diff --git a/CVE-2017/CVE-2017-10004xx/CVE-2017-1000405.json b/CVE-2017/CVE-2017-10004xx/CVE-2017-1000405.json index 729d24196b0..d8551ed8356 100644 --- a/CVE-2017/CVE-2017-10004xx/CVE-2017-1000405.json +++ b/CVE-2017/CVE-2017-10004xx/CVE-2017-1000405.json @@ -2,8 +2,8 @@ "id": "CVE-2017-1000405", "sourceIdentifier": "cve@mitre.org", "published": "2017-11-30T22:29:00.217", - "lastModified": "2018-02-13T02:29:00.503", - "vulnStatus": "Modified", + "lastModified": "2023-06-26T16:55:42.617", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,13 +15,13 @@ } ], "metrics": { - "cvssMetricV30": [ + "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", @@ -85,9 +85,65 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "2.6.38", - "versionEndIncluding": "4.14", - "matchCriteriaId": "3BB96558-6F1B-4972-92B7-E6C6E4EAF36D" + "versionStartIncluding": "3.2.87", + "versionEndExcluding": "3.3", + "matchCriteriaId": "EDF220AE-D4D3-4C0B-BFCA-4DDB897A81FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.10.106", + "versionEndExcluding": "3.11", + "matchCriteriaId": "37623D83-3245-418B-AA79-7FFB56124AAB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.12.73", + "versionEndExcluding": "3.13", + "matchCriteriaId": "AB8D1C8F-5DE4-4255-B35E-85BEE71D518A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.16.42", + "versionEndExcluding": "3.16.52", + "matchCriteriaId": "6D8C2C4B-81CA-4D5D-9B18-6D93FC1B1B5B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.18.55", + "versionEndExcluding": "3.18.86", + "matchCriteriaId": "B38F58F2-22F3-41A2-B43D-FD9027FD2A7D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.1.41", + "versionEndExcluding": "4.1.48", + "matchCriteriaId": "871C0EA3-24B8-4D57-A72C-42F66AEED6D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.4.70", + "versionEndExcluding": "4.4.104", + "matchCriteriaId": "FCBEC938-9743-47A8-B536-D7B935A453A3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.9.7", + "versionEndExcluding": "4.9.67", + "matchCriteriaId": "1D4E9DE9-EA55-48F6-88BB-DBF18E65D76A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.4", + "matchCriteriaId": "526A67F6-8D42-4C55-99BE-B68231777244" } ] } @@ -105,11 +161,18 @@ }, { "url": "http://www.securitytracker.com/id/1040020", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2018:0180", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://medium.com/bindecy/huge-dirty-cow-cve-2017-1000405-110eca132de0", @@ -122,7 +185,10 @@ }, { "url": "https://source.android.com/security/bulletin/pixel/2018-02-01", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.exploit-db.com/exploits/43199/", diff --git a/CVE-2017/CVE-2017-116xx/CVE-2017-11600.json b/CVE-2017/CVE-2017-116xx/CVE-2017-11600.json index ddb66fc0f22..07b35c675b0 100644 --- a/CVE-2017/CVE-2017-116xx/CVE-2017-11600.json +++ b/CVE-2017/CVE-2017-116xx/CVE-2017-11600.json @@ -2,8 +2,8 @@ "id": "CVE-2017-11600", "sourceIdentifier": "cve@mitre.org", "published": "2017-07-24T07:29:00.183", - "lastModified": "2019-05-14T23:29:01.357", - "vulnStatus": "Modified", + "lastModified": "2023-06-26T16:55:48.547", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,13 +15,13 @@ } ], "metrics": { - "cvssMetricV30": [ + "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", @@ -85,8 +85,51 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionEndIncluding": "4.12.3", - "matchCriteriaId": "93B616B9-0E9C-48F4-B663-8278767861FB" + "versionStartIncluding": "2.6.21", + "versionEndExcluding": "3.2.93", + "matchCriteriaId": "D5928442-90C8-4CF4-99D6-FD6413331840" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.3", + "versionEndExcluding": "3.10.108", + "matchCriteriaId": "7AEC5142-D74C-40FD-9F20-286B9566A40E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.11", + "versionEndExcluding": "3.18.70", + "matchCriteriaId": "CB780C40-C214-45CC-8FD2-CBCEE5A4217D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.19", + "versionEndExcluding": "4.1.45", + "matchCriteriaId": "AEF05B4A-F2FD-4E86-9798-F55AAD1C1C61" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.2", + "versionEndExcluding": "4.4.87", + "matchCriteriaId": "5FEE2737-FAD8-4C80-925C-0270CE9B7A38" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.5", + "versionEndExcluding": "4.9.48", + "matchCriteriaId": "CAF50161-21D4-4D8A-AF13-2459A5103452" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.12.11", + "matchCriteriaId": "9463D887-C14C-404D-B58A-2BE16D1EF820" } ] } @@ -96,7 +139,11 @@ "references": [ { "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "http://seclists.org/bugtraq/2017/Jul/30", @@ -108,31 +155,53 @@ }, { "url": "http://www.debian.org/security/2017/dsa-3981", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://www.securityfocus.com/bid/99928", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2018:1965", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2018:2003", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2019:1170", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2019:1190", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://source.android.com/security/bulletin/pixel/2017-11-01", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-219xx/CVE-2021-21948.json b/CVE-2021/CVE-2021-219xx/CVE-2021-21948.json index d1b2ec2f634..5084107af84 100644 --- a/CVE-2021/CVE-2021-219xx/CVE-2021-21948.json +++ b/CVE-2021/CVE-2021-219xx/CVE-2021-21948.json @@ -2,7 +2,7 @@ "id": "CVE-2021-21948", "sourceIdentifier": "talos-cna@cisco.com", "published": "2022-04-14T20:15:08.513", - "lastModified": "2022-04-21T15:40:30.787", + "lastModified": "2023-06-26T18:00:05.753", "vulnStatus": "Analyzed", "descriptions": [ { @@ -92,7 +92,7 @@ "description": [ { "lang": "en", - "value": "CWE-787" + "value": "CWE-190" } ] }, diff --git a/CVE-2021/CVE-2021-248xx/CVE-2021-24881.json b/CVE-2021/CVE-2021-248xx/CVE-2021-24881.json index 03931aa6028..1f93db02b37 100644 --- a/CVE-2021/CVE-2021-248xx/CVE-2021-24881.json +++ b/CVE-2021/CVE-2021-248xx/CVE-2021-24881.json @@ -2,7 +2,7 @@ "id": "CVE-2021-24881", "sourceIdentifier": "contact@wpscan.com", "published": "2023-01-23T15:15:13.147", - "lastModified": "2023-01-30T19:25:46.660", + "lastModified": "2023-06-26T17:47:21.500", "vulnStatus": "Analyzed", "descriptions": [ { @@ -36,8 +36,18 @@ }, "weaknesses": [ { - "source": "contact@wpscan.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, + { + "source": "contact@wpscan.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2021/CVE-2021-266xx/CVE-2021-26634.json b/CVE-2021/CVE-2021-266xx/CVE-2021-26634.json index 79b9b67a553..4832bbc428c 100644 --- a/CVE-2021/CVE-2021-266xx/CVE-2021-26634.json +++ b/CVE-2021/CVE-2021-266xx/CVE-2021-26634.json @@ -2,7 +2,7 @@ "id": "CVE-2021-26634", "sourceIdentifier": "vuln@krcert.or.kr", "published": "2022-06-02T14:15:28.243", - "lastModified": "2022-06-09T17:32:50.283", + "lastModified": "2023-06-26T17:59:11.773", "vulnStatus": "Analyzed", "descriptions": [ { @@ -90,7 +90,7 @@ "description": [ { "lang": "en", - "value": "CWE-20" + "value": "CWE-434" } ] }, @@ -148,6 +148,7 @@ "url": "https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66746", "source": "vuln@krcert.or.kr", "tags": [ + "Broken Link", "Third Party Advisory" ] } diff --git a/CVE-2021/CVE-2021-266xx/CVE-2021-26635.json b/CVE-2021/CVE-2021-266xx/CVE-2021-26635.json index 2d8685abc1f..8ed1a1f3fe0 100644 --- a/CVE-2021/CVE-2021-266xx/CVE-2021-26635.json +++ b/CVE-2021/CVE-2021-266xx/CVE-2021-26635.json @@ -2,7 +2,7 @@ "id": "CVE-2021-26635", "sourceIdentifier": "vuln@krcert.or.kr", "published": "2022-06-02T14:15:28.307", - "lastModified": "2022-06-09T16:45:35.180", + "lastModified": "2023-06-26T17:58:58.730", "vulnStatus": "Analyzed", "descriptions": [ { @@ -90,7 +90,7 @@ "description": [ { "lang": "en", - "value": "CWE-787" + "value": "CWE-843" } ] }, @@ -128,6 +128,7 @@ "url": "https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66747", "source": "vuln@krcert.or.kr", "tags": [ + "Broken Link", "Third Party Advisory" ] } diff --git a/CVE-2021/CVE-2021-266xx/CVE-2021-26637.json b/CVE-2021/CVE-2021-266xx/CVE-2021-26637.json index 76d67b311a9..f768a87c457 100644 --- a/CVE-2021/CVE-2021-266xx/CVE-2021-26637.json +++ b/CVE-2021/CVE-2021-266xx/CVE-2021-26637.json @@ -2,7 +2,7 @@ "id": "CVE-2021-26637", "sourceIdentifier": "vuln@krcert.or.kr", "published": "2022-06-23T17:15:11.223", - "lastModified": "2022-06-29T16:50:22.437", + "lastModified": "2023-06-26T17:49:21.467", "vulnStatus": "Analyzed", "descriptions": [ { @@ -90,7 +90,11 @@ "description": [ { "lang": "en", - "value": "CWE-287" + "value": "CWE-306" + }, + { + "lang": "en", + "value": "CWE-862" } ] }, @@ -208,6 +212,7 @@ "url": "https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66782", "source": "vuln@krcert.or.kr", "tags": [ + "Broken Link", "Third Party Advisory", "VDB Entry" ] diff --git a/CVE-2021/CVE-2021-267xx/CVE-2021-26732.json b/CVE-2021/CVE-2021-267xx/CVE-2021-26732.json index 56f5628f8f6..f7837751d4d 100644 --- a/CVE-2021/CVE-2021-267xx/CVE-2021-26732.json +++ b/CVE-2021/CVE-2021-267xx/CVE-2021-26732.json @@ -2,7 +2,7 @@ "id": "CVE-2021-26732", "sourceIdentifier": "prodsec@nozominetworks.com", "published": "2022-10-24T14:15:48.360", - "lastModified": "2023-02-03T02:31:23.117", + "lastModified": "2023-06-26T17:47:27.873", "vulnStatus": "Analyzed", "descriptions": [ { @@ -65,7 +65,7 @@ "description": [ { "lang": "en", - "value": "CWE-862" + "value": "NVD-CWE-Other" } ] }, diff --git a/CVE-2021/CVE-2021-328xx/CVE-2021-32845.json b/CVE-2021/CVE-2021-328xx/CVE-2021-32845.json index 28d603a7627..7441f49f743 100644 --- a/CVE-2021/CVE-2021-328xx/CVE-2021-32845.json +++ b/CVE-2021/CVE-2021-328xx/CVE-2021-32845.json @@ -2,7 +2,7 @@ "id": "CVE-2021-32845", "sourceIdentifier": "security-advisories@github.com", "published": "2023-02-17T23:15:11.963", - "lastModified": "2023-02-28T20:29:26.297", + "lastModified": "2023-06-26T17:47:09.283", "vulnStatus": "Analyzed", "descriptions": [ { @@ -61,7 +61,7 @@ "description": [ { "lang": "en", - "value": "CWE-908" + "value": "CWE-252" } ] }, diff --git a/CVE-2021/CVE-2021-328xx/CVE-2021-32846.json b/CVE-2021/CVE-2021-328xx/CVE-2021-32846.json index 06f7799698a..e1c6302126c 100644 --- a/CVE-2021/CVE-2021-328xx/CVE-2021-32846.json +++ b/CVE-2021/CVE-2021-328xx/CVE-2021-32846.json @@ -2,7 +2,7 @@ "id": "CVE-2021-32846", "sourceIdentifier": "security-advisories@github.com", "published": "2023-02-17T23:15:12.037", - "lastModified": "2023-02-28T20:28:54.537", + "lastModified": "2023-06-26T17:47:01.820", "vulnStatus": "Analyzed", "descriptions": [ { @@ -61,7 +61,7 @@ "description": [ { "lang": "en", - "value": "CWE-908" + "value": "CWE-754" } ] }, diff --git a/CVE-2021/CVE-2021-34xx/CVE-2021-3433.json b/CVE-2021/CVE-2021-34xx/CVE-2021-3433.json index 56f938c4e10..98516a35074 100644 --- a/CVE-2021/CVE-2021-34xx/CVE-2021-3433.json +++ b/CVE-2021/CVE-2021-34xx/CVE-2021-3433.json @@ -2,7 +2,7 @@ "id": "CVE-2021-3433", "sourceIdentifier": "vulnerabilities@zephyrproject.org", "published": "2022-06-28T20:15:08.187", - "lastModified": "2022-07-08T15:07:55.960", + "lastModified": "2023-06-26T17:49:17.663", "vulnStatus": "Analyzed", "descriptions": [ { @@ -90,7 +90,7 @@ "description": [ { "lang": "en", - "value": "CWE-755" + "value": "NVD-CWE-Other" } ] }, diff --git a/CVE-2021/CVE-2021-352xx/CVE-2021-35254.json b/CVE-2021/CVE-2021-352xx/CVE-2021-35254.json index 96b18a5d648..95737d908a7 100644 --- a/CVE-2021/CVE-2021-352xx/CVE-2021-35254.json +++ b/CVE-2021/CVE-2021-352xx/CVE-2021-35254.json @@ -2,7 +2,7 @@ "id": "CVE-2021-35254", "sourceIdentifier": "psirt@solarwinds.com", "published": "2022-03-25T19:15:08.913", - "lastModified": "2022-03-31T15:28:08.257", + "lastModified": "2023-06-26T17:53:00.060", "vulnStatus": "Analyzed", "descriptions": [ { @@ -90,7 +90,7 @@ "description": [ { "lang": "en", - "value": "CWE-20" + "value": "NVD-CWE-Other" } ] }, diff --git a/CVE-2021/CVE-2021-355xx/CVE-2021-35530.json b/CVE-2021/CVE-2021-355xx/CVE-2021-35530.json index f63db154318..73796cb62b9 100644 --- a/CVE-2021/CVE-2021-355xx/CVE-2021-35530.json +++ b/CVE-2021/CVE-2021-355xx/CVE-2021-35530.json @@ -2,7 +2,7 @@ "id": "CVE-2021-35530", "sourceIdentifier": "cybersecurity@hitachienergy.com", "published": "2022-06-07T21:15:14.640", - "lastModified": "2023-04-19T15:32:25.210", + "lastModified": "2023-06-26T17:58:56.477", "vulnStatus": "Analyzed", "descriptions": [ { @@ -90,7 +90,7 @@ "description": [ { "lang": "en", - "value": "CWE-287" + "value": "NVD-CWE-Other" } ] }, diff --git a/CVE-2021/CVE-2021-355xx/CVE-2021-35531.json b/CVE-2021/CVE-2021-355xx/CVE-2021-35531.json index 5e9536d6fc6..f22216775e4 100644 --- a/CVE-2021/CVE-2021-355xx/CVE-2021-35531.json +++ b/CVE-2021/CVE-2021-355xx/CVE-2021-35531.json @@ -2,7 +2,7 @@ "id": "CVE-2021-35531", "sourceIdentifier": "cybersecurity@hitachienergy.com", "published": "2022-06-07T21:15:14.720", - "lastModified": "2023-04-19T15:32:25.210", + "lastModified": "2023-06-26T17:58:52.407", "vulnStatus": "Analyzed", "descriptions": [ { @@ -70,7 +70,7 @@ "description": [ { "lang": "en", - "value": "CWE-20" + "value": "CWE-78" } ] }, diff --git a/CVE-2021/CVE-2021-359xx/CVE-2021-35937.json b/CVE-2021/CVE-2021-359xx/CVE-2021-35937.json index aa2f35b7c99..8aad49a39e6 100644 --- a/CVE-2021/CVE-2021-359xx/CVE-2021-35937.json +++ b/CVE-2021/CVE-2021-359xx/CVE-2021-35937.json @@ -2,7 +2,7 @@ "id": "CVE-2021-35937", "sourceIdentifier": "secalert@redhat.com", "published": "2022-08-25T20:15:09.243", - "lastModified": "2022-11-16T20:05:07.723", + "lastModified": "2023-06-26T17:48:36.517", "vulnStatus": "Analyzed", "descriptions": [ { @@ -40,21 +40,17 @@ }, "weaknesses": [ { - "source": "secalert@redhat.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-367" - }, - { - "lang": "en", - "value": "CWE-59" } ] }, { - "source": "nvd@nist.gov", + "source": "secalert@redhat.com", "type": "Secondary", "description": [ { @@ -152,8 +148,7 @@ "url": "https://rpm.org/wiki/Releases/4.18.0", "source": "secalert@redhat.com", "tags": [ - "Release Notes", - "Vendor Advisory" + "Release Notes" ] }, { diff --git a/CVE-2021/CVE-2021-36xx/CVE-2021-3675.json b/CVE-2021/CVE-2021-36xx/CVE-2021-3675.json index 17767520d11..acab105ac1b 100644 --- a/CVE-2021/CVE-2021-36xx/CVE-2021-3675.json +++ b/CVE-2021/CVE-2021-36xx/CVE-2021-3675.json @@ -2,7 +2,7 @@ "id": "CVE-2021-3675", "sourceIdentifier": "PSIRT@synaptics.com", "published": "2022-06-16T17:15:07.593", - "lastModified": "2022-07-05T20:29:12.387", + "lastModified": "2023-06-26T17:49:26.863", "vulnStatus": "Analyzed", "descriptions": [ { @@ -90,7 +90,7 @@ "description": [ { "lang": "en", - "value": "CWE-20" + "value": "CWE-787" } ] }, diff --git a/CVE-2021/CVE-2021-374xx/CVE-2021-37404.json b/CVE-2021/CVE-2021-374xx/CVE-2021-37404.json index 9f07891eeb0..8598d891178 100644 --- a/CVE-2021/CVE-2021-374xx/CVE-2021-37404.json +++ b/CVE-2021/CVE-2021-374xx/CVE-2021-37404.json @@ -2,7 +2,7 @@ "id": "CVE-2021-37404", "sourceIdentifier": "security@apache.org", "published": "2022-06-13T07:15:08.327", - "lastModified": "2022-10-27T16:15:35.113", + "lastModified": "2023-06-26T17:58:44.603", "vulnStatus": "Analyzed", "descriptions": [ { @@ -70,7 +70,7 @@ "description": [ { "lang": "en", - "value": "CWE-120" + "value": "CWE-787" } ] }, @@ -130,8 +130,7 @@ "url": "https://lists.apache.org/thread/2h56ztcj3ojc66qzf1nno88vjw9vd4wo", "source": "security@apache.org", "tags": [ - "Mailing List", - "Vendor Advisory" + "Mailing List" ] }, { diff --git a/CVE-2021/CVE-2021-37xx/CVE-2021-3782.json b/CVE-2021/CVE-2021-37xx/CVE-2021-3782.json index e28700eadf3..8b573ac0262 100644 --- a/CVE-2021/CVE-2021-37xx/CVE-2021-3782.json +++ b/CVE-2021/CVE-2021-37xx/CVE-2021-3782.json @@ -2,7 +2,7 @@ "id": "CVE-2021-3782", "sourceIdentifier": "secalert@redhat.com", "published": "2022-09-23T16:15:10.143", - "lastModified": "2023-06-01T17:57:41.023", + "lastModified": "2023-06-26T17:47:45.693", "vulnStatus": "Analyzed", "descriptions": [ { @@ -45,7 +45,7 @@ "description": [ { "lang": "en", - "value": "NVD-CWE-Other" + "value": "CWE-190" } ] }, diff --git a/CVE-2021/CVE-2021-398xx/CVE-2021-39820.json b/CVE-2021/CVE-2021-398xx/CVE-2021-39820.json index 398032d13b6..0eb008cc546 100644 --- a/CVE-2021/CVE-2021-398xx/CVE-2021-39820.json +++ b/CVE-2021/CVE-2021-398xx/CVE-2021-39820.json @@ -2,7 +2,7 @@ "id": "CVE-2021-39820", "sourceIdentifier": "psirt@adobe.com", "published": "2022-06-15T17:15:08.403", - "lastModified": "2022-06-24T13:45:58.787", + "lastModified": "2023-06-26T17:57:14.253", "vulnStatus": "Analyzed", "descriptions": [ { @@ -65,8 +65,18 @@ }, "weaknesses": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2021/CVE-2021-403xx/CVE-2021-40336.json b/CVE-2021/CVE-2021-403xx/CVE-2021-40336.json index c06c0ddc487..d780c97a225 100644 --- a/CVE-2021/CVE-2021-403xx/CVE-2021-40336.json +++ b/CVE-2021/CVE-2021-403xx/CVE-2021-40336.json @@ -2,7 +2,7 @@ "id": "CVE-2021-40336", "sourceIdentifier": "cybersecurity@hitachienergy.com", "published": "2022-07-25T15:15:09.247", - "lastModified": "2023-04-19T15:32:25.210", + "lastModified": "2023-06-26T17:49:15.913", "vulnStatus": "Analyzed", "descriptions": [ { @@ -65,7 +65,7 @@ "description": [ { "lang": "en", - "value": "CWE-352" + "value": "CWE-74" } ] }, diff --git a/CVE-2021/CVE-2021-428xx/CVE-2021-42849.json b/CVE-2021/CVE-2021-428xx/CVE-2021-42849.json index 9440dca8f91..1475ff9c3fa 100644 --- a/CVE-2021/CVE-2021-428xx/CVE-2021-42849.json +++ b/CVE-2021/CVE-2021-428xx/CVE-2021-42849.json @@ -2,7 +2,7 @@ "id": "CVE-2021-42849", "sourceIdentifier": "psirt@lenovo.com", "published": "2022-05-18T16:15:08.247", - "lastModified": "2022-05-26T17:09:49.180", + "lastModified": "2023-06-26T17:59:32.433", "vulnStatus": "Analyzed", "descriptions": [ { @@ -90,7 +90,7 @@ "description": [ { "lang": "en", - "value": "CWE-798" + "value": "CWE-287" } ] }, diff --git a/CVE-2021/CVE-2021-42xx/CVE-2021-4294.json b/CVE-2021/CVE-2021-42xx/CVE-2021-4294.json index 454e1323540..2b92ece3f00 100644 --- a/CVE-2021/CVE-2021-42xx/CVE-2021-4294.json +++ b/CVE-2021/CVE-2021-42xx/CVE-2021-4294.json @@ -2,7 +2,7 @@ "id": "CVE-2021-4294", "sourceIdentifier": "cna@vuldb.com", "published": "2022-12-28T17:15:09.067", - "lastModified": "2023-01-06T20:34:11.007", + "lastModified": "2023-06-26T17:47:23.483", "vulnStatus": "Analyzed", "descriptions": [ { @@ -110,29 +110,28 @@ "url": "https://github.com/openshift/osin/commit/8612686d6dda34ae9ef6b5a974e4b7accb4fea29", "source": "cna@vuldb.com", "tags": [ - "Patch", - "Third Party Advisory" + "Patch" ] }, { "url": "https://github.com/openshift/osin/pull/200", "source": "cna@vuldb.com", "tags": [ - "Third Party Advisory" + "Issue Tracking" ] }, { "url": "https://vuldb.com/?ctiid.216987", "source": "cna@vuldb.com", "tags": [ - "Third Party Advisory" + "Permissions Required" ] }, { "url": "https://vuldb.com/?id.216987", "source": "cna@vuldb.com", "tags": [ - "Third Party Advisory" + "Permissions Required" ] } ] diff --git a/CVE-2021/CVE-2021-437xx/CVE-2021-43754.json b/CVE-2021/CVE-2021-437xx/CVE-2021-43754.json index 5c87ce599a6..3586757f12f 100644 --- a/CVE-2021/CVE-2021-437xx/CVE-2021-43754.json +++ b/CVE-2021/CVE-2021-437xx/CVE-2021-43754.json @@ -2,7 +2,7 @@ "id": "CVE-2021-43754", "sourceIdentifier": "psirt@adobe.com", "published": "2022-06-15T19:15:10.207", - "lastModified": "2022-06-24T18:59:34.423", + "lastModified": "2023-06-26T17:49:51.797", "vulnStatus": "Analyzed", "descriptions": [ { @@ -70,7 +70,7 @@ "description": [ { "lang": "en", - "value": "CWE-119" + "value": "CWE-787" } ] }, diff --git a/CVE-2021/CVE-2021-437xx/CVE-2021-43755.json b/CVE-2021/CVE-2021-437xx/CVE-2021-43755.json index 471288a22b2..1b9ae32fb6b 100644 --- a/CVE-2021/CVE-2021-437xx/CVE-2021-43755.json +++ b/CVE-2021/CVE-2021-437xx/CVE-2021-43755.json @@ -2,7 +2,7 @@ "id": "CVE-2021-43755", "sourceIdentifier": "psirt@adobe.com", "published": "2022-06-15T20:15:17.440", - "lastModified": "2022-06-24T17:05:39.237", + "lastModified": "2023-06-26T17:49:31.020", "vulnStatus": "Analyzed", "descriptions": [ { @@ -65,8 +65,18 @@ }, "weaknesses": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2021/CVE-2021-437xx/CVE-2021-43756.json b/CVE-2021/CVE-2021-437xx/CVE-2021-43756.json index 7387df058dc..a1dcd6c4e1b 100644 --- a/CVE-2021/CVE-2021-437xx/CVE-2021-43756.json +++ b/CVE-2021/CVE-2021-437xx/CVE-2021-43756.json @@ -2,7 +2,7 @@ "id": "CVE-2021-43756", "sourceIdentifier": "psirt@adobe.com", "published": "2022-06-15T19:15:10.270", - "lastModified": "2022-06-24T17:01:53.403", + "lastModified": "2023-06-26T17:49:46.783", "vulnStatus": "Analyzed", "descriptions": [ { @@ -65,8 +65,18 @@ }, "weaknesses": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2021/CVE-2021-43xx/CVE-2021-4315.json b/CVE-2021/CVE-2021-43xx/CVE-2021-4315.json index 4b3d9db9fbd..d3e5c12f642 100644 --- a/CVE-2021/CVE-2021-43xx/CVE-2021-4315.json +++ b/CVE-2021/CVE-2021-43xx/CVE-2021-4315.json @@ -2,7 +2,7 @@ "id": "CVE-2021-4315", "sourceIdentifier": "cna@vuldb.com", "published": "2023-01-28T23:15:08.687", - "lastModified": "2023-02-07T19:55:10.517", + "lastModified": "2023-06-26T17:47:18.837", "vulnStatus": "Analyzed", "descriptions": [ { @@ -83,8 +83,18 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -116,39 +126,35 @@ "url": "https://github.com/NYUCCL/psiTurk/commit/47787e15cecd66f2aa87687bf852ae0194a4335f", "source": "cna@vuldb.com", "tags": [ - "Patch", - "Third Party Advisory" + "Patch" ] }, { "url": "https://github.com/NYUCCL/psiTurk/pull/517", "source": "cna@vuldb.com", "tags": [ - "Exploit", - "Patch", - "Third Party Advisory" + "Issue Tracking" ] }, { "url": "https://github.com/NYUCCL/psiTurk/releases/tag/v3.2.1", "source": "cna@vuldb.com", "tags": [ - "Release Notes", - "Third Party Advisory" + "Release Notes" ] }, { "url": "https://vuldb.com/?ctiid.219676", "source": "cna@vuldb.com", "tags": [ - "Third Party Advisory" + "Permissions Required" ] }, { "url": "https://vuldb.com/?id.219676", "source": "cna@vuldb.com", "tags": [ - "Third Party Advisory" + "Permissions Required" ] } ] diff --git a/CVE-2021/CVE-2021-454xx/CVE-2021-45477.json b/CVE-2021/CVE-2021-454xx/CVE-2021-45477.json index fee9f2e66ce..0a92907d379 100644 --- a/CVE-2021/CVE-2021-454xx/CVE-2021-45477.json +++ b/CVE-2021/CVE-2021-454xx/CVE-2021-45477.json @@ -2,7 +2,7 @@ "id": "CVE-2021-45477", "sourceIdentifier": "cve@usom.gov.tr", "published": "2023-03-02T09:15:08.993", - "lastModified": "2023-03-09T14:47:08.970", + "lastModified": "2023-06-26T17:02:53.127", "vulnStatus": "Analyzed", "descriptions": [ { @@ -61,7 +61,7 @@ "description": [ { "lang": "en", - "value": "NVD-CWE-noinfo" + "value": "NVD-CWE-Other" } ] }, diff --git a/CVE-2021/CVE-2021-454xx/CVE-2021-45478.json b/CVE-2021/CVE-2021-454xx/CVE-2021-45478.json index 2de70e685ec..806e18b0a4c 100644 --- a/CVE-2021/CVE-2021-454xx/CVE-2021-45478.json +++ b/CVE-2021/CVE-2021-454xx/CVE-2021-45478.json @@ -2,7 +2,7 @@ "id": "CVE-2021-45478", "sourceIdentifier": "cve@usom.gov.tr", "published": "2023-03-02T09:15:09.223", - "lastModified": "2023-03-09T14:46:53.150", + "lastModified": "2023-06-26T17:02:39.470", "vulnStatus": "Analyzed", "descriptions": [ { @@ -61,7 +61,7 @@ "description": [ { "lang": "en", - "value": "NVD-CWE-noinfo" + "value": "NVD-CWE-Other" } ] }, diff --git a/CVE-2021/CVE-2021-459xx/CVE-2021-45918.json b/CVE-2021/CVE-2021-459xx/CVE-2021-45918.json index 8aac7ee4907..ec308198027 100644 --- a/CVE-2021/CVE-2021-459xx/CVE-2021-45918.json +++ b/CVE-2021/CVE-2021-459xx/CVE-2021-45918.json @@ -2,7 +2,7 @@ "id": "CVE-2021-45918", "sourceIdentifier": "twcert@cert.org.tw", "published": "2022-06-20T06:15:08.503", - "lastModified": "2022-06-27T18:28:20.993", + "lastModified": "2023-06-26T17:49:23.250", "vulnStatus": "Analyzed", "descriptions": [ { @@ -90,7 +90,7 @@ "description": [ { "lang": "en", - "value": "CWE-787" + "value": "CWE-1284" } ] }, diff --git a/CVE-2022/CVE-2022-00xx/CVE-2022-0027.json b/CVE-2022/CVE-2022-00xx/CVE-2022-0027.json index 98f8827ba7e..aafdf9fade4 100644 --- a/CVE-2022/CVE-2022-00xx/CVE-2022-0027.json +++ b/CVE-2022/CVE-2022-00xx/CVE-2022-0027.json @@ -2,7 +2,7 @@ "id": "CVE-2022-0027", "sourceIdentifier": "psirt@paloaltonetworks.com", "published": "2022-05-11T17:15:09.343", - "lastModified": "2022-05-20T13:30:06.907", + "lastModified": "2023-06-26T17:59:39.267", "vulnStatus": "Analyzed", "descriptions": [ { @@ -90,7 +90,7 @@ "description": [ { "lang": "en", - "value": "CWE-863" + "value": "NVD-CWE-Other" } ] }, diff --git a/CVE-2022/CVE-2022-02xx/CVE-2022-0217.json b/CVE-2022/CVE-2022-02xx/CVE-2022-0217.json index 8eb46b12303..6d5ffbebc16 100644 --- a/CVE-2022/CVE-2022-02xx/CVE-2022-0217.json +++ b/CVE-2022/CVE-2022-02xx/CVE-2022-0217.json @@ -2,7 +2,7 @@ "id": "CVE-2022-0217", "sourceIdentifier": "secalert@redhat.com", "published": "2022-08-26T18:15:08.833", - "lastModified": "2022-09-01T19:04:07.887", + "lastModified": "2023-06-26T17:48:33.123", "vulnStatus": "Analyzed", "descriptions": [ { @@ -43,6 +43,10 @@ "source": "nvd@nist.gov", "type": "Primary", "description": [ + { + "lang": "en", + "value": "CWE-611" + }, { "lang": "en", "value": "CWE-776" diff --git a/CVE-2022/CVE-2022-04xx/CVE-2022-0421.json b/CVE-2022/CVE-2022-04xx/CVE-2022-0421.json index b82a641364b..9cfde8964b5 100644 --- a/CVE-2022/CVE-2022-04xx/CVE-2022-0421.json +++ b/CVE-2022/CVE-2022-04xx/CVE-2022-0421.json @@ -2,7 +2,7 @@ "id": "CVE-2022-0421", "sourceIdentifier": "contact@wpscan.com", "published": "2022-11-21T11:15:19.153", - "lastModified": "2022-11-23T15:45:28.553", + "lastModified": "2023-06-26T17:47:25.550", "vulnStatus": "Analyzed", "descriptions": [ { @@ -41,7 +41,7 @@ "description": [ { "lang": "en", - "value": "CWE-862" + "value": "CWE-116" } ] }, diff --git a/CVE-2022/CVE-2022-05xx/CVE-2022-0541.json b/CVE-2022/CVE-2022-05xx/CVE-2022-0541.json index d64b9933267..8ecbafc88d4 100644 --- a/CVE-2022/CVE-2022-05xx/CVE-2022-0541.json +++ b/CVE-2022/CVE-2022-05xx/CVE-2022-0541.json @@ -2,7 +2,7 @@ "id": "CVE-2022-0541", "sourceIdentifier": "contact@wpscan.com", "published": "2022-04-25T16:16:07.700", - "lastModified": "2022-05-04T14:33:51.263", + "lastModified": "2023-06-26T17:59:57.957", "vulnStatus": "Analyzed", "descriptions": [ { @@ -65,8 +65,18 @@ }, "weaknesses": [ { - "source": "contact@wpscan.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, + { + "source": "contact@wpscan.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33652.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33652.json index 839aefa8778..845d85f3e6c 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33652.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33652.json @@ -2,8 +2,8 @@ "id": "CVE-2022-33652", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:12.657", - "lastModified": "2023-05-17T17:15:14.953", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-06-26T16:01:16.937", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -41,19 +41,19 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", - "attackComplexity": "HIGH", + "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", - "baseScore": 4.4, + "baseScore": 4.9, "baseSeverity": "MEDIUM" }, - "exploitabilityScore": 0.7, + "exploitabilityScore": 1.2, "impactScore": 3.6 } ], @@ -63,17 +63,17 @@ "type": "Primary", "cvssData": { "version": "2.0", - "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "accessVector": "NETWORK", - "accessComplexity": "MEDIUM", + "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE", - "baseScore": 3.5 + "baseScore": 4.0 }, - "baseSeverity": "LOW", - "exploitabilityScore": 6.8, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, @@ -116,7 +116,10 @@ "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33652", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-336xx/CVE-2022-33658.json b/CVE-2022/CVE-2022-336xx/CVE-2022-33658.json index a8f3fbbdeb9..f064ecac6da 100644 --- a/CVE-2022/CVE-2022-336xx/CVE-2022-33658.json +++ b/CVE-2022/CVE-2022-336xx/CVE-2022-33658.json @@ -2,8 +2,8 @@ "id": "CVE-2022-33658", "sourceIdentifier": "secure@microsoft.com", "published": "2022-07-12T23:15:12.997", - "lastModified": "2023-05-17T17:15:15.497", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-06-26T16:02:58.513", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -41,19 +41,19 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", - "attackComplexity": "HIGH", + "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", - "baseScore": 4.4, + "baseScore": 4.9, "baseSeverity": "MEDIUM" }, - "exploitabilityScore": 0.7, + "exploitabilityScore": 1.2, "impactScore": 3.6 } ], @@ -63,17 +63,17 @@ "type": "Primary", "cvssData": { "version": "2.0", - "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "accessVector": "NETWORK", - "accessComplexity": "MEDIUM", + "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE", - "baseScore": 3.5 + "baseScore": 4.0 }, - "baseSeverity": "LOW", - "exploitabilityScore": 6.8, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, @@ -116,7 +116,10 @@ "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33658", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-400xx/CVE-2022-40010.json b/CVE-2022/CVE-2022-400xx/CVE-2022-40010.json new file mode 100644 index 00000000000..8a7c375aeb5 --- /dev/null +++ b/CVE-2022/CVE-2022-400xx/CVE-2022-40010.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-40010", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-26T17:15:09.310", + "lastModified": "2023-06-26T17:51:24.007", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Tenda AC6 AC1200 Smart Dual-Band WiFi Router 15.03.06.50_multi was discovered to contain a cross-site scripting (XSS) vulnerability via the deviceId parameter in the Parental Control module." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://packetstormsecurity.com/files/173029/Tenda-AC6-AC1200-15.03.06.50_multi-Cross-Site-Scripting.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-43xx/CVE-2022-4379.json b/CVE-2022/CVE-2022-43xx/CVE-2022-4379.json index 075282ea649..68a33d177fe 100644 --- a/CVE-2022/CVE-2022-43xx/CVE-2022-4379.json +++ b/CVE-2022/CVE-2022-43xx/CVE-2022-4379.json @@ -2,8 +2,8 @@ "id": "CVE-2022-4379", "sourceIdentifier": "secalert@redhat.com", "published": "2023-01-10T22:15:14.097", - "lastModified": "2023-05-03T01:15:09.583", - "vulnStatus": "Modified", + "lastModified": "2023-06-26T16:55:23.290", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -35,6 +35,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -56,53 +66,23 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionEndExcluding": "6.1", - "matchCriteriaId": "9064B383-DD48-40A2-8947-F5BA6E6B6713" + "versionStartIncluding": "5.6", + "versionEndExcluding": "5.10.177", + "matchCriteriaId": "98341430-98CD-48EB-BD2E-D8C7105EDE74" }, { "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:-:*:*:*:*:*:*", - "matchCriteriaId": "DE093B34-F4CD-4052-8122-730D6537A91A" + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.105", + "matchCriteriaId": "0888AE70-CB0A-45C0-B9BD-A5371244C8DB" }, { "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*", - "matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*", - "matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*", - "matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*", - "matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*", - "matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*", - "matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*", - "matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*", - "matchCriteriaId": "21718AA4-4056-40F2-968E-BDAA465A7872" + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.3", + "matchCriteriaId": "59C906A3-824B-46E7-861F-1FF4044063A1" } ] } @@ -148,15 +128,27 @@ }, { "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LECFVUHKIRBV5JJBE3KQCLGKNYJPBRCN/", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAVD6JIILAVSRHZ4VXSV3RAAGUXKVXZA/", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://seclists.org/oss-sec/2022/q4/185", diff --git a/CVE-2022/CVE-2022-448xx/CVE-2022-44875.json b/CVE-2022/CVE-2022-448xx/CVE-2022-44875.json index 0ffe54103a7..18e21ebb4c3 100644 --- a/CVE-2022/CVE-2022-448xx/CVE-2022-44875.json +++ b/CVE-2022/CVE-2022-448xx/CVE-2022-44875.json @@ -2,7 +2,7 @@ "id": "CVE-2022-44875", "sourceIdentifier": "cve@mitre.org", "published": "2023-03-06T05:15:11.703", - "lastModified": "2023-03-13T17:10:42.820", + "lastModified": "2023-06-26T16:18:00.480", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,9 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:kioware:kiowave:*:*:*:*:*:windows:*:*", + "criteria": "cpe:2.3:a:kioware:kioware:*:*:*:*:*:windows:*:*", "versionEndIncluding": "8.33", - "matchCriteriaId": "545EE296-40C8-4B14-AEAE-8EB80FE04D10" + "matchCriteriaId": "064FCB8D-FB5D-482C-9C07-7619E3EF6685" } ] } diff --git a/CVE-2022/CVE-2022-47xx/CVE-2022-4744.json b/CVE-2022/CVE-2022-47xx/CVE-2022-4744.json index 3d2627a7a72..0e5711f4ba4 100644 --- a/CVE-2022/CVE-2022-47xx/CVE-2022-4744.json +++ b/CVE-2022/CVE-2022-47xx/CVE-2022-4744.json @@ -2,8 +2,8 @@ "id": "CVE-2022-4744", "sourceIdentifier": "secalert@redhat.com", "published": "2023-03-30T21:15:06.497", - "lastModified": "2023-05-26T20:15:28.007", - "vulnStatus": "Modified", + "lastModified": "2023-06-26T16:57:30.247", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -69,8 +69,17 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc7:*:*:*:*:*:*", - "matchCriteriaId": "4EAC2750-F7C6-4A4E-9C04-1E450722B853" + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.136", + "matchCriteriaId": "41396D85-7E7B-44F2-A953-6C3890EC07A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.12", + "matchCriteriaId": "732BA914-7B3B-43CD-857F-8119106F6F71" } ] } @@ -80,7 +89,11 @@ "references": [ { "url": "http://packetstormsecurity.com/files/171912/CentOS-Stream-9-Missing-Kernel-Security-Fix.html", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=158b515f703e", @@ -91,11 +104,18 @@ }, { "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://security.netapp.com/advisory/ntap-20230526-0009/", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-483xx/CVE-2022-48331.json b/CVE-2022/CVE-2022-483xx/CVE-2022-48331.json new file mode 100644 index 00000000000..19283b865af --- /dev/null +++ b/CVE-2022/CVE-2022-483xx/CVE-2022-48331.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-48331", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-26T16:15:09.480", + "lastModified": "2023-06-26T17:51:24.007", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys feature_name_len integer overflow and resultant buffer overflow." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://cyberintel.es/cve/CVE-2022-48331_Buffer_Overflow_in_Widevine_drm_save_keys_0x69b0/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-483xx/CVE-2022-48332.json b/CVE-2022/CVE-2022-483xx/CVE-2022-48332.json new file mode 100644 index 00000000000..3cc0e1617eb --- /dev/null +++ b/CVE-2022/CVE-2022-483xx/CVE-2022-48332.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-48332", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-26T17:15:09.637", + "lastModified": "2023-06-26T17:51:24.007", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys file_name_len integer overflow and resultant buffer overflow." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://cyberintel.es/cve/CVE-2022-48332_Buffer_Overflow_in_Widevine_drm_save_keys_0x6a18/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-483xx/CVE-2022-48333.json b/CVE-2022/CVE-2022-483xx/CVE-2022-48333.json new file mode 100644 index 00000000000..3623b374e28 --- /dev/null +++ b/CVE-2022/CVE-2022-483xx/CVE-2022-48333.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-48333", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-26T17:15:09.923", + "lastModified": "2023-06-26T17:51:24.007", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys prefix_len+feature_name_len integer overflow and resultant buffer overflow." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://cyberintel.es/cve/CVE-2022-48333_Buffer_Overflow_in_Widevine_drm_verify_keys_0x730c/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-483xx/CVE-2022-48334.json b/CVE-2022/CVE-2022-483xx/CVE-2022-48334.json new file mode 100644 index 00000000000..a9764e5abf7 --- /dev/null +++ b/CVE-2022/CVE-2022-483xx/CVE-2022-48334.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-48334", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-26T17:15:10.127", + "lastModified": "2023-06-26T17:51:24.007", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys total_len+file_name_len integer overflow and resultant buffer overflow." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://cyberintel.es/cve/CVE-2022-48334_Buffer_Overflow_in_Widevine_drm_verify_keys_0x7370/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-483xx/CVE-2022-48335.json b/CVE-2022/CVE-2022-483xx/CVE-2022-48335.json new file mode 100644 index 00000000000..afadd3f83ae --- /dev/null +++ b/CVE-2022/CVE-2022-483xx/CVE-2022-48335.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-48335", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-26T17:15:10.347", + "lastModified": "2023-06-26T17:51:24.007", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagVerifyProvisioning integer overflow and resultant buffer overflow." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://cyberintel.es/cve/CVE-2022-48335_Buffer_Overflow_in_Widevine_PRDiagVerifyProvisioning_0x5f90/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-483xx/CVE-2022-48336.json b/CVE-2022/CVE-2022-483xx/CVE-2022-48336.json new file mode 100644 index 00000000000..85524d76719 --- /dev/null +++ b/CVE-2022/CVE-2022-483xx/CVE-2022-48336.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-48336", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-26T17:15:12.433", + "lastModified": "2023-06-26T17:51:24.007", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagParseAndStoreData integer overflow and resultant buffer overflow." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://cyberintel.es/cve/CVE-2022-48336_Buffer_Overflow_in_Widevine_PRDiagParseAndStoreData_0x5cc8/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-01xx/CVE-2023-0179.json b/CVE-2023/CVE-2023-01xx/CVE-2023-0179.json index 4755532dff6..1cc08a9261c 100644 --- a/CVE-2023/CVE-2023-01xx/CVE-2023-0179.json +++ b/CVE-2023/CVE-2023-01xx/CVE-2023-0179.json @@ -2,8 +2,8 @@ "id": "CVE-2023-0179", "sourceIdentifier": "secalert@redhat.com", "published": "2023-03-27T22:15:20.963", - "lastModified": "2023-05-11T15:15:09.643", - "vulnStatus": "Modified", + "lastModified": "2023-06-26T16:57:25.847", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -67,9 +67,16 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionStartIncluding": "5.5", - "versionEndExcluding": "6.3", - "matchCriteriaId": "824FF00E-1204-40D2-9AA7-249EAFC5A394" + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.91", + "matchCriteriaId": "91C2E92D-CC25-4FBD-8824-56A148119D7E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.9", + "matchCriteriaId": "ED5B6045-B1D2-4E03-B194-9005A351BCAE" }, { "vulnerable": true, @@ -289,7 +296,10 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20230511-0003/", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-02xx/CVE-2023-0210.json b/CVE-2023/CVE-2023-02xx/CVE-2023-0210.json index 538de6e581f..a5ba36fe7b1 100644 --- a/CVE-2023/CVE-2023-02xx/CVE-2023-0210.json +++ b/CVE-2023/CVE-2023-02xx/CVE-2023-0210.json @@ -2,8 +2,8 @@ "id": "CVE-2023-0210", "sourceIdentifier": "secalert@redhat.com", "published": "2023-03-27T22:15:21.040", - "lastModified": "2023-05-17T20:15:09.417", - "vulnStatus": "Modified", + "lastModified": "2023-06-26T16:55:33.900", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -65,8 +65,24 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:*", - "matchCriteriaId": "A127C155-689C-4F67-B146-44A57F4BFD85" + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15", + "versionEndExcluding": "5.15.87", + "matchCriteriaId": "AF34DC7D-4D5D-4D9C-B1B4-FAE010E910F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.0.19", + "matchCriteriaId": "B70FF53F-1F99-4483-9376-CBA1A4EE0351" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.1", + "versionEndExcluding": "6.1.5", + "matchCriteriaId": "8C1E7766-4310-43F9-BAC4-3763A36C043A" } ] } @@ -84,7 +100,10 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20230517-0002/", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://securityonline.info/cve-2023-0210-flaw-in-linux-kernel-allows-unauthenticated-remote-dos-attacks/", @@ -98,7 +117,8 @@ "url": "https://www.openwall.com/lists/oss-security/2023/01/11/1", "source": "secalert@redhat.com", "tags": [ - "Mailing List" + "Mailing List", + "Third Party Advisory" ] } ] diff --git a/CVE-2023/CVE-2023-03xx/CVE-2023-0386.json b/CVE-2023/CVE-2023-03xx/CVE-2023-0386.json index 4cd7b67d021..200b112b550 100644 --- a/CVE-2023/CVE-2023-03xx/CVE-2023-0386.json +++ b/CVE-2023/CVE-2023-03xx/CVE-2023-0386.json @@ -2,8 +2,8 @@ "id": "CVE-2023-0386", "sourceIdentifier": "secalert@redhat.com", "published": "2023-03-22T21:15:18.090", - "lastModified": "2023-06-22T15:15:10.173", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-06-26T16:56:54.607", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -66,8 +66,16 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionEndExcluding": "6.2", - "matchCriteriaId": "108695B6-7133-4B6C-80AF-0F66880FE858" + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.91", + "matchCriteriaId": "91C2E92D-CC25-4FBD-8824-56A148119D7E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.9", + "matchCriteriaId": "ED5B6045-B1D2-4E03-B194-9005A351BCAE" }, { "vulnerable": true, @@ -102,27 +110,41 @@ "references": [ { "url": "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a", "source": "secalert@redhat.com", "tags": [ "Mailing List", - "Patch" + "Patch", + "Vendor Advisory" ] }, { "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://security.netapp.com/advisory/ntap-20230420-0004/", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.debian.org/security/2023/dsa-5402", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-10xx/CVE-2023-1078.json b/CVE-2023/CVE-2023-10xx/CVE-2023-1078.json index 259dbbb753f..e78d8efec6d 100644 --- a/CVE-2023/CVE-2023-10xx/CVE-2023-1078.json +++ b/CVE-2023/CVE-2023-10xx/CVE-2023-1078.json @@ -2,8 +2,8 @@ "id": "CVE-2023-1078", "sourceIdentifier": "secalert@redhat.com", "published": "2023-03-27T21:15:10.520", - "lastModified": "2023-05-05T20:15:09.880", - "vulnStatus": "Modified", + "lastModified": "2023-06-26T16:55:02.517", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -65,8 +65,38 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", - "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.17", + "versionEndExcluding": "4.19.273", + "matchCriteriaId": "1A6AF175-29AC-4FF5-8D35-A1F4C5EBC8AF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.4.232", + "matchCriteriaId": "9C6E0696-3702-4B0C-A102-2753BDC8C3D3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.5", + "versionEndExcluding": "5.10.168", + "matchCriteriaId": "12258A3F-04BD-49C9-9C6B-D3C1945E8910" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.94", + "matchCriteriaId": "55EC7465-CE9A-4B9C-B0FA-97394061A77F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.12", + "matchCriteriaId": "63F0738E-F1B2-47A2-9329-E2B8BC87708A" } ] } @@ -79,20 +109,32 @@ "source": "secalert@redhat.com", "tags": [ "Mailing List", - "Patch" + "Patch", + "Vendor Advisory" ] }, { "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://security.netapp.com/advisory/ntap-20230505-0004/", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-12xx/CVE-2023-1281.json b/CVE-2023/CVE-2023-12xx/CVE-2023-1281.json index dcdd5af1887..a9812801c65 100644 --- a/CVE-2023/CVE-2023-12xx/CVE-2023-1281.json +++ b/CVE-2023/CVE-2023-12xx/CVE-2023-1281.json @@ -2,8 +2,8 @@ "id": "CVE-2023-1281", "sourceIdentifier": "cve-coordination@google.com", "published": "2023-03-22T14:15:16.090", - "lastModified": "2023-05-03T14:15:23.817", - "vulnStatus": "Modified", + "lastModified": "2023-06-26T16:57:22.200", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -87,8 +87,22 @@ "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.14", - "versionEndExcluding": "6.2", - "matchCriteriaId": "952CE43F-8BA8-4682-8D32-AA50BAEC6D66" + "versionEndExcluding": "5.10.169", + "matchCriteriaId": "D331CADA-2EA6-4EA6-879D-6C266057BB64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.11", + "versionEndExcluding": "5.15.95", + "matchCriteriaId": "8508F80E-8588-4976-A2BA-7A2D85018C4E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.1.13", + "matchCriteriaId": "CE354BE6-0C0F-47EB-AD8A-1433F041AC20" }, { "vulnerable": true, @@ -138,33 +152,49 @@ "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/04/11/3", - "source": "cve-coordination@google.com" + "source": "cve-coordination@google.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ee059170b1f7e94e55fa6cadee544e176a6e59c2", "source": "cve-coordination@google.com", "tags": [ - "Patch" + "Patch", + "Vendor Advisory" ] }, { "url": "https://kernel.dance/#ee059170b1f7e94e55fa6cadee544e176a6e59c2", "source": "cve-coordination@google.com", "tags": [ - "Patch" + "Patch", + "Vendor Advisory" ] }, { "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html", - "source": "cve-coordination@google.com" + "source": "cve-coordination@google.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html", - "source": "cve-coordination@google.com" + "source": "cve-coordination@google.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://security.netapp.com/advisory/ntap-20230427-0004/", - "source": "cve-coordination@google.com" + "source": "cve-coordination@google.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-233xx/CVE-2023-23384.json b/CVE-2023/CVE-2023-233xx/CVE-2023-23384.json index 880ea0c6a60..8a1699dda52 100644 --- a/CVE-2023/CVE-2023-233xx/CVE-2023-23384.json +++ b/CVE-2023/CVE-2023-233xx/CVE-2023-23384.json @@ -2,7 +2,7 @@ "id": "CVE-2023-23384", "sourceIdentifier": "secure@microsoft.com", "published": "2023-04-11T21:15:18.047", - "lastModified": "2023-04-19T13:55:13.150", + "lastModified": "2023-06-26T16:03:13.353", "vulnStatus": "Analyzed", "descriptions": [ { @@ -17,20 +17,20 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" }, "exploitabilityScore": 3.9, - "impactScore": 5.9 + "impactScore": 3.4 }, { "source": "secure@microsoft.com", diff --git a/CVE-2023/CVE-2023-245xx/CVE-2023-24546.json b/CVE-2023/CVE-2023-245xx/CVE-2023-24546.json index e271e36062a..c5fd29e297f 100644 --- a/CVE-2023/CVE-2023-245xx/CVE-2023-24546.json +++ b/CVE-2023/CVE-2023-245xx/CVE-2023-24546.json @@ -2,19 +2,101 @@ "id": "CVE-2023-24546", "sourceIdentifier": "psirt@arista.com", "published": "2023-06-13T21:15:09.867", - "lastModified": "2023-06-13T21:27:45.680", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:33:45.773", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "On affected versions of the CloudVision Portal improper access controls on the connection from devices to CloudVision could enable a malicious actor with network access to CloudVision to get broader access to telemetry and configuration data within the system than intended. This advisory impacts the Arista CloudVision Portal product when run on-premise. It does not impact CloudVision as-a-Service." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arista:cloudvision_portal:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2021.1", + "versionEndIncluding": "2021.3", + "matchCriteriaId": "A8E8D1BB-B7ED-4886-96A0-FD0C9EA666CC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arista:cloudvision_portal:2022.1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F429F0B9-A090-434C-8576-182CC021B76A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arista:cloudvision_portal:2022.1.1:*:*:*:*:*:*:*", + "matchCriteriaId": "FB325C9E-8116-434D-9865-DE494EC05F27" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arista:cloudvision_portal:2022.2.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DF2BF57D-7677-4531-80F8-15842798FBA2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arista:cloudvision_portal:2022.2.1:*:*:*:*:*:*:*", + "matchCriteriaId": "08760308-AB42-496A-B473-98DAF7E4EDE1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arista:cloudvision_portal:2022.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "BF6936F8-946B-4A33-B1AD-76F0EFB65223" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17022-security-advisory-0083", - "source": "psirt@arista.com" + "source": "psirt@arista.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-253xx/CVE-2023-25306.json b/CVE-2023/CVE-2023-253xx/CVE-2023-25306.json index 9bcc090a35a..cf1f51de9b1 100644 --- a/CVE-2023/CVE-2023-253xx/CVE-2023-25306.json +++ b/CVE-2023/CVE-2023-253xx/CVE-2023-25306.json @@ -2,8 +2,8 @@ "id": "CVE-2023-25306", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-26T15:15:09.653", - "lastModified": "2023-06-26T15:15:09.653", - "vulnStatus": "Received", + "lastModified": "2023-06-26T17:51:24.007", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-253xx/CVE-2023-25307.json b/CVE-2023/CVE-2023-253xx/CVE-2023-25307.json index 64399ab7f95..baf6714e8b2 100644 --- a/CVE-2023/CVE-2023-253xx/CVE-2023-25307.json +++ b/CVE-2023/CVE-2023-253xx/CVE-2023-25307.json @@ -2,8 +2,8 @@ "id": "CVE-2023-25307", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-26T15:15:09.703", - "lastModified": "2023-06-26T15:15:09.703", - "vulnStatus": "Received", + "lastModified": "2023-06-26T17:51:24.007", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-265xx/CVE-2023-26544.json b/CVE-2023/CVE-2023-265xx/CVE-2023-26544.json index 512a2c5a183..c46da2adebd 100644 --- a/CVE-2023/CVE-2023-265xx/CVE-2023-26544.json +++ b/CVE-2023/CVE-2023-265xx/CVE-2023-26544.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26544", "sourceIdentifier": "cve@mitre.org", "published": "2023-02-25T04:15:10.057", - "lastModified": "2023-03-16T16:15:12.087", - "vulnStatus": "Modified", + "lastModified": "2023-06-26T16:57:16.957", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -55,8 +55,24 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:linux:linux_kernel:6.0.8:*:*:*:*:*:*:*", - "matchCriteriaId": "C41207B8-D94A-4714-B1E0-66CEFF00FEE0" + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.15", + "versionEndExcluding": "5.15.87", + "matchCriteriaId": "AF34DC7D-4D5D-4D9C-B1B4-FAE010E910F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.16", + "versionEndExcluding": "6.0.17", + "matchCriteriaId": "05B2AE8A-556C-47C1-9119-DBAC5EB60947" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.1", + "versionEndExcluding": "6.1.3", + "matchCriteriaId": "70594F60-3413-4969-AFD7-965266760EA6" } ] } @@ -69,12 +85,16 @@ "source": "cve@mitre.org", "tags": [ "Exploit", - "Mailing List" + "Mailing List", + "Third Party Advisory" ] }, { "url": "https://security.netapp.com/advisory/ntap-20230316-0010/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2637.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2637.json index faa95fbe26f..59880511946 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2637.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2637.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2637", "sourceIdentifier": "PSIRT@rockwellautomation.com", "published": "2023-06-13T21:15:09.917", - "lastModified": "2023-06-13T21:27:45.680", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T16:38:33.147", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.5, + "impactScore": 6.0 + }, { "source": "PSIRT@rockwellautomation.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-798" + } + ] + }, { "source": "PSIRT@rockwellautomation.com", "type": "Secondary", @@ -46,10 +76,36 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:rockwellautomation:factorytalk_policy_manager:6.11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "78D6F03E-E110-4CA7-8883-5CE38FF8E5A0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:rockwellautomation:factorytalk_system_services:6.11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46A50229-56B5-4B30-8B4A-6D180D65C2D6" + } + ] + } + ] + } + ], "references": [ { "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139683", - "source": "PSIRT@rockwellautomation.com" + "source": "PSIRT@rockwellautomation.com", + "tags": [ + "Permissions Required", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2638.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2638.json index 3a4d7b2de4d..9375d881b1c 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2638.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2638.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2638", "sourceIdentifier": "PSIRT@rockwellautomation.com", "published": "2023-06-13T21:15:09.983", - "lastModified": "2023-06-13T21:27:45.680", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T16:28:41.093", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.0, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.3, + "impactScore": 3.6 + }, { "source": "PSIRT@rockwellautomation.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + }, { "source": "PSIRT@rockwellautomation.com", "type": "Secondary", @@ -46,10 +76,36 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:rockwellautomation:factorytalk_policy_manager:6.11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "78D6F03E-E110-4CA7-8883-5CE38FF8E5A0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:rockwellautomation:factorytalk_system_services:6.11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46A50229-56B5-4B30-8B4A-6D180D65C2D6" + } + ] + } + ] + } + ], "references": [ { "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139683", - "source": "PSIRT@rockwellautomation.com" + "source": "PSIRT@rockwellautomation.com", + "tags": [ + "Permissions Required", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2639.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2639.json index bec79ec08a7..e533c9b4f9e 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2639.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2639.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2639", "sourceIdentifier": "PSIRT@rockwellautomation.com", "published": "2023-06-13T21:15:10.043", - "lastModified": "2023-06-13T21:27:45.680", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T16:22:05.290", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "PSIRT@rockwellautomation.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-346" + } + ] + }, { "source": "PSIRT@rockwellautomation.com", "type": "Secondary", @@ -46,10 +76,36 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:rockwellautomation:factorytalk_policy_manager:6.11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "78D6F03E-E110-4CA7-8883-5CE38FF8E5A0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:rockwellautomation:factorytalk_system_services:6.11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46A50229-56B5-4B30-8B4A-6D180D65C2D6" + } + ] + } + ] + } + ], "references": [ { "url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139683", - "source": "PSIRT@rockwellautomation.com" + "source": "PSIRT@rockwellautomation.com", + "tags": [ + "Permissions Required", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2785.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2785.json index bcf6e765204..56a2ebe7665 100644 --- a/CVE-2023/CVE-2023-27xx/CVE-2023-2785.json +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2785.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2785", "sourceIdentifier": "responsibledisclosure@mattermost.com", "published": "2023-06-16T10:15:09.133", - "lastModified": "2023-06-16T12:47:13.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:46:23.620", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -46,10 +76,51 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.1.0", + "versionEndIncluding": "7.1.9", + "matchCriteriaId": "25CE0189-55BD-4A74-8844-59613D63A6FD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.8.0", + "versionEndIncluding": "7.8.4", + "matchCriteriaId": "970C833F-3F25-43E1-B7AE-717BF35F998F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.9.0", + "versionEndIncluding": "7.9.3", + "matchCriteriaId": "EB584691-CB58-4D9A-B475-4078ED1984F3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:7.10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "980D0FB9-D2FF-4C31-BC92-07073A8F4BB3" + } + ] + } + ] + } + ], "references": [ { "url": "https://mattermost.com/security-updates", - "source": "responsibledisclosure@mattermost.com" + "source": "responsibledisclosure@mattermost.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2786.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2786.json index 9620f6669f2..1480ed96b53 100644 --- a/CVE-2023/CVE-2023-27xx/CVE-2023-2786.json +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2786.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2786", "sourceIdentifier": "responsibledisclosure@mattermost.com", "published": "2023-06-16T09:15:09.853", - "lastModified": "2023-06-16T12:47:13.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:48:28.750", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -46,10 +76,51 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.1.0", + "versionEndIncluding": "7.1.9", + "matchCriteriaId": "25CE0189-55BD-4A74-8844-59613D63A6FD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.8.0", + "versionEndIncluding": "7.8.4", + "matchCriteriaId": "970C833F-3F25-43E1-B7AE-717BF35F998F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.9.0", + "versionEndIncluding": "7.9.3", + "matchCriteriaId": "EB584691-CB58-4D9A-B475-4078ED1984F3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:7.10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "980D0FB9-D2FF-4C31-BC92-07073A8F4BB3" + } + ] + } + ] + } + ], "references": [ { "url": "https://mattermost.com/security-updates", - "source": "responsibledisclosure@mattermost.com" + "source": "responsibledisclosure@mattermost.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2787.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2787.json index 881200fd843..fda5ad91a6f 100644 --- a/CVE-2023/CVE-2023-27xx/CVE-2023-2787.json +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2787.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2787", "sourceIdentifier": "responsibledisclosure@mattermost.com", "published": "2023-06-16T09:15:09.920", - "lastModified": "2023-06-16T12:47:13.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:48:14.170", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -46,10 +76,51 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.1.0", + "versionEndIncluding": "7.1.9", + "matchCriteriaId": "25CE0189-55BD-4A74-8844-59613D63A6FD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.8.0", + "versionEndIncluding": "7.8.4", + "matchCriteriaId": "970C833F-3F25-43E1-B7AE-717BF35F998F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.9.0", + "versionEndIncluding": "7.9.3", + "matchCriteriaId": "EB584691-CB58-4D9A-B475-4078ED1984F3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:7.10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "980D0FB9-D2FF-4C31-BC92-07073A8F4BB3" + } + ] + } + ] + } + ], "references": [ { "url": "https://mattermost.com/security-updates/", - "source": "responsibledisclosure@mattermost.com" + "source": "responsibledisclosure@mattermost.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2788.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2788.json index a30b7941baf..3051e12728c 100644 --- a/CVE-2023/CVE-2023-27xx/CVE-2023-2788.json +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2788.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2788", "sourceIdentifier": "responsibledisclosure@mattermost.com", "published": "2023-06-16T09:15:09.993", - "lastModified": "2023-06-16T12:47:13.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:47:39.027", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-613" + } + ] + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -46,10 +76,51 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.1.0", + "versionEndIncluding": "7.1.9", + "matchCriteriaId": "25CE0189-55BD-4A74-8844-59613D63A6FD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.8.0", + "versionEndIncluding": "7.8.4", + "matchCriteriaId": "970C833F-3F25-43E1-B7AE-717BF35F998F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.9.0", + "versionEndIncluding": "7.9.3", + "matchCriteriaId": "EB584691-CB58-4D9A-B475-4078ED1984F3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:7.10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "980D0FB9-D2FF-4C31-BC92-07073A8F4BB3" + } + ] + } + ] + } + ], "references": [ { "url": "https://mattermost.com/security-updates/", - "source": "responsibledisclosure@mattermost.com" + "source": "responsibledisclosure@mattermost.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2791.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2791.json index c758393492a..422bd4bf9a9 100644 --- a/CVE-2023/CVE-2023-27xx/CVE-2023-2791.json +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2791.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2791", "sourceIdentifier": "responsibledisclosure@mattermost.com", "published": "2023-06-16T09:15:10.060", - "lastModified": "2023-06-16T12:47:13.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:46:48.767", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -46,10 +76,51 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.7.0", + "versionEndIncluding": "7.7.3", + "matchCriteriaId": "B4E35FC5-D821-4252-A68F-0DF8A741E8AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.8.0", + "versionEndIncluding": "7.8.2", + "matchCriteriaId": "BBBDB89B-8C27-41FC-9CFE-F13986845792" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.9.0", + "versionEndIncluding": "7.9.1", + "matchCriteriaId": "2C608456-5DC4-4A70-83BB-085E1BB99617" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:7.10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "980D0FB9-D2FF-4C31-BC92-07073A8F4BB3" + } + ] + } + ] + } + ], "references": [ { "url": "https://mattermost.com/security-updates/", - "source": "responsibledisclosure@mattermost.com" + "source": "responsibledisclosure@mattermost.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2792.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2792.json index 13bad2f0d9e..2e85625a4a4 100644 --- a/CVE-2023/CVE-2023-27xx/CVE-2023-2792.json +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2792.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2792", "sourceIdentifier": "responsibledisclosure@mattermost.com", "published": "2023-06-16T10:15:09.207", - "lastModified": "2023-06-16T12:47:13.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:46:13.157", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -46,10 +76,51 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.1.0", + "versionEndIncluding": "7.1.9", + "matchCriteriaId": "25CE0189-55BD-4A74-8844-59613D63A6FD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.8.0", + "versionEndIncluding": "7.8.4", + "matchCriteriaId": "970C833F-3F25-43E1-B7AE-717BF35F998F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.9.0", + "versionEndIncluding": "7.9.3", + "matchCriteriaId": "EB584691-CB58-4D9A-B475-4078ED1984F3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:7.10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "980D0FB9-D2FF-4C31-BC92-07073A8F4BB3" + } + ] + } + ] + } + ], "references": [ { "url": "https://mattermost.com/security-updates/", - "source": "responsibledisclosure@mattermost.com" + "source": "responsibledisclosure@mattermost.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2793.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2793.json index d9506d8e3eb..3a94ba8cc67 100644 --- a/CVE-2023/CVE-2023-27xx/CVE-2023-2793.json +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2793.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2793", "sourceIdentifier": "responsibledisclosure@mattermost.com", "published": "2023-06-16T10:15:09.270", - "lastModified": "2023-06-16T12:47:13.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:45:53.867", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -46,10 +76,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.8.0", + "versionEndIncluding": "7.8.3", + "matchCriteriaId": "5CD5238E-205F-43CF-9487-8956194F4950" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.9.0", + "versionEndIncluding": "7.9.2", + "matchCriteriaId": "C0B8C4AA-4D8D-4AE3-953E-990360DD57F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:7.10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "980D0FB9-D2FF-4C31-BC92-07073A8F4BB3" + } + ] + } + ] + } + ], "references": [ { "url": "https://mattermost.com/security-updates/", - "source": "responsibledisclosure@mattermost.com" + "source": "responsibledisclosure@mattermost.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2797.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2797.json index b15e5e89ca5..9f5b3bf6188 100644 --- a/CVE-2023/CVE-2023-27xx/CVE-2023-2797.json +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2797.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2797", "sourceIdentifier": "responsibledisclosure@mattermost.com", "published": "2023-06-16T10:15:09.337", - "lastModified": "2023-06-16T12:47:13.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:45:05.103", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + } + ] + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -46,10 +76,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.1.0", + "versionEndIncluding": "7.1.9", + "matchCriteriaId": "25CE0189-55BD-4A74-8844-59613D63A6FD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.8.0", + "versionEndIncluding": "7.8.4", + "matchCriteriaId": "970C833F-3F25-43E1-B7AE-717BF35F998F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:7.10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "980D0FB9-D2FF-4C31-BC92-07073A8F4BB3" + } + ] + } + ] + } + ], "references": [ { "url": "https://mattermost.com/security-updates/", - "source": "responsibledisclosure@mattermost.com" + "source": "responsibledisclosure@mattermost.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-284xx/CVE-2023-28485.json b/CVE-2023/CVE-2023-284xx/CVE-2023-28485.json new file mode 100644 index 00000000000..edbccd7243f --- /dev/null +++ b/CVE-2023/CVE-2023-284xx/CVE-2023-28485.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-28485", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-26T16:15:09.537", + "lastModified": "2023-06-26T17:51:24.007", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A stored cross-site scripting (Stored XSS) vulnerability in file preview in WeKan before 6.75 allows remote authenticated users to inject arbitrary web script or HTML via names of file attachments. Any user can obtain the privilege to rename within their own board (where they have BoardAdmin access), and renameAttachment does not block XSS payloads." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://packetstormsecurity.com/files/172649/Wekan-6.74-Cross-Site-Scripting.html", + "source": "cve@mitre.org" + }, + { + "url": "https://wekan.github.io/", + "source": "cve@mitre.org" + }, + { + "url": "https://wekan.github.io/hall-of-fame/filebleed/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2831.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2831.json index ce7c4368f7f..80f47f9b636 100644 --- a/CVE-2023/CVE-2023-28xx/CVE-2023-2831.json +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2831.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2831", "sourceIdentifier": "responsibledisclosure@mattermost.com", "published": "2023-06-16T10:15:09.403", - "lastModified": "2023-06-16T12:47:13.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:44:34.770", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -46,10 +76,51 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.1.0", + "versionEndIncluding": "7.1.9", + "matchCriteriaId": "25CE0189-55BD-4A74-8844-59613D63A6FD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.8.0", + "versionEndIncluding": "7.8.4", + "matchCriteriaId": "970C833F-3F25-43E1-B7AE-717BF35F998F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.9.0", + "versionEndIncluding": "7.9.3", + "matchCriteriaId": "EB584691-CB58-4D9A-B475-4078ED1984F3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:7.10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "980D0FB9-D2FF-4C31-BC92-07073A8F4BB3" + } + ] + } + ] + } + ], "references": [ { "url": "https://mattermost.com/security-updates/", - "source": "responsibledisclosure@mattermost.com" + "source": "responsibledisclosure@mattermost.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2876.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2876.json index f5641b122cb..65d9a503c9f 100644 --- a/CVE-2023/CVE-2023-28xx/CVE-2023-2876.json +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2876.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2876", "sourceIdentifier": "cybersecurity@ch.abb.com", "published": "2023-06-13T04:15:10.307", - "lastModified": "2023-06-13T13:00:47.863", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:42:06.570", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "cybersecurity@ch.abb.com", "type": "Secondary", @@ -36,8 +56,18 @@ }, "weaknesses": [ { - "source": "cybersecurity@ch.abb.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-732" + } + ] + }, + { + "source": "cybersecurity@ch.abb.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +76,102 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:abb:rex640_pcl1_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.0.0", + "versionEndExcluding": "1.0.8", + "matchCriteriaId": "EFB84892-676D-47BB-B099-5C74320B3E50" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:abb:rex640_pcl1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9256FAAB-77CF-482C-B736-FC99885C89D7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:abb:rex640_pcl2_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.0.0", + "versionEndExcluding": "1.1.4", + "matchCriteriaId": "93001E90-E6B1-49BC-AA4E-CF3ED24A672E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:abb:rex640_pcl2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AE78102B-C672-4969-8B82-FE5ACE2FFC71" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:abb:rex640_pcl3_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.0.0", + "versionEndExcluding": "1.2.1", + "matchCriteriaId": "E7A03D47-0F40-4C65-93AD-911687E3C4BB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:abb:rex640_pcl3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "90916E18-27EF-46C7-979B-19D53F901CC7" + } + ] + } + ] + } + ], "references": [ { "url": "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001423&LanguageCode=en&DocumentPartId=&Action=Launch", - "source": "cybersecurity@ch.abb.com" + "source": "cybersecurity@ch.abb.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-290xx/CVE-2023-29084.json b/CVE-2023/CVE-2023-290xx/CVE-2023-29084.json index d65f9146df1..b023197a1e9 100644 --- a/CVE-2023/CVE-2023-290xx/CVE-2023-29084.json +++ b/CVE-2023/CVE-2023-290xx/CVE-2023-29084.json @@ -2,12 +2,12 @@ "id": "CVE-2023-29084", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-13T19:15:11.680", - "lastModified": "2023-06-06T19:15:10.913", + "lastModified": "2023-06-26T17:15:12.807", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Zoho ManageEngine ADManager Plus through 7180 allows for authenticated users to exploit command injection via Proxy settings." + "value": "Zoho ManageEngine ADManager Plus before 7181 allows for authenticated users to exploit command injection via Proxy settings." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-293xx/CVE-2023-29349.json b/CVE-2023/CVE-2023-293xx/CVE-2023-29349.json index d71b5acd2d5..14baae2e3d5 100644 --- a/CVE-2023/CVE-2023-293xx/CVE-2023-29349.json +++ b/CVE-2023/CVE-2023-293xx/CVE-2023-29349.json @@ -2,12 +2,16 @@ "id": "CVE-2023-29349", "sourceIdentifier": "secure@microsoft.com", "published": "2023-06-16T01:15:27.847", - "lastModified": "2023-06-16T03:19:08.410", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T16:18:35.070", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Microsoft ODBC and OLE DB Remote Code Execution Vulnerability" + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en Microsoft ODBC y OLE DB" } ], "metrics": { @@ -34,10 +38,104 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*", + "versionStartIncluding": "17.0.1.1", + "versionEndExcluding": "17.10.4.1", + "matchCriteriaId": "5CC2AE26-7BA1-4E45-97D3-6F9EE992FA98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*", + "versionStartIncluding": "17.0.1.1", + "versionEndExcluding": "17.10.4.1", + "matchCriteriaId": "49DA289E-FD25-4CB0-9165-9E836EC93DD0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*", + "versionStartIncluding": "17.0.1.1", + "versionEndExcluding": "17.10.4.1", + "matchCriteriaId": "E6185183-17DD-4A16-9E08-E1277F58829A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*", + "versionStartIncluding": "18.0.1.1", + "versionEndExcluding": "18.2.1.1", + "matchCriteriaId": "493BBE3B-5302-4BA1-9F69-734AA10305D6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*", + "versionStartIncluding": "18.0.1.1", + "versionEndExcluding": "18.2.1.1", + "matchCriteriaId": "848BABEE-8496-4225-9E47-3CDB40CB8A86" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*", + "versionStartIncluding": "18.0.1.1", + "versionEndExcluding": "18.2.1.1", + "matchCriteriaId": "E45B3703-BF64-408E-A931-1D3C1DFFFA71" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:ole_db_driver_for_sql_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "18.0.2", + "versionEndExcluding": "18.6.0006.0", + "matchCriteriaId": "14AC92FA-A1F6-4DD6-9623-A2F33F59A4F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:ole_db_driver_for_sql_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "19.0.0", + "versionEndExcluding": "19.3.0001.0", + "matchCriteriaId": "6ABD3821-C5EB-4253-9D5E-6A1E29709AE3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*", + "matchCriteriaId": "9144F644-A3D4-440C-8978-257E71204617" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*", + "matchCriteriaId": "6CB7AD22-F27B-4807-88F1-02ED420421D5" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29349", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-293xx/CVE-2023-29356.json b/CVE-2023/CVE-2023-293xx/CVE-2023-29356.json index 1a927279bec..90a35d6b522 100644 --- a/CVE-2023/CVE-2023-293xx/CVE-2023-29356.json +++ b/CVE-2023/CVE-2023-293xx/CVE-2023-29356.json @@ -2,12 +2,16 @@ "id": "CVE-2023-29356", "sourceIdentifier": "secure@microsoft.com", "published": "2023-06-16T01:15:27.910", - "lastModified": "2023-06-16T03:19:08.410", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T16:19:08.593", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota de Microsoft ODBC Driver para SQL Server" } ], "metrics": { @@ -34,10 +38,90 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*", + "versionStartIncluding": "17.0.1.1", + "versionEndExcluding": "17.10.4.1", + "matchCriteriaId": "5CC2AE26-7BA1-4E45-97D3-6F9EE992FA98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*", + "versionStartIncluding": "17.0.1.1", + "versionEndExcluding": "17.10.4.1", + "matchCriteriaId": "49DA289E-FD25-4CB0-9165-9E836EC93DD0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*", + "versionStartIncluding": "17.0.1.1", + "versionEndExcluding": "17.10.4.1", + "matchCriteriaId": "E6185183-17DD-4A16-9E08-E1277F58829A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*", + "versionStartIncluding": "18.0.1.1", + "versionEndExcluding": "18.2.1.1", + "matchCriteriaId": "493BBE3B-5302-4BA1-9F69-734AA10305D6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*", + "versionStartIncluding": "18.0.1.1", + "versionEndExcluding": "18.2.1.1", + "matchCriteriaId": "848BABEE-8496-4225-9E47-3CDB40CB8A86" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*", + "versionStartIncluding": "18.0.1.1", + "versionEndExcluding": "18.2.1.1", + "matchCriteriaId": "E45B3703-BF64-408E-A931-1D3C1DFFFA71" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*", + "matchCriteriaId": "9144F644-A3D4-440C-8978-257E71204617" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*", + "matchCriteriaId": "6CB7AD22-F27B-4807-88F1-02ED420421D5" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29356", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-294xx/CVE-2023-29442.json b/CVE-2023/CVE-2023-294xx/CVE-2023-29442.json index 89e0d33475a..3b800213f53 100644 --- a/CVE-2023/CVE-2023-294xx/CVE-2023-29442.json +++ b/CVE-2023/CVE-2023-294xx/CVE-2023-29442.json @@ -2,12 +2,12 @@ "id": "CVE-2023-29442", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-26T21:15:08.890", - "lastModified": "2023-05-08T16:49:33.963", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-26T17:15:13.350", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Zoho ManageEngine Applications Manager through 16390 allows DOM XSS." + "value": "Zoho ManageEngine Applications Manager before 16400 allows proxy.html DOM XSS." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-294xx/CVE-2023-29443.json b/CVE-2023/CVE-2023-294xx/CVE-2023-29443.json index c6a16334f5c..42616346f8c 100644 --- a/CVE-2023/CVE-2023-294xx/CVE-2023-29443.json +++ b/CVE-2023/CVE-2023-294xx/CVE-2023-29443.json @@ -2,12 +2,12 @@ "id": "CVE-2023-29443", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-26T21:15:08.957", - "lastModified": "2023-05-08T16:36:42.850", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-26T17:15:13.807", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Zoho ManageEngine ServiceDesk Plus through 14104 allows admin users to conduct an XXE attack." + "value": "Zoho ManageEngine ServiceDesk Plus before 14105, ServiceDesk Plus MSP before 14200, SupportCenter Plus before 14200, and AssetExplorer before 6989 allow SDAdmin attackers to conduct XXE attacks via a crafted server that sends malformed XML from a Reports integration API endpoint." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-294xx/CVE-2023-29459.json b/CVE-2023/CVE-2023-294xx/CVE-2023-29459.json new file mode 100644 index 00000000000..dbc48c10904 --- /dev/null +++ b/CVE-2023/CVE-2023-294xx/CVE-2023-29459.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-29459", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-26T16:15:09.587", + "lastModified": "2023-06-26T17:51:24.007", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The laola.redbull application through 5.1.9-R for Android exposes the exported activity at.redbullsalzburg.android.AppMode.Default.Splash.SplashActivity, which accepts a data: URI. The target of this URI is subsequently loaded into the application's webview, thus allowing the loading of arbitrary content into the context of the application. This can occur via the fcrbs schema or an explicit intent invocation." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://packetstormsecurity.com/files/172701/FC-Red-Bull-Salzburg-App-5.1.9-R-Improper-Authorization.html", + "source": "cve@mitre.org" + }, + { + "url": "https://play.google.com/store/apps/details?id=laola.redbull", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-307xx/CVE-2023-30762.json b/CVE-2023/CVE-2023-307xx/CVE-2023-30762.json index 4a020ab0a48..871ea0d1bef 100644 --- a/CVE-2023/CVE-2023-307xx/CVE-2023-30762.json +++ b/CVE-2023/CVE-2023-307xx/CVE-2023-30762.json @@ -2,23 +2,235 @@ "id": "CVE-2023-30762", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-06-13T10:15:10.293", - "lastModified": "2023-06-13T13:00:37.647", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:35:00.037", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper authentication vulnerability exists in KB-AHR series and KB-IRIP series. If this vulnerability is exploited, an arbitrary OS command may be executed on the product or the device settings may be altered. Affected products and versions are as follows: KB-AHR04D versions prior to 91110.1.101106.78, KB-AHR08D versions prior to 91210.1.101106.78, KB-AHR16D versions prior to 91310.1.101106.78, KB-IRIP04A versions prior to 95110.1.100290.78A, KB-IRIP08A versions prior to 95210.1.100290.78A, and KB-IRIP16A versions prior to 95310.1.100290.78A." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:kbdevice:kb-ahr04d_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "91110.1.101106.78", + "matchCriteriaId": "E9AD62AA-C479-42EB-B760-6EE8D44DAFAA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:kbdevice:kb-ahr04d:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1863EEE8-C169-4D5B-B933-881DC01DF830" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:kbdevice:kb-ahr08d_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "91210.1.101106.78", + "matchCriteriaId": "959EE3B5-CDF0-4E9F-8198-EA2906B2C876" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:kbdevice:kb-ahr08d:-:*:*:*:*:*:*:*", + "matchCriteriaId": "868CB3B3-A09D-4C20-BE79-CCFAC6A64220" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:kbdevice:kb-ahr16d_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "91310.1.101106.78", + "matchCriteriaId": "78F9ECB7-F0F7-4823-AC46-D0F39B4873DA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:kbdevice:kb-ahr16d:-:*:*:*:*:*:*:*", + "matchCriteriaId": "45FD308E-4BCC-4000-B7AB-C30F5758582F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:kbdevice:kb-irip04a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "95110.1.100290.78a", + "matchCriteriaId": "EA5C6C00-5D77-45FA-9192-11583B287A6F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:kbdevice:kb-irip04a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0815D725-07A7-4AE0-B342-4443C9D7C186" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:kbdevice:kb-irip08a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "95210.1.100290.78a", + "matchCriteriaId": "0E6D7D01-09F8-45CB-B0C1-717CE9762AB0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:kbdevice:kb-irip08a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A9F53B43-1830-479D-AB3D-A4695B2C712D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:kbdevice:kb-irip16a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "95310.1.100290.78a", + "matchCriteriaId": "55936F14-6321-4D15-88B5-8D79BF234251" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:kbdevice:kb-irip16a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "40B44829-A7ED-4AB7-A2FB-0A9142274ADA" + } + ] + } + ] + } + ], "references": [ { "url": "https://jvn.jp/en/vu/JVNVU90812349/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.kbdevice.com/news/%e3%83%ac%e3%82%b3%e3%83%bc%e3%83%80%e3%83%bc%e3%81%ae%e3%83%8d%e3%83%83%e3%83%88%e3%83%af%e3%83%bc%e3%82%af%e6%94%bb%e6%92%83%e3%81%ab%e5%af%be%e3%81%99%e3%82%8b%e3%82%a2%e3%83%83%e3%83%97%e3%83%87/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Mitigation", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-307xx/CVE-2023-30764.json b/CVE-2023/CVE-2023-307xx/CVE-2023-30764.json index 2924cf2d66c..bfa7286012d 100644 --- a/CVE-2023/CVE-2023-307xx/CVE-2023-30764.json +++ b/CVE-2023/CVE-2023-307xx/CVE-2023-30764.json @@ -2,23 +2,235 @@ "id": "CVE-2023-30764", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-06-13T10:15:10.330", - "lastModified": "2023-06-13T13:00:37.647", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:34:50.173", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "OS command injection vulnerability exists in KB-AHR series and KB-IRIP series. If this vulnerability is exploited, an arbitrary OS command may be executed on the product or the device settings may be altered. Affected products and versions are as follows: KB-AHR04D versions prior to 91110.1.101106.78, KB-AHR08D versions prior to 91210.1.101106.78, KB-AHR16D versions prior to 91310.1.101106.78, KB-IRIP04A versions prior to 95110.1.100290.78A, KB-IRIP08A versions prior to 95210.1.100290.78A, and KB-IRIP16A versions prior to 95310.1.100290.78A." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:kbdevice:kb-ahr04d_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "91110.1.101106.78", + "matchCriteriaId": "E9AD62AA-C479-42EB-B760-6EE8D44DAFAA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:kbdevice:kb-ahr04d:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1863EEE8-C169-4D5B-B933-881DC01DF830" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:kbdevice:kb-ahr08d_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "91210.1.101106.78", + "matchCriteriaId": "959EE3B5-CDF0-4E9F-8198-EA2906B2C876" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:kbdevice:kb-ahr08d:-:*:*:*:*:*:*:*", + "matchCriteriaId": "868CB3B3-A09D-4C20-BE79-CCFAC6A64220" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:kbdevice:kb-ahr16d_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "91310.1.101106.78", + "matchCriteriaId": "78F9ECB7-F0F7-4823-AC46-D0F39B4873DA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:kbdevice:kb-ahr16d:-:*:*:*:*:*:*:*", + "matchCriteriaId": "45FD308E-4BCC-4000-B7AB-C30F5758582F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:kbdevice:kb-irip04a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "95110.1.100290.78a", + "matchCriteriaId": "EA5C6C00-5D77-45FA-9192-11583B287A6F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:kbdevice:kb-irip04a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0815D725-07A7-4AE0-B342-4443C9D7C186" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:kbdevice:kb-irip08a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "95210.1.100290.78a", + "matchCriteriaId": "0E6D7D01-09F8-45CB-B0C1-717CE9762AB0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:kbdevice:kb-irip08a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A9F53B43-1830-479D-AB3D-A4695B2C712D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:kbdevice:kb-irip16a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "95310.1.100290.78a", + "matchCriteriaId": "55936F14-6321-4D15-88B5-8D79BF234251" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:kbdevice:kb-irip16a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "40B44829-A7ED-4AB7-A2FB-0A9142274ADA" + } + ] + } + ] + } + ], "references": [ { "url": "https://jvn.jp/en/vu/JVNVU90812349/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.kbdevice.com/news/%e3%83%ac%e3%82%b3%e3%83%bc%e3%83%80%e3%83%bc%e3%81%ae%e3%83%8d%e3%83%83%e3%83%88%e3%83%af%e3%83%bc%e3%82%af%e6%94%bb%e6%92%83%e3%81%ab%e5%af%be%e3%81%99%e3%82%8b%e3%82%a2%e3%83%83%e3%83%97%e3%83%87/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Mitigation", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-307xx/CVE-2023-30766.json b/CVE-2023/CVE-2023-307xx/CVE-2023-30766.json index 7ba69c2698d..06615c4b29e 100644 --- a/CVE-2023/CVE-2023-307xx/CVE-2023-30766.json +++ b/CVE-2023/CVE-2023-307xx/CVE-2023-30766.json @@ -2,23 +2,235 @@ "id": "CVE-2023-30766", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-06-13T10:15:10.370", - "lastModified": "2023-06-13T13:00:37.647", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:34:29.650", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Hidden functionality issue exists in KB-AHR series and KB-IRIP series. If this vulnerability is exploited, an arbitrary OS command may be executed on the product or the device settings may be altered. Affected products and versions are as follows: KB-AHR04D versions prior to 91110.1.101106.78, KB-AHR08D versions prior to 91210.1.101106.78, KB-AHR16D versions prior to 91310.1.101106.78, KB-IRIP04A versions prior to 95110.1.100290.78A, KB-IRIP08A versions prior to 95210.1.100290.78A, and KB-IRIP16A versions prior to 95310.1.100290.78A." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:kbdevice:kb-ahr04d_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "91110.1.101106.78", + "matchCriteriaId": "E9AD62AA-C479-42EB-B760-6EE8D44DAFAA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:kbdevice:kb-ahr04d:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1863EEE8-C169-4D5B-B933-881DC01DF830" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:kbdevice:kb-ahr08d_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "91210.1.101106.78", + "matchCriteriaId": "959EE3B5-CDF0-4E9F-8198-EA2906B2C876" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:kbdevice:kb-ahr08d:-:*:*:*:*:*:*:*", + "matchCriteriaId": "868CB3B3-A09D-4C20-BE79-CCFAC6A64220" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:kbdevice:kb-ahr16d_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "91310.1.101106.78", + "matchCriteriaId": "78F9ECB7-F0F7-4823-AC46-D0F39B4873DA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:kbdevice:kb-ahr16d:-:*:*:*:*:*:*:*", + "matchCriteriaId": "45FD308E-4BCC-4000-B7AB-C30F5758582F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:kbdevice:kb-irip04a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "95110.1.100290.78a", + "matchCriteriaId": "EA5C6C00-5D77-45FA-9192-11583B287A6F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:kbdevice:kb-irip04a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0815D725-07A7-4AE0-B342-4443C9D7C186" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:kbdevice:kb-irip08a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "95210.1.100290.78a", + "matchCriteriaId": "0E6D7D01-09F8-45CB-B0C1-717CE9762AB0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:kbdevice:kb-irip08a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A9F53B43-1830-479D-AB3D-A4695B2C712D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:kbdevice:kb-irip16a_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "95310.1.100290.78a", + "matchCriteriaId": "55936F14-6321-4D15-88B5-8D79BF234251" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:kbdevice:kb-irip16a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "40B44829-A7ED-4AB7-A2FB-0A9142274ADA" + } + ] + } + ] + } + ], "references": [ { "url": "https://jvn.jp/en/vu/JVNVU90812349/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.kbdevice.com/news/%e3%83%ac%e3%82%b3%e3%83%bc%e3%83%80%e3%83%bc%e3%81%ae%e3%83%8d%e3%83%83%e3%83%88%e3%83%af%e3%83%bc%e3%82%af%e6%94%bb%e6%92%83%e3%81%ab%e5%af%be%e3%81%99%e3%82%8b%e3%82%a2%e3%83%83%e3%83%97%e3%83%87/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Mitigation", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-308xx/CVE-2023-30897.json b/CVE-2023/CVE-2023-308xx/CVE-2023-30897.json index a789bf58d8d..338b0c1330c 100644 --- a/CVE-2023/CVE-2023-308xx/CVE-2023-30897.json +++ b/CVE-2023/CVE-2023-308xx/CVE-2023-30897.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30897", "sourceIdentifier": "productcert@siemens.com", "published": "2023-06-13T09:15:17.703", - "lastModified": "2023-06-13T13:00:42.717", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:41:04.607", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "productcert@siemens.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-732" + } + ] + }, { "source": "productcert@siemens.com", "type": "Secondary", @@ -46,10 +76,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.5.2.13", + "matchCriteriaId": "8AEA3E3F-6C11-4707-83CC-9A198564B222" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914026.pdf", - "source": "productcert@siemens.com" + "source": "productcert@siemens.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-309xx/CVE-2023-30901.json b/CVE-2023/CVE-2023-309xx/CVE-2023-30901.json index e07f10fec16..a5bdef88bc1 100644 --- a/CVE-2023/CVE-2023-309xx/CVE-2023-30901.json +++ b/CVE-2023/CVE-2023-309xx/CVE-2023-30901.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30901", "sourceIdentifier": "productcert@siemens.com", "published": "2023-06-13T09:15:17.763", - "lastModified": "2023-06-13T13:00:42.717", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:40:32.183", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "productcert@siemens.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + }, { "source": "productcert@siemens.com", "type": "Secondary", @@ -46,10 +76,44 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:siemens:q200_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.70", + "matchCriteriaId": "D1D626C5-92BF-4C9B-9EF2-24347CF24491" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:q200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CC2EA3F6-418C-49A4-B23C-E7BD56395466" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf", - "source": "productcert@siemens.com" + "source": "productcert@siemens.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-312xx/CVE-2023-31238.json b/CVE-2023/CVE-2023-312xx/CVE-2023-31238.json index 73c2ad7c8fa..e42ada4f84e 100644 --- a/CVE-2023/CVE-2023-312xx/CVE-2023-31238.json +++ b/CVE-2023/CVE-2023-312xx/CVE-2023-31238.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31238", "sourceIdentifier": "productcert@siemens.com", "published": "2023-06-13T09:15:18.093", - "lastModified": "2023-06-13T13:00:42.717", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:39:56.593", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.2, + "impactScore": 2.5 + }, { "source": "productcert@siemens.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-732" + } + ] + }, { "source": "productcert@siemens.com", "type": "Secondary", @@ -46,10 +76,44 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:siemens:q200_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.70", + "matchCriteriaId": "D1D626C5-92BF-4C9B-9EF2-24347CF24491" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:siemens:q200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CC2EA3F6-418C-49A4-B23C-E7BD56395466" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf", - "source": "productcert@siemens.com" + "source": "productcert@siemens.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-320xx/CVE-2023-32025.json b/CVE-2023/CVE-2023-320xx/CVE-2023-32025.json index b172ebe9d79..0d30795e819 100644 --- a/CVE-2023/CVE-2023-320xx/CVE-2023-32025.json +++ b/CVE-2023/CVE-2023-320xx/CVE-2023-32025.json @@ -2,12 +2,16 @@ "id": "CVE-2023-32025", "sourceIdentifier": "secure@microsoft.com", "published": "2023-06-16T01:15:27.967", - "lastModified": "2023-06-16T03:19:08.410", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T16:20:15.013", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota de Microsoft ODBC Driver para SQL Server" } ], "metrics": { @@ -34,10 +38,90 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*", + "versionStartIncluding": "17.0.1.1", + "versionEndExcluding": "17.10.4.1", + "matchCriteriaId": "5CC2AE26-7BA1-4E45-97D3-6F9EE992FA98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*", + "versionStartIncluding": "17.0.1.1", + "versionEndExcluding": "17.10.4.1", + "matchCriteriaId": "49DA289E-FD25-4CB0-9165-9E836EC93DD0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*", + "versionStartIncluding": "17.0.1.1", + "versionEndExcluding": "17.10.4.1", + "matchCriteriaId": "E6185183-17DD-4A16-9E08-E1277F58829A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*", + "versionStartIncluding": "18.0.1.1", + "versionEndExcluding": "18.2.1.1", + "matchCriteriaId": "493BBE3B-5302-4BA1-9F69-734AA10305D6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*", + "versionStartIncluding": "18.0.1.1", + "versionEndExcluding": "18.2.1.1", + "matchCriteriaId": "848BABEE-8496-4225-9E47-3CDB40CB8A86" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*", + "versionStartIncluding": "18.0.1.1", + "versionEndExcluding": "18.2.1.1", + "matchCriteriaId": "E45B3703-BF64-408E-A931-1D3C1DFFFA71" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*", + "matchCriteriaId": "9144F644-A3D4-440C-8978-257E71204617" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*", + "matchCriteriaId": "6CB7AD22-F27B-4807-88F1-02ED420421D5" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32025", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-320xx/CVE-2023-32026.json b/CVE-2023/CVE-2023-320xx/CVE-2023-32026.json index a5217404332..ac09abcd3df 100644 --- a/CVE-2023/CVE-2023-320xx/CVE-2023-32026.json +++ b/CVE-2023/CVE-2023-320xx/CVE-2023-32026.json @@ -2,12 +2,16 @@ "id": "CVE-2023-32026", "sourceIdentifier": "secure@microsoft.com", "published": "2023-06-16T01:15:28.017", - "lastModified": "2023-06-16T03:19:08.410", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T16:15:51.107", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" + }, + { + "lang": "es", + "value": "Vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota de Microsoft ODBC Driver para SQL Server" } ], "metrics": { @@ -34,10 +38,90 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*", + "versionStartIncluding": "17.0.1.1", + "versionEndExcluding": "17.10.4.1", + "matchCriteriaId": "5CC2AE26-7BA1-4E45-97D3-6F9EE992FA98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*", + "versionStartIncluding": "17.0.1.1", + "versionEndExcluding": "17.10.4.1", + "matchCriteriaId": "49DA289E-FD25-4CB0-9165-9E836EC93DD0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*", + "versionStartIncluding": "17.0.1.1", + "versionEndExcluding": "17.10.4.1", + "matchCriteriaId": "E6185183-17DD-4A16-9E08-E1277F58829A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*", + "versionStartIncluding": "18.0.1.1", + "versionEndExcluding": "18.2.1.1", + "matchCriteriaId": "493BBE3B-5302-4BA1-9F69-734AA10305D6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*", + "versionStartIncluding": "18.0.1.1", + "versionEndExcluding": "18.2.1.1", + "matchCriteriaId": "848BABEE-8496-4225-9E47-3CDB40CB8A86" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*", + "versionStartIncluding": "18.0.1.1", + "versionEndExcluding": "18.2.1.1", + "matchCriteriaId": "E45B3703-BF64-408E-A931-1D3C1DFFFA71" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*", + "matchCriteriaId": "9144F644-A3D4-440C-8978-257E71204617" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*", + "matchCriteriaId": "6CB7AD22-F27B-4807-88F1-02ED420421D5" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32026", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3276.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3276.json index 43c18c057ce..c5a59a878c3 100644 --- a/CVE-2023/CVE-2023-32xx/CVE-2023-3276.json +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3276.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3276", "sourceIdentifier": "cna@vuldb.com", "published": "2023-06-15T13:15:09.773", - "lastModified": "2023-06-15T14:00:53.933", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T16:41:20.947", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -61,7 +83,7 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -69,20 +91,58 @@ "value": "CWE-611" } ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-611" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dromara:hutool:*:*:*:*:*:*:*:*", + "versionEndIncluding": "5.8.19", + "matchCriteriaId": "445E7DF7-C380-4C4B-B276-50553D571882" + } + ] + } + ] } ], "references": [ { "url": "https://fbdhhhh47.github.io/2023/06/06/hutool-XXE/", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.231626", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.231626", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-335xx/CVE-2023-33580.json b/CVE-2023/CVE-2023-335xx/CVE-2023-33580.json new file mode 100644 index 00000000000..3ca3813d3df --- /dev/null +++ b/CVE-2023/CVE-2023-335xx/CVE-2023-33580.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-33580", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-26T16:15:09.637", + "lastModified": "2023-06-26T17:51:24.007", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Phpgurukul Student Study Center Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in the \"Admin Name\" field on Admin Profile page." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://packetstormsecurity.com/files/173030/Student-Study-Center-Management-System-1.0-Cross-Site-Scripting.html", + "source": "cve@mitre.org" + }, + { + "url": "https://phpgurukul.com/student-study-center-management-system-using-php-and-mysql/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-33xx/CVE-2023-3308.json b/CVE-2023/CVE-2023-33xx/CVE-2023-3308.json index bd58c6da3d9..8626a131593 100644 --- a/CVE-2023/CVE-2023-33xx/CVE-2023-3308.json +++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3308.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3308", "sourceIdentifier": "cna@vuldb.com", "published": "2023-06-18T09:15:09.677", - "lastModified": "2023-06-20T07:12:55.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:55:21.777", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,49 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:whaleal:icefrog:1.1.8:*:*:*:*:*:*:*", + "matchCriteriaId": "667685E7-7C58-4F05-BC6C-3646650C0706" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/NanKeXXX/selfVuln_poc/blob/main/whaleal%3Aicefrog/icefrog_1.1.8_RCE.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Broken Link", + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.231804", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.231804", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-33xx/CVE-2023-3309.json b/CVE-2023/CVE-2023-33xx/CVE-2023-3309.json index 1c6bfa9968f..d5d0357b653 100644 --- a/CVE-2023/CVE-2023-33xx/CVE-2023-3309.json +++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3309.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3309", "sourceIdentifier": "cna@vuldb.com", "published": "2023-06-18T12:15:09.267", - "lastModified": "2023-06-20T07:12:55.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T16:29:49.337", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:resort_reservation_system_project:resort_reservation_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "57B25E14-73A3-436D-900D-0E09E0A423DE" + } + ] + } + ] + } + ], "references": [ { "url": "https://kr1shna4garwal.github.io/posts/cve-poc-2023/#cve-2023-3309", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.231805", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.231805", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-33xx/CVE-2023-3310.json b/CVE-2023/CVE-2023-33xx/CVE-2023-3310.json index e1d01cf4483..64c94dc69a4 100644 --- a/CVE-2023/CVE-2023-33xx/CVE-2023-3310.json +++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3310.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3310", "sourceIdentifier": "cna@vuldb.com", "published": "2023-06-18T12:15:09.347", - "lastModified": "2023-06-20T07:12:55.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T16:30:16.967", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:agro-school_management_system_project:agro-school_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "96ADB127-DE0B-4CD5-B718-C3E50D8AFDD5" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/humaowei/CVEHub/blob/main/Agro-School%20Management%20System%20loaddata.php%20has%20Sqlinjection.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.231806", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.231806", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-33xx/CVE-2023-3311.json b/CVE-2023/CVE-2023-33xx/CVE-2023-3311.json index 646e9f0d256..848a1926004 100644 --- a/CVE-2023/CVE-2023-33xx/CVE-2023-3311.json +++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3311.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3311", "sourceIdentifier": "cna@vuldb.com", "published": "2023-06-18T15:15:11.660", - "lastModified": "2023-06-20T07:12:55.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T16:35:19.067", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:online-shopping-system-advanced_project:online-shopping-system-advanced:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D09867D3-08E2-4CC7-8D28-F8D5A86F363D" + } + ] + } + ] + } + ], "references": [ { "url": "https://kr1shna4garwal.github.io/posts/cve-poc-2023/#cve-2023-3311", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.231807", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.231807", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34154.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34154.json index 36ad2c2c303..618751bf9b5 100644 --- a/CVE-2023/CVE-2023-341xx/CVE-2023-34154.json +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34154.json @@ -2,19 +2,75 @@ "id": "CVE-2023-34154", "sourceIdentifier": "psirt@huawei.com", "published": "2023-06-16T07:15:08.457", - "lastModified": "2023-06-16T12:47:18.707", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:51:03.840", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Vulnerability of undefined permissions in HUAWEI VR screen projection.Successful exploitation of this vulnerability will cause third-party apps to create windows in an arbitrary way, consuming system resources." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH", + "baseScore": 8.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-732" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.0", + "matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12" + } + ] + } + ] + } + ], "references": [ { "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202306-0000001560777672", - "source": "psirt@huawei.com" + "source": "psirt@huawei.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34157.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34157.json index 2623c694368..9bfdef77080 100644 --- a/CVE-2023/CVE-2023-341xx/CVE-2023-34157.json +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34157.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34157", "sourceIdentifier": "psirt@huawei.com", "published": "2023-06-16T07:15:08.680", - "lastModified": "2023-06-16T12:47:18.707", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:49:44.913", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + }, { "source": "psirt@huawei.com", "type": "Secondary", @@ -34,10 +54,43 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.0", + "matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12" + } + ] + } + ] + } + ], "references": [ { "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202306-0000001560777672", - "source": "psirt@huawei.com" + "source": "psirt@huawei.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34609.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34609.json index a5f3cdb8d4a..b4009fc0cd9 100644 --- a/CVE-2023/CVE-2023-346xx/CVE-2023-34609.json +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34609.json @@ -2,31 +2,100 @@ "id": "CVE-2023-34609", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-14T14:15:09.860", - "lastModified": "2023-06-14T15:30:53.640", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:06:51.467", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered flexjson thru 3.3 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:flexjson_project:flexjson:*:*:*:*:*:*:*:*", + "versionEndIncluding": "3.3", + "matchCriteriaId": "10B99ED3-94E0-4EA7-B16C-330220166BBD" + } + ] + } + ] + } + ], "references": [ { "url": "https://sourceforge.net/p/flexjson/bugs/48/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://sourceforge.net/p/flexjson/bugs/49/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://sourceforge.net/p/flexjson/bugs/50/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://sourceforge.net/p/flexjson/bugs/51/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34610.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34610.json index ac0e98f64ad..f2acf11420c 100644 --- a/CVE-2023/CVE-2023-346xx/CVE-2023-34610.json +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34610.json @@ -2,19 +2,77 @@ "id": "CVE-2023-34610", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-14T14:15:09.917", - "lastModified": "2023-06-14T15:30:53.640", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:11:37.297", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered json-io thru 4.14.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:json-io_project:json-io:*:*:*:*:*:*:*:*", + "versionEndIncluding": "4.14.0", + "matchCriteriaId": "5A526369-41E4-476D-97B1-590AD89A0070" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/jdereg/json-io/issues/169", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34611.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34611.json index d5ce142c4f4..d85dca76740 100644 --- a/CVE-2023/CVE-2023-346xx/CVE-2023-34611.json +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34611.json @@ -2,19 +2,77 @@ "id": "CVE-2023-34611", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-14T14:15:09.960", - "lastModified": "2023-06-14T15:30:53.640", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:14:33.747", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered mjson thru 1.4.1 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mjson_project:mjson:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.4.1", + "matchCriteriaId": "AA289745-73AE-438C-AE3F-8E9E6159ABD3" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/bolerio/mjson/issues/40", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34612.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34612.json index 5f08714b9ea..2063f26bf89 100644 --- a/CVE-2023/CVE-2023-346xx/CVE-2023-34612.json +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34612.json @@ -2,19 +2,77 @@ "id": "CVE-2023-34612", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-14T14:15:10.007", - "lastModified": "2023-06-14T15:30:53.640", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:31:11.537", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered ph-json thru 9.5.5 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ph-json_project:ph-json:*:*:*:*:*:*:*:*", + "versionEndIncluding": "9.5.5", + "matchCriteriaId": "25409CC2-3971-4AD0-B0A3-F5839A9A2E9F" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/phax/ph-commons/issues/35", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34624.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34624.json index a80dbfcdf7c..53e355b84a3 100644 --- a/CVE-2023/CVE-2023-346xx/CVE-2023-34624.json +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34624.json @@ -2,19 +2,77 @@ "id": "CVE-2023-34624", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-14T14:15:10.360", - "lastModified": "2023-06-14T15:30:53.640", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:29:18.067", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered htmlcleaner thru = 2.28 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:htmlcleaner_project:htmlcleaner:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.28", + "matchCriteriaId": "FE2821CC-7FBE-42A3-95CF-84AB7843EACD" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/amplafi/htmlcleaner/issues/13", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34657.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34657.json index cdb6e2ad03d..bb1f1a6695f 100644 --- a/CVE-2023/CVE-2023-346xx/CVE-2023-34657.json +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34657.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34657", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-19T04:15:10.873", - "lastModified": "2023-06-20T07:12:55.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T16:26:30.057", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,67 @@ "value": "Una vulnerabilidad de Cross-Site Scripting (XSS) almacenado en Eyoucms v1.6.2 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de una carga \u00fatil manipulada inyectada en el par\u00e1metro \"web_recordnum\". " } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:eyoucms:eyoucms:1.6.2:*:*:*:*:*:*:*", + "matchCriteriaId": "5B87F220-D05C-4885-8C0E-E5BD8D8DFB66" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/weng-xianhu/eyoucms/issues/43", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35110.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35110.json index 741f32bff05..bdeb00a1f17 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35110.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35110.json @@ -2,19 +2,77 @@ "id": "CVE-2023-35110", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-14T14:15:10.920", - "lastModified": "2023-06-14T15:30:49.300", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:27:13.500", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered jjson thru 0.1.7 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jjson_project:jjson:*:*:*:*:*:*:*:*", + "versionEndIncluding": "0.1.7", + "matchCriteriaId": "110AAF0C-AF40-41D1-AF6B-84402EA25913" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/grobmeier/jjson/issues/2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35116.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35116.json index 896fda058fc..adb88712099 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35116.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35116.json @@ -2,19 +2,76 @@ "id": "CVE-2023-35116", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-14T14:15:10.960", - "lastModified": "2023-06-19T15:15:09.280", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T16:52:40.273", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "** DISPUTED ** An issue was discovered jackson-databind thru 2.15.2 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that the product is not intended for use with untrusted input." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.15.2", + "matchCriteriaId": "318112DB-AF0E-49D0-B05D-A0569A7EDD71" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/FasterXML/jackson-databind/issues/3972", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35782.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35782.json index a9ad450d442..657fc5c4ee2 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35782.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35782.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35782", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-16T15:15:09.680", - "lastModified": "2023-06-16T16:41:02.630", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:43:26.517", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cve@mitre.org", "type": "Secondary", @@ -34,10 +54,44 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ipandlanguageredirect_project:ipandlanguageredirect:*:*:*:*:*:typo3:*:*", + "versionEndExcluding": "5.1.2", + "matchCriteriaId": "00551313-8221-4052-9128-0BCAEFC9E4FB" + } + ] + } + ] + } + ], "references": [ { "url": "https://typo3.org/security/advisory/typo3-ext-sa-2023-005", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35783.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35783.json index 94da4161f23..fa0f291c918 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35783.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35783.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35783", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-16T15:15:10.037", - "lastModified": "2023-06-16T16:41:02.630", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:43:07.100", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "cve@mitre.org", "type": "Secondary", @@ -34,10 +54,58 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:faceted_search_project:faceted_search:*:*:*:*:*:typo3:*:*", + "versionEndExcluding": "4.0.3", + "matchCriteriaId": "4EC1CCB6-F907-4E86-90C4-3CBEE9D79DA9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:faceted_search_project:faceted_search:*:*:*:*:*:typo3:*:*", + "versionStartIncluding": "4.1.0", + "versionEndExcluding": "4.6.6", + "matchCriteriaId": "1CD50341-1AE5-4D4D-81AE-0E62AA0142A5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:faceted_search_project:faceted_search:*:*:*:*:*:typo3:*:*", + "versionStartIncluding": "5.0.0", + "versionEndExcluding": "5.0.2", + "matchCriteriaId": "F37DE503-8D30-4F3B-AC72-FA05A86E953E" + } + ] + } + ] + } + ], "references": [ { "url": "https://typo3.org/security/advisory/typo3-ext-sa-2023-004", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35823.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35823.json index 16d22997d33..c36ccd4a236 100644 --- a/CVE-2023/CVE-2023-358xx/CVE-2023-35823.json +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35823.json @@ -2,31 +2,102 @@ "id": "CVE-2023-35823", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-18T22:15:09.187", - "lastModified": "2023-06-20T07:12:55.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:17:42.043", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.0, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-362" + }, + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.3.2", + "matchCriteriaId": "86A4A377-C6B0-4E94-8486-019155A51116" + } + ] + } + ] + } + ], "references": [ { "url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=30cf57da176cca80f11df0d9b7f71581fe601389", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Vendor Advisory" + ] }, { "url": "https://lore.kernel.org/all/49bb0b6a-e669-d4e7-d742-a19d2763e947@xs4all.nl/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://lore.kernel.org/lkml/20230318085023.832510-1-zyytlz.wz@163.com/t/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35824.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35824.json index 824f8255d89..a7c73b948e5 100644 --- a/CVE-2023/CVE-2023-358xx/CVE-2023-35824.json +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35824.json @@ -2,31 +2,102 @@ "id": "CVE-2023-35824", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-18T22:15:09.240", - "lastModified": "2023-06-20T07:12:55.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:18:01.807", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.0, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-362" + }, + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.3.2", + "matchCriteriaId": "86A4A377-C6B0-4E94-8486-019155A51116" + } + ] + } + ] + } + ], "references": [ { "url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5abda7a16698d4d1f47af1168d8fa2c640116b4a", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Vendor Advisory" + ] }, { "url": "https://lore.kernel.org/all/49bb0b6a-e669-d4e7-d742-a19d2763e947@xs4all.nl/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://lore.kernel.org/lkml/20230318081506.795147-1-zyytlz.wz@163.com/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35826.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35826.json index 750faafc05a..496e023c964 100644 --- a/CVE-2023/CVE-2023-358xx/CVE-2023-35826.json +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35826.json @@ -2,31 +2,101 @@ "id": "CVE-2023-35826", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-18T22:15:09.330", - "lastModified": "2023-06-20T07:12:55.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:18:19.807", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in cedrus_remove in drivers/staging/media/sunxi/cedrus/cedrus.c." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.0, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-362" + }, + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.3.2", + "matchCriteriaId": "86A4A377-C6B0-4E94-8486-019155A51116" + } + ] + } + ] + } + ], "references": [ { "url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=50d0a7aea4809cef87979d4669911276aa23b71f", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://lore.kernel.org/all/a4dafa22-3ee3-dbe1-fd50-fee07883ce1a@xs4all.nl/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://lore.kernel.org/linux-arm-kernel/20230308032333.1893394-1-zyytlz.wz@163.com/T/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35827.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35827.json index 7fb1c2be897..6ae87261809 100644 --- a/CVE-2023/CVE-2023-358xx/CVE-2023-35827.json +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35827.json @@ -2,23 +2,87 @@ "id": "CVE-2023-35827", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-18T22:15:09.373", - "lastModified": "2023-06-20T07:12:55.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:11:20.587", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravb_remove in drivers/net/ethernet/renesas/ravb_main.c." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.0, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-362" + }, + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.3.8", + "matchCriteriaId": "733A9846-73C9-4358-B8ED-2560AEC047D2" + } + ] + } + ] + } + ], "references": [ { "url": "https://lore.kernel.org/lkml/cca0b40b-d6f8-54c7-1e46-83cb62d0a2f1@huawei.com/T/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.spinics.net/lists/netdev/msg886947.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35828.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35828.json index 32878184efc..9bf618777c7 100644 --- a/CVE-2023/CVE-2023-358xx/CVE-2023-35828.json +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35828.json @@ -2,31 +2,101 @@ "id": "CVE-2023-35828", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-18T22:15:09.417", - "lastModified": "2023-06-20T07:12:55.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T16:56:25.930", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.0, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-362" + }, + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.3.2", + "matchCriteriaId": "86A4A377-C6B0-4E94-8486-019155A51116" + } + ] + } + ] + } + ], "references": [ { "url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2b947f8769be8b8181dc795fd292d3e7120f5204", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://lore.kernel.org/all/20230327121700.52d881e0@canb.auug.org.au/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://lore.kernel.org/lkml/CAJedcCwkuznS1kSTvJXhzPoavcZDWNhNMshi-Ux0spSVRwU=RA@mail.gmail.com/T/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35829.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35829.json index 7c8bee0e638..27ee939bd6e 100644 --- a/CVE-2023/CVE-2023-358xx/CVE-2023-35829.json +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35829.json @@ -2,31 +2,102 @@ "id": "CVE-2023-35829", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-18T22:15:09.460", - "lastModified": "2023-06-20T07:12:55.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T16:58:36.803", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.0, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-362" + }, + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.3.2", + "matchCriteriaId": "86A4A377-C6B0-4E94-8486-019155A51116" + } + ] + } + ] + } + ], "references": [ { "url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3228cec23b8b29215e18090c6ba635840190993d", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Vendor Advisory" + ] }, { "url": "https://lore.kernel.org/all/a4dafa22-3ee3-dbe1-fd50-fee07883ce1a@xs4all.nl/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://lore.kernel.org/lkml/20230307173900.1299387-1-zyytlz.wz@163.com/T/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35839.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35839.json index 4c3223fdc57..4c4b2d4de68 100644 --- a/CVE-2023/CVE-2023-358xx/CVE-2023-35839.json +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35839.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35839", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-19T01:15:08.667", - "lastModified": "2023-06-20T07:12:55.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:28:39.953", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,15 +14,75 @@ "value": "Solon antes de la versi\u00f3n 2.3.3 permite la Deserializaci\u00f3n de Datos No Confiables. " } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:solon:solon:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.3.3", + "matchCriteriaId": "60BE5319-4654-44C4-AD07-D374BD8F863D" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/noear/solon/compare/v2.3.2...v2.3.3", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/noear/solon/issues/145", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35848.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35848.json index 683caf51a27..9fe199c41cd 100644 --- a/CVE-2023/CVE-2023-358xx/CVE-2023-35848.json +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35848.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35848", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-19T03:15:09.327", - "lastModified": "2023-06-20T07:12:55.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:47:59.917", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,68 @@ "value": "VirtualSquare picoTCP (tambi\u00e9n conocido como PicoTCP-NG) a trav\u00e9s de la versi\u00f3n 2.1 carece de ciertos c\u00e1lculos de tama\u00f1o antes de intentar establecer un valor de un miembro de la estructura \"mss\". " } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-682" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:virtualsquare:picotcp:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.1", + "matchCriteriaId": "FF1314A4-D96F-47BB-885E-FA90BFF16E74" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/virtualsquare/picotcp/pull/15/files", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35849.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35849.json index cc243084d1d..08ab0e7b9c9 100644 --- a/CVE-2023/CVE-2023-358xx/CVE-2023-35849.json +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35849.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35849", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-19T03:15:09.370", - "lastModified": "2023-06-20T07:12:55.493", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-26T17:57:17.280", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,67 @@ "value": "VirtualSquare picoTCP (tambi\u00e9n conocido como PicoTCP-NG) a trav\u00e9s de la versi\u00f3n 2.1 no comprueba correctamente si los tama\u00f1os de cabecera resultar\u00edan en un acceso a lo datos fuera de un paquete. " } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-754" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:virtualsquare:picotcp:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.1", + "matchCriteriaId": "FF1314A4-D96F-47BB-885E-FA90BFF16E74" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/virtualsquare/picotcp/commit/4b9a16764f2b12b611de9c34a50b4713d10ca401", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-363xx/CVE-2023-36301.json b/CVE-2023/CVE-2023-363xx/CVE-2023-36301.json index c6834a6c6a9..d614ebbc2a1 100644 --- a/CVE-2023/CVE-2023-363xx/CVE-2023-36301.json +++ b/CVE-2023/CVE-2023-363xx/CVE-2023-36301.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36301", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-26T15:15:09.853", - "lastModified": "2023-06-26T15:15:09.853", - "vulnStatus": "Received", + "lastModified": "2023-06-26T17:51:24.007", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/README.md b/README.md index 990798ede82..c79b9c7b499 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-06-26T16:00:25.710327+00:00 +2023-06-26T18:00:29.204692+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-06-26T15:43:42.757000+00:00 +2023-06-26T18:00:05.753000+00:00 ``` ### Last Data Feed Release @@ -29,33 +29,54 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -218545 +218555 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `10` -* [CVE-2023-30261](CVE-2023/CVE-2023-302xx/CVE-2023-30261.json) (`2023-06-26T14:15:10.223`) -* [CVE-2023-25306](CVE-2023/CVE-2023-253xx/CVE-2023-25306.json) (`2023-06-26T15:15:09.653`) -* [CVE-2023-25307](CVE-2023/CVE-2023-253xx/CVE-2023-25307.json) (`2023-06-26T15:15:09.703`) -* [CVE-2023-36301](CVE-2023/CVE-2023-363xx/CVE-2023-36301.json) (`2023-06-26T15:15:09.853`) +* [CVE-2022-48331](CVE-2022/CVE-2022-483xx/CVE-2022-48331.json) (`2023-06-26T16:15:09.480`) +* [CVE-2022-40010](CVE-2022/CVE-2022-400xx/CVE-2022-40010.json) (`2023-06-26T17:15:09.310`) +* [CVE-2022-48332](CVE-2022/CVE-2022-483xx/CVE-2022-48332.json) (`2023-06-26T17:15:09.637`) +* [CVE-2022-48333](CVE-2022/CVE-2022-483xx/CVE-2022-48333.json) (`2023-06-26T17:15:09.923`) +* [CVE-2022-48334](CVE-2022/CVE-2022-483xx/CVE-2022-48334.json) (`2023-06-26T17:15:10.127`) +* [CVE-2022-48335](CVE-2022/CVE-2022-483xx/CVE-2022-48335.json) (`2023-06-26T17:15:10.347`) +* [CVE-2022-48336](CVE-2022/CVE-2022-483xx/CVE-2022-48336.json) (`2023-06-26T17:15:12.433`) +* [CVE-2023-28485](CVE-2023/CVE-2023-284xx/CVE-2023-28485.json) (`2023-06-26T16:15:09.537`) +* [CVE-2023-29459](CVE-2023/CVE-2023-294xx/CVE-2023-29459.json) (`2023-06-26T16:15:09.587`) +* [CVE-2023-33580](CVE-2023/CVE-2023-335xx/CVE-2023-33580.json) (`2023-06-26T16:15:09.637`) ### CVEs modified in the last Commit -Recently modified CVEs: `10` +Recently modified CVEs: `101` -* [CVE-2022-38156](CVE-2022/CVE-2022-381xx/CVE-2022-38156.json) (`2023-06-26T15:29:57.323`) -* [CVE-2023-2778](CVE-2023/CVE-2023-27xx/CVE-2023-2778.json) (`2023-06-26T14:05:00.940`) -* [CVE-2023-2827](CVE-2023/CVE-2023-28xx/CVE-2023-2827.json) (`2023-06-26T14:08:41.080`) -* [CVE-2023-29437](CVE-2023/CVE-2023-294xx/CVE-2023-29437.json) (`2023-06-26T15:02:18.713`) -* [CVE-2023-29438](CVE-2023/CVE-2023-294xx/CVE-2023-29438.json) (`2023-06-26T15:02:18.713`) -* [CVE-2023-34241](CVE-2023/CVE-2023-342xx/CVE-2023-34241.json) (`2023-06-26T15:15:09.760`) -* [CVE-2023-30453](CVE-2023/CVE-2023-304xx/CVE-2023-30453.json) (`2023-06-26T15:21:14.993`) -* [CVE-2023-34095](CVE-2023/CVE-2023-340xx/CVE-2023-34095.json) (`2023-06-26T15:24:27.403`) -* [CVE-2023-3268](CVE-2023/CVE-2023-32xx/CVE-2023-3268.json) (`2023-06-26T15:25:20.910`) -* [CVE-2023-32221](CVE-2023/CVE-2023-322xx/CVE-2023-32221.json) (`2023-06-26T15:43:42.757`) +* [CVE-2023-30764](CVE-2023/CVE-2023-307xx/CVE-2023-30764.json) (`2023-06-26T17:34:50.173`) +* [CVE-2023-30762](CVE-2023/CVE-2023-307xx/CVE-2023-30762.json) (`2023-06-26T17:35:00.037`) +* [CVE-2023-31238](CVE-2023/CVE-2023-312xx/CVE-2023-31238.json) (`2023-06-26T17:39:56.593`) +* [CVE-2023-30901](CVE-2023/CVE-2023-309xx/CVE-2023-30901.json) (`2023-06-26T17:40:32.183`) +* [CVE-2023-30897](CVE-2023/CVE-2023-308xx/CVE-2023-30897.json) (`2023-06-26T17:41:04.607`) +* [CVE-2023-2876](CVE-2023/CVE-2023-28xx/CVE-2023-2876.json) (`2023-06-26T17:42:06.570`) +* [CVE-2023-35783](CVE-2023/CVE-2023-357xx/CVE-2023-35783.json) (`2023-06-26T17:43:07.100`) +* [CVE-2023-35782](CVE-2023/CVE-2023-357xx/CVE-2023-35782.json) (`2023-06-26T17:43:26.517`) +* [CVE-2023-2831](CVE-2023/CVE-2023-28xx/CVE-2023-2831.json) (`2023-06-26T17:44:34.770`) +* [CVE-2023-2797](CVE-2023/CVE-2023-27xx/CVE-2023-2797.json) (`2023-06-26T17:45:05.103`) +* [CVE-2023-2793](CVE-2023/CVE-2023-27xx/CVE-2023-2793.json) (`2023-06-26T17:45:53.867`) +* [CVE-2023-2792](CVE-2023/CVE-2023-27xx/CVE-2023-2792.json) (`2023-06-26T17:46:13.157`) +* [CVE-2023-2785](CVE-2023/CVE-2023-27xx/CVE-2023-2785.json) (`2023-06-26T17:46:23.620`) +* [CVE-2023-2791](CVE-2023/CVE-2023-27xx/CVE-2023-2791.json) (`2023-06-26T17:46:48.767`) +* [CVE-2023-2788](CVE-2023/CVE-2023-27xx/CVE-2023-2788.json) (`2023-06-26T17:47:39.027`) +* [CVE-2023-35848](CVE-2023/CVE-2023-358xx/CVE-2023-35848.json) (`2023-06-26T17:47:59.917`) +* [CVE-2023-2787](CVE-2023/CVE-2023-27xx/CVE-2023-2787.json) (`2023-06-26T17:48:14.170`) +* [CVE-2023-2786](CVE-2023/CVE-2023-27xx/CVE-2023-2786.json) (`2023-06-26T17:48:28.750`) +* [CVE-2023-34157](CVE-2023/CVE-2023-341xx/CVE-2023-34157.json) (`2023-06-26T17:49:44.913`) +* [CVE-2023-34154](CVE-2023/CVE-2023-341xx/CVE-2023-34154.json) (`2023-06-26T17:51:03.840`) +* [CVE-2023-25306](CVE-2023/CVE-2023-253xx/CVE-2023-25306.json) (`2023-06-26T17:51:24.007`) +* [CVE-2023-25307](CVE-2023/CVE-2023-253xx/CVE-2023-25307.json) (`2023-06-26T17:51:24.007`) +* [CVE-2023-36301](CVE-2023/CVE-2023-363xx/CVE-2023-36301.json) (`2023-06-26T17:51:24.007`) +* [CVE-2023-3308](CVE-2023/CVE-2023-33xx/CVE-2023-3308.json) (`2023-06-26T17:55:21.777`) +* [CVE-2023-35849](CVE-2023/CVE-2023-358xx/CVE-2023-35849.json) (`2023-06-26T17:57:17.280`) ## Download and Usage