admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-12T09:00:24.398886+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-12 09:00:28 +00:00
parent 1fb2bc7490
commit d1868e17e2
49 changed files with 524 additions and 263 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
CVE-2023/CVE-2023-264xx/CVE-2023-26427.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26427",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-06-20T08:15:09.073",
"lastModified": "2023-07-07T14:31:30.563",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:39.610",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -122,11 +122,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com",
"tags": [
"Third Party Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26428.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26428",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-06-20T08:15:09.163",
"lastModified": "2023-07-07T18:27:11.337",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:39.950",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -129,11 +129,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com",
"tags": [
"Third Party Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26429.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26429",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-06-20T08:15:09.230",
"lastModified": "2023-07-07T18:39:40.127",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:40.080",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -129,11 +129,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com",
"tags": [
"Third Party Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf",

15
CVE-2023/CVE-2023-264xx/CVE-2023-26430.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-26430",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-08-02T13:15:10.217",
"lastModified": "2023-08-08T13:58:19.070",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:40.210",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Attackers with access to user accounts can inject arbitrary control characters to SIEVE mail-filter rules. This could be abused to access SIEVE extension that are not allowed by App Suite or to inject rules which would break per-user filter processing, requiring manual cleanup of such rules. We have added sanitization to all mail-filter APIs to avoid forwardning control characters to subsystems. No publicly available exploits are known.\n\n"
},
{
"lang": "es",
"value": "Los atacantes con acceso a cuentas de usuario pueden inyectar caracteres de control arbitrarios a las reglas del filtro de correo SIEVE. Esto podr\u00eda ser abusado para acceder a extensiones de SIEVE que no est\u00e1n permitidas por App Suite o para inyectar reglas que romper\u00edan el procesamiento de filtros por usuario, requiriendo la limpieza manual de dichas reglas. Se han a\u00f1adido desinfecci\u00f3n a todas las API del filtro de correo para evitar el reenv\u00edo de caracteres de control a los subsistemas. No se conocen exploits disponibles p\u00fablicamente. "
}
],
"metrics": {
@ -116,11 +120,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26431.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26431",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-06-20T08:15:09.297",
"lastModified": "2023-07-07T18:40:28.863",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:40.353",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -129,11 +129,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com",
"tags": [
"Third Party Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26432.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26432",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-06-20T08:15:09.360",
"lastModified": "2023-07-06T20:05:13.003",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:40.477",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -129,11 +129,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com",
"tags": [
"Third Party Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26433.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26433",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-06-20T08:15:09.427",
"lastModified": "2023-07-06T15:02:24.290",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:40.610",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -129,11 +129,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com",
"tags": [
"Third Party Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26434.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26434",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-06-20T08:15:09.487",
"lastModified": "2023-07-06T19:55:47.750",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:40.737",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -122,11 +122,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com",
"tags": [
"Third Party Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26435.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26435",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-06-20T08:15:09.547",
"lastModified": "2023-07-06T16:52:41.247",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:40.867",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -122,11 +122,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com",
"tags": [
"Third Party Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26436.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26436",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-06-20T08:15:09.607",
"lastModified": "2023-07-06T18:29:42.787",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:41.010",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -122,11 +122,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com",
"tags": [
"Third Party Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf",

15
CVE-2023/CVE-2023-264xx/CVE-2023-26438.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-26438",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-08-02T13:15:10.323",
"lastModified": "2023-08-07T18:29:51.373",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:41.150",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "External service lookups for a number of protocols were vulnerable to a time-of-check/time-of-use (TOCTOU) weakness, involving the JDK DNS cache. Attackers that were timing DNS cache expiry correctly were able to inject configuration that would bypass existing network deny-lists. Attackers could exploit this weakness to discover the existence of restricted network infrastructure and service availability. Improvements were made to include deny-lists not only during the check of the provided connection data, but also during use. No publicly available exploits are known.\n\n"
},
{
"lang": "es",
"value": "Las b\u00fasquedas de servicios externos para una serie de protocolos eran vulnerables a una debilidad de condici\u00f3n de carrera de tiempo de comprobaci\u00f3n/tiempo de uso (TOCTOU), que afectaba a JDK DNS Cache. Los atacantes que sincronizaban correctamente la expiraci\u00f3n de la cach\u00e9 DNS pod\u00edan inyectar una configuraci\u00f3n que elud\u00eda las listas de denegaci\u00f3n de red existentes. Los atacantes pod\u00edan explotar esta debilidad para descubrir la existencia de una infraestructura de red restringida y la disponibilidad del servicio. Se introdujeron mejoras para incluir de denegaci\u00f3n no s\u00f3lo durante la comprobaci\u00f3n de los datos de conexi\u00f3n proporcionados, sino tambi\u00e9n durante el uso. No se conocen exploits disponibles p\u00fablicamente. "
}
],
"metrics": {
@ -120,11 +124,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf",

15
CVE-2023/CVE-2023-264xx/CVE-2023-26439.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-26439",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-08-02T13:15:10.403",
"lastModified": "2023-08-08T18:24:52.587",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:41.267",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The cacheservice API could be abused to inject parameters with SQL syntax which was insufficiently sanitized before getting executed as SQL statement. Attackers with access to a local or restricted network were able to perform arbitrary SQL queries, discovering other users cached data. We have improved the input check for API calls and filter for potentially malicious content. No publicly available exploits are known.\n\n"
},
{
"lang": "es",
"value": "Se pod\u00eda abusar de la API de Cache Service para inyectar par\u00e1metros con sintaxis SQL que no estaba suficientemente sanitizada antes de ejecutarse como sentencia SQL. Los atacantes con acceso a una red local o restringida pod\u00edan realizar consultas SQL arbitrarias, descubriendo los datos almacenados en cach\u00e9 de otros usuarios. Se ha mejorado la comprobaci\u00f3n de entrada de las llamadas a la API y el filtro de contenido potencialmente malicioso. No se conocen exploits disponibles p\u00fablicamente. "
}
],
"metrics": {
@ -112,11 +116,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf",

15
CVE-2023/CVE-2023-264xx/CVE-2023-26440.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-26440",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-08-02T13:15:10.483",
"lastModified": "2023-08-08T18:18:52.107",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:41.397",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The cacheservice API could be abused to indirectly inject parameters with SQL syntax which was insufficiently sanitized and would later be executed when creating new cache groups. Attackers with access to a local or restricted network could perform arbitrary SQL queries. We have improved the input check for API calls and filter for potentially malicious content. No publicly available exploits are known.\n\n"
},
{
"lang": "es",
"value": "Se pod\u00eda abusar de la API de Cache Service para inyectar indirectamente par\u00e1metros con sintaxis SQL que no estaban suficientemente sanitizados y que posteriormente se ejecutaban al crear nuevos grupos de cach\u00e9. Los atacantes con acceso a una red local o restringida pod\u00edan realizar consultas SQL arbitrarias. Se ha mejorado la comprobaci\u00f3n de entrada de las llamadas a la API y el filtro de contenido potencialmente malicioso. No se conocen exploits disponibles p\u00fablicamente. "
}
],
"metrics": {
@ -112,11 +116,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26441.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26441",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-08-02T13:15:10.563",
"lastModified": "2023-08-08T17:21:21.010",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:41.510",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -112,11 +112,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26442.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26442",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-08-02T13:15:10.640",
"lastModified": "2023-08-08T17:03:41.153",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:41.630",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -112,11 +112,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26443.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26443",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-08-02T13:15:10.720",
"lastModified": "2023-08-07T18:27:58.097",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:41.757",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -119,11 +119,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26445.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26445",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-08-02T13:15:10.797",
"lastModified": "2023-08-07T18:19:55.667",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:41.920",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -112,11 +112,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26446.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26446",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-08-02T13:15:10.877",
"lastModified": "2023-08-07T18:14:07.400",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:42.043",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -119,11 +119,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26447.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26447",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-08-02T13:15:10.947",
"lastModified": "2023-08-07T18:12:33.973",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:42.157",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -112,11 +112,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26448.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26448",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-08-02T13:15:11.017",
"lastModified": "2023-08-07T15:43:37.967",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:42.273",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -112,11 +112,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26449.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26449",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-08-02T13:15:11.090",
"lastModified": "2023-08-07T15:59:57.820",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:42.387",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -112,11 +112,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26450.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26450",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-08-02T13:15:11.160",
"lastModified": "2023-08-07T16:42:30.740",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:42.500",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -112,11 +112,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26451.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26451",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-08-02T13:15:11.233",
"lastModified": "2023-08-07T17:00:05.820",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T07:15:08.497",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -112,11 +112,8 @@
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26452.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26452",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-11-02T14:15:10.647",
"lastModified": "2023-11-09T19:26:04.847",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T07:15:08.973",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -310,11 +310,8 @@
],
"references": [
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0004.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0004.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6243_7.10.6_2023-08-01.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26453.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26453",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-11-02T14:15:10.737",
"lastModified": "2023-11-09T19:25:55.133",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T07:15:09.143",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -310,11 +310,8 @@
],
"references": [
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0004.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0004.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6243_7.10.6_2023-08-01.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26454.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26454",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-11-02T14:15:10.807",
"lastModified": "2023-11-09T19:25:39.363",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:42.613",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -310,11 +310,8 @@
],
"references": [
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0004.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0004.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6243_7.10.6_2023-08-01.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26455.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26455",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-11-02T14:15:10.873",
"lastModified": "2023-11-09T19:23:17.540",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:42.813",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -310,11 +310,8 @@
],
"references": [
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0004.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0004.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6243_7.10.6_2023-08-01.pdf",

11
CVE-2023/CVE-2023-264xx/CVE-2023-26456.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26456",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-11-02T14:15:10.940",
"lastModified": "2023-11-09T19:22:59.320",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T08:15:42.977",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -120,11 +120,8 @@
],
"references": [
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0004.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0004.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6243_7.10.6_2023-08-01.pdf",

11
CVE-2023/CVE-2023-290xx/CVE-2023-29043.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29043",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-11-02T14:15:11.017",
"lastModified": "2023-11-09T19:20:48.983",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T07:15:09.300",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -310,11 +310,8 @@
],
"references": [
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0004.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0004.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6243_7.10.6_2023-08-01.pdf",

11
CVE-2023/CVE-2023-290xx/CVE-2023-29044.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29044",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-11-02T14:15:11.087",
"lastModified": "2023-11-09T19:20:35.780",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T07:15:09.457",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -310,11 +310,8 @@
],
"references": [
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0004.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0004.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6243_7.10.6_2023-08-01.pdf",

11
CVE-2023/CVE-2023-290xx/CVE-2023-29045.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29045",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-11-02T14:15:11.153",
"lastModified": "2023-11-09T19:20:22.917",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T07:15:09.593",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -310,11 +310,8 @@
],
"references": [
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0004.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0004.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6243_7.10.6_2023-08-01.pdf",

11
CVE-2023/CVE-2023-290xx/CVE-2023-29046.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29046",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-11-02T14:15:11.217",
"lastModified": "2023-11-09T19:17:56.267",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T07:15:09.733",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -310,11 +310,8 @@
],
"references": [
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0004.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0004.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6243_7.10.6_2023-08-01.pdf",

11
CVE-2023/CVE-2023-290xx/CVE-2023-29047.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29047",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-11-02T14:15:11.280",
"lastModified": "2023-11-09T18:40:13.127",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-12T07:15:10.193",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -310,11 +310,8 @@
],
"references": [
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0004.json",
"source": "security@open-xchange.com",
"tags": [
"Vendor Advisory"
]
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0004.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6243_7.10.6_2023-08-01.pdf",

6
CVE-2023/CVE-2023-290xx/CVE-2023-29048.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29048",
"sourceIdentifier": "security@open-xchange.com",
"published": "2024-01-08T09:15:19.893",
"lastModified": "2024-01-09T18:15:45.330",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-12T07:15:10.673",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
@ -60,7 +60,7 @@
"source": "security@open-xchange.com"
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0005.json",
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0005.json",
"source": "security@open-xchange.com"
},
{

6
CVE-2023/CVE-2023-290xx/CVE-2023-29049.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29049",
"sourceIdentifier": "security@open-xchange.com",
"published": "2024-01-08T09:15:20.120",
"lastModified": "2024-01-09T18:15:45.420",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-12T07:15:11.103",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
@ -60,7 +60,7 @@
"source": "security@open-xchange.com"
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0005.json",
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0005.json",
"source": "security@open-xchange.com"
},
{

6
CVE-2023/CVE-2023-290xx/CVE-2023-29050.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29050",
"sourceIdentifier": "security@open-xchange.com",
"published": "2024-01-08T09:15:20.300",
"lastModified": "2024-01-09T18:15:45.493",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-12T07:15:11.240",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
@ -60,7 +60,7 @@
"source": "security@open-xchange.com"
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0005.json",
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0005.json",
"source": "security@open-xchange.com"
},
{

6
CVE-2023/CVE-2023-290xx/CVE-2023-29051.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29051",
"sourceIdentifier": "security@open-xchange.com",
"published": "2024-01-08T09:15:20.480",
"lastModified": "2024-01-09T18:15:45.567",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-12T07:15:11.360",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
@ -60,7 +60,7 @@
"source": "security@open-xchange.com"
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0006.json",
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0006.json",
"source": "security@open-xchange.com"
},
{

6
CVE-2023/CVE-2023-290xx/CVE-2023-29052.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29052",
"sourceIdentifier": "security@open-xchange.com",
"published": "2024-01-08T09:15:20.680",
"lastModified": "2024-01-09T18:15:45.650",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-12T07:15:11.477",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
@ -60,7 +60,7 @@
"source": "security@open-xchange.com"
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0006.json",
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0006.json",
"source": "security@open-xchange.com"
},
{

55
CVE-2023/CVE-2023-312xx/CVE-2023-31211.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-31211",
"sourceIdentifier": "security@checkmk.com",
"published": "2024-01-12T08:15:43.137",
"lastModified": "2024-01-12T08:15:43.137",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Insufficient authentication flow in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0.0p39 allows attacker to use locked credentials"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@checkmk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security@checkmk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-691"
}
]
}
],
"references": [
{
"url": "https://checkmk.com/werk/16227",
"source": "security@checkmk.com"
}
]
}

43
CVE-2023/CVE-2023-340xx/CVE-2023-34061.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-34061",
"sourceIdentifier": "security@vmware.com",
"published": "2024-01-12T07:15:11.747",
"lastModified": "2024-01-12T07:15:11.747",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cloud Foundry routing release versions from v0.163.0 to v0.283.0 are vulnerable to a DOS attack. An unauthenticated attacker can use this vulnerability to force route pruning and therefore degrade the service availability of the Cloud Foundry deployment.\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@vmware.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://www.cloudfoundry.org/blog/cve-2023-34061-gorouter-route-pruning/",
"source": "security@vmware.com"
}
]
}

24
CVE-2023/CVE-2023-371xx/CVE-2023-37117.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-37117",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-12T07:15:12.077",
"lastModified": "2024-01-12T07:15:12.077",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A heap-use-after-free vulnerability was found in live555 version 2023.05.10 while handling the SETUP."
}
],
"metrics": {},
"references": [
{
"url": "http://lists.live555.com/pipermail/live-devel/2023-June/022331.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.live555.com/liveMedia/public/changelog.txt",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-403xx/CVE-2023-40362.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-40362",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-12T08:15:43.467",
"lastModified": "2024-01-12T08:15:43.467",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in CentralSquare Click2Gov Building Permit before October 2023. Lack of access control protections allows remote attackers to arbitrarily delete the contractors from any user's account when the user ID and contractor information is known."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/ally-petitt/CVE-2023-40362",
"source": "cve@mitre.org"
},
{
"url": "https://www.classaction.org/news/centralsquare-hit-with-class-action-over-2017-2018-click2gov-data-breach",
"source": "cve@mitre.org"
}
]
}

6
CVE-2023/CVE-2023-417xx/CVE-2023-41710.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41710",
"sourceIdentifier": "security@open-xchange.com",
"published": "2024-01-08T09:15:20.883",
"lastModified": "2024-01-09T18:15:46.650",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-12T07:15:12.140",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
@ -60,7 +60,7 @@
"source": "security@open-xchange.com"
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0006.json",
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0006.json",
"source": "security@open-xchange.com"
},
{

20
CVE-2023/CVE-2023-509xx/CVE-2023-50919.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-50919",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-12T08:15:43.533",
"lastModified": "2024-01-12T08:15:43.533",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on GL.iNet devices before version 4.5.0. There is an NGINX authentication bypass via Lua string pattern matching. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR300M 4.3.7, and B1300 4.3.7."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Authentication-bypass.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-509xx/CVE-2023-50920.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-50920",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-12T08:15:43.590",
"lastModified": "2024-01-12T08:15:43.590",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on GL.iNet devices before version 4.5.0. They assign the same session ID after each user reboot, allowing attackers to share session identifiers between different sessions and bypass authentication or access control measures. Attackers can impersonate legitimate users or perform unauthorized actions. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR300M 4.3.7, and B1300 4.3.7."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Authentication-bypass-seesion-ID.md",
"source": "cve@mitre.org"
}
]
}

55
CVE-2023/CVE-2023-67xx/CVE-2023-6735.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-6735",
"sourceIdentifier": "security@checkmk.com",
"published": "2024-01-12T08:15:43.650",
"lastModified": "2024-01-12T08:15:43.650",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Privilege escalation in mk_tsm agent plugin in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0.0p39 allows local user to escalate privileges"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@checkmk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security@checkmk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://checkmk.com/werk/16273",
"source": "security@checkmk.com"
}
]
}

55
CVE-2023/CVE-2023-67xx/CVE-2023-6740.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-6740",
"sourceIdentifier": "security@checkmk.com",
"published": "2024-01-12T08:15:43.920",
"lastModified": "2024-01-12T08:15:43.920",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Privilege escalation in jar_signature agent plugin in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0.0p39 allows local user to escalate privileges"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@checkmk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security@checkmk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"references": [
{
"url": "https://checkmk.com/werk/16163",
"source": "security@checkmk.com"
}
]
}

24
CVE-2024/CVE-2024-220xx/CVE-2024-22027.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-22027",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-01-12T07:15:12.243",
"lastModified": "2024-01-12T07:15:12.243",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper input validation vulnerability in WordPress Quiz Maker Plugin prior to 6.5.0.6 allows a remote authenticated attacker to perform a Denial of Service (DoS) attack against external services."
}
],
"metrics": {},
"references": [
{
"url": "https://jvn.jp/en/jp/JVN37326856/",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://wordpress.org/plugins/quiz-maker/",
"source": "vultures@jpcert.or.jp"
}
]
}

52
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-01-12T07:00:24.235912+00:00
2024-01-12T09:00:24.398886+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-01-12T06:15:47.383000+00:00
2024-01-12T08:15:43.920000+00:00
```
### Last Data Feed Release
@ -29,29 +29,53 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
235725
235734
```
### CVEs added in the last Commit
Recently added CVEs: `9`
* [CVE-2022-4961](CVE-2022/CVE-2022-49xx/CVE-2022-4961.json) (`2024-01-12T05:15:09.263`)
* [CVE-2024-23171](CVE-2024/CVE-2024-231xx/CVE-2024-23171.json) (`2024-01-12T05:15:10.033`)
* [CVE-2024-23172](CVE-2024/CVE-2024-231xx/CVE-2024-23172.json) (`2024-01-12T05:15:10.187`)
* [CVE-2024-23173](CVE-2024/CVE-2024-231xx/CVE-2024-23173.json) (`2024-01-12T05:15:10.237`)
* [CVE-2024-23174](CVE-2024/CVE-2024-231xx/CVE-2024-23174.json) (`2024-01-12T05:15:10.387`)
* [CVE-2024-0393](CVE-2024/CVE-2024-03xx/CVE-2024-0393.json) (`2024-01-12T06:15:47.157`)
* [CVE-2024-23177](CVE-2024/CVE-2024-231xx/CVE-2024-23177.json) (`2024-01-12T06:15:47.297`)
* [CVE-2024-23178](CVE-2024/CVE-2024-231xx/CVE-2024-23178.json) (`2024-01-12T06:15:47.337`)
* [CVE-2024-23179](CVE-2024/CVE-2024-231xx/CVE-2024-23179.json) (`2024-01-12T06:15:47.383`)
* [CVE-2023-34061](CVE-2023/CVE-2023-340xx/CVE-2023-34061.json) (`2024-01-12T07:15:11.747`)
* [CVE-2023-37117](CVE-2023/CVE-2023-371xx/CVE-2023-37117.json) (`2024-01-12T07:15:12.077`)
* [CVE-2023-31211](CVE-2023/CVE-2023-312xx/CVE-2023-31211.json) (`2024-01-12T08:15:43.137`)
* [CVE-2023-40362](CVE-2023/CVE-2023-403xx/CVE-2023-40362.json) (`2024-01-12T08:15:43.467`)
* [CVE-2023-50919](CVE-2023/CVE-2023-509xx/CVE-2023-50919.json) (`2024-01-12T08:15:43.533`)
* [CVE-2023-50920](CVE-2023/CVE-2023-509xx/CVE-2023-50920.json) (`2024-01-12T08:15:43.590`)
* [CVE-2023-6735](CVE-2023/CVE-2023-67xx/CVE-2023-6735.json) (`2024-01-12T08:15:43.650`)
* [CVE-2023-6740](CVE-2023/CVE-2023-67xx/CVE-2023-6740.json) (`2024-01-12T08:15:43.920`)
* [CVE-2024-22027](CVE-2024/CVE-2024-220xx/CVE-2024-22027.json) (`2024-01-12T07:15:12.243`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `39`
* [CVE-2023-50570](CVE-2023/CVE-2023-505xx/CVE-2023-50570.json) (`2024-01-12T06:15:46.980`)
* [CVE-2023-26427](CVE-2023/CVE-2023-264xx/CVE-2023-26427.json) (`2024-01-12T08:15:39.610`)
* [CVE-2023-26428](CVE-2023/CVE-2023-264xx/CVE-2023-26428.json) (`2024-01-12T08:15:39.950`)
* [CVE-2023-26429](CVE-2023/CVE-2023-264xx/CVE-2023-26429.json) (`2024-01-12T08:15:40.080`)
* [CVE-2023-26430](CVE-2023/CVE-2023-264xx/CVE-2023-26430.json) (`2024-01-12T08:15:40.210`)
* [CVE-2023-26431](CVE-2023/CVE-2023-264xx/CVE-2023-26431.json) (`2024-01-12T08:15:40.353`)
* [CVE-2023-26432](CVE-2023/CVE-2023-264xx/CVE-2023-26432.json) (`2024-01-12T08:15:40.477`)
* [CVE-2023-26433](CVE-2023/CVE-2023-264xx/CVE-2023-26433.json) (`2024-01-12T08:15:40.610`)
* [CVE-2023-26434](CVE-2023/CVE-2023-264xx/CVE-2023-26434.json) (`2024-01-12T08:15:40.737`)
* [CVE-2023-26435](CVE-2023/CVE-2023-264xx/CVE-2023-26435.json) (`2024-01-12T08:15:40.867`)
* [CVE-2023-26436](CVE-2023/CVE-2023-264xx/CVE-2023-26436.json) (`2024-01-12T08:15:41.010`)
* [CVE-2023-26438](CVE-2023/CVE-2023-264xx/CVE-2023-26438.json) (`2024-01-12T08:15:41.150`)
* [CVE-2023-26439](CVE-2023/CVE-2023-264xx/CVE-2023-26439.json) (`2024-01-12T08:15:41.267`)
* [CVE-2023-26440](CVE-2023/CVE-2023-264xx/CVE-2023-26440.json) (`2024-01-12T08:15:41.397`)
* [CVE-2023-26441](CVE-2023/CVE-2023-264xx/CVE-2023-26441.json) (`2024-01-12T08:15:41.510`)
* [CVE-2023-26442](CVE-2023/CVE-2023-264xx/CVE-2023-26442.json) (`2024-01-12T08:15:41.630`)
* [CVE-2023-26443](CVE-2023/CVE-2023-264xx/CVE-2023-26443.json) (`2024-01-12T08:15:41.757`)
* [CVE-2023-26445](CVE-2023/CVE-2023-264xx/CVE-2023-26445.json) (`2024-01-12T08:15:41.920`)
* [CVE-2023-26446](CVE-2023/CVE-2023-264xx/CVE-2023-26446.json) (`2024-01-12T08:15:42.043`)
* [CVE-2023-26447](CVE-2023/CVE-2023-264xx/CVE-2023-26447.json) (`2024-01-12T08:15:42.157`)
* [CVE-2023-26448](CVE-2023/CVE-2023-264xx/CVE-2023-26448.json) (`2024-01-12T08:15:42.273`)
* [CVE-2023-26449](CVE-2023/CVE-2023-264xx/CVE-2023-26449.json) (`2024-01-12T08:15:42.387`)
* [CVE-2023-26450](CVE-2023/CVE-2023-264xx/CVE-2023-26450.json) (`2024-01-12T08:15:42.500`)
* [CVE-2023-26454](CVE-2023/CVE-2023-264xx/CVE-2023-26454.json) (`2024-01-12T08:15:42.613`)
* [CVE-2023-26455](CVE-2023/CVE-2023-264xx/CVE-2023-26455.json) (`2024-01-12T08:15:42.813`)
* [CVE-2023-26456](CVE-2023/CVE-2023-264xx/CVE-2023-26456.json) (`2024-01-12T08:15:42.977`)
## Download and Usage