admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-11 16:13:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-06-14T18:00:28.314661+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-06-14 18:00:31 +00:00
parent b5343aa2c6
commit d36469d684
29 changed files with 1413 additions and 138 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
CVE-2021/CVE-2021-43xx/CVE-2021-4348.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4348",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:13.607",
"lastModified": "2023-06-07T02:44:59.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T16:02:25.853",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,14 +76,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:createit:ultimate_gdpr_\\&_ccpa_compliance_toolkit:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.5",
"matchCriteriaId": "A3A4EEFE-C90F-4CC0-8701-E200B18A1282"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/critical-vulnerability-in-wordpress-ultimate-gdpr-ccpa-compliance-toolkit-plugin/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/40e2e8fb-ea36-4602-bead-8daf75d6dfb9?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2021/CVE-2021-43xx/CVE-2021-4358.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4358",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:14.170",
"lastModified": "2023-06-07T02:44:53.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T17:53:02.130",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +76,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:legalweb:wp_dsgvo_tools:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.1.24",
"matchCriteriaId": "67A9BB39-09D3-4E95-B979-1C119B59909A"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/wordpress-wp-dsgvo-tools-gdpr-plugin-patched-vulnerability-actively-exploited/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://wordpress.org/support/topic/weiterleitung-redirects/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6c18ab1b-02f1-4679-8cff-679d98dc9f4a?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2021/CVE-2021-43xx/CVE-2021-4366.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4366",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:14.660",
"lastModified": "2023-06-07T02:44:53.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T17:48:30.860",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +76,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:magazine3:pwa_for_wp_\\&_amp:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.7.33",
"matchCriteriaId": "4FCFE3DF-9457-4215-814B-E147873A0C1C"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/wordpress-pwa-for-wp-and-amp-plugin-fixed-vulnerabilities/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://wpscan.com/vulnerability/b38a51d7-375e-4cca-88ba-ccab796ac134",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a9892dd1-3939-41a9-a828-fa1bf7d96eb8?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

20
CVE-2022/CVE-2022-316xx/CVE-2022-31640.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-31640",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-06-14T17:15:08.893",
"lastModified": "2023-06-14T17:15:08.893",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure."
}
],
"metrics": {},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_6662920-6662944-16/hpsbhf03805",
"source": "hp-security-alert@hp.com"
}
]
}

20
CVE-2022/CVE-2022-316xx/CVE-2022-31641.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-31641",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-06-14T17:15:08.943",
"lastModified": "2023-06-14T17:15:08.943",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure."
}
],
"metrics": {},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_6662920-6662944-16/hpsbhf03805",
"source": "hp-security-alert@hp.com"
}
]
}

20
CVE-2022/CVE-2022-316xx/CVE-2022-31642.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-31642",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-06-14T17:15:08.987",
"lastModified": "2023-06-14T17:15:08.987",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure."
}
],
"metrics": {},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_6662920-6662944-16/hpsbhf03805",
"source": "hp-security-alert@hp.com"
}
]
}

55
CVE-2023/CVE-2023-00xx/CVE-2023-0009.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-0009",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2023-06-14T17:15:09.043",
"lastModified": "2023-06-14T17:15:09.043",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local service account or user with token impersonation privileges to execute programs with elevated privileges."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-807"
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2023-0009",
"source": "psirt@paloaltonetworks.com"
}
]
}

55
CVE-2023/CVE-2023-00xx/CVE-2023-0010.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-0010",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2023-06-14T17:15:09.127",
"lastModified": "2023-06-14T17:15:09.127",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software can allow a JavaScript payload to be executed in the context of an authenticated Captive Portal user\u2019s browser when they click on a specifically crafted link.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2023-0010",
"source": "psirt@paloaltonetworks.com"
}
]
}

57
CVE-2023/CVE-2023-07xx/CVE-2023-0729.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0729",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-09T06:15:53.810",
"lastModified": "2023-06-09T13:03:43.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T17:58:43.697",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +66,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wickedplugins:wicked_folders:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.18.16",
"matchCriteriaId": "E2A772F1-2D99-4A55-9535-EBADFBF75641"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wicked-folders/tags/2.18.16/lib/class-wicked-folders-ajax.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2860994%40wicked-folders%2Ftrunk&old=2805161%40wicked-folders%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ae8dbf54-ea62-4901-b34f-079b708ca0b5?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-08xx/CVE-2023-0831.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0831",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-09T06:15:54.140",
"lastModified": "2023-06-09T13:03:43.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T17:53:15.107",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,14 +66,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webfactoryltd:under_construction:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.96",
"matchCriteriaId": "41007D1F-1E3C-4994-8ED1-8F85FA8EE63C"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/under-construction-page/trunk/under-construction.php?rev=2848705#L901",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/031a1203-6b0d-453b-be8a-12e7f55cb401?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-08xx/CVE-2023-0832.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0832",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-09T06:15:54.510",
"lastModified": "2023-06-09T13:03:43.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T17:52:12.437",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,14 +66,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webfactoryltd:under_construction:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.96",
"matchCriteriaId": "41007D1F-1E3C-4994-8ED1-8F85FA8EE63C"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/under-construction-page/trunk/under-construction.php?rev=2848705#L2389",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4fa84388-3597-4a54-9ae8-d6e04afe9061?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-253xx/CVE-2023-25367.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-25367",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T17:15:09.193",
"lastModified": "2023-06-14T17:15:09.193",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Siglent SDS 1104X-E SDS1xx4X-E_V6.1.37R9.ADS allows unfiltered user input resulting in Remote Code Execution (RCE) with SCPI interface or web server."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/BretMcDanel/CVE/blob/main/CVE-2023-25367.md",
"source": "cve@mitre.org"
},
{
"url": "https://siglent.com",
"source": "cve@mitre.org"
}
]
}

8
CVE-2023/CVE-2023-274xx/CVE-2023-27476.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27476",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-03-08T00:15:08.997",
"lastModified": "2023-03-15T12:48:04.827",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-14T16:15:20.153",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -105,6 +105,10 @@
"tags": [
"Broken Link"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5426",
"source": "security-advisories@github.com"
}
]
}

10
CVE-2023/CVE-2023-30xx/CVE-2023-3065.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-3065",
"sourceIdentifier": "vulnerability@ncsc.ch",
"published": "2023-06-05T09:15:09.530",
"lastModified": "2023-06-13T17:32:12.733",
"lastModified": "2023-06-14T16:49:24.173",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -17,7 +17,7 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -25,12 +25,12 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
"impactScore": 5.2
},
{
"source": "vulnerability@ncsc.ch",

58
CVE-2023/CVE-2023-30xx/CVE-2023-3066.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3066",
"sourceIdentifier": "vulnerability@ncsc.ch",
"published": "2023-06-05T09:15:09.593",
"lastModified": "2023-06-05T13:02:53.787",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T17:15:44.867",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "vulnerability@ncsc.ch",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
},
{
"source": "vulnerability@ncsc.ch",
"type": "Secondary",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mobatime:amxgt_100:*:*:*:*:*:android:*:*",
"versionEndIncluding": "1.3.20",
"matchCriteriaId": "45B1027A-BEC2-444D-B088-15581FB1CA24"
}
]
}
]
}
],
"references": [
{
"url": "https://borelenzo.github.io/stuff/2023/06/02/cve-2023-3064_65_66.html",
"source": "vulnerability@ncsc.ch"
"source": "vulnerability@ncsc.ch",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-31xx/CVE-2023-3163.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3163",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-08T14:15:15.910",
"lastModified": "2023-06-08T17:08:49.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T16:02:52.813",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -61,8 +83,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -71,18 +103,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ruoyi:ruoyi:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.7.7",
"matchCriteriaId": "68216474-4758-4B9D-8BCA-AFBC22678D80"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/y_project/RuoYi/issues/I78DOR",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.231090",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.231090",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
}
]
}

64
CVE-2023/CVE-2023-336xx/CVE-2023-33652.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-33652",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-06T19:15:12.217",
"lastModified": "2023-06-07T02:45:15.873",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T17:25:10.197",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Sitecore Experience Platform (XP) v9.3 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the component /sitecore/shell/Invoke.aspx."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-470"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sitecore:experience_platform:9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "94E94971-99B7-459A-A0B6-6FDBC397522D"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.assetnote.io/2023/05/10/sitecore-round-two/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-336xx/CVE-2023-33653.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-33653",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-06T19:15:12.287",
"lastModified": "2023-06-07T02:45:15.873",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T17:34:14.437",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Sitecore Experience Platform (XP) v9.3 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the component /Applications/Content%20Manager/Execute.aspx?cmd=convert&mode=HTML."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sitecore:experience_platform:9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "94E94971-99B7-459A-A0B6-6FDBC397522D"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.assetnote.io/2023/05/10/sitecore-round-two/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-336xx/CVE-2023-33657.json
View File

@ -2,27 +2,89 @@
"id": "CVE-2023-33657",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-08T13:15:09.530",
"lastModified": "2023-06-08T17:08:49.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T17:25:26.513",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_mqtt_msg_get_publish_property() in the file mqtt_msg.c. This vulnerability is caused by improper data tracing, and an attacker could exploit it to cause a denial of service attack."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:emqx:nanomq:0.17.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0898CABA-5930-437A-8300-4D91648091F1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/emqx/nanomq",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/emqx/nanomq/issues/1165#issue-1668648319",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://github.com/emqx/nanomq/pull/1187",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
}
]
}

73
CVE-2023/CVE-2023-336xx/CVE-2023-33660.json
View File

@ -2,27 +2,88 @@
"id": "CVE-2023-33660",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-08T12:15:09.347",
"lastModified": "2023-06-08T17:08:49.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T17:45:29.743",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function copyn_str() in the file mqtt_parser.c. An attacker could exploit this vulnerability to cause a denial of service attack."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:emqx:nanomq:0.17.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0898CABA-5930-437A-8300-4D91648091F1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/emqx/nanomq",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/emqx/nanomq/issues/1155",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/nanomq/NanoNNG/pull/509/commits/6815c4036a2344865da393803ecdb7af27d8bde1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
}
]
}

71
CVE-2023/CVE-2023-340xx/CVE-2023-34095.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2023-34095",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-14T17:15:09.243",
"lastModified": "2023-06-14T17:15:09.243",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "cpdb-libs provides frontend and backend libraries for the Common Printing Dialog Backends (CPDB) project. In versions 1.0 through 2.0b4, cpdb-libs is vulnerable to buffer overflows via improper use of `scanf(3)`. cpdb-libs uses the `fscanf()` and `scanf()` functions to parse command lines and configuration files, dropping the read string components into fixed-length buffers, but does not limit the length of the strings to be read by `fscanf()` and `scanf()` causing buffer overflows when a string is longer than 1023 characters. A patch for this issue is available at commit f181bd1f14757c2ae0f17cc76dc20421a40f30b7. As all buffers have a length of 1024 characters, the patch limits the maximum string length to be read to 1023 by replacing all occurrences of `%s` with `%1023s` in all calls of the `fscanf()` and `scanf()` functions.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://github.com/OpenPrinting/cpdb-libs/blob/85555fba64d34f53a2fce099b0488904cc48ed35/cpdb/cpdb-frontend.c#L372",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/OpenPrinting/cpdb-libs/blob/85555fba64d34f53a2fce099b0488904cc48ed35/tools/cpdb-text-frontend.c#L362",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/OpenPrinting/cpdb-libs/blob/85555fba64d34f53a2fce099b0488904cc48ed35/tools/cpdb-text-frontend.c#L453",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/OpenPrinting/cpdb-libs/commit/f181bd1f14757c2ae0f17cc76dc20421a40f30b7",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/OpenPrinting/cpdb-libs/security/advisories/GHSA-25j7-9gfc-f46x",
"source": "security-advisories@github.com"
}
]
}

75
CVE-2023/CVE-2023-345xx/CVE-2023-34567.json
View File

@ -2,19 +2,86 @@
"id": "CVE-2023-34567",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-08T15:15:09.607",
"lastModified": "2023-06-08T17:08:49.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T17:13:19.143",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac10_firmware:us_ac10v4.0si_v16.03.10.13_cn:*:*:*:*:*:*:*",
"matchCriteriaId": "49F9D003-F0EB-4C49-BEA4-C1F3A84D914A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac10:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "970AEBF4-2B32-4633-A75B-2D2C598C048D"
}
]
}
]
}
],
"references": [
{
"url": "https://hackmd.io/@0dayResearch/H1xUqzfHh",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

75
CVE-2023/CVE-2023-345xx/CVE-2023-34568.json
View File

@ -2,19 +2,86 @@
"id": "CVE-2023-34568",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-08T15:15:09.653",
"lastModified": "2023-06-08T17:08:49.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T17:05:04.107",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac10_firmware:us_ac10v4.0si_v16.03.10.13_cn:*:*:*:*:*:*:*",
"matchCriteriaId": "49F9D003-F0EB-4C49-BEA4-C1F3A84D914A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac10:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "970AEBF4-2B32-4633-A75B-2D2C598C048D"
}
]
}
]
}
],
"references": [
{
"url": "https://hackmd.io/@0dayResearch/ryR8IzMH2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

75
CVE-2023/CVE-2023-345xx/CVE-2023-34569.json
View File

@ -2,19 +2,86 @@
"id": "CVE-2023-34569",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-08T15:15:09.697",
"lastModified": "2023-06-08T17:08:49.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T17:10:07.267",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac10_firmware:us_ac10v4.0si_v16.03.10.13_cn:*:*:*:*:*:*:*",
"matchCriteriaId": "49F9D003-F0EB-4C49-BEA4-C1F3A84D914A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac10:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "970AEBF4-2B32-4633-A75B-2D2C598C048D"
}
]
}
]
}
],
"references": [
{
"url": "https://hackmd.io/@0dayResearch/HymuzffSh",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

75
CVE-2023/CVE-2023-345xx/CVE-2023-34570.json
View File

@ -2,19 +2,86 @@
"id": "CVE-2023-34570",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-08T15:15:09.747",
"lastModified": "2023-06-08T17:08:49.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T16:30:12.287",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter devName at /goform/SetOnlineDevName."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac10_firmware:us_ac10v4.0si_v16.03.10.13_cn:*:*:*:*:*:*:*",
"matchCriteriaId": "49F9D003-F0EB-4C49-BEA4-C1F3A84D914A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac10:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "970AEBF4-2B32-4633-A75B-2D2C598C048D"
}
]
}
]
}
],
"references": [
{
"url": "https://hackmd.io/@0dayResearch/S1eI91_l2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

75
CVE-2023/CVE-2023-345xx/CVE-2023-34571.json
View File

@ -2,19 +2,86 @@
"id": "CVE-2023-34571",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-08T15:15:09.793",
"lastModified": "2023-06-08T17:08:49.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T16:30:26.197",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter shareSpeed at /goform/WifiGuestSet."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac10_firmware:us_ac10v4.0si_v16.03.10.13_cn:*:*:*:*:*:*:*",
"matchCriteriaId": "49F9D003-F0EB-4C49-BEA4-C1F3A84D914A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac10:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "970AEBF4-2B32-4633-A75B-2D2C598C048D"
}
]
}
]
}
],
"references": [
{
"url": "https://hackmd.io/@0dayResearch/S1GcUxzSn",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

20
CVE-2023/CVE-2023-348xx/CVE-2023-34867.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-34867",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T16:15:20.277",
"lastModified": "2023-06-14T16:15:20.277",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_property_hashmap_create at jerry-core/ecma/base/ecma-property-hashmap.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/jerryscript-project/jerryscript/issues/5084",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-348xx/CVE-2023-34868.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-34868",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T16:15:20.323",
"lastModified": "2023-06-14T16:15:20.323",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the parser_parse_for_statement_start at jerry-core/parser/js/js-parser-statm.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/jerryscript-project/jerryscript/issues/5083",
"source": "cve@mitre.org"
}
]
}

88
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-06-14T16:00:26.357416+00:00
2023-06-14T18:00:28.314661+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-06-14T15:48:58.753000+00:00
2023-06-14T17:58:43.697000+00:00
```
### Last Data Feed Release
@ -29,69 +29,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
217760
217769
```
### CVEs added in the last Commit
Recently added CVEs: `42`
Recently added CVEs: `9`
* [CVE-2023-32024](CVE-2023/CVE-2023-320xx/CVE-2023-32024.json) (`2023-06-14T15:15:09.893`)
* [CVE-2023-32030](CVE-2023/CVE-2023-320xx/CVE-2023-32030.json) (`2023-06-14T15:15:09.953`)
* [CVE-2023-32031](CVE-2023/CVE-2023-320xx/CVE-2023-32031.json) (`2023-06-14T15:15:10.013`)
* [CVE-2023-34101](CVE-2023/CVE-2023-341xx/CVE-2023-34101.json) (`2023-06-14T15:15:10.073`)
* [CVE-2023-34540](CVE-2023/CVE-2023-345xx/CVE-2023-34540.json) (`2023-06-14T15:15:10.287`)
* [CVE-2023-32465](CVE-2023/CVE-2023-324xx/CVE-2023-32465.json) (`2023-06-14T14:15:09.727`)
* [CVE-2023-34585](CVE-2023/CVE-2023-345xx/CVE-2023-34585.json) (`2023-06-14T14:15:09.800`)
* [CVE-2023-34609](CVE-2023/CVE-2023-346xx/CVE-2023-34609.json) (`2023-06-14T14:15:09.860`)
* [CVE-2023-34610](CVE-2023/CVE-2023-346xx/CVE-2023-34610.json) (`2023-06-14T14:15:09.917`)
* [CVE-2023-34611](CVE-2023/CVE-2023-346xx/CVE-2023-34611.json) (`2023-06-14T14:15:09.960`)
* [CVE-2023-34612](CVE-2023/CVE-2023-346xx/CVE-2023-34612.json) (`2023-06-14T14:15:10.007`)
* [CVE-2023-34613](CVE-2023/CVE-2023-346xx/CVE-2023-34613.json) (`2023-06-14T14:15:10.050`)
* [CVE-2023-34614](CVE-2023/CVE-2023-346xx/CVE-2023-34614.json) (`2023-06-14T14:15:10.100`)
* [CVE-2023-34615](CVE-2023/CVE-2023-346xx/CVE-2023-34615.json) (`2023-06-14T14:15:10.143`)
* [CVE-2023-34616](CVE-2023/CVE-2023-346xx/CVE-2023-34616.json) (`2023-06-14T14:15:10.190`)
* [CVE-2023-34617](CVE-2023/CVE-2023-346xx/CVE-2023-34617.json) (`2023-06-14T14:15:10.233`)
* [CVE-2023-34620](CVE-2023/CVE-2023-346xx/CVE-2023-34620.json) (`2023-06-14T14:15:10.277`)
* [CVE-2023-34623](CVE-2023/CVE-2023-346xx/CVE-2023-34623.json) (`2023-06-14T14:15:10.317`)
* [CVE-2023-34624](CVE-2023/CVE-2023-346xx/CVE-2023-34624.json) (`2023-06-14T14:15:10.360`)
* [CVE-2023-34747](CVE-2023/CVE-2023-347xx/CVE-2023-34747.json) (`2023-06-14T14:15:10.403`)
* [CVE-2023-34750](CVE-2023/CVE-2023-347xx/CVE-2023-34750.json) (`2023-06-14T14:15:10.447`)
* [CVE-2023-34751](CVE-2023/CVE-2023-347xx/CVE-2023-34751.json) (`2023-06-14T14:15:10.490`)
* [CVE-2023-34752](CVE-2023/CVE-2023-347xx/CVE-2023-34752.json) (`2023-06-14T14:15:10.533`)
* [CVE-2023-34753](CVE-2023/CVE-2023-347xx/CVE-2023-34753.json) (`2023-06-14T14:15:10.573`)
* [CVE-2023-34754](CVE-2023/CVE-2023-347xx/CVE-2023-34754.json) (`2023-06-14T14:15:10.617`)
* [CVE-2022-31640](CVE-2022/CVE-2022-316xx/CVE-2022-31640.json) (`2023-06-14T17:15:08.893`)
* [CVE-2022-31641](CVE-2022/CVE-2022-316xx/CVE-2022-31641.json) (`2023-06-14T17:15:08.943`)
* [CVE-2022-31642](CVE-2022/CVE-2022-316xx/CVE-2022-31642.json) (`2023-06-14T17:15:08.987`)
* [CVE-2023-34867](CVE-2023/CVE-2023-348xx/CVE-2023-34867.json) (`2023-06-14T16:15:20.277`)
* [CVE-2023-34868](CVE-2023/CVE-2023-348xx/CVE-2023-34868.json) (`2023-06-14T16:15:20.323`)
* [CVE-2023-0009](CVE-2023/CVE-2023-00xx/CVE-2023-0009.json) (`2023-06-14T17:15:09.043`)
* [CVE-2023-0010](CVE-2023/CVE-2023-00xx/CVE-2023-0010.json) (`2023-06-14T17:15:09.127`)
* [CVE-2023-25367](CVE-2023/CVE-2023-253xx/CVE-2023-25367.json) (`2023-06-14T17:15:09.193`)
* [CVE-2023-34095](CVE-2023/CVE-2023-340xx/CVE-2023-34095.json) (`2023-06-14T17:15:09.243`)
### CVEs modified in the last Commit
Recently modified CVEs: `27`
Recently modified CVEs: `19`
* [CVE-2021-4382](CVE-2021/CVE-2021-43xx/CVE-2021-4382.json) (`2023-06-14T15:43:54.007`)
* [CVE-2023-25177](CVE-2023/CVE-2023-251xx/CVE-2023-25177.json) (`2023-06-14T14:01:14.447`)
* [CVE-2023-31486](CVE-2023/CVE-2023-314xx/CVE-2023-31486.json) (`2023-06-14T14:15:09.607`)
* [CVE-2023-31115](CVE-2023/CVE-2023-311xx/CVE-2023-31115.json) (`2023-06-14T14:20:47.187`)
* [CVE-2023-30576](CVE-2023/CVE-2023-305xx/CVE-2023-30576.json) (`2023-06-14T14:33:16.713`)
* [CVE-2023-0710](CVE-2023/CVE-2023-07xx/CVE-2023-0710.json) (`2023-06-14T14:39:39.980`)
* [CVE-2023-33282](CVE-2023/CVE-2023-332xx/CVE-2023-33282.json) (`2023-06-14T14:46:08.897`)
* [CVE-2023-2541](CVE-2023/CVE-2023-25xx/CVE-2023-2541.json) (`2023-06-14T14:51:56.287`)
* [CVE-2023-30575](CVE-2023/CVE-2023-305xx/CVE-2023-30575.json) (`2023-06-14T14:58:37.320`)
* [CVE-2023-0721](CVE-2023/CVE-2023-07xx/CVE-2023-0721.json) (`2023-06-14T14:58:46.843`)
* [CVE-2023-31116](CVE-2023/CVE-2023-311xx/CVE-2023-31116.json) (`2023-06-14T15:10:20.783`)
* [CVE-2023-34149](CVE-2023/CVE-2023-341xx/CVE-2023-34149.json) (`2023-06-14T15:15:10.147`)
* [CVE-2023-34396](CVE-2023/CVE-2023-343xx/CVE-2023-34396.json) (`2023-06-14T15:15:10.217`)
* [CVE-2023-2986](CVE-2023/CVE-2023-29xx/CVE-2023-2986.json) (`2023-06-14T15:18:04.487`)
* [CVE-2023-3121](CVE-2023/CVE-2023-31xx/CVE-2023-3121.json) (`2023-06-14T15:24:55.380`)
* [CVE-2023-35141](CVE-2023/CVE-2023-351xx/CVE-2023-35141.json) (`2023-06-14T15:30:58.900`)
* [CVE-2023-35142](CVE-2023/CVE-2023-351xx/CVE-2023-35142.json) (`2023-06-14T15:30:58.900`)
* [CVE-2023-35143](CVE-2023/CVE-2023-351xx/CVE-2023-35143.json) (`2023-06-14T15:30:58.900`)
* [CVE-2023-35144](CVE-2023/CVE-2023-351xx/CVE-2023-35144.json) (`2023-06-14T15:30:58.900`)
* [CVE-2023-35145](CVE-2023/CVE-2023-351xx/CVE-2023-35145.json) (`2023-06-14T15:30:58.900`)
* [CVE-2023-35146](CVE-2023/CVE-2023-351xx/CVE-2023-35146.json) (`2023-06-14T15:30:58.900`)
* [CVE-2023-35147](CVE-2023/CVE-2023-351xx/CVE-2023-35147.json) (`2023-06-14T15:30:58.900`)
* [CVE-2023-35148](CVE-2023/CVE-2023-351xx/CVE-2023-35148.json) (`2023-06-14T15:30:58.900`)
* [CVE-2023-35149](CVE-2023/CVE-2023-351xx/CVE-2023-35149.json) (`2023-06-14T15:30:58.900`)
* [CVE-2023-34566](CVE-2023/CVE-2023-345xx/CVE-2023-34566.json) (`2023-06-14T15:48:58.753`)
* [CVE-2021-4348](CVE-2021/CVE-2021-43xx/CVE-2021-4348.json) (`2023-06-14T16:02:25.853`)
* [CVE-2021-4366](CVE-2021/CVE-2021-43xx/CVE-2021-4366.json) (`2023-06-14T17:48:30.860`)
* [CVE-2021-4358](CVE-2021/CVE-2021-43xx/CVE-2021-4358.json) (`2023-06-14T17:53:02.130`)
* [CVE-2023-3163](CVE-2023/CVE-2023-31xx/CVE-2023-3163.json) (`2023-06-14T16:02:52.813`)
* [CVE-2023-27476](CVE-2023/CVE-2023-274xx/CVE-2023-27476.json) (`2023-06-14T16:15:20.153`)
* [CVE-2023-34570](CVE-2023/CVE-2023-345xx/CVE-2023-34570.json) (`2023-06-14T16:30:12.287`)
* [CVE-2023-34571](CVE-2023/CVE-2023-345xx/CVE-2023-34571.json) (`2023-06-14T16:30:26.197`)
* [CVE-2023-3065](CVE-2023/CVE-2023-30xx/CVE-2023-3065.json) (`2023-06-14T16:49:24.173`)
* [CVE-2023-34568](CVE-2023/CVE-2023-345xx/CVE-2023-34568.json) (`2023-06-14T17:05:04.107`)
* [CVE-2023-34569](CVE-2023/CVE-2023-345xx/CVE-2023-34569.json) (`2023-06-14T17:10:07.267`)
* [CVE-2023-34567](CVE-2023/CVE-2023-345xx/CVE-2023-34567.json) (`2023-06-14T17:13:19.143`)
* [CVE-2023-3066](CVE-2023/CVE-2023-30xx/CVE-2023-3066.json) (`2023-06-14T17:15:44.867`)
* [CVE-2023-33652](CVE-2023/CVE-2023-336xx/CVE-2023-33652.json) (`2023-06-14T17:25:10.197`)
* [CVE-2023-33657](CVE-2023/CVE-2023-336xx/CVE-2023-33657.json) (`2023-06-14T17:25:26.513`)
* [CVE-2023-33653](CVE-2023/CVE-2023-336xx/CVE-2023-33653.json) (`2023-06-14T17:34:14.437`)
* [CVE-2023-33660](CVE-2023/CVE-2023-336xx/CVE-2023-33660.json) (`2023-06-14T17:45:29.743`)
* [CVE-2023-0832](CVE-2023/CVE-2023-08xx/CVE-2023-0832.json) (`2023-06-14T17:52:12.437`)
* [CVE-2023-0831](CVE-2023/CVE-2023-08xx/CVE-2023-0831.json) (`2023-06-14T17:53:15.107`)
* [CVE-2023-0729](CVE-2023/CVE-2023-07xx/CVE-2023-0729.json) (`2023-06-14T17:58:43.697`)
## Download and Usage