admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-06-26T18:00:29.204692+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-06-26 18:00:32 +00:00
parent cc276a5656
commit ce59909bbd
112 changed files with 4789 additions and 482 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

88
CVE-2017/CVE-2017-10004xx/CVE-2017-1000405.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-1000405",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-11-30T22:29:00.217",
"lastModified": "2018-02-13T02:29:00.503",
"vulnStatus": "Modified",
"lastModified": "2023-06-26T16:55:42.617",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
@ -85,9 +85,65 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.38",
"versionEndIncluding": "4.14",
"matchCriteriaId": "3BB96558-6F1B-4972-92B7-E6C6E4EAF36D"
"versionStartIncluding": "3.2.87",
"versionEndExcluding": "3.3",
"matchCriteriaId": "EDF220AE-D4D3-4C0B-BFCA-4DDB897A81FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.10.106",
"versionEndExcluding": "3.11",
"matchCriteriaId": "37623D83-3245-418B-AA79-7FFB56124AAB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.12.73",
"versionEndExcluding": "3.13",
"matchCriteriaId": "AB8D1C8F-5DE4-4255-B35E-85BEE71D518A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.16.42",
"versionEndExcluding": "3.16.52",
"matchCriteriaId": "6D8C2C4B-81CA-4D5D-9B18-6D93FC1B1B5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.18.55",
"versionEndExcluding": "3.18.86",
"matchCriteriaId": "B38F58F2-22F3-41A2-B43D-FD9027FD2A7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.1.41",
"versionEndExcluding": "4.1.48",
"matchCriteriaId": "871C0EA3-24B8-4D57-A72C-42F66AEED6D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.4.70",
"versionEndExcluding": "4.4.104",
"matchCriteriaId": "FCBEC938-9743-47A8-B536-D7B935A453A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.9.7",
"versionEndExcluding": "4.9.67",
"matchCriteriaId": "1D4E9DE9-EA55-48F6-88BB-DBF18E65D76A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.4",
"matchCriteriaId": "526A67F6-8D42-4C55-99BE-B68231777244"
}
]
}
@ -105,11 +161,18 @@
},
{
"url": "http://www.securitytracker.com/id/1040020",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:0180",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://medium.com/bindecy/huge-dirty-cow-cve-2017-1000405-110eca132de0",
@ -122,7 +185,10 @@
},
{
"url": "https://source.android.com/security/bulletin/pixel/2018-02-01",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.exploit-db.com/exploits/43199/",

99
CVE-2017/CVE-2017-116xx/CVE-2017-11600.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-11600",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-07-24T07:29:00.183",
"lastModified": "2019-05-14T23:29:01.357",
"vulnStatus": "Modified",
"lastModified": "2023-06-26T16:55:48.547",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
@ -85,8 +85,51 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.12.3",
"matchCriteriaId": "93B616B9-0E9C-48F4-B663-8278767861FB"
"versionStartIncluding": "2.6.21",
"versionEndExcluding": "3.2.93",
"matchCriteriaId": "D5928442-90C8-4CF4-99D6-FD6413331840"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.3",
"versionEndExcluding": "3.10.108",
"matchCriteriaId": "7AEC5142-D74C-40FD-9F20-286B9566A40E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.11",
"versionEndExcluding": "3.18.70",
"matchCriteriaId": "CB780C40-C214-45CC-8FD2-CBCEE5A4217D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.19",
"versionEndExcluding": "4.1.45",
"matchCriteriaId": "AEF05B4A-F2FD-4E86-9798-F55AAD1C1C61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.2",
"versionEndExcluding": "4.4.87",
"matchCriteriaId": "5FEE2737-FAD8-4C80-925C-0270CE9B7A38"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.5",
"versionEndExcluding": "4.9.48",
"matchCriteriaId": "CAF50161-21D4-4D8A-AF13-2459A5103452"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.12.11",
"matchCriteriaId": "9463D887-C14C-404D-B58A-2BE16D1EF820"
}
]
}
@ -96,7 +139,11 @@
"references": [
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/bugtraq/2017/Jul/30",
@ -108,31 +155,53 @@
},
{
"url": "http://www.debian.org/security/2017/dsa-3981",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/99928",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:1965",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:2003",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:1170",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:1190",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://source.android.com/security/bulletin/pixel/2017-11-01",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2021/CVE-2021-219xx/CVE-2021-21948.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-21948",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2022-04-14T20:15:08.513",
"lastModified": "2022-04-21T15:40:30.787",
"lastModified": "2023-06-26T18:00:05.753",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -92,7 +92,7 @@
"description": [
{
"lang": "en",
"value": "CWE-787"
"value": "CWE-190"
}
]
},

14
CVE-2021/CVE-2021-248xx/CVE-2021-24881.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-24881",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-23T15:15:13.147",
"lastModified": "2023-01-30T19:25:46.660",
"lastModified": "2023-06-26T17:47:21.500",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -36,8 +36,18 @@
},
"weaknesses": [
{
"source": "contact@wpscan.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "contact@wpscan.com",
"type": "Secondary",
"description": [
{
"lang": "en",

5
CVE-2021/CVE-2021-266xx/CVE-2021-26634.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-26634",
"sourceIdentifier": "vuln@krcert.or.kr",
"published": "2022-06-02T14:15:28.243",
"lastModified": "2022-06-09T17:32:50.283",
"lastModified": "2023-06-26T17:59:11.773",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "CWE-434"
}
]
},
@ -148,6 +148,7 @@
"url": "https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66746",
"source": "vuln@krcert.or.kr",
"tags": [
"Broken Link",
"Third Party Advisory"
]
}

5
CVE-2021/CVE-2021-266xx/CVE-2021-26635.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-26635",
"sourceIdentifier": "vuln@krcert.or.kr",
"published": "2022-06-02T14:15:28.307",
"lastModified": "2022-06-09T16:45:35.180",
"lastModified": "2023-06-26T17:58:58.730",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-787"
"value": "CWE-843"
}
]
},
@ -128,6 +128,7 @@
"url": "https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66747",
"source": "vuln@krcert.or.kr",
"tags": [
"Broken Link",
"Third Party Advisory"
]
}

9
CVE-2021/CVE-2021-266xx/CVE-2021-26637.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-26637",
"sourceIdentifier": "vuln@krcert.or.kr",
"published": "2022-06-23T17:15:11.223",
"lastModified": "2022-06-29T16:50:22.437",
"lastModified": "2023-06-26T17:49:21.467",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,11 @@
"description": [
{
"lang": "en",
"value": "CWE-287"
"value": "CWE-306"
},
{
"lang": "en",
"value": "CWE-862"
}
]
},
@ -208,6 +212,7 @@
"url": "https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66782",
"source": "vuln@krcert.or.kr",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]

4
CVE-2021/CVE-2021-267xx/CVE-2021-26732.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-26732",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2022-10-24T14:15:48.360",
"lastModified": "2023-02-03T02:31:23.117",
"lastModified": "2023-06-26T17:47:27.873",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -65,7 +65,7 @@
"description": [
{
"lang": "en",
"value": "CWE-862"
"value": "NVD-CWE-Other"
}
]
},

4
CVE-2021/CVE-2021-328xx/CVE-2021-32845.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-32845",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-02-17T23:15:11.963",
"lastModified": "2023-02-28T20:29:26.297",
"lastModified": "2023-06-26T17:47:09.283",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -61,7 +61,7 @@
"description": [
{
"lang": "en",
"value": "CWE-908"
"value": "CWE-252"
}
]
},

4
CVE-2021/CVE-2021-328xx/CVE-2021-32846.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-32846",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-02-17T23:15:12.037",
"lastModified": "2023-02-28T20:28:54.537",
"lastModified": "2023-06-26T17:47:01.820",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -61,7 +61,7 @@
"description": [
{
"lang": "en",
"value": "CWE-908"
"value": "CWE-754"
}
]
},

4
CVE-2021/CVE-2021-34xx/CVE-2021-3433.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-3433",
"sourceIdentifier": "vulnerabilities@zephyrproject.org",
"published": "2022-06-28T20:15:08.187",
"lastModified": "2022-07-08T15:07:55.960",
"lastModified": "2023-06-26T17:49:17.663",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-755"
"value": "NVD-CWE-Other"
}
]
},

4
CVE-2021/CVE-2021-352xx/CVE-2021-35254.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-35254",
"sourceIdentifier": "psirt@solarwinds.com",
"published": "2022-03-25T19:15:08.913",
"lastModified": "2022-03-31T15:28:08.257",
"lastModified": "2023-06-26T17:53:00.060",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "NVD-CWE-Other"
}
]
},

4
CVE-2021/CVE-2021-355xx/CVE-2021-35530.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-35530",
"sourceIdentifier": "cybersecurity@hitachienergy.com",
"published": "2022-06-07T21:15:14.640",
"lastModified": "2023-04-19T15:32:25.210",
"lastModified": "2023-06-26T17:58:56.477",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-287"
"value": "NVD-CWE-Other"
}
]
},

4
CVE-2021/CVE-2021-355xx/CVE-2021-35531.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-35531",
"sourceIdentifier": "cybersecurity@hitachienergy.com",
"published": "2022-06-07T21:15:14.720",
"lastModified": "2023-04-19T15:32:25.210",
"lastModified": "2023-06-26T17:58:52.407",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -70,7 +70,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "CWE-78"
}
]
},

13
CVE-2021/CVE-2021-359xx/CVE-2021-35937.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-35937",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-08-25T20:15:09.243",
"lastModified": "2022-11-16T20:05:07.723",
"lastModified": "2023-06-26T17:48:36.517",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -40,21 +40,17 @@
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-367"
},
{
"lang": "en",
"value": "CWE-59"
}
]
},
{
"source": "nvd@nist.gov",
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
@ -152,8 +148,7 @@
"url": "https://rpm.org/wiki/Releases/4.18.0",
"source": "secalert@redhat.com",
"tags": [
"Release Notes",
"Vendor Advisory"
"Release Notes"
]
},
{

4
CVE-2021/CVE-2021-36xx/CVE-2021-3675.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-3675",
"sourceIdentifier": "PSIRT@synaptics.com",
"published": "2022-06-16T17:15:07.593",
"lastModified": "2022-07-05T20:29:12.387",
"lastModified": "2023-06-26T17:49:26.863",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "CWE-787"
}
]
},

7
CVE-2021/CVE-2021-374xx/CVE-2021-37404.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-37404",
"sourceIdentifier": "security@apache.org",
"published": "2022-06-13T07:15:08.327",
"lastModified": "2022-10-27T16:15:35.113",
"lastModified": "2023-06-26T17:58:44.603",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -70,7 +70,7 @@
"description": [
{
"lang": "en",
"value": "CWE-120"
"value": "CWE-787"
}
]
},
@ -130,8 +130,7 @@
"url": "https://lists.apache.org/thread/2h56ztcj3ojc66qzf1nno88vjw9vd4wo",
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
"Mailing List"
]
},
{

4
CVE-2021/CVE-2021-37xx/CVE-2021-3782.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-3782",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-09-23T16:15:10.143",
"lastModified": "2023-06-01T17:57:41.023",
"lastModified": "2023-06-26T17:47:45.693",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -45,7 +45,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-190"
}
]
},

14
CVE-2021/CVE-2021-398xx/CVE-2021-39820.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-39820",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-06-15T17:15:08.403",
"lastModified": "2022-06-24T13:45:58.787",
"lastModified": "2023-06-26T17:57:14.253",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -65,8 +65,18 @@
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"description": [
{
"lang": "en",

4
CVE-2021/CVE-2021-403xx/CVE-2021-40336.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-40336",
"sourceIdentifier": "cybersecurity@hitachienergy.com",
"published": "2022-07-25T15:15:09.247",
"lastModified": "2023-04-19T15:32:25.210",
"lastModified": "2023-06-26T17:49:15.913",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -65,7 +65,7 @@
"description": [
{
"lang": "en",
"value": "CWE-352"
"value": "CWE-74"
}
]
},

4
CVE-2021/CVE-2021-428xx/CVE-2021-42849.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-42849",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2022-05-18T16:15:08.247",
"lastModified": "2022-05-26T17:09:49.180",
"lastModified": "2023-06-26T17:59:32.433",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-798"
"value": "CWE-287"
}
]
},

11
CVE-2021/CVE-2021-42xx/CVE-2021-4294.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-4294",
"sourceIdentifier": "cna@vuldb.com",
"published": "2022-12-28T17:15:09.067",
"lastModified": "2023-01-06T20:34:11.007",
"lastModified": "2023-06-26T17:47:23.483",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -110,29 +110,28 @@
"url": "https://github.com/openshift/osin/commit/8612686d6dda34ae9ef6b5a974e4b7accb4fea29",
"source": "cna@vuldb.com",
"tags": [
"Patch",
"Third Party Advisory"
"Patch"
]
},
{
"url": "https://github.com/openshift/osin/pull/200",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
"Issue Tracking"
]
},
{
"url": "https://vuldb.com/?ctiid.216987",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.216987",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
"Permissions Required"
]
}
]

4
CVE-2021/CVE-2021-437xx/CVE-2021-43754.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-43754",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-06-15T19:15:10.207",
"lastModified": "2022-06-24T18:59:34.423",
"lastModified": "2023-06-26T17:49:51.797",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -70,7 +70,7 @@
"description": [
{
"lang": "en",
"value": "CWE-119"
"value": "CWE-787"
}
]
},

14
CVE-2021/CVE-2021-437xx/CVE-2021-43755.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-43755",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-06-15T20:15:17.440",
"lastModified": "2022-06-24T17:05:39.237",
"lastModified": "2023-06-26T17:49:31.020",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -65,8 +65,18 @@
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"description": [
{
"lang": "en",

14
CVE-2021/CVE-2021-437xx/CVE-2021-43756.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-43756",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-06-15T19:15:10.270",
"lastModified": "2022-06-24T17:01:53.403",
"lastModified": "2023-06-26T17:49:46.783",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -65,8 +65,18 @@
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"description": [
{
"lang": "en",

28
CVE-2021/CVE-2021-43xx/CVE-2021-4315.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-4315",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-01-28T23:15:08.687",
"lastModified": "2023-02-07T19:55:10.517",
"lastModified": "2023-06-26T17:47:18.837",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -83,8 +83,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -116,39 +126,35 @@
"url": "https://github.com/NYUCCL/psiTurk/commit/47787e15cecd66f2aa87687bf852ae0194a4335f",
"source": "cna@vuldb.com",
"tags": [
"Patch",
"Third Party Advisory"
"Patch"
]
},
{
"url": "https://github.com/NYUCCL/psiTurk/pull/517",
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
"Issue Tracking"
]
},
{
"url": "https://github.com/NYUCCL/psiTurk/releases/tag/v3.2.1",
"source": "cna@vuldb.com",
"tags": [
"Release Notes",
"Third Party Advisory"
"Release Notes"
]
},
{
"url": "https://vuldb.com/?ctiid.219676",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.219676",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
"Permissions Required"
]
}
]

4
CVE-2021/CVE-2021-454xx/CVE-2021-45477.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-45477",
"sourceIdentifier": "cve@usom.gov.tr",
"published": "2023-03-02T09:15:08.993",
"lastModified": "2023-03-09T14:47:08.970",
"lastModified": "2023-06-26T17:02:53.127",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -61,7 +61,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "NVD-CWE-Other"
}
]
},

4
CVE-2021/CVE-2021-454xx/CVE-2021-45478.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-45478",
"sourceIdentifier": "cve@usom.gov.tr",
"published": "2023-03-02T09:15:09.223",
"lastModified": "2023-03-09T14:46:53.150",
"lastModified": "2023-06-26T17:02:39.470",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -61,7 +61,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "NVD-CWE-Other"
}
]
},

4
CVE-2021/CVE-2021-459xx/CVE-2021-45918.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-45918",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2022-06-20T06:15:08.503",
"lastModified": "2022-06-27T18:28:20.993",
"lastModified": "2023-06-26T17:49:23.250",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-787"
"value": "CWE-1284"
}
]
},

4
CVE-2022/CVE-2022-00xx/CVE-2022-0027.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-0027",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2022-05-11T17:15:09.343",
"lastModified": "2022-05-20T13:30:06.907",
"lastModified": "2023-06-26T17:59:39.267",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-863"
"value": "NVD-CWE-Other"
}
]
},

6
CVE-2022/CVE-2022-02xx/CVE-2022-0217.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-0217",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-08-26T18:15:08.833",
"lastModified": "2022-09-01T19:04:07.887",
"lastModified": "2023-06-26T17:48:33.123",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -43,6 +43,10 @@
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-611"
},
{
"lang": "en",
"value": "CWE-776"

4
CVE-2022/CVE-2022-04xx/CVE-2022-0421.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-0421",
"sourceIdentifier": "contact@wpscan.com",
"published": "2022-11-21T11:15:19.153",
"lastModified": "2022-11-23T15:45:28.553",
"lastModified": "2023-06-26T17:47:25.550",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -41,7 +41,7 @@
"description": [
{
"lang": "en",
"value": "CWE-862"
"value": "CWE-116"
}
]
},

14
CVE-2022/CVE-2022-05xx/CVE-2022-0541.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-0541",
"sourceIdentifier": "contact@wpscan.com",
"published": "2022-04-25T16:16:07.700",
"lastModified": "2022-05-04T14:33:51.263",
"lastModified": "2023-06-26T17:59:57.957",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -65,8 +65,18 @@
},
"weaknesses": [
{
"source": "contact@wpscan.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "contact@wpscan.com",
"type": "Secondary",
"description": [
{
"lang": "en",

27
CVE-2022/CVE-2022-336xx/CVE-2022-33652.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-33652",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:12.657",
"lastModified": "2023-05-17T17:15:14.953",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-06-26T16:01:16.937",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -41,19 +41,19 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
],
@ -63,17 +63,17 @@
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.5
"baseScore": 4.0
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.8,
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
@ -116,7 +116,10 @@
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33652",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
}
]
}

27
CVE-2022/CVE-2022-336xx/CVE-2022-33658.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-33658",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-07-12T23:15:12.997",
"lastModified": "2023-05-17T17:15:15.497",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-06-26T16:02:58.513",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -41,19 +41,19 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
],
@ -63,17 +63,17 @@
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.5
"baseScore": 4.0
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.8,
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
@ -116,7 +116,10 @@
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33658",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
}
]
}

20
CVE-2022/CVE-2022-400xx/CVE-2022-40010.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-40010",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T17:15:09.310",
"lastModified": "2023-06-26T17:51:24.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC6 AC1200 Smart Dual-Band WiFi Router 15.03.06.50_multi was discovered to contain a cross-site scripting (XSS) vulnerability via the deviceId parameter in the Parental Control module."
}
],
"metrics": {},
"references": [
{
"url": "http://packetstormsecurity.com/files/173029/Tenda-AC6-AC1200-15.03.06.50_multi-Cross-Site-Scripting.html",
"source": "cve@mitre.org"
}
]
}

84
CVE-2022/CVE-2022-43xx/CVE-2022-4379.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-4379",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-01-10T22:15:14.097",
"lastModified": "2023-05-03T01:15:09.583",
"vulnStatus": "Modified",
"lastModified": "2023-06-26T16:55:23.290",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -35,6 +35,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -56,53 +66,23 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1",
"matchCriteriaId": "9064B383-DD48-40A2-8947-F5BA6E6B6713"
"versionStartIncluding": "5.6",
"versionEndExcluding": "5.10.177",
"matchCriteriaId": "98341430-98CD-48EB-BD2E-D8C7105EDE74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:-:*:*:*:*:*:*",
"matchCriteriaId": "DE093B34-F4CD-4052-8122-730D6537A91A"
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.105",
"matchCriteriaId": "0888AE70-CB0A-45C0-B9BD-A5371244C8DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*",
"matchCriteriaId": "21718AA4-4056-40F2-968E-BDAA465A7872"
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.3",
"matchCriteriaId": "59C906A3-824B-46E7-861F-1FF4044063A1"
}
]
}
@ -148,15 +128,27 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LECFVUHKIRBV5JJBE3KQCLGKNYJPBRCN/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAVD6JIILAVSRHZ4VXSV3RAAGUXKVXZA/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://seclists.org/oss-sec/2022/q4/185",

6
CVE-2022/CVE-2022-448xx/CVE-2022-44875.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44875",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-06T05:15:11.703",
"lastModified": "2023-03-13T17:10:42.820",
"lastModified": "2023-06-26T16:18:00.480",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -55,9 +55,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kioware:kiowave:*:*:*:*:*:windows:*:*",
"criteria": "cpe:2.3:a:kioware:kioware:*:*:*:*:*:windows:*:*",
"versionEndIncluding": "8.33",
"matchCriteriaId": "545EE296-40C8-4B14-AEAE-8EB80FE04D10"
"matchCriteriaId": "064FCB8D-FB5D-482C-9C07-7619E3EF6685"
}
]
}

34
CVE-2022/CVE-2022-47xx/CVE-2022-4744.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-4744",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-03-30T21:15:06.497",
"lastModified": "2023-05-26T20:15:28.007",
"vulnStatus": "Modified",
"lastModified": "2023-06-26T16:57:30.247",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -69,8 +69,17 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc7:*:*:*:*:*:*",
"matchCriteriaId": "4EAC2750-F7C6-4A4E-9C04-1E450722B853"
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.136",
"matchCriteriaId": "41396D85-7E7B-44F2-A953-6C3890EC07A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.12",
"matchCriteriaId": "732BA914-7B3B-43CD-857F-8119106F6F71"
}
]
}
@ -80,7 +89,11 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/171912/CentOS-Stream-9-Missing-Kernel-Security-Fix.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=158b515f703e",
@ -91,11 +104,18 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230526-0009/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}
]
}

20
CVE-2022/CVE-2022-483xx/CVE-2022-48331.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-48331",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T16:15:09.480",
"lastModified": "2023-06-26T17:51:24.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys feature_name_len integer overflow and resultant buffer overflow."
}
],
"metrics": {},
"references": [
{
"url": "https://cyberintel.es/cve/CVE-2022-48331_Buffer_Overflow_in_Widevine_drm_save_keys_0x69b0/",
"source": "cve@mitre.org"
}
]
}

20
CVE-2022/CVE-2022-483xx/CVE-2022-48332.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-48332",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T17:15:09.637",
"lastModified": "2023-06-26T17:51:24.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys file_name_len integer overflow and resultant buffer overflow."
}
],
"metrics": {},
"references": [
{
"url": "https://cyberintel.es/cve/CVE-2022-48332_Buffer_Overflow_in_Widevine_drm_save_keys_0x6a18/",
"source": "cve@mitre.org"
}
]
}

20
CVE-2022/CVE-2022-483xx/CVE-2022-48333.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-48333",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T17:15:09.923",
"lastModified": "2023-06-26T17:51:24.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys prefix_len+feature_name_len integer overflow and resultant buffer overflow."
}
],
"metrics": {},
"references": [
{
"url": "https://cyberintel.es/cve/CVE-2022-48333_Buffer_Overflow_in_Widevine_drm_verify_keys_0x730c/",
"source": "cve@mitre.org"
}
]
}

20
CVE-2022/CVE-2022-483xx/CVE-2022-48334.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-48334",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T17:15:10.127",
"lastModified": "2023-06-26T17:51:24.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys total_len+file_name_len integer overflow and resultant buffer overflow."
}
],
"metrics": {},
"references": [
{
"url": "https://cyberintel.es/cve/CVE-2022-48334_Buffer_Overflow_in_Widevine_drm_verify_keys_0x7370/",
"source": "cve@mitre.org"
}
]
}

20
CVE-2022/CVE-2022-483xx/CVE-2022-48335.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-48335",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T17:15:10.347",
"lastModified": "2023-06-26T17:51:24.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagVerifyProvisioning integer overflow and resultant buffer overflow."
}
],
"metrics": {},
"references": [
{
"url": "https://cyberintel.es/cve/CVE-2022-48335_Buffer_Overflow_in_Widevine_PRDiagVerifyProvisioning_0x5f90/",
"source": "cve@mitre.org"
}
]
}

20
CVE-2022/CVE-2022-483xx/CVE-2022-48336.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-48336",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T17:15:12.433",
"lastModified": "2023-06-26T17:51:24.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagParseAndStoreData integer overflow and resultant buffer overflow."
}
],
"metrics": {},
"references": [
{
"url": "https://cyberintel.es/cve/CVE-2022-48336_Buffer_Overflow_in_Widevine_PRDiagParseAndStoreData_0x5cc8/",
"source": "cve@mitre.org"
}
]
}

22
CVE-2023/CVE-2023-01xx/CVE-2023-0179.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0179",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-03-27T22:15:20.963",
"lastModified": "2023-05-11T15:15:09.643",
"vulnStatus": "Modified",
"lastModified": "2023-06-26T16:57:25.847",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -67,9 +67,16 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "6.3",
"matchCriteriaId": "824FF00E-1204-40D2-9AA7-249EAFC5A394"
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.91",
"matchCriteriaId": "91C2E92D-CC25-4FBD-8824-56A148119D7E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.9",
"matchCriteriaId": "ED5B6045-B1D2-4E03-B194-9005A351BCAE"
},
{
"vulnerable": true,
@ -289,7 +296,10 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20230511-0003/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2023/CVE-2023-02xx/CVE-2023-0210.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0210",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-03-27T22:15:21.040",
"lastModified": "2023-05-17T20:15:09.417",
"vulnStatus": "Modified",
"lastModified": "2023-06-26T16:55:33.900",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -65,8 +65,24 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:*",
"matchCriteriaId": "A127C155-689C-4F67-B146-44A57F4BFD85"
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "5.15.87",
"matchCriteriaId": "AF34DC7D-4D5D-4D9C-B1B4-FAE010E910F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.19",
"matchCriteriaId": "B70FF53F-1F99-4483-9376-CBA1A4EE0351"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1",
"versionEndExcluding": "6.1.5",
"matchCriteriaId": "8C1E7766-4310-43F9-BAC4-3763A36C043A"
}
]
}
@ -84,7 +100,10 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20230517-0002/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://securityonline.info/cve-2023-0210-flaw-in-linux-kernel-allows-unauthenticated-remote-dos-attacks/",
@ -98,7 +117,8 @@
"url": "https://www.openwall.com/lists/oss-security/2023/01/11/1",
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
"Mailing List",
"Third Party Advisory"
]
}
]

40
CVE-2023/CVE-2023-03xx/CVE-2023-0386.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0386",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-03-22T21:15:18.090",
"lastModified": "2023-06-22T15:15:10.173",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-06-26T16:56:54.607",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -66,8 +66,16 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.2",
"matchCriteriaId": "108695B6-7133-4B6C-80AF-0F66880FE858"
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.91",
"matchCriteriaId": "91C2E92D-CC25-4FBD-8824-56A148119D7E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.9",
"matchCriteriaId": "ED5B6045-B1D2-4E03-B194-9005A351BCAE"
},
{
"vulnerable": true,
@ -102,27 +110,41 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a",
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch"
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230420-0004/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5402",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-10xx/CVE-2023-1078.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1078",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-03-27T21:15:10.520",
"lastModified": "2023-05-05T20:15:09.880",
"vulnStatus": "Modified",
"lastModified": "2023-06-26T16:55:02.517",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -65,8 +65,38 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.17",
"versionEndExcluding": "4.19.273",
"matchCriteriaId": "1A6AF175-29AC-4FF5-8D35-A1F4C5EBC8AF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.232",
"matchCriteriaId": "9C6E0696-3702-4B0C-A102-2753BDC8C3D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.168",
"matchCriteriaId": "12258A3F-04BD-49C9-9C6B-D3C1945E8910"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.94",
"matchCriteriaId": "55EC7465-CE9A-4B9C-B0FA-97394061A77F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.12",
"matchCriteriaId": "63F0738E-F1B2-47A2-9329-E2B8BC87708A"
}
]
}
@ -79,20 +109,32 @@
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch"
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230505-0004/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}
]
}

50
CVE-2023/CVE-2023-12xx/CVE-2023-1281.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1281",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2023-03-22T14:15:16.090",
"lastModified": "2023-05-03T14:15:23.817",
"vulnStatus": "Modified",
"lastModified": "2023-06-26T16:57:22.200",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -87,8 +87,22 @@
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.14",
"versionEndExcluding": "6.2",
"matchCriteriaId": "952CE43F-8BA8-4682-8D32-AA50BAEC6D66"
"versionEndExcluding": "5.10.169",
"matchCriteriaId": "D331CADA-2EA6-4EA6-879D-6C266057BB64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.95",
"matchCriteriaId": "8508F80E-8588-4976-A2BA-7A2D85018C4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.13",
"matchCriteriaId": "CE354BE6-0C0F-47EB-AD8A-1433F041AC20"
},
{
"vulnerable": true,
@ -138,33 +152,49 @@
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/04/11/3",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ee059170b1f7e94e55fa6cadee544e176a6e59c2",
"source": "cve-coordination@google.com",
"tags": [
"Patch"
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://kernel.dance/#ee059170b1f7e94e55fa6cadee544e176a6e59c2",
"source": "cve-coordination@google.com",
"tags": [
"Patch"
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230427-0004/",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

16
CVE-2023/CVE-2023-233xx/CVE-2023-23384.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-23384",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-04-11T21:15:18.047",
"lastModified": "2023-04-19T13:55:13.150",
"lastModified": "2023-06-26T16:03:13.353",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -17,20 +17,20 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
"impactScore": 3.4
},
{
"source": "secure@microsoft.com",

90
CVE-2023/CVE-2023-245xx/CVE-2023-24546.json
View File

@ -2,19 +2,101 @@
"id": "CVE-2023-24546",
"sourceIdentifier": "psirt@arista.com",
"published": "2023-06-13T21:15:09.867",
"lastModified": "2023-06-13T21:27:45.680",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:33:45.773",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "On affected versions of the CloudVision Portal improper access controls on the connection from devices to CloudVision could enable a malicious actor with network access to CloudVision to get broader access to telemetry and configuration data within the system than intended. This advisory impacts the Arista CloudVision Portal product when run on-premise. It does not impact CloudVision as-a-Service."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arista:cloudvision_portal:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021.1",
"versionEndIncluding": "2021.3",
"matchCriteriaId": "A8E8D1BB-B7ED-4886-96A0-FD0C9EA666CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arista:cloudvision_portal:2022.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F429F0B9-A090-434C-8576-182CC021B76A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arista:cloudvision_portal:2022.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB325C9E-8116-434D-9865-DE494EC05F27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arista:cloudvision_portal:2022.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DF2BF57D-7677-4531-80F8-15842798FBA2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arista:cloudvision_portal:2022.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "08760308-AB42-496A-B473-98DAF7E4EDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arista:cloudvision_portal:2022.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF6936F8-946B-4A33-B1AD-76F0EFB65223"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17022-security-advisory-0083",
"source": "psirt@arista.com"
"source": "psirt@arista.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-253xx/CVE-2023-25306.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25306",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T15:15:09.653",
"lastModified": "2023-06-26T15:15:09.653",
"vulnStatus": "Received",
"lastModified": "2023-06-26T17:51:24.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-253xx/CVE-2023-25307.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25307",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T15:15:09.703",
"lastModified": "2023-06-26T15:15:09.703",
"vulnStatus": "Received",
"lastModified": "2023-06-26T17:51:24.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

32
CVE-2023/CVE-2023-265xx/CVE-2023-26544.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26544",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-25T04:15:10.057",
"lastModified": "2023-03-16T16:15:12.087",
"vulnStatus": "Modified",
"lastModified": "2023-06-26T16:57:16.957",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -55,8 +55,24 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C41207B8-D94A-4714-B1E0-66CEFF00FEE0"
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "5.15.87",
"matchCriteriaId": "AF34DC7D-4D5D-4D9C-B1B4-FAE010E910F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.17",
"matchCriteriaId": "05B2AE8A-556C-47C1-9119-DBAC5EB60947"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1",
"versionEndExcluding": "6.1.3",
"matchCriteriaId": "70594F60-3413-4969-AFD7-965266760EA6"
}
]
}
@ -69,12 +85,16 @@
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List"
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230316-0010/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-26xx/CVE-2023-2637.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2637",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-06-13T21:15:09.917",
"lastModified": "2023-06-13T21:27:45.680",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T16:38:33.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
@ -46,10 +76,36 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_policy_manager:6.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78D6F03E-E110-4CA7-8883-5CE38FF8E5A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_system_services:6.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46A50229-56B5-4B30-8B4A-6D180D65C2D6"
}
]
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139683",
"source": "PSIRT@rockwellautomation.com"
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-26xx/CVE-2023-2638.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2638",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-06-13T21:15:09.983",
"lastModified": "2023-06-13T21:27:45.680",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T16:28:41.093",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.3,
"impactScore": 3.6
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
@ -46,10 +76,36 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_policy_manager:6.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78D6F03E-E110-4CA7-8883-5CE38FF8E5A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_system_services:6.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46A50229-56B5-4B30-8B4A-6D180D65C2D6"
}
]
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139683",
"source": "PSIRT@rockwellautomation.com"
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-26xx/CVE-2023-2639.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2639",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-06-13T21:15:10.043",
"lastModified": "2023-06-13T21:27:45.680",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T16:22:05.290",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-346"
}
]
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
@ -46,10 +76,36 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_policy_manager:6.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78D6F03E-E110-4CA7-8883-5CE38FF8E5A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_system_services:6.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46A50229-56B5-4B30-8B4A-6D180D65C2D6"
}
]
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139683",
"source": "PSIRT@rockwellautomation.com"
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
]
}
]
}

77
CVE-2023/CVE-2023-27xx/CVE-2023-2785.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2785",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-06-16T10:15:09.133",
"lastModified": "2023-06-16T12:47:13.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:46:23.620",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -46,10 +76,51 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.1.0",
"versionEndIncluding": "7.1.9",
"matchCriteriaId": "25CE0189-55BD-4A74-8844-59613D63A6FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.8.0",
"versionEndIncluding": "7.8.4",
"matchCriteriaId": "970C833F-3F25-43E1-B7AE-717BF35F998F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.9.0",
"versionEndIncluding": "7.9.3",
"matchCriteriaId": "EB584691-CB58-4D9A-B475-4078ED1984F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:7.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "980D0FB9-D2FF-4C31-BC92-07073A8F4BB3"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

77
CVE-2023/CVE-2023-27xx/CVE-2023-2786.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2786",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-06-16T09:15:09.853",
"lastModified": "2023-06-16T12:47:13.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:48:28.750",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -46,10 +76,51 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.1.0",
"versionEndIncluding": "7.1.9",
"matchCriteriaId": "25CE0189-55BD-4A74-8844-59613D63A6FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.8.0",
"versionEndIncluding": "7.8.4",
"matchCriteriaId": "970C833F-3F25-43E1-B7AE-717BF35F998F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.9.0",
"versionEndIncluding": "7.9.3",
"matchCriteriaId": "EB584691-CB58-4D9A-B475-4078ED1984F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:7.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "980D0FB9-D2FF-4C31-BC92-07073A8F4BB3"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

77
CVE-2023/CVE-2023-27xx/CVE-2023-2787.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2787",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-06-16T09:15:09.920",
"lastModified": "2023-06-16T12:47:13.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:48:14.170",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -46,10 +76,51 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.1.0",
"versionEndIncluding": "7.1.9",
"matchCriteriaId": "25CE0189-55BD-4A74-8844-59613D63A6FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.8.0",
"versionEndIncluding": "7.8.4",
"matchCriteriaId": "970C833F-3F25-43E1-B7AE-717BF35F998F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.9.0",
"versionEndIncluding": "7.9.3",
"matchCriteriaId": "EB584691-CB58-4D9A-B475-4078ED1984F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:7.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "980D0FB9-D2FF-4C31-BC92-07073A8F4BB3"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates/",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

77
CVE-2023/CVE-2023-27xx/CVE-2023-2788.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2788",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-06-16T09:15:09.993",
"lastModified": "2023-06-16T12:47:13.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:47:39.027",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-613"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -46,10 +76,51 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.1.0",
"versionEndIncluding": "7.1.9",
"matchCriteriaId": "25CE0189-55BD-4A74-8844-59613D63A6FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.8.0",
"versionEndIncluding": "7.8.4",
"matchCriteriaId": "970C833F-3F25-43E1-B7AE-717BF35F998F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.9.0",
"versionEndIncluding": "7.9.3",
"matchCriteriaId": "EB584691-CB58-4D9A-B475-4078ED1984F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:7.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "980D0FB9-D2FF-4C31-BC92-07073A8F4BB3"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates/",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

77
CVE-2023/CVE-2023-27xx/CVE-2023-2791.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2791",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-06-16T09:15:10.060",
"lastModified": "2023-06-16T12:47:13.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:46:48.767",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -46,10 +76,51 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.7.0",
"versionEndIncluding": "7.7.3",
"matchCriteriaId": "B4E35FC5-D821-4252-A68F-0DF8A741E8AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.8.0",
"versionEndIncluding": "7.8.2",
"matchCriteriaId": "BBBDB89B-8C27-41FC-9CFE-F13986845792"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.9.0",
"versionEndIncluding": "7.9.1",
"matchCriteriaId": "2C608456-5DC4-4A70-83BB-085E1BB99617"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:7.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "980D0FB9-D2FF-4C31-BC92-07073A8F4BB3"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates/",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

77
CVE-2023/CVE-2023-27xx/CVE-2023-2792.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2792",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-06-16T10:15:09.207",
"lastModified": "2023-06-16T12:47:13.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:46:13.157",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -46,10 +76,51 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.1.0",
"versionEndIncluding": "7.1.9",
"matchCriteriaId": "25CE0189-55BD-4A74-8844-59613D63A6FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.8.0",
"versionEndIncluding": "7.8.4",
"matchCriteriaId": "970C833F-3F25-43E1-B7AE-717BF35F998F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.9.0",
"versionEndIncluding": "7.9.3",
"matchCriteriaId": "EB584691-CB58-4D9A-B475-4078ED1984F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:7.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "980D0FB9-D2FF-4C31-BC92-07073A8F4BB3"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates/",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-27xx/CVE-2023-2793.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2793",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-06-16T10:15:09.270",
"lastModified": "2023-06-16T12:47:13.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:45:53.867",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -46,10 +76,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.8.0",
"versionEndIncluding": "7.8.3",
"matchCriteriaId": "5CD5238E-205F-43CF-9487-8956194F4950"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.9.0",
"versionEndIncluding": "7.9.2",
"matchCriteriaId": "C0B8C4AA-4D8D-4AE3-953E-990360DD57F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:7.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "980D0FB9-D2FF-4C31-BC92-07073A8F4BB3"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates/",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-27xx/CVE-2023-2797.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2797",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-06-16T10:15:09.337",
"lastModified": "2023-06-16T12:47:13.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:45:05.103",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -46,10 +76,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.1.0",
"versionEndIncluding": "7.1.9",
"matchCriteriaId": "25CE0189-55BD-4A74-8844-59613D63A6FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.8.0",
"versionEndIncluding": "7.8.4",
"matchCriteriaId": "970C833F-3F25-43E1-B7AE-717BF35F998F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:7.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "980D0FB9-D2FF-4C31-BC92-07073A8F4BB3"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates/",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

28
CVE-2023/CVE-2023-284xx/CVE-2023-28485.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-28485",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T16:15:09.537",
"lastModified": "2023-06-26T17:51:24.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (Stored XSS) vulnerability in file preview in WeKan before 6.75 allows remote authenticated users to inject arbitrary web script or HTML via names of file attachments. Any user can obtain the privilege to rename within their own board (where they have BoardAdmin access), and renameAttachment does not block XSS payloads."
}
],
"metrics": {},
"references": [
{
"url": "http://packetstormsecurity.com/files/172649/Wekan-6.74-Cross-Site-Scripting.html",
"source": "cve@mitre.org"
},
{
"url": "https://wekan.github.io/",
"source": "cve@mitre.org"
},
{
"url": "https://wekan.github.io/hall-of-fame/filebleed/",
"source": "cve@mitre.org"
}
]
}

77
CVE-2023/CVE-2023-28xx/CVE-2023-2831.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2831",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-06-16T10:15:09.403",
"lastModified": "2023-06-16T12:47:13.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:44:34.770",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -46,10 +76,51 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.1.0",
"versionEndIncluding": "7.1.9",
"matchCriteriaId": "25CE0189-55BD-4A74-8844-59613D63A6FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.8.0",
"versionEndIncluding": "7.8.4",
"matchCriteriaId": "970C833F-3F25-43E1-B7AE-717BF35F998F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.9.0",
"versionEndIncluding": "7.9.3",
"matchCriteriaId": "EB584691-CB58-4D9A-B475-4078ED1984F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:7.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "980D0FB9-D2FF-4C31-BC92-07073A8F4BB3"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates/",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

130
CVE-2023/CVE-2023-28xx/CVE-2023-2876.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2876",
"sourceIdentifier": "cybersecurity@ch.abb.com",
"published": "2023-06-13T04:15:10.307",
"lastModified": "2023-06-13T13:00:47.863",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:42:06.570",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cybersecurity@ch.abb.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "cybersecurity@ch.abb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
},
{
"source": "cybersecurity@ch.abb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +76,102 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:abb:rex640_pcl1_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndExcluding": "1.0.8",
"matchCriteriaId": "EFB84892-676D-47BB-B099-5C74320B3E50"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:abb:rex640_pcl1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9256FAAB-77CF-482C-B736-FC99885C89D7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:abb:rex640_pcl2_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndExcluding": "1.1.4",
"matchCriteriaId": "93001E90-E6B1-49BC-AA4E-CF3ED24A672E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:abb:rex640_pcl2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE78102B-C672-4969-8B82-FE5ACE2FFC71"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:abb:rex640_pcl3_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndExcluding": "1.2.1",
"matchCriteriaId": "E7A03D47-0F40-4C65-93AD-911687E3C4BB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:abb:rex640_pcl3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90916E18-27EF-46C7-979B-19D53F901CC7"
}
]
}
]
}
],
"references": [
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001423&LanguageCode=en&DocumentPartId=&Action=Launch",
"source": "cybersecurity@ch.abb.com"
"source": "cybersecurity@ch.abb.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-290xx/CVE-2023-29084.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-29084",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-13T19:15:11.680",
"lastModified": "2023-06-06T19:15:10.913",
"lastModified": "2023-06-26T17:15:12.807",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Zoho ManageEngine ADManager Plus through 7180 allows for authenticated users to exploit command injection via Proxy settings."
"value": "Zoho ManageEngine ADManager Plus before 7181 allows for authenticated users to exploit command injection via Proxy settings."
}
],
"metrics": {

104
CVE-2023/CVE-2023-293xx/CVE-2023-29349.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-29349",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-16T01:15:27.847",
"lastModified": "2023-06-16T03:19:08.410",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T16:18:35.070",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft ODBC and OLE DB Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en Microsoft ODBC y OLE DB"
}
],
"metrics": {
@ -34,10 +38,104 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "17.0.1.1",
"versionEndExcluding": "17.10.4.1",
"matchCriteriaId": "5CC2AE26-7BA1-4E45-97D3-6F9EE992FA98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*",
"versionStartIncluding": "17.0.1.1",
"versionEndExcluding": "17.10.4.1",
"matchCriteriaId": "49DA289E-FD25-4CB0-9165-9E836EC93DD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "17.0.1.1",
"versionEndExcluding": "17.10.4.1",
"matchCriteriaId": "E6185183-17DD-4A16-9E08-E1277F58829A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "18.0.1.1",
"versionEndExcluding": "18.2.1.1",
"matchCriteriaId": "493BBE3B-5302-4BA1-9F69-734AA10305D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*",
"versionStartIncluding": "18.0.1.1",
"versionEndExcluding": "18.2.1.1",
"matchCriteriaId": "848BABEE-8496-4225-9E47-3CDB40CB8A86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "18.0.1.1",
"versionEndExcluding": "18.2.1.1",
"matchCriteriaId": "E45B3703-BF64-408E-A931-1D3C1DFFFA71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:ole_db_driver_for_sql_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0.2",
"versionEndExcluding": "18.6.0006.0",
"matchCriteriaId": "14AC92FA-A1F6-4DD6-9623-A2F33F59A4F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:ole_db_driver_for_sql_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "19.0.0",
"versionEndExcluding": "19.3.0001.0",
"matchCriteriaId": "6ABD3821-C5EB-4253-9D5E-6A1E29709AE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*",
"matchCriteriaId": "9144F644-A3D4-440C-8978-257E71204617"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*",
"matchCriteriaId": "6CB7AD22-F27B-4807-88F1-02ED420421D5"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29349",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

90
CVE-2023/CVE-2023-293xx/CVE-2023-29356.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-29356",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-16T01:15:27.910",
"lastModified": "2023-06-16T03:19:08.410",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T16:19:08.593",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota de Microsoft ODBC Driver para SQL Server"
}
],
"metrics": {
@ -34,10 +38,90 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "17.0.1.1",
"versionEndExcluding": "17.10.4.1",
"matchCriteriaId": "5CC2AE26-7BA1-4E45-97D3-6F9EE992FA98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*",
"versionStartIncluding": "17.0.1.1",
"versionEndExcluding": "17.10.4.1",
"matchCriteriaId": "49DA289E-FD25-4CB0-9165-9E836EC93DD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "17.0.1.1",
"versionEndExcluding": "17.10.4.1",
"matchCriteriaId": "E6185183-17DD-4A16-9E08-E1277F58829A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "18.0.1.1",
"versionEndExcluding": "18.2.1.1",
"matchCriteriaId": "493BBE3B-5302-4BA1-9F69-734AA10305D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*",
"versionStartIncluding": "18.0.1.1",
"versionEndExcluding": "18.2.1.1",
"matchCriteriaId": "848BABEE-8496-4225-9E47-3CDB40CB8A86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "18.0.1.1",
"versionEndExcluding": "18.2.1.1",
"matchCriteriaId": "E45B3703-BF64-408E-A931-1D3C1DFFFA71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*",
"matchCriteriaId": "9144F644-A3D4-440C-8978-257E71204617"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*",
"matchCriteriaId": "6CB7AD22-F27B-4807-88F1-02ED420421D5"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29356",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-294xx/CVE-2023-29442.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-29442",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T21:15:08.890",
"lastModified": "2023-05-08T16:49:33.963",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-26T17:15:13.350",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Zoho ManageEngine Applications Manager through 16390 allows DOM XSS."
"value": "Zoho ManageEngine Applications Manager before 16400 allows proxy.html DOM XSS."
}
],
"metrics": {

6
CVE-2023/CVE-2023-294xx/CVE-2023-29443.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-29443",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T21:15:08.957",
"lastModified": "2023-05-08T16:36:42.850",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-26T17:15:13.807",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Zoho ManageEngine ServiceDesk Plus through 14104 allows admin users to conduct an XXE attack."
"value": "Zoho ManageEngine ServiceDesk Plus before 14105, ServiceDesk Plus MSP before 14200, SupportCenter Plus before 14200, and AssetExplorer before 6989 allow SDAdmin attackers to conduct XXE attacks via a crafted server that sends malformed XML from a Reports integration API endpoint."
}
],
"metrics": {

24
CVE-2023/CVE-2023-294xx/CVE-2023-29459.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-29459",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T16:15:09.587",
"lastModified": "2023-06-26T17:51:24.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The laola.redbull application through 5.1.9-R for Android exposes the exported activity at.redbullsalzburg.android.AppMode.Default.Splash.SplashActivity, which accepts a data: URI. The target of this URI is subsequently loaded into the application's webview, thus allowing the loading of arbitrary content into the context of the application. This can occur via the fcrbs schema or an explicit intent invocation."
}
],
"metrics": {},
"references": [
{
"url": "http://packetstormsecurity.com/files/172701/FC-Red-Bull-Salzburg-App-5.1.9-R-Improper-Authorization.html",
"source": "cve@mitre.org"
},
{
"url": "https://play.google.com/store/apps/details?id=laola.redbull",
"source": "cve@mitre.org"
}
]
}

222
CVE-2023/CVE-2023-307xx/CVE-2023-30762.json
View File

@ -2,23 +2,235 @@
"id": "CVE-2023-30762",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-06-13T10:15:10.293",
"lastModified": "2023-06-13T13:00:37.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:35:00.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper authentication vulnerability exists in KB-AHR series and KB-IRIP series. If this vulnerability is exploited, an arbitrary OS command may be executed on the product or the device settings may be altered. Affected products and versions are as follows: KB-AHR04D versions prior to 91110.1.101106.78, KB-AHR08D versions prior to 91210.1.101106.78, KB-AHR16D versions prior to 91310.1.101106.78, KB-IRIP04A versions prior to 95110.1.100290.78A, KB-IRIP08A versions prior to 95210.1.100290.78A, and KB-IRIP16A versions prior to 95310.1.100290.78A."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:kbdevice:kb-ahr04d_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "91110.1.101106.78",
"matchCriteriaId": "E9AD62AA-C479-42EB-B760-6EE8D44DAFAA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:kbdevice:kb-ahr04d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1863EEE8-C169-4D5B-B933-881DC01DF830"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:kbdevice:kb-ahr08d_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "91210.1.101106.78",
"matchCriteriaId": "959EE3B5-CDF0-4E9F-8198-EA2906B2C876"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:kbdevice:kb-ahr08d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "868CB3B3-A09D-4C20-BE79-CCFAC6A64220"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:kbdevice:kb-ahr16d_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "91310.1.101106.78",
"matchCriteriaId": "78F9ECB7-F0F7-4823-AC46-D0F39B4873DA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:kbdevice:kb-ahr16d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45FD308E-4BCC-4000-B7AB-C30F5758582F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:kbdevice:kb-irip04a_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "95110.1.100290.78a",
"matchCriteriaId": "EA5C6C00-5D77-45FA-9192-11583B287A6F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:kbdevice:kb-irip04a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0815D725-07A7-4AE0-B342-4443C9D7C186"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:kbdevice:kb-irip08a_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "95210.1.100290.78a",
"matchCriteriaId": "0E6D7D01-09F8-45CB-B0C1-717CE9762AB0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:kbdevice:kb-irip08a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9F53B43-1830-479D-AB3D-A4695B2C712D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:kbdevice:kb-irip16a_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "95310.1.100290.78a",
"matchCriteriaId": "55936F14-6321-4D15-88B5-8D79BF234251"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:kbdevice:kb-irip16a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40B44829-A7ED-4AB7-A2FB-0A9142274ADA"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU90812349/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.kbdevice.com/news/%e3%83%ac%e3%82%b3%e3%83%bc%e3%83%80%e3%83%bc%e3%81%ae%e3%83%8d%e3%83%83%e3%83%88%e3%83%af%e3%83%bc%e3%82%af%e6%94%bb%e6%92%83%e3%81%ab%e5%af%be%e3%81%99%e3%82%8b%e3%82%a2%e3%83%83%e3%83%97%e3%83%87/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

222
CVE-2023/CVE-2023-307xx/CVE-2023-30764.json
View File

@ -2,23 +2,235 @@
"id": "CVE-2023-30764",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-06-13T10:15:10.330",
"lastModified": "2023-06-13T13:00:37.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:34:50.173",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "OS command injection vulnerability exists in KB-AHR series and KB-IRIP series. If this vulnerability is exploited, an arbitrary OS command may be executed on the product or the device settings may be altered. Affected products and versions are as follows: KB-AHR04D versions prior to 91110.1.101106.78, KB-AHR08D versions prior to 91210.1.101106.78, KB-AHR16D versions prior to 91310.1.101106.78, KB-IRIP04A versions prior to 95110.1.100290.78A, KB-IRIP08A versions prior to 95210.1.100290.78A, and KB-IRIP16A versions prior to 95310.1.100290.78A."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:kbdevice:kb-ahr04d_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "91110.1.101106.78",
"matchCriteriaId": "E9AD62AA-C479-42EB-B760-6EE8D44DAFAA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:kbdevice:kb-ahr04d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1863EEE8-C169-4D5B-B933-881DC01DF830"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:kbdevice:kb-ahr08d_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "91210.1.101106.78",
"matchCriteriaId": "959EE3B5-CDF0-4E9F-8198-EA2906B2C876"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:kbdevice:kb-ahr08d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "868CB3B3-A09D-4C20-BE79-CCFAC6A64220"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:kbdevice:kb-ahr16d_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "91310.1.101106.78",
"matchCriteriaId": "78F9ECB7-F0F7-4823-AC46-D0F39B4873DA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:kbdevice:kb-ahr16d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45FD308E-4BCC-4000-B7AB-C30F5758582F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:kbdevice:kb-irip04a_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "95110.1.100290.78a",
"matchCriteriaId": "EA5C6C00-5D77-45FA-9192-11583B287A6F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:kbdevice:kb-irip04a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0815D725-07A7-4AE0-B342-4443C9D7C186"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:kbdevice:kb-irip08a_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "95210.1.100290.78a",
"matchCriteriaId": "0E6D7D01-09F8-45CB-B0C1-717CE9762AB0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:kbdevice:kb-irip08a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9F53B43-1830-479D-AB3D-A4695B2C712D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:kbdevice:kb-irip16a_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "95310.1.100290.78a",
"matchCriteriaId": "55936F14-6321-4D15-88B5-8D79BF234251"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:kbdevice:kb-irip16a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40B44829-A7ED-4AB7-A2FB-0A9142274ADA"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU90812349/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.kbdevice.com/news/%e3%83%ac%e3%82%b3%e3%83%bc%e3%83%80%e3%83%bc%e3%81%ae%e3%83%8d%e3%83%83%e3%83%88%e3%83%af%e3%83%bc%e3%82%af%e6%94%bb%e6%92%83%e3%81%ab%e5%af%be%e3%81%99%e3%82%8b%e3%82%a2%e3%83%83%e3%83%97%e3%83%87/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

222
CVE-2023/CVE-2023-307xx/CVE-2023-30766.json
View File

@ -2,23 +2,235 @@
"id": "CVE-2023-30766",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-06-13T10:15:10.370",
"lastModified": "2023-06-13T13:00:37.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:34:29.650",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Hidden functionality issue exists in KB-AHR series and KB-IRIP series. If this vulnerability is exploited, an arbitrary OS command may be executed on the product or the device settings may be altered. Affected products and versions are as follows: KB-AHR04D versions prior to 91110.1.101106.78, KB-AHR08D versions prior to 91210.1.101106.78, KB-AHR16D versions prior to 91310.1.101106.78, KB-IRIP04A versions prior to 95110.1.100290.78A, KB-IRIP08A versions prior to 95210.1.100290.78A, and KB-IRIP16A versions prior to 95310.1.100290.78A."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:kbdevice:kb-ahr04d_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "91110.1.101106.78",
"matchCriteriaId": "E9AD62AA-C479-42EB-B760-6EE8D44DAFAA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:kbdevice:kb-ahr04d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1863EEE8-C169-4D5B-B933-881DC01DF830"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:kbdevice:kb-ahr08d_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "91210.1.101106.78",
"matchCriteriaId": "959EE3B5-CDF0-4E9F-8198-EA2906B2C876"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:kbdevice:kb-ahr08d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "868CB3B3-A09D-4C20-BE79-CCFAC6A64220"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:kbdevice:kb-ahr16d_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "91310.1.101106.78",
"matchCriteriaId": "78F9ECB7-F0F7-4823-AC46-D0F39B4873DA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:kbdevice:kb-ahr16d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45FD308E-4BCC-4000-B7AB-C30F5758582F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:kbdevice:kb-irip04a_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "95110.1.100290.78a",
"matchCriteriaId": "EA5C6C00-5D77-45FA-9192-11583B287A6F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:kbdevice:kb-irip04a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0815D725-07A7-4AE0-B342-4443C9D7C186"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:kbdevice:kb-irip08a_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "95210.1.100290.78a",
"matchCriteriaId": "0E6D7D01-09F8-45CB-B0C1-717CE9762AB0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:kbdevice:kb-irip08a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9F53B43-1830-479D-AB3D-A4695B2C712D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:kbdevice:kb-irip16a_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "95310.1.100290.78a",
"matchCriteriaId": "55936F14-6321-4D15-88B5-8D79BF234251"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:kbdevice:kb-irip16a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40B44829-A7ED-4AB7-A2FB-0A9142274ADA"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/vu/JVNVU90812349/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.kbdevice.com/news/%e3%83%ac%e3%82%b3%e3%83%bc%e3%83%80%e3%83%bc%e3%81%ae%e3%83%8d%e3%83%83%e3%83%88%e3%83%af%e3%83%bc%e3%82%af%e6%94%bb%e6%92%83%e3%81%ab%e5%af%be%e3%81%99%e3%82%8b%e3%82%a2%e3%83%83%e3%83%97%e3%83%87/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-308xx/CVE-2023-30897.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30897",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-06-13T09:15:17.703",
"lastModified": "2023-06-13T13:00:42.717",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:41:04.607",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.5.2.13",
"matchCriteriaId": "8AEA3E3F-6C11-4707-83CC-9A198564B222"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914026.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-309xx/CVE-2023-30901.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30901",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-06-13T09:15:17.763",
"lastModified": "2023-06-13T13:00:42.717",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:40:32.183",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,44 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:q200_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.70",
"matchCriteriaId": "D1D626C5-92BF-4C9B-9EF2-24347CF24491"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:q200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC2EA3F6-418C-49A4-B23C-E7BD56395466"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-312xx/CVE-2023-31238.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31238",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-06-13T09:15:18.093",
"lastModified": "2023-06-13T13:00:42.717",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:39:56.593",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,44 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:q200_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.70",
"matchCriteriaId": "D1D626C5-92BF-4C9B-9EF2-24347CF24491"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:q200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC2EA3F6-418C-49A4-B23C-E7BD56395466"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

90
CVE-2023/CVE-2023-320xx/CVE-2023-32025.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-32025",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-16T01:15:27.967",
"lastModified": "2023-06-16T03:19:08.410",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T16:20:15.013",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota de Microsoft ODBC Driver para SQL Server"
}
],
"metrics": {
@ -34,10 +38,90 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "17.0.1.1",
"versionEndExcluding": "17.10.4.1",
"matchCriteriaId": "5CC2AE26-7BA1-4E45-97D3-6F9EE992FA98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*",
"versionStartIncluding": "17.0.1.1",
"versionEndExcluding": "17.10.4.1",
"matchCriteriaId": "49DA289E-FD25-4CB0-9165-9E836EC93DD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "17.0.1.1",
"versionEndExcluding": "17.10.4.1",
"matchCriteriaId": "E6185183-17DD-4A16-9E08-E1277F58829A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "18.0.1.1",
"versionEndExcluding": "18.2.1.1",
"matchCriteriaId": "493BBE3B-5302-4BA1-9F69-734AA10305D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*",
"versionStartIncluding": "18.0.1.1",
"versionEndExcluding": "18.2.1.1",
"matchCriteriaId": "848BABEE-8496-4225-9E47-3CDB40CB8A86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "18.0.1.1",
"versionEndExcluding": "18.2.1.1",
"matchCriteriaId": "E45B3703-BF64-408E-A931-1D3C1DFFFA71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*",
"matchCriteriaId": "9144F644-A3D4-440C-8978-257E71204617"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*",
"matchCriteriaId": "6CB7AD22-F27B-4807-88F1-02ED420421D5"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32025",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

90
CVE-2023/CVE-2023-320xx/CVE-2023-32026.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-32026",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-16T01:15:28.017",
"lastModified": "2023-06-16T03:19:08.410",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T16:15:51.107",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota de Microsoft ODBC Driver para SQL Server"
}
],
"metrics": {
@ -34,10 +38,90 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "17.0.1.1",
"versionEndExcluding": "17.10.4.1",
"matchCriteriaId": "5CC2AE26-7BA1-4E45-97D3-6F9EE992FA98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*",
"versionStartIncluding": "17.0.1.1",
"versionEndExcluding": "17.10.4.1",
"matchCriteriaId": "49DA289E-FD25-4CB0-9165-9E836EC93DD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "17.0.1.1",
"versionEndExcluding": "17.10.4.1",
"matchCriteriaId": "E6185183-17DD-4A16-9E08-E1277F58829A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "18.0.1.1",
"versionEndExcluding": "18.2.1.1",
"matchCriteriaId": "493BBE3B-5302-4BA1-9F69-734AA10305D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*",
"versionStartIncluding": "18.0.1.1",
"versionEndExcluding": "18.2.1.1",
"matchCriteriaId": "848BABEE-8496-4225-9E47-3CDB40CB8A86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "18.0.1.1",
"versionEndExcluding": "18.2.1.1",
"matchCriteriaId": "E45B3703-BF64-408E-A931-1D3C1DFFFA71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*",
"matchCriteriaId": "9144F644-A3D4-440C-8978-257E71204617"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*",
"matchCriteriaId": "6CB7AD22-F27B-4807-88F1-02ED420421D5"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32026",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

72
CVE-2023/CVE-2023-32xx/CVE-2023-3276.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3276",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-15T13:15:09.773",
"lastModified": "2023-06-15T14:00:53.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T16:41:20.947",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -61,7 +83,7 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -69,20 +91,58 @@
"value": "CWE-611"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dromara:hutool:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.8.19",
"matchCriteriaId": "445E7DF7-C380-4C4B-B276-50553D571882"
}
]
}
]
}
],
"references": [
{
"url": "https://fbdhhhh47.github.io/2023/06/06/hutool-XXE/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.231626",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.231626",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-335xx/CVE-2023-33580.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-33580",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T16:15:09.637",
"lastModified": "2023-06-26T17:51:24.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Phpgurukul Student Study Center Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in the \"Admin Name\" field on Admin Profile page."
}
],
"metrics": {},
"references": [
{
"url": "http://packetstormsecurity.com/files/173030/Student-Study-Center-Management-System-1.0-Cross-Site-Scripting.html",
"source": "cve@mitre.org"
},
{
"url": "https://phpgurukul.com/student-study-center-management-system-using-php-and-mysql/",
"source": "cve@mitre.org"
}
]
}

63
CVE-2023/CVE-2023-33xx/CVE-2023-3308.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3308",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-18T09:15:09.677",
"lastModified": "2023-06-20T07:12:55.493",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:55:21.777",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,49 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:whaleal:icefrog:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "667685E7-7C58-4F05-BC6C-3646650C0706"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/NanKeXXX/selfVuln_poc/blob/main/whaleal%3Aicefrog/icefrog_1.1.8_RCE.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link",
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.231804",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.231804",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

58
CVE-2023/CVE-2023-33xx/CVE-2023-3309.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3309",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-18T12:15:09.267",
"lastModified": "2023-06-20T07:12:55.493",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T16:29:49.337",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:resort_reservation_system_project:resort_reservation_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "57B25E14-73A3-436D-900D-0E09E0A423DE"
}
]
}
]
}
],
"references": [
{
"url": "https://kr1shna4garwal.github.io/posts/cve-poc-2023/#cve-2023-3309",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.231805",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.231805",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-33xx/CVE-2023-3310.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3310",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-18T12:15:09.347",
"lastModified": "2023-06-20T07:12:55.493",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T16:30:16.967",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:agro-school_management_system_project:agro-school_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96ADB127-DE0B-4CD5-B718-C3E50D8AFDD5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/humaowei/CVEHub/blob/main/Agro-School%20Management%20System%20loaddata.php%20has%20Sqlinjection.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.231806",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.231806",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-33xx/CVE-2023-3311.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3311",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-18T15:15:11.660",
"lastModified": "2023-06-20T07:12:55.493",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T16:35:19.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online-shopping-system-advanced_project:online-shopping-system-advanced:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D09867D3-08E2-4CC7-8D28-F8D5A86F363D"
}
]
}
]
}
],
"references": [
{
"url": "https://kr1shna4garwal.github.io/posts/cve-poc-2023/#cve-2023-3311",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.231807",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.231807",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-341xx/CVE-2023-34154.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-34154",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-06-16T07:15:08.457",
"lastModified": "2023-06-16T12:47:18.707",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:51:03.840",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability of undefined permissions in HUAWEI VR screen projection.Successful exploitation of this vulnerability will cause third-party apps to create windows in an arbitrary way, consuming system resources."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12"
}
]
}
]
}
],
"references": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202306-0000001560777672",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-341xx/CVE-2023-34157.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34157",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-06-16T07:15:08.680",
"lastModified": "2023-06-16T12:47:18.707",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:49:44.913",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12"
}
]
}
]
}
],
"references": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202306-0000001560777672",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

83
CVE-2023/CVE-2023-346xx/CVE-2023-34609.json
View File

@ -2,31 +2,100 @@
"id": "CVE-2023-34609",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T14:15:09.860",
"lastModified": "2023-06-14T15:30:53.640",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:06:51.467",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered flexjson thru 3.3 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flexjson_project:flexjson:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3",
"matchCriteriaId": "10B99ED3-94E0-4EA7-B16C-330220166BBD"
}
]
}
]
}
],
"references": [
{
"url": "https://sourceforge.net/p/flexjson/bugs/48/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://sourceforge.net/p/flexjson/bugs/49/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://sourceforge.net/p/flexjson/bugs/50/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://sourceforge.net/p/flexjson/bugs/51/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

66
CVE-2023/CVE-2023-346xx/CVE-2023-34610.json
View File

@ -2,19 +2,77 @@
"id": "CVE-2023-34610",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T14:15:09.917",
"lastModified": "2023-06-14T15:30:53.640",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:11:37.297",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered json-io thru 4.14.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-io_project:json-io:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.14.0",
"matchCriteriaId": "5A526369-41E4-476D-97B1-590AD89A0070"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jdereg/json-io/issues/169",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

66
CVE-2023/CVE-2023-346xx/CVE-2023-34611.json
View File

@ -2,19 +2,77 @@
"id": "CVE-2023-34611",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T14:15:09.960",
"lastModified": "2023-06-14T15:30:53.640",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:14:33.747",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered mjson thru 1.4.1 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mjson_project:mjson:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.4.1",
"matchCriteriaId": "AA289745-73AE-438C-AE3F-8E9E6159ABD3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/bolerio/mjson/issues/40",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

66
CVE-2023/CVE-2023-346xx/CVE-2023-34612.json
View File

@ -2,19 +2,77 @@
"id": "CVE-2023-34612",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T14:15:10.007",
"lastModified": "2023-06-14T15:30:53.640",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:31:11.537",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered ph-json thru 9.5.5 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ph-json_project:ph-json:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.5.5",
"matchCriteriaId": "25409CC2-3971-4AD0-B0A3-F5839A9A2E9F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/phax/ph-commons/issues/35",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

66
CVE-2023/CVE-2023-346xx/CVE-2023-34624.json
View File

@ -2,19 +2,77 @@
"id": "CVE-2023-34624",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T14:15:10.360",
"lastModified": "2023-06-14T15:30:53.640",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:29:18.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered htmlcleaner thru = 2.28 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:htmlcleaner_project:htmlcleaner:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.28",
"matchCriteriaId": "FE2821CC-7FBE-42A3-95CF-84AB7843EACD"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/amplafi/htmlcleaner/issues/13",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-346xx/CVE-2023-34657.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34657",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-19T04:15:10.873",
"lastModified": "2023-06-20T07:12:55.493",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T16:26:30.057",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "Una vulnerabilidad de Cross-Site Scripting (XSS) almacenado en Eyoucms v1.6.2 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de una carga \u00fatil manipulada inyectada en el par\u00e1metro \"web_recordnum\". "
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eyoucms:eyoucms:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B87F220-D05C-4885-8C0E-E5BD8D8DFB66"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/weng-xianhu/eyoucms/issues/43",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

66
CVE-2023/CVE-2023-351xx/CVE-2023-35110.json
View File

@ -2,19 +2,77 @@
"id": "CVE-2023-35110",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T14:15:10.920",
"lastModified": "2023-06-14T15:30:49.300",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:27:13.500",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered jjson thru 0.1.7 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jjson_project:jjson:*:*:*:*:*:*:*:*",
"versionEndIncluding": "0.1.7",
"matchCriteriaId": "110AAF0C-AF40-41D1-AF6B-84402EA25913"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/grobmeier/jjson/issues/2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-351xx/CVE-2023-35116.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-35116",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T14:15:10.960",
"lastModified": "2023-06-19T15:15:09.280",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T16:52:40.273",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "** DISPUTED ** An issue was discovered jackson-databind thru 2.15.2 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that the product is not intended for use with untrusted input."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.15.2",
"matchCriteriaId": "318112DB-AF0E-49D0-B05D-A0569A7EDD71"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/FasterXML/jackson-databind/issues/3972",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

60
CVE-2023/CVE-2023-357xx/CVE-2023-35782.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35782",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-16T15:15:09.680",
"lastModified": "2023-06-16T16:41:02.630",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T17:43:26.517",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cve@mitre.org",
"type": "Secondary",
@ -34,10 +54,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ipandlanguageredirect_project:ipandlanguageredirect:*:*:*:*:*:typo3:*:*",
"versionEndExcluding": "5.1.2",
"matchCriteriaId": "00551313-8221-4052-9128-0BCAEFC9E4FB"
}
]
}
]
}
],
"references": [
{
"url": "https://typo3.org/security/advisory/typo3-ext-sa-2023-005",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

Some files were not shown because too many files have changed in this diff Show More