myxalytics:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F872BB54-B3D7-4C48-A8AB-893B566380E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:dryice_myxalytics:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8533C9-FB63-45EE-8FD4-5C69CB19F362"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608",
"source": "psirt@hcl.com"
"source": "psirt@hcl.com",
"tags": [
"Vendor Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-503xx/CVE-2023-50348.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50348",
"sourceIdentifier": "psirt@hcl.com",
"published": "2024-01-03T02:15:44.070",
"lastModified": "2024-01-03T13:48:00.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T19:50:04.390",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "psirt@hcl.com",
"type": "Secondary",
@ -38,10 +58,52 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:dryice_myxalytics:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D13FF107-A7BD-4925-B5A2-B44983C3713B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:dryice_myxalytics:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F872BB54-B3D7-4C48-A8AB-893B566380E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:dryice_myxalytics:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8533C9-FB63-45EE-8FD4-5C69CB19F362"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608",
"source": "psirt@hcl.com"
"source": "psirt@hcl.com",
"tags": [
"Vendor Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-503xx/CVE-2023-50350.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50350",
"sourceIdentifier": "psirt@hcl.com",
"published": "2024-01-03T02:15:44.227",
"lastModified": "2024-01-03T13:48:00.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T19:44:18.793",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@hcl.com",
"type": "Secondary",
@ -38,10 +58,52 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:dryice_myxalytics:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D13FF107-A7BD-4925-B5A2-B44983C3713B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:dryice_myxalytics:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F872BB54-B3D7-4C48-A8AB-893B566380E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:dryice_myxalytics:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8533C9-FB63-45EE-8FD4-5C69CB19F362"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608",
"source": "psirt@hcl.com"
"source": "psirt@hcl.com",
"tags": [
"Vendor Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-503xx/CVE-2023-50351.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50351",
"sourceIdentifier": "psirt@hcl.com",
"published": "2024-01-03T02:15:44.387",
"lastModified": "2024-01-03T13:48:00.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T19:41:58.467",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{
"source": "psirt@hcl.com",
"type": "Secondary",
@ -38,10 +58,52 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:dryice_myxalytics:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D13FF107-A7BD-4925-B5A2-B44983C3713B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:dryice_myxalytics:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F872BB54-B3D7-4C48-A8AB-893B566380E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:dryice_myxalytics:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8533C9-FB63-45EE-8FD4-5C69CB19F362"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608",
"source": "psirt@hcl.com"
"source": "psirt@hcl.com",
"tags": [
"Vendor Advisory"
]
}
]
}

12
CVE-2023/CVE-2023-514xx/CVE-2023-51449.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-51449",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-22T21:15:09.000",
"lastModified": "2024-01-03T17:57:42.490",
"lastModified": "2024-01-09T20:18:05.027",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -21,19 +21,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{

81
CVE-2023/CVE-2023-517xx/CVE-2023-51707.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51707",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-22T02:15:43.017",
"lastModified": "2023-12-22T12:18:32.690",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T20:07:58.863",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,84 @@
"value": "MotionPro en Array ArrayOS AG anterior a 9.4.0.505 en AG y vxAG permite la ejecuci\u00f3n remota de comandos a trav\u00e9s de paquetes manipulados. AG y vxAG 9.3.0.259.x no se ven afectados."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:arraynetworks:arrayos_ag:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.4.0.505",
"matchCriteriaId": "395D9A88-19A6-4F1E-AF91-AA305B162AFD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arraynetworks:ag:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC33420B-01DE-4B18-BAA8-D9BAAB608FE8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arraynetworks:vxag:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E149796-E3D7-4FAF-AB64-8D273E701861"
}
]
}
]
}
],
"references": [
{
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_Command_Injection_Attacks.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

60
CVE-2023/CVE-2023-517xx/CVE-2023-51784.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51784",
"sourceIdentifier": "security@apache.org",
"published": "2024-01-03T10:15:09.027",
"lastModified": "2024-01-03T13:48:00.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T19:19:59.413",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Vulnerabilidad de control inadecuado de generaci\u00f3n de c\u00f3digo (\"inyecci\u00f3n de c\u00f3digo\") en Apache InLong. Este problema afecta a Apache InLong: desde 1.5.0 hasta 1.9.0, lo que podr\u00eda provocar la ejecuci\u00f3n remota de c\u00f3digo. Se recomienda a los usuarios actualizar a Apache InLong 1.10.0 o seleccionar [1] para resolverlo. [1] https://github.com/apache/inlong/pull/9329"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
@ -27,14 +50,41 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:inlong:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.5.0",
"versionEndExcluding": "1.10.0",
"matchCriteriaId": "59AFC1E3-765D-4D28-9A4C-489C90DAC790"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/03/1",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread/4nxbyl6mh5jgh0plk0qposbxwn6w9h8j",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}

60
CVE-2023/CVE-2023-517xx/CVE-2023-51785.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51785",
"sourceIdentifier": "security@apache.org",
"published": "2024-01-03T10:15:09.130",
"lastModified": "2024-01-03T13:48:00.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T20:18:47.197",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Vulnerabilidad de deserializaci\u00f3n de datos no confiables en Apache InLong. Este problema afecta a Apache InLong: desde la versi\u00f3n 1.7.0 hasta la 1.9.0, los atacantes pueden realizar un ataque de lectura de archivos arbitrario utilizando el controlador mysql. Se recomienda a los usuarios actualizar a Apache InLong 1.10.0 o seleccionar [1] para resolverlo. [1] https://github.com/apache/inlong/pull/9331"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
@ -27,14 +50,41 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:inlong:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.7.0",
"versionEndIncluding": "1.9.0",
"matchCriteriaId": "92169308-15D8-4DE5-B2BF-7AC7A4D5D72D"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/03/2",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread/g0yjmtjqvp8bnf1j0tdsk0nhfozjdjno",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-61xx/CVE-2023-6129.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6129",
"sourceIdentifier": "openssl-security@openssl.org",
"published": "2024-01-09T17:15:12.147",
"lastModified": "2024-01-09T18:15:46.727",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

69
CVE-2023/CVE-2023-66xx/CVE-2023-6629.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6629",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-03T05:15:11.463",
"lastModified": "2024-01-03T13:48:00.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T20:53:45.773",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -38,18 +58,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpexperts:post_smtp:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.8.7",
"matchCriteriaId": "00068F78-E905-4A92-8286-F98BDBD96103"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/post-smtp/trunk/Postman/Wizard/NewWizard.php#L396",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3012318%40post-smtp%2Ftrunk&old=3006604%40post-smtp%2Ftrunk&sfp_email=&sfph_mail=#file4",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7681f984-d488-4da7-afe1-988e5ad012f2?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-69xx/CVE-2023-6984.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6984",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-03T09:15:11.647",
"lastModified": "2024-01-03T13:48:00.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T20:31:06.297",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -38,14 +58,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ideabox:powerpack_addons_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.7.14",
"matchCriteriaId": "4BCCE985-F39E-4976-9213-B39C53E98A6D"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3015474%40powerpack-lite-for-elementor&new=3015474%40powerpack-lite-for-elementor&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fe2cfc96-63f4-4e4b-bf49-6031594a4805?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-70xx/CVE-2023-7032.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-7032",
"sourceIdentifier": "cybersecurity@se.com",
"published": "2024-01-09T20:15:42.967",
"lastModified": "2024-01-09T20:15:42.967",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker\nlogged in with a user level account to gain higher privileges by providing a harmful serialized\nobject.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cybersecurity@se.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cybersecurity@se.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-009-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-009-02.pdf",
"source": "cybersecurity@se.com"
}
]
}

65
CVE-2023/CVE-2023-70xx/CVE-2023-7068.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7068",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-03T09:15:11.810",
"lastModified": "2024-01-03T13:48:00.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T20:19:48.597",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -38,14 +58,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webtoffee:woocommerce_pdf_invoices\\,_packing_slips\\,_delivery_notes_and_shipping_labels:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.3.1",
"matchCriteriaId": "EF7BC28E-802E-4132-8D66-C366D4E50C8A"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3014977%40print-invoices-packing-slip-labels-for-woocommerce&new=3014977%40print-invoices-packing-slip-labels-for-woocommerce&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5abc282d-68c9-423c-a15c-d4d3f7035661?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

144
CVE-2023/CVE-2023-71xx/CVE-2023-7101.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7101",
"sourceIdentifier": "mandiant-cve@google.com",
"published": "2023-12-24T22:15:07.983",
"lastModified": "2024-01-08T03:15:13.703",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-01-09T20:07:41.527",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2024-01-02",
"cisaActionDue": "2024-01-23",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
@ -18,8 +18,41 @@
"value": "Spreadsheet::ParseExcel version 0.65 es un m\u00f3dulo Perl utilizado para analizar archivos Excel. Spreadsheet::ParseExcel es afectado por una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo arbitrario (ACE) debido a que se pasa una entrada no validada de un archivo a una \"evaluaci\u00f3n\" de tipo cadena. Espec\u00edficamente, el problema surge de la evaluaci\u00f3n de cadenas de formato num\u00e9rico (que no deben confundirse con cadenas de formato de estilo printf) dentro de la l\u00f3gica de an\u00e1lisis de Excel."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{
"source": "mandiant-cve@google.com",
"type": "Secondary",
@ -31,46 +64,131 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jmcnamara:spreadsheet\\:\\:parseexcel:*:*:*:*:*:perl:*:*",
"versionEndIncluding": "0.65",
"matchCriteriaId": "1C81AC37-3219-4A80-A89E-8BDC1E238F82"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/12/29/4",
"source": "mandiant-cve@google.com"
"source": "mandiant-cve@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://github.com/jmcnamara/spreadsheet-parseexcel/blob/c7298592e102a375d43150cd002feed806557c15/lib/Spreadsheet/ParseExcel/Utility.pm#L171",
"source": "mandiant-cve@google.com"
"source": "mandiant-cve@google.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.md",
"source": "mandiant-cve@google.com"
"source": "mandiant-cve@google.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://https://github.com/haile01/perl_spreadsheet_excel_rce_poc",
"source": "mandiant-cve@google.com"
"source": "mandiant-cve@google.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://https://github.com/jmcnamara/spreadsheet-parseexcel/commit/bd3159277e745468e2c553417b35d5d7dc7405bc",
"source": "mandiant-cve@google.com"
"source": "mandiant-cve@google.com",
"tags": [
"Patch"
]
},
{
"url": "https://https://metacpan.org/dist/Spreadsheet-ParseExcel",
"source": "mandiant-cve@google.com"
"source": "mandiant-cve@google.com",
"tags": [
"Product"
]
},
{
"url": "https://https://www.cve.org/CVERecord?id=CVE-2023-7101",
"source": "mandiant-cve@google.com"
"source": "mandiant-cve@google.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00025.html",
"source": "mandiant-cve@google.com"
"source": "mandiant-cve@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IFEHKULQRVXHIV7XXK2RGD4VQN6Y4CV5/",
"source": "mandiant-cve@google.com"
"source": "mandiant-cve@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2FIWDHRYTAAQLGM6AFOZVM7AFZ4H2ZR/",
"source": "mandiant-cve@google.com"
"source": "mandiant-cve@google.com",
"tags": [
"Mailing List"
]
}
]
}

220
CVE-2023/CVE-2023-71xx/CVE-2023-7102.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2023-7102",
"sourceIdentifier": "mandiant-cve@google.com",
"published": "2023-12-24T22:15:08.107",
"lastModified": "2023-12-25T03:08:09.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T20:07:12.283",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic.\n\n"
},
{
"lang": "es",
"value": "El uso de una librer\u00eda de terceros produjo una vulnerabilidad en el dispositivo Barracuda ESG de Barracuda Networks Inc. que permit\u00eda la inyecci\u00f3n de par\u00e1metros. Este problema afect\u00f3 al dispositivo Barracuda ESG, desde la versi\u00f3n 5.1.3.001 hasta la 9.2.1.001, hasta que Barracuda elimin\u00f3 la l\u00f3gica vulnerable."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "mandiant-cve@google.com",
"type": "Secondary",
@ -23,30 +60,195 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:barracuda:email_security_gateway_300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.1.3.001",
"versionEndIncluding": "9.2.1.001",
"matchCriteriaId": "E60161F1-A5A9-41C1-A123-7163D353F927"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:barracuda:email_security_gateway_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "824DAE15-3628-4346-947E-C33FA46AADE6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:barracuda:email_security_gateway_400_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.1.3.001",
"versionEndIncluding": "9.2.1.001",
"matchCriteriaId": "178F9F7E-C6B7-427A-9E0A-BB98E26443D4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:barracuda:email_security_gateway_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ACD3DD62-D690-47F9-8416-61AD78B33699"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:barracuda:email_security_gateway_600_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.1.3.001",
"versionEndIncluding": "9.2.1.001",
"matchCriteriaId": "A5D5514D-91F5-46D6-B936-353BA14BD862"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:barracuda:email_security_gateway_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C507D86-2E68-44A4-A31C-EEF9A6BBEE54"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:barracuda:email_security_gateway_800_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.1.3.001",
"versionEndIncluding": "9.2.1.001",
"matchCriteriaId": "C1048A03-2201-46DF-9AC9-AFB9FB26F61B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:barracuda:email_security_gateway_800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74D999D5-6CE5-49F7-A0C5-0B44704FEE45"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:barracuda:email_security_gateway_900_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.1.3.001",
"versionEndIncluding": "9.2.1.001",
"matchCriteriaId": "5E070CD5-CFA8-4FD8-9291-74A0412CC3F2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:barracuda:email_security_gateway_900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFA6EA4B-B0FF-437B-A48E-F11D0CD5EB2B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/haile01/perl_spreadsheet_excel_rce_poc",
"source": "mandiant-cve@google.com"
"source": "mandiant-cve@google.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/jmcnamara/spreadsheet-parseexcel/blob/c7298592e102a375d43150cd002feed806557c15/lib/Spreadsheet/ParseExcel/Utility.pm#L171",
"source": "mandiant-cve@google.com"
"source": "mandiant-cve@google.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.md",
"source": "mandiant-cve@google.com"
"source": "mandiant-cve@google.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://metacpan.org/dist/Spreadsheet-ParseExcel",
"source": "mandiant-cve@google.com"
"source": "mandiant-cve@google.com",
"tags": [
"Product"
]
},
{
"url": "https://www.barracuda.com/company/legal/esg-vulnerability",
"source": "mandiant-cve@google.com"
"source": "mandiant-cve@google.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7101",
"source": "mandiant-cve@google.com"
"source": "mandiant-cve@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-72xx/CVE-2023-7222.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7222",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-09T16:15:43.693",
"lastModified": "2024-01-09T16:15:43.693",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-72xx/CVE-2023-7223.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7223",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-09T16:15:43.990",
"lastModified": "2024-01-09T16:15:43.990",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-00xx/CVE-2024-0056.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0056",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:46.783",
"lastModified": "2024-01-09T18:15:46.783",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-00xx/CVE-2024-0057.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0057",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:46.980",
"lastModified": "2024-01-09T18:15:46.980",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

69
CVE-2024/CVE-2024-02xx/CVE-2024-0201.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0201",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-03T10:15:09.240",
"lastModified": "2024-01-03T13:48:00.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T20:17:56.357",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -38,18 +58,57 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webcodingplace:product_expiry_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.6",
"matchCriteriaId": "216E1DDE-6AD5-4961-9CEE-2B5A74DE6108"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/product-expiry-for-woocommerce/tags/2.5/product-expiry-for-woocommerce.php#L263",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/product-expiry-for-woocommerce/tags/2.6/product-expiry-for-woocommerce.php?rev=3014924#L263",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c4006612-770a-482f-a8c2-e62f607914a9?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

64
CVE-2024/CVE-2024-02xx/CVE-2024-0207.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0207",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-01-03T08:15:10.053",
"lastModified": "2024-01-03T13:48:00.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T19:10:05.427",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -50,14 +80,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wireshark:wireshark:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1F212AE9-0C17-4994-8B70-853E941D27E4"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/wireshark/wireshark/-/issues/19502",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://www.wireshark.org/security/wnpa-sec-2024-03.html",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

78
CVE-2024/CVE-2024-02xx/CVE-2024-0208.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0208",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-01-03T08:15:10.340",
"lastModified": "2024-01-03T13:48:00.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-09T19:19:21.827",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-674"
}
]
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -50,14 +80,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.6.0",
"versionEndIncluding": "3.6.19",
"matchCriteriaId": "65FBDC60-FF20-4229-ABC0-EE9086383FF1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndIncluding": "4.0.11",
"matchCriteriaId": "8B81555C-B047-479C-A5C2-44B5FFEF9332"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wireshark:wireshark:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1F212AE9-0C17-4994-8B70-853E941D27E4"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/wireshark/wireshark/-/issues/19496",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://www.wireshark.org/security/wnpa-sec-2024-01.html",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

4
CVE-2024/CVE-2024-02xx/CVE-2024-0226.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0226",
"sourceIdentifier": "disclosure@synopsys.com",
"published": "2024-01-09T18:15:47.177",
"lastModified": "2024-01-09T18:15:47.177",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-03xx/CVE-2024-0340.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0340",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-09T18:15:47.503",
"lastModified": "2024-01-09T18:15:47.503",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

88
CVE-2024/CVE-2024-03xx/CVE-2024-0341.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-0341",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-09T19:15:11.023",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Inis up to 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file /app/api/controller/default/File.php of the component GET Request Handler. The manipulation of the argument path leads to path traversal: '../filedir'. The exploit has been disclosed to the public and may be used. The identifier VDB-250109 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:S/C:P/I:N/A:N",
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.7
},
"baseSeverity": "LOW",
"exploitabilityScore": 5.1,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-24"
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/VYx8H9u8gyHw",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.250109",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.250109",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-03xx/CVE-2024-0342.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-0342",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-09T20:15:43.190",
"lastModified": "2024-01-09T20:15:43.190",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in Inis up to 2.0.1. Affected is an unknown function of the file /app/api/controller/default/Sqlite.php. The manipulation of the argument sql leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-250110 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/nWYJHrmUqv7i",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.250110",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.250110",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-03xx/CVE-2024-0343.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-0343",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-09T20:15:43.503",
"lastModified": "2024-01-09T20:15:43.503",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in CodeAstro Simple House Rental System 5.6. Affected by this vulnerability is an unknown functionality of the component Login Panel. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250111."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1NHdebIGiV8FybYFGXIqWHjdVGzZCQqAm/view?usp=sharing",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.250111",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.250111",
"source": "cna@vuldb.com"
}
]
}

4
CVE-2024/CVE-2024-206xx/CVE-2024-20652.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20652",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:47.733",
"lastModified": "2024-01-09T18:15:47.733",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20653.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20653",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:47.940",
"lastModified": "2024-01-09T18:15:47.940",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20654.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20654",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:48.130",
"lastModified": "2024-01-09T18:15:48.130",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20655.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20655",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:48.307",
"lastModified": "2024-01-09T18:15:48.307",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20656.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20656",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:48.490",
"lastModified": "2024-01-09T18:15:48.490",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20657.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20657",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:48.670",
"lastModified": "2024-01-09T18:15:48.670",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20658.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20658",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:48.913",
"lastModified": "2024-01-09T18:15:48.913",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20660.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20660",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:49.090",
"lastModified": "2024-01-09T18:15:49.090",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20661.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20661",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:49.270",
"lastModified": "2024-01-09T18:15:49.270",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20662.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20662",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:49.447",
"lastModified": "2024-01-09T18:15:49.447",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20663.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20663",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:49.640",
"lastModified": "2024-01-09T18:15:49.640",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20664.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20664",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:49.863",
"lastModified": "2024-01-09T18:15:49.863",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20666.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20666",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:50.057",
"lastModified": "2024-01-09T18:15:50.057",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20672.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20672",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:50.243",
"lastModified": "2024-01-09T18:15:50.243",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20674.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20674",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:50.473",
"lastModified": "2024-01-09T18:15:50.473",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20676.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20676",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:50.680",
"lastModified": "2024-01-09T18:15:50.680",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20677.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20677",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:50.887",
"lastModified": "2024-01-09T18:15:50.887",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20680.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20680",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:51.067",
"lastModified": "2024-01-09T18:15:51.067",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20681.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20681",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:51.257",
"lastModified": "2024-01-09T18:15:51.257",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20682.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20682",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:51.433",
"lastModified": "2024-01-09T18:15:51.433",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20683.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20683",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:51.643",
"lastModified": "2024-01-09T18:15:51.643",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20686.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20686",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:51.827",
"lastModified": "2024-01-09T18:15:51.827",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20687.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20687",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:52.010",
"lastModified": "2024-01-09T18:15:52.010",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20690.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20690",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:52.197",
"lastModified": "2024-01-09T18:15:52.197",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20691.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20691",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:52.387",
"lastModified": "2024-01-09T18:15:52.387",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20692.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20692",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:52.567",
"lastModified": "2024-01-09T18:15:52.567",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20694.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20694",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:52.757",
"lastModified": "2024-01-09T18:15:52.757",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20696.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20696",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:52.927",
"lastModified": "2024-01-09T18:15:52.927",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20697.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20697",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:53.130",
"lastModified": "2024-01-09T18:15:53.130",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20698.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20698",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:53.300",
"lastModified": "2024-01-09T18:15:53.300",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-206xx/CVE-2024-20699.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20699",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:53.490",
"lastModified": "2024-01-09T18:15:53.490",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-207xx/CVE-2024-20700.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-20700",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:53.673",
"lastModified": "2024-01-09T18:15:53.673",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-213xx/CVE-2024-21305.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21305",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:53.940",
"lastModified": "2024-01-09T18:15:53.940",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-213xx/CVE-2024-21306.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21306",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:54.120",
"lastModified": "2024-01-09T18:15:54.120",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-213xx/CVE-2024-21307.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21307",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:54.310",
"lastModified": "2024-01-09T18:15:54.310",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-213xx/CVE-2024-21309.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21309",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:54.500",
"lastModified": "2024-01-09T18:15:54.500",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-213xx/CVE-2024-21310.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21310",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:54.697",
"lastModified": "2024-01-09T18:15:54.697",
"vulnStatus": "Received",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

Some files were not shown because too many files have changed in this diff Show More