admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-30T22:00:25.703045+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-05-30 22:00:29 +00:00
parent 7eaa1daa2e
commit d791824d9c
56 changed files with 6993 additions and 141 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
CVE-2022/CVE-2022-362xx/CVE-2022-36243.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2022-36243",
"sourceIdentifier": "support@shopbeat.co.za",
"published": "2023-05-30T20:15:09.587",
"lastModified": "2023-05-30T21:10:07.833",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Shop Beat Solutions (pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Directory Traversal via server.shopbeat.co.za. Information Exposure Through Directory Listing vulnerability in \"studio\" software of Shop Beat. This issue affects: Shop Beat studio studio versions prior to 3.2.57 on arm."
}
],
"metrics": {},
"weaknesses": [
{
"source": "support@shopbeat.co.za",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-548"
}
]
}
],
"references": [
{
"url": "https://www.shopbeat.co.za",
"source": "support@shopbeat.co.za"
}
]
}

32
CVE-2022/CVE-2022-362xx/CVE-2022-36244.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2022-36244",
"sourceIdentifier": "support@shopbeat.co.za",
"published": "2023-05-30T20:15:09.660",
"lastModified": "2023-05-30T21:10:07.833",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 suffers from Multiple Stored Cross-Site Scripting (XSS) vulnerabilities via Shop Beat Control Panel found at www.shopbeat.co.za controlpanel.shopbeat.co.za."
}
],
"metrics": {},
"weaknesses": [
{
"source": "support@shopbeat.co.za",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.shopbeat.co.za",
"source": "support@shopbeat.co.za"
}
]
}

32
CVE-2022/CVE-2022-362xx/CVE-2022-36246.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2022-36246",
"sourceIdentifier": "support@shopbeat.co.za",
"published": "2023-05-30T20:15:09.720",
"lastModified": "2023-05-30T21:10:02.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Insecure Permissions."
}
],
"metrics": {},
"weaknesses": [
{
"source": "support@shopbeat.co.za",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-264"
}
]
}
],
"references": [
{
"url": "https://www.shopbeat.co.za",
"source": "support@shopbeat.co.za"
}
]
}

20
CVE-2022/CVE-2022-362xx/CVE-2022-36247.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-36247",
"sourceIdentifier": "support@shopbeat.co.za",
"published": "2023-05-30T20:15:09.780",
"lastModified": "2023-05-30T21:10:02.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to IDOR via controlpanel.shopbeat.co.za."
}
],
"metrics": {},
"references": [
{
"url": "https://www.shopbeat.co.za",
"source": "support@shopbeat.co.za"
}
]
}

32
CVE-2022/CVE-2022-362xx/CVE-2022-36249.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2022-36249",
"sourceIdentifier": "support@shopbeat.co.za",
"published": "2023-05-30T20:15:09.823",
"lastModified": "2023-05-30T21:10:02.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Bypass 2FA via APIs. For Controlpanel Lite. \"After login we are directly able to use the bearer token or jsession ID to access the apis instead of entering the 2FA code. Thus, leading to bypass of 2FA on API level."
}
],
"metrics": {},
"weaknesses": [
{
"source": "support@shopbeat.co.za",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-288"
}
]
}
],
"references": [
{
"url": "https://www.shopbeat.co.za",
"source": "support@shopbeat.co.za"
}
]
}

32
CVE-2022/CVE-2022-362xx/CVE-2022-36250.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2022-36250",
"sourceIdentifier": "support@shopbeat.co.za",
"published": "2023-05-30T20:15:09.880",
"lastModified": "2023-05-30T21:10:02.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Cross Site Request Forgery (CSRF)."
}
],
"metrics": {},
"weaknesses": [
{
"source": "support@shopbeat.co.za",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://www.shopbeat.co.za",
"source": "support@shopbeat.co.za"
}
]
}

47
CVE-2022/CVE-2022-453xx/CVE-2022-45367.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-45367",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-25T10:15:09.337",
"lastModified": "2023-05-25T12:40:12.980",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-30T20:53:31.923",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tychesoftwares:custom_order_numbers_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.4.0",
"matchCriteriaId": "A2051A91-A4FA-47ED-AD5E-99A480591B97"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/custom-order-numbers-for-woocommerce/wordpress-custom-order-numbers-for-woocommerce-plugin-1-4-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

20
CVE-2022/CVE-2022-470xx/CVE-2022-47028.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-47028",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-30T20:15:09.947",
"lastModified": "2023-05-30T21:10:02.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue discovered in Action Launcher for Android v50.5 allows an attacker to cause a denial of service via arbitary data injection to function insert."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2022-47028/CVE%20detailed.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2022/CVE-2022-470xx/CVE-2022-47029.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-47029",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-30T20:15:09.993",
"lastModified": "2023-05-30T21:10:02.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue was found in Action Launcher v50.5 allows an attacker to escalate privilege via modification of the intent string to function update."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2022-47029/CVE%20detailed.md",
"source": "cve@mitre.org"
}
]
}

47
CVE-2022/CVE-2022-471xx/CVE-2022-47159.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47159",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-25T09:15:11.797",
"lastModified": "2023-05-25T12:40:12.980",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-30T20:55:58.387",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:logaster:logo_generator:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.3",
"matchCriteriaId": "0BB36C80-5B99-47B2-9346-A3E62E5E2233"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/logaster-logo-generator/wordpress-logaster-logo-generator-plugin-1-3-cross-site-request-forgery-csrf?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2022/CVE-2022-471xx/CVE-2022-47161.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47161",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-25T10:15:09.490",
"lastModified": "2023-05-25T12:40:12.980",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-30T20:59:13.507",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wordpress:health_check_\\&_troubleshooting:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.5.1",
"matchCriteriaId": "3F690969-C9B8-486F-B325-177311680AC7"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/health-check/wordpress-health-check-troubleshooting-plugin-1-5-1-cross-site-request-forgery-csrf?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2022/CVE-2022-471xx/CVE-2022-47164.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47164",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-25T09:15:11.870",
"lastModified": "2023-05-25T12:40:12.980",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-30T20:55:22.000",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +64,43 @@
"value": "CWE-352"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mage-people:event_manager_and_tickets_selling_plugin_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.7.7",
"matchCriteriaId": "4717C306-49EF-405E-AD64-B0A3DA1BA205"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/mage-eventpress/wordpress-event-manager-and-tickets-selling-plugin-for-woocommerce-plugin-3-7-7-cross-site-request-forgery-csrf?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2022/CVE-2022-471xx/CVE-2022-47165.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47165",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-25T10:15:09.560",
"lastModified": "2023-05-25T12:40:12.980",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-30T20:59:51.777",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:coschedule:coschedule:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.3.8",
"matchCriteriaId": "EEBF2719-1F41-4896-B603-388E59F38350"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/coschedule-by-todaymade/wordpress-coschedule-plugin-3-3-8-cross-site-request-forgery-csrf?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2022/CVE-2022-471xx/CVE-2022-47177.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47177",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-25T10:15:09.630",
"lastModified": "2023-05-25T12:40:12.980",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-30T21:02:31.227",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +64,43 @@
"value": "CWE-352"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpeasypay:wp_easypay:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.1",
"matchCriteriaId": "1ECD0A05-07F0-4E18-9CF4-89DAA1DBF0A8"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-easy-pay/wordpress-wp-easypay-square-for-wordpress-plugin-4-0-4-cross-site-request-forgery-csrf?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

15
CVE-2022/CVE-2022-481xx/CVE-2022-48137.json Normal file
View File

@ -0,0 +1,15 @@
{
"id": "CVE-2022-48137",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-30T20:15:10.040",
"lastModified": "2023-05-30T20:15:10.040",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-26830. Reason: This candidate is a reservation duplicate of CVE-2023-26830. Notes: All CVE users should reference CVE-2023-26830 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
],
"metrics": {},
"references": []
}

15
CVE-2022/CVE-2022-481xx/CVE-2022-48138.json Normal file
View File

@ -0,0 +1,15 @@
{
"id": "CVE-2022-48138",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-30T20:15:10.083",
"lastModified": "2023-05-30T20:15:10.083",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-26829. Reason: This candidate is a reservation duplicate of CVE-2023-26829. Notes: All CVE users should reference CVE-2023-26829 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
],
"metrics": {},
"references": []
}

55
CVE-2023/CVE-2023-07xx/CVE-2023-0779.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-0779",
"sourceIdentifier": "vulnerabilities@zephyrproject.org",
"published": "2023-05-30T21:15:08.987",
"lastModified": "2023-05-30T21:15:08.987",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "At the most basic level, an invalid pointer can be input that crashes the device, but with more knowledge of the device\u00e2\u20ac\u2122s memory layout, further exploitation is possible."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "vulnerabilities@zephyrproject.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "vulnerabilities@zephyrproject.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-9xj8-6989-r549",
"source": "vulnerabilities@zephyrproject.org"
}
]
}

1316
CVE-2023/CVE-2023-08xx/CVE-2023-0857.json
View File

File diff suppressed because it is too large Load Diff

1316
CVE-2023/CVE-2023-08xx/CVE-2023-0858.json
View File

File diff suppressed because it is too large Load Diff

1316
CVE-2023/CVE-2023-08xx/CVE-2023-0859.json
View File

File diff suppressed because it is too large Load Diff

27
CVE-2023/CVE-2023-15xx/CVE-2023-1508.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1508",
"sourceIdentifier": "cve@usom.gov.tr",
"published": "2023-05-23T21:15:08.967",
"lastModified": "2023-05-24T12:59:13.063",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-30T21:48:16.117",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,10 +46,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adampos:mobilmen_el_terminali_yazilimi:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3",
"matchCriteriaId": "48EB8DC9-8685-41FC-9A00-98AEA1F55F73"
}
]
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0284",
"source": "cve@usom.gov.tr"
"source": "cve@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-17xx/CVE-2023-1711.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1711",
"sourceIdentifier": "cybersecurity@hitachienergy.com",
"published": "2023-05-30T19:15:09.753",
"lastModified": "2023-05-30T19:15:09.753",
"vulnStatus": "Received",
"lastModified": "2023-05-30T21:10:07.833",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

57
CVE-2023/CVE-2023-18xx/CVE-2023-1837.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1837",
"sourceIdentifier": "security@hypr.com",
"published": "2023-05-23T19:15:09.237",
"lastModified": "2023-05-23T20:48:24.597",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-30T21:53:33.290",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@hypr.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
},
{
"source": "security@hypr.com",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hypr:hypr_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.0",
"matchCriteriaId": "5F5ABFC9-1ECE-4A7A-8636-6B0F00D83145"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hypr.com/security-advisories",
"source": "security@hypr.com"
"source": "security@hypr.com",
"tags": [
"Vendor Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-235xx/CVE-2023-23561.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-23561",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-30T20:15:10.130",
"lastModified": "2023-05-30T21:10:02.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control: authenticated users can read sensitive information."
}
],
"metrics": {},
"references": [
{
"url": "https://advisories.stormshield.eu",
"source": "cve@mitre.org"
},
{
"url": "https://advisories.stormshield.eu/2023-001/",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-239xx/CVE-2023-23956.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-23956",
"sourceIdentifier": "secure@symantec.com",
"published": "2023-05-30T20:15:10.173",
"lastModified": "2023-05-30T21:10:02.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A user can supply malicious HTML and JavaScript code that will be executed in the client browser"
}
],
"metrics": {},
"references": [
{
"url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/22221",
"source": "secure@symantec.com"
}
]
}

871
CVE-2023/CVE-2023-255xx/CVE-2023-25537.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25537",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-05-22T11:15:09.333",
"lastModified": "2023-05-22T13:21:34.157",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-30T21:32:57.250",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "security_alert@emc.com",
"type": "Secondary",
@ -46,10 +66,855 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:poweredge_r740_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "B37675EF-6040-4F8A-A5C2-44E715B8AD21"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:poweredge_r740:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE562535-3D9B-4A82-AC0D-6A2225E63E8D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:poweredge_r740xd_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "60523971-FED3-440E-A82C-AF88D48DEA44"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:poweredge_r740xd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "868ECD3F-77CD-4F5D-86E5-61689E4C5BA0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:poweredge_r640_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "E95A1EDC-D580-4976-8A54-EB5D1A992DBA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:poweredge_r640:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81416C16-D7FA-4165-BB0E-6458A4EA5AEE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:poweredge_r940_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "222DF748-DA7B-4DF2-868B-67E6674FAE7C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:poweredge_r940:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B581E1DE-4E94-49E5-B5CF-2A94B2570708"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:poweredge_r540_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "947180B0-04CE-4BAE-BC7A-625656A90631"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:poweredge_r540:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73B27F54-3CE3-4A5F-BBA1-2C6ED5316B47"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:poweredge_r440_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "A142530D-DD9C-4EA5-BE09-10A8DDBBB957"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:poweredge_r440:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBC3957E-791A-4052-A9C4-F3ECBD746E37"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:poweredge_t440_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "15D9902E-9BDF-4E56-9A72-FC2D84DDBB6F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:poweredge_t440:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28F97F1A-B41E-4CC5-B668-8C194CE2C29E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:poweredge_xr2_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "CF6D1AA1-7DC5-48B1-9A0D-D18101C66BB0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:poweredge_xr2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88EC4390-C39F-4E56-9631-B8A22986690D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:poweredge_r740xd2_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "FC4EC25A-5544-4B3F-B173-FF0A54FD9F39"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:poweredge_r740xd2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5395D3F-58D4-49F9-AA2F-0D5C6D8C4651"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:poweredge_r840_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "3B1CF99B-0D79-4A02-B847-D32E473529FF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:poweredge_r840:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E058B9C6-CD1C-42F5-8781-05450254E9E5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:poweredge_r940xa_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "E901926A-84F1-4799-8B6F-1C8A481210A1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:poweredge_r940xa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D143853-3D62-4AD7-B899-F726036A34D2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:poweredge_t640_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "A675F7CB-D3C3-4378-A322-1ED1299D05DC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:poweredge_t640:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DEC0235-DDA1-4EE4-B3F8-512F1B29AFC6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:poweredge_c6420_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "FF28AE6F-A2D3-4972-8777-FD91B9F6DEFF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:poweredge_c6420:-:*:*:*:*:*:*:*",
"matchCriteriaId": "027D86DE-076F-4CE9-9DE9-E6976C655E8F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:poweredge_fc640_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "C6E643BF-C1E1-4B72-9904-0EDD5AD6FD60"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:poweredge_fc640:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9C59D4B-1122-4782-A686-559E7DF8C3C9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:poweredge_m640_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "C8D7ED32-1674-4F10-B1F8-B30FCF5232A8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:poweredge_m640:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F8B50A1-577F-451E-8D03-C8A6A78000DC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:poweredge_mx740c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "296BDDBF-6C54-4D65-8C9D-C4639074A9AD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:poweredge_mx740c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "757039D5-60B9-40B0-B719-38E27409BDDE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:poweredge_mx840c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "31A27B9B-3B03-41C5-913F-1119B6E7E238"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:poweredge_mx840c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4305D0F-CB59-49D5-8D21-8ECC3342C36C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:poweredge_c4140_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "630E8769-99DD-4062-8BC4-A793816C5D76"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:poweredge_c4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9ACC9B8-C046-4304-BA58-7D6D7945BE95"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:dss_8440_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "F862C85D-F4DC-4B11-826A-C6AD3AEBB0A8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dss_8440:-:*:*:*:*:*:*:*",
"matchCriteriaId": "239C2103-C4BB-4C6A-8E09-C6F7D52024D3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:poweredge_xe2420_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "AAF0FAAA-AD3C-476D-AAF5-C566A1B1E865"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:poweredge_xe2420:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30D12E41-8F03-435C-B137-CD3465923E5C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:poweredge_xe7420_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "43348CD0-0B16-4798-85B3-58017417B7C2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:poweredge_xe7420:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB402EFE-DEFF-40D1-B1C8-8A7D6923669E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:poweredge_xe7440_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "372DC8AD-61A4-4353-B7DE-71DFA5440401"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:poweredge_xe7440:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB265071-7294-4317-A854-0D90844CDC17"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:emc_storage_nx3240_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "58815A75-5427-48FE-98E5-6FBF5D022E46"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:emc_storage_nx3240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFCDCB3C-4995-4211-8592-3D7F94098A26"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:emc_storage_nx3340_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "C6C5E7C0-E28C-4D45-AC2D-518FC3E72D49"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:emc_storage_nx3340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F375D2-85E4-4994-AE90-99D25A50F9AD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:emc_xc_core_6420_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "B14BA9CF-84BE-406F-AE9C-48418E9045B3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:emc_xc_core_6420:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A54DBA6D-E506-4557-8659-1707F6C9D02F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:emc_xc_core_xc640_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "4884D9D6-3EE9-4041-9D9D-188215F8C73D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:emc_xc_core_xc640:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EE5A591-AFD4-43B0-9383-B2F306940679"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:emc_xc_core_xc740xd_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "D897026E-70E2-40E7-A59C-E6A1F0FDFA02"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:emc_xc_core_xc740xd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD7E6DE-4B9B-4C23-81A1-D8D52D2E4215"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:emc_xc_core_xc740xd2_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "B1D21691-AA78-4603-9E46-12D3B4D64411"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:emc_xc_core_xc740xd2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0127228B-FBC4-4C66-AFA1-749C151F79C5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:emc_xc_core_xc940_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "533FF26E-95F7-4CD7-BBCA-9A80831489A9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:emc_xc_core_xc940:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A160D84-3C5D-4789-8AF3-B006A5956B3F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:emc_xc_core_xcxr2_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.18.1",
"matchCriteriaId": "120AA799-23AE-4D51-8EC2-11A59A1E0EAB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:emc_xc_core_xcxr2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FF8CC72-C32F-476D-86D3-CFF022185D76"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000213550/dsa-2023-098-security-update-for-dell-poweredge-14g-server-bios-for-an-out-of-bounds-write-vulnerability",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-25xx/CVE-2023-2597.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2597",
"sourceIdentifier": "emo@eclipse.org",
"published": "2023-05-22T12:15:09.760",
"lastModified": "2023-05-22T13:21:34.157",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-30T21:32:32.543",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{
"source": "emo@eclipse.org",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
},
{
"source": "emo@eclipse.org",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eclipse:openj9:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.38.0",
"matchCriteriaId": "575BD70A-498B-4D6A-BF10-E15592EF66AD"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/eclipse-openj9/openj9/pull/17259",
"source": "emo@eclipse.org"
"source": "emo@eclipse.org",
"tags": [
"Patch"
]
}
]
}

27
CVE-2023/CVE-2023-27xx/CVE-2023-2702.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2702",
"sourceIdentifier": "cve@usom.gov.tr",
"published": "2023-05-23T20:15:09.730",
"lastModified": "2023-05-23T20:48:24.597",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-30T21:48:55.523",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,10 +46,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:finexmedia:competition_management_system:*:*:*:*:*:*:*:*",
"versionEndExcluding": "23.07",
"matchCriteriaId": "73D09461-53AD-41B1-A0E9-EF403A363624"
}
]
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0283",
"source": "cve@usom.gov.tr"
"source": "cve@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-27xx/CVE-2023-2703.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2703",
"sourceIdentifier": "cve@usom.gov.tr",
"published": "2023-05-23T20:15:09.817",
"lastModified": "2023-05-23T20:48:24.597",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-30T21:48:39.170",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "cve@usom.gov.tr",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve@usom.gov.tr",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "cve@usom.gov.tr",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-668"
}
]
},
{
"source": "cve@usom.gov.tr",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:finexmedia:competition_management_system:*:*:*:*:*:*:*:*",
"versionEndExcluding": "23.07",
"matchCriteriaId": "73D09461-53AD-41B1-A0E9-EF403A363624"
}
]
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0283",
"source": "cve@usom.gov.tr"
"source": "cve@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2023/CVE-2023-27xx/CVE-2023-2734.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2734",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-05-25T03:15:08.870",
"lastModified": "2023-05-25T12:40:12.980",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-30T21:34:04.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +76,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:inspireui:mstore_api:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.9.1",
"matchCriteriaId": "841F0F34-B0A8-422B-9AA9-2F2B1CFC4714"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/mstore-api/tags/3.9.0/controllers/flutter-woo.php#L911",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2915729%40mstore-api&old=2913397%40mstore-api&sfp_email=&sfph_mail=#file59",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5881d16c-84e8-4610-8233-cfa5a94fe3f9?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-28xx/CVE-2023-2844.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2844",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-23T04:15:09.497",
"lastModified": "2023-05-23T13:04:30.710",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-30T21:57:51.747",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -36,8 +58,18 @@
},
"weaknesses": [
{
"source": "security@huntr.dev",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,14 +78,41 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fit2cloud:cloudexplorer_lite:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.0",
"matchCriteriaId": "C21F0984-6CAC-4621-A57A-BA7D0D894D51"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/cloudexplorer-dev/cloudexplorer-lite/commit/d9f55a44e579d312977b02317b2020de758b763a",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/6644b36e-603d-4dbe-8ee2-5df8b8fb2e22",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-28xx/CVE-2023-2845.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2845",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-23T05:15:08.827",
"lastModified": "2023-05-23T13:04:30.710",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-30T21:57:09.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -36,8 +58,18 @@
},
"weaknesses": [
{
"source": "security@huntr.dev",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,14 +78,41 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fit2cloud:cloudexplorer_lite:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.0",
"matchCriteriaId": "C21F0984-6CAC-4621-A57A-BA7D0D894D51"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/cloudexplorer-dev/cloudexplorer-lite/commit/d9f55a44e579d312977b02317b2020de758b763a",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/ac10e81c-998e-4425-9d74-b985d9b0254c",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-297xx/CVE-2023-29731.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-29731",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-30T20:15:10.227",
"lastModified": "2023-05-30T21:10:02.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "SoLive 1.6.14 thru 1.6.20 for Android has an exposed component that provides a method to modify the SharedPreference file. An attacker can leverage this method to inject a large amount of data into any SharedPreference file, which will be loaded into memory when the application is opened. When an attacker injects too much data, the application will trigger an OOM error and crash at startup, resulting in a persistent denial of service."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29731/CVE%20detail.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-297xx/CVE-2023-29732.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-29732",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-30T20:15:10.273",
"lastModified": "2023-05-30T21:10:02.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "SoLive 1.6.14 thru 1.6.20 for Android exists exposed component, the component provides the method to modify the SharedPreference file. The attacker can use the method to modify the data in any SharedPreference file, these data will be loaded into the memory when the application is opened. Depending on how the data is used, this can result in various attack consequences, such as ad display exceptions."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29732/CVE%20detail.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-297xx/CVE-2023-29733.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-29733",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-30T20:15:10.327",
"lastModified": "2023-05-30T21:10:02.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Lock Master app 2.2.4 for Android allows unauthorized apps to modify the values in its SharedPreference files. These files hold data that affects many app functions. Malicious modifications by unauthorized apps can cause security issues, such as functionality manipulation, resulting in a severe escalation of privilege attack."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29733/CVE%20detail.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-297xx/CVE-2023-29734.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-29734",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-30T20:15:10.373",
"lastModified": "2023-05-30T21:10:02.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue found in edjing Mix v.7.09.01 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the database."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29734/CVE%20detail.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-297xx/CVE-2023-29735.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-29735",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-30T20:15:10.420",
"lastModified": "2023-05-30T21:10:02.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue found in edjing Mix v.7.09.01 for Android allows a local attacker to cause a denial of service via the database files."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29735/CVE%20detail.md",
"source": "cve@mitre.org"
}
]
}

94
CVE-2023/CVE-2023-304xx/CVE-2023-30440.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30440",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-23T14:15:09.733",
"lastModified": "2023-05-23T14:18:11.573",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-30T21:54:53.153",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 7.9,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 4.7
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,14 +66,80 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:*:*:*:*:*:*:*:*",
"versionStartIncluding": "fw860",
"versionEndIncluding": "fw860.b3",
"matchCriteriaId": "81DEDE5C-0105-41FB-9D7C-333801A0F140"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:*:*:*:*:*:*:*:*",
"versionStartIncluding": "fw950",
"versionEndIncluding": "fw950.70",
"matchCriteriaId": "81F35943-81EA-49E3-9124-FE0536CD7125"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:*:*:*:*:*:*:*:*",
"versionStartIncluding": "fw1010",
"versionEndIncluding": "fw1010.50",
"matchCriteriaId": "FABD7B77-B55C-4EBE-9FBB-5E0F54AD6D91"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:*:*:*:*:*:*:*:*",
"versionStartIncluding": "fw1020.00",
"versionEndIncluding": "fw1020.30",
"matchCriteriaId": "D6ABE100-FCD6-42F8-AFC2-FF89C441C450"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:*:*:*:*:*:*:*:*",
"versionStartIncluding": "fw1030.00",
"versionEndIncluding": "fw1030.10",
"matchCriteriaId": "CBFA3A1A-D23F-4A62-9860-F79FB414ECB1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ibm:powervm_hypervisor:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60C28326-3EFE-4CD0-91E9-682AD6B0B891"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/253175",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6997133",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-304xx/CVE-2023-30484.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30484",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-25T10:15:09.797",
"lastModified": "2023-05-25T12:40:12.980",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-30T20:59:31.920",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:upress:enable_accessibility:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.4",
"matchCriteriaId": "EE35AA2F-9B38-4078-A5F5-BDBC5E3AE90F"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/enable-accessibility/wordpress-enable-accessibility-plugin-1-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-311xx/CVE-2023-31184.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-31184",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2023-05-30T20:15:10.470",
"lastModified": "2023-05-30T21:10:02.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "ROZCOM client CWE-798: Use of Hard-coded Credentials"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
}
],
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il"
}
]
}

55
CVE-2023/CVE-2023-311xx/CVE-2023-31185.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-31185",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2023-05-30T20:15:10.533",
"lastModified": "2023-05-30T21:10:02.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "ROZCOM server framework - Misconfiguration may allow information disclosure via an unspecified request."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il"
}
]
}

55
CVE-2023/CVE-2023-311xx/CVE-2023-31186.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-31186",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2023-05-30T20:15:10.610",
"lastModified": "2023-05-30T21:10:02.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-204"
}
]
}
],
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il"
}
]
}

55
CVE-2023/CVE-2023-311xx/CVE-2023-31187.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-31187",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2023-05-30T20:15:10.687",
"lastModified": "2023-05-30T21:10:02.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Avaya IX Workforce Engagement v15.2.7.1195 - CWE-522: Insufficiently Protected Credentials"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
}
],
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il"
}
]
}

65
CVE-2023/CVE-2023-316xx/CVE-2023-31669.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31669",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-23T12:15:09.173",
"lastModified": "2023-05-23T13:04:30.710",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-30T21:56:12.350",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "WebAssembly wat2wasm v1.0.32 allows attackers to cause a libc++abi.dylib crash by putting '@' before a quote (\")."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-116"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webassembly:webassembly_binary_toolkit:1.0.32:*:*:*:*:*:*:*",
"matchCriteriaId": "AFE1D9C5-6B44-494E-9964-8B5A1374C154"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/WebAssembly/wabt/issues/2165",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-322xx/CVE-2023-32218.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-32218",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2023-05-30T20:15:10.767",
"lastModified": "2023-05-30T21:10:02.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Avaya IX Workforce Engagement v15.2.7.1195 - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il"
}
]
}

4
CVE-2023/CVE-2023-326xx/CVE-2023-32696.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32696",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-30T19:15:10.023",
"lastModified": "2023-05-30T19:15:10.023",
"vulnStatus": "Received",
"lastModified": "2023-05-30T21:10:07.833",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-326xx/CVE-2023-32699.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32699",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-30T19:15:10.103",
"lastModified": "2023-05-30T19:15:10.103",
"vulnStatus": "Received",
"lastModified": "2023-05-30T21:10:07.833",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

71
CVE-2023/CVE-2023-331xx/CVE-2023-33177.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2023-33177",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-30T20:15:10.837",
"lastModified": "2023-05-30T21:10:02.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Xibo is a content management system (CMS). A path traversal vulnerability exists in the Xibo CMS whereby a specially crafted zip file can be uploaded to the CMS via the layout import function by an authenticated user which would allow creation of files outside of the CMS library directory as the webserver user. This can be used to upload a PHP webshell inside the web root directory and achieve remote code execution as the webserver user. Users should upgrade to version 2.3.17 or 3.3.5, which fix this issue. Customers who host their CMS with Xibo Signage have already received an upgrade or patch to resolve this issue regardless of the CMS version that they are running."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://claroty.com/team82/disclosure-dashboard",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/xibosignage/xibo-cms/commit/1cbba380fa751a00756e70d7b08b5c6646092658",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/xibosignage/xibo-cms/commit/45c6b53c3978639db03b63270a56f4397f49b2c9",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/xibosignage/xibo-cms/security/advisories/GHSA-jj27-x85q-crqv",
"source": "security-advisories@github.com"
},
{
"url": "https://xibosignage.com/blog/security-advisory-2023-05/",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-331xx/CVE-2023-33178.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-33178",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-30T20:15:10.907",
"lastModified": "2023-05-30T21:10:02.053",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Xibo is a content management system (CMS). An SQL injection vulnerability was discovered in the `/dataset/data/{id}` API route inside the CMS starting in version 1.4.0 and prior to versions 2.3.17 and 3.3.5. This allows an authenticated user to exfiltrate data from the Xibo database by injecting specially crafted values in to the `filter` parameter. Values allowed in the filter parameter are checked against a deny list of commands that should not be allowed, however this checking was done in a case sensitive manor and so it is possible to bypass these checks by using unusual case combinations. Users should upgrade to version 2.3.17 or 3.3.5, which fix this issue. There are no workarounds aside from upgrading."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://claroty.com/team82/disclosure-dashboard",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/xibosignage/xibo-cms/security/advisories/GHSA-g9x2-757j-hmhh",
"source": "security-advisories@github.com"
},
{
"url": "https://xibosignage.com/blog/security-advisory-2023-05/",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-331xx/CVE-2023-33179.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-33179",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-30T21:15:09.077",
"lastModified": "2023-05-30T21:15:09.077",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Xibo is a content management system (CMS). An SQL injection vulnerability was discovered starting in version 3.2.0 and prior to version 3.3.5 in the `nameFilter` function used throughout the CMS. This allows an authenticated user to exfiltrate data from the Xibo database by injecting specially crafted values for logical operators. Users should upgrade to version 3.3.5 which fixes this issue. There are no known workarounds aside from upgrading."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://claroty.com/team82/disclosure-dashboard",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/xibosignage/xibo-cms/security/advisories/GHSA-jmx8-cgm4-7mf5",
"source": "security-advisories@github.com"
},
{
"url": "https://xibosignage.com/blog/security-advisory-2023-05/",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-331xx/CVE-2023-33180.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-33180",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-30T21:15:09.147",
"lastModified": "2023-05-30T21:15:09.147",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Xibo is a content management system (CMS). An SQL injection vulnerability was discovered starting in version 3.2.0 and prior to version 3.3.2 in the `/display/map` API route inside the CMS. This allows an authenticated user to exfiltrate data from the Xibo database by injecting specially crafted values in to the `bounds` parameter. Users should upgrade to version 3.3.5, which fixes this issue. There are no known workarounds aside from upgrading."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://claroty.com/team82/disclosure-dashboard",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/xibosignage/xibo-cms/security/advisories/GHSA-7ww5-x9rm-qm89",
"source": "security-advisories@github.com"
},
{
"url": "https://xibosignage.com/blog/security-advisory-2023-05/",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-331xx/CVE-2023-33181.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-33181",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-30T21:15:09.207",
"lastModified": "2023-05-30T21:15:09.207",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Xibo is a content management system (CMS). Starting in version 3.0.0 and prior to version 3.3.5, some API routes will print a stack trace when called with missing or invalid parameters revealing sensitive information about the locations of paths that the server is using. Users should upgrade to version 3.3.5, which fixes this issue. There are no known workarounds aside from upgrading."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-209"
}
]
}
],
"references": [
{
"url": "https://claroty.com/team82/disclosure-dashboard",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/xibosignage/xibo-cms/security/advisories/GHSA-c9cx-ghwr-x58m",
"source": "security-advisories@github.com"
},
{
"url": "https://xibosignage.com/blog/security-advisory-2023-05/",
"source": "security-advisories@github.com"
}
]
}

72
CVE-2023/CVE-2023-332xx/CVE-2023-33251.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33251",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-21T21:15:08.790",
"lastModified": "2023-05-22T10:56:56.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-30T20:32:09.327",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "cve@mitre.org",
"type": "Secondary",
@ -34,10 +54,56 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightbend:akka_http:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.5.2",
"matchCriteriaId": "107D632D-CD79-4C93-BA69-F32C6C27A49D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
}
],
"references": [
{
"url": "https://akka.io/security/akka-http-cve-2023-05-15.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-332xx/CVE-2023-33252.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-33252",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-21T22:15:14.940",
"lastModified": "2023-05-22T10:56:56.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-30T20:30:01.733",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "iden3 snarkjs through 0.6.11 allows double spending because there is no validation that the publicSignals length is less than the field modulus."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:0kims:snarkjs:*:*:*:*:*:*:*:*",
"versionEndIncluding": "0.6.11",
"matchCriteriaId": "8C2343E4-1921-4556-9B19-E30477444AFB"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/iden3/snarkjs/commits/master/src/groth16_verify.js",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/iden3/snarkjs/tags",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

74
CVE-2023/CVE-2023-332xx/CVE-2023-33285.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33285",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-22T03:15:09.720",
"lastModified": "2023-05-22T10:56:56.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-30T21:34:23.247",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve@mitre.org",
"type": "Secondary",
@ -34,10 +54,58 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndExcluding": "5.15.4",
"matchCriteriaId": "B67B902C-4F68-4FD5-8A04-FFF6B1F1A738"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndExcluding": "6.2.9",
"matchCriteriaId": "513DDB0D-A132-4046-8B49-D2776E585826"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.3.0",
"versionEndExcluding": "6.5.1",
"matchCriteriaId": "116DC3F0-630E-43F6-AD19-0ABB41CF3D70"
}
]
}
]
}
],
"references": [
{
"url": "https://codereview.qt-project.org/c/qt/qtbase/+/477644",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

95
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-30T20:00:26.920710+00:00
2023-05-30T22:00:25.703045+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-30T19:43:02.460000+00:00
2023-05-30T21:57:51.747000+00:00
```
### Last Data Feed Release
@ -29,54 +29,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
216384
216412
```
### CVEs added in the last Commit
Recently added CVEs: `10`
Recently added CVEs: `28`
* [CVE-2018-8661](CVE-2018/CVE-2018-86xx/CVE-2018-8661.json) (`2023-05-30T18:15:09.797`)
* [CVE-2023-2994](CVE-2023/CVE-2023-29xx/CVE-2023-2994.json) (`2023-05-30T18:15:10.077`)
* [CVE-2023-2968](CVE-2023/CVE-2023-29xx/CVE-2023-2968.json) (`2023-05-30T18:15:09.997`)
* [CVE-2023-32684](CVE-2023/CVE-2023-326xx/CVE-2023-32684.json) (`2023-05-30T18:15:10.137`)
* [CVE-2023-32689](CVE-2023/CVE-2023-326xx/CVE-2023-32689.json) (`2023-05-30T18:15:10.227`)
* [CVE-2023-33656](CVE-2023/CVE-2023-336xx/CVE-2023-33656.json) (`2023-05-30T18:15:10.383`)
* [CVE-2023-33975](CVE-2023/CVE-2023-339xx/CVE-2023-33975.json) (`2023-05-30T18:15:10.433`)
* [CVE-2023-1711](CVE-2023/CVE-2023-17xx/CVE-2023-1711.json) (`2023-05-30T19:15:09.753`)
* [CVE-2023-32696](CVE-2023/CVE-2023-326xx/CVE-2023-32696.json) (`2023-05-30T19:15:10.023`)
* [CVE-2023-32699](CVE-2023/CVE-2023-326xx/CVE-2023-32699.json) (`2023-05-30T19:15:10.103`)
* [CVE-2022-36247](CVE-2022/CVE-2022-362xx/CVE-2022-36247.json) (`2023-05-30T20:15:09.780`)
* [CVE-2022-36249](CVE-2022/CVE-2022-362xx/CVE-2022-36249.json) (`2023-05-30T20:15:09.823`)
* [CVE-2022-36250](CVE-2022/CVE-2022-362xx/CVE-2022-36250.json) (`2023-05-30T20:15:09.880`)
* [CVE-2022-47028](CVE-2022/CVE-2022-470xx/CVE-2022-47028.json) (`2023-05-30T20:15:09.947`)
* [CVE-2022-47029](CVE-2022/CVE-2022-470xx/CVE-2022-47029.json) (`2023-05-30T20:15:09.993`)
* [CVE-2022-36243](CVE-2022/CVE-2022-362xx/CVE-2022-36243.json) (`2023-05-30T20:15:09.587`)
* [CVE-2022-36244](CVE-2022/CVE-2022-362xx/CVE-2022-36244.json) (`2023-05-30T20:15:09.660`)
* [CVE-2023-23561](CVE-2023/CVE-2023-235xx/CVE-2023-23561.json) (`2023-05-30T20:15:10.130`)
* [CVE-2023-23956](CVE-2023/CVE-2023-239xx/CVE-2023-23956.json) (`2023-05-30T20:15:10.173`)
* [CVE-2023-29731](CVE-2023/CVE-2023-297xx/CVE-2023-29731.json) (`2023-05-30T20:15:10.227`)
* [CVE-2023-29732](CVE-2023/CVE-2023-297xx/CVE-2023-29732.json) (`2023-05-30T20:15:10.273`)
* [CVE-2023-29733](CVE-2023/CVE-2023-297xx/CVE-2023-29733.json) (`2023-05-30T20:15:10.327`)
* [CVE-2023-29734](CVE-2023/CVE-2023-297xx/CVE-2023-29734.json) (`2023-05-30T20:15:10.373`)
* [CVE-2023-29735](CVE-2023/CVE-2023-297xx/CVE-2023-29735.json) (`2023-05-30T20:15:10.420`)
* [CVE-2023-31184](CVE-2023/CVE-2023-311xx/CVE-2023-31184.json) (`2023-05-30T20:15:10.470`)
* [CVE-2023-31185](CVE-2023/CVE-2023-311xx/CVE-2023-31185.json) (`2023-05-30T20:15:10.533`)
* [CVE-2023-31186](CVE-2023/CVE-2023-311xx/CVE-2023-31186.json) (`2023-05-30T20:15:10.610`)
* [CVE-2023-31187](CVE-2023/CVE-2023-311xx/CVE-2023-31187.json) (`2023-05-30T20:15:10.687`)
* [CVE-2023-32218](CVE-2023/CVE-2023-322xx/CVE-2023-32218.json) (`2023-05-30T20:15:10.767`)
* [CVE-2023-33177](CVE-2023/CVE-2023-331xx/CVE-2023-33177.json) (`2023-05-30T20:15:10.837`)
* [CVE-2023-33178](CVE-2023/CVE-2023-331xx/CVE-2023-33178.json) (`2023-05-30T20:15:10.907`)
* [CVE-2023-0779](CVE-2023/CVE-2023-07xx/CVE-2023-0779.json) (`2023-05-30T21:15:08.987`)
* [CVE-2023-33179](CVE-2023/CVE-2023-331xx/CVE-2023-33179.json) (`2023-05-30T21:15:09.077`)
* [CVE-2023-33180](CVE-2023/CVE-2023-331xx/CVE-2023-33180.json) (`2023-05-30T21:15:09.147`)
* [CVE-2023-33181](CVE-2023/CVE-2023-331xx/CVE-2023-33181.json) (`2023-05-30T21:15:09.207`)
### CVEs modified in the last Commit
Recently modified CVEs: `30`
Recently modified CVEs: `27`
* [CVE-2022-4945](CVE-2022/CVE-2022-49xx/CVE-2022-4945.json) (`2023-05-30T18:05:33.233`)
* [CVE-2022-46658](CVE-2022/CVE-2022-466xx/CVE-2022-46658.json) (`2023-05-30T18:17:14.057`)
* [CVE-2022-43485](CVE-2022/CVE-2022-434xx/CVE-2022-43485.json) (`2023-05-30T18:52:32.890`)
* [CVE-2022-46361](CVE-2022/CVE-2022-463xx/CVE-2022-46361.json) (`2023-05-30T18:52:32.890`)
* [CVE-2022-4240](CVE-2022/CVE-2022-42xx/CVE-2022-4240.json) (`2023-05-30T18:52:32.890`)
* [CVE-2023-2650](CVE-2023/CVE-2023-26xx/CVE-2023-2650.json) (`2023-05-30T18:15:09.927`)
* [CVE-2023-27068](CVE-2023/CVE-2023-270xx/CVE-2023-27068.json) (`2023-05-30T18:27:39.760`)
* [CVE-2023-29919](CVE-2023/CVE-2023-299xx/CVE-2023-29919.json) (`2023-05-30T18:35:16.013`)
* [CVE-2023-31995](CVE-2023/CVE-2023-319xx/CVE-2023-31995.json) (`2023-05-30T18:45:24.693`)
* [CVE-2023-31664](CVE-2023/CVE-2023-316xx/CVE-2023-31664.json) (`2023-05-30T18:46:57.883`)
* [CVE-2023-23754](CVE-2023/CVE-2023-237xx/CVE-2023-23754.json) (`2023-05-30T18:52:32.890`)
* [CVE-2023-23755](CVE-2023/CVE-2023-237xx/CVE-2023-23755.json) (`2023-05-30T18:52:32.890`)
* [CVE-2023-24826](CVE-2023/CVE-2023-248xx/CVE-2023-24826.json) (`2023-05-30T18:52:32.890`)
* [CVE-2023-29737](CVE-2023/CVE-2023-297xx/CVE-2023-29737.json) (`2023-05-30T18:52:32.890`)
* [CVE-2023-33973](CVE-2023/CVE-2023-339xx/CVE-2023-33973.json) (`2023-05-30T18:52:32.890`)
* [CVE-2023-33974](CVE-2023/CVE-2023-339xx/CVE-2023-33974.json) (`2023-05-30T18:52:32.890`)
* [CVE-2023-31826](CVE-2023/CVE-2023-318xx/CVE-2023-31826.json) (`2023-05-30T18:55:20.623`)
* [CVE-2023-31814](CVE-2023/CVE-2023-318xx/CVE-2023-31814.json) (`2023-05-30T19:00:27.487`)
* [CVE-2023-31285](CVE-2023/CVE-2023-312xx/CVE-2023-31285.json) (`2023-05-30T19:15:09.833`)
* [CVE-2023-31286](CVE-2023/CVE-2023-312xx/CVE-2023-31286.json) (`2023-05-30T19:15:09.897`)
* [CVE-2023-31287](CVE-2023/CVE-2023-312xx/CVE-2023-31287.json) (`2023-05-30T19:15:09.967`)
* [CVE-2023-33255](CVE-2023/CVE-2023-332xx/CVE-2023-33255.json) (`2023-05-30T19:15:10.170`)
* [CVE-2023-31740](CVE-2023/CVE-2023-317xx/CVE-2023-31740.json) (`2023-05-30T19:17:44.447`)
* [CVE-2023-33236](CVE-2023/CVE-2023-332xx/CVE-2023-33236.json) (`2023-05-30T19:29:08.573`)
* [CVE-2023-33235](CVE-2023/CVE-2023-332xx/CVE-2023-33235.json) (`2023-05-30T19:43:02.460`)
* [CVE-2022-47159](CVE-2022/CVE-2022-471xx/CVE-2022-47159.json) (`2023-05-30T20:55:58.387`)
* [CVE-2022-47161](CVE-2022/CVE-2022-471xx/CVE-2022-47161.json) (`2023-05-30T20:59:13.507`)
* [CVE-2022-47165](CVE-2022/CVE-2022-471xx/CVE-2022-47165.json) (`2023-05-30T20:59:51.777`)
* [CVE-2022-47177](CVE-2022/CVE-2022-471xx/CVE-2022-47177.json) (`2023-05-30T21:02:31.227`)
* [CVE-2023-33252](CVE-2023/CVE-2023-332xx/CVE-2023-33252.json) (`2023-05-30T20:30:01.733`)
* [CVE-2023-33251](CVE-2023/CVE-2023-332xx/CVE-2023-33251.json) (`2023-05-30T20:32:09.327`)
* [CVE-2023-0859](CVE-2023/CVE-2023-08xx/CVE-2023-0859.json) (`2023-05-30T20:40:13.547`)
* [CVE-2023-0858](CVE-2023/CVE-2023-08xx/CVE-2023-0858.json) (`2023-05-30T20:40:40.290`)
* [CVE-2023-0857](CVE-2023/CVE-2023-08xx/CVE-2023-0857.json) (`2023-05-30T20:43:12.183`)
* [CVE-2023-30484](CVE-2023/CVE-2023-304xx/CVE-2023-30484.json) (`2023-05-30T20:59:31.920`)
* [CVE-2023-1711](CVE-2023/CVE-2023-17xx/CVE-2023-1711.json) (`2023-05-30T21:10:07.833`)
* [CVE-2023-32696](CVE-2023/CVE-2023-326xx/CVE-2023-32696.json) (`2023-05-30T21:10:07.833`)
* [CVE-2023-32699](CVE-2023/CVE-2023-326xx/CVE-2023-32699.json) (`2023-05-30T21:10:07.833`)
* [CVE-2023-2597](CVE-2023/CVE-2023-25xx/CVE-2023-2597.json) (`2023-05-30T21:32:32.543`)
* [CVE-2023-25537](CVE-2023/CVE-2023-255xx/CVE-2023-25537.json) (`2023-05-30T21:32:57.250`)
* [CVE-2023-2734](CVE-2023/CVE-2023-27xx/CVE-2023-2734.json) (`2023-05-30T21:34:04.677`)
* [CVE-2023-33285](CVE-2023/CVE-2023-332xx/CVE-2023-33285.json) (`2023-05-30T21:34:23.247`)
* [CVE-2023-1508](CVE-2023/CVE-2023-15xx/CVE-2023-1508.json) (`2023-05-30T21:48:16.117`)
* [CVE-2023-2703](CVE-2023/CVE-2023-27xx/CVE-2023-2703.json) (`2023-05-30T21:48:39.170`)
* [CVE-2023-2702](CVE-2023/CVE-2023-27xx/CVE-2023-2702.json) (`2023-05-30T21:48:55.523`)
* [CVE-2023-1837](CVE-2023/CVE-2023-18xx/CVE-2023-1837.json) (`2023-05-30T21:53:33.290`)
* [CVE-2023-30440](CVE-2023/CVE-2023-304xx/CVE-2023-30440.json) (`2023-05-30T21:54:53.153`)
* [CVE-2023-31669](CVE-2023/CVE-2023-316xx/CVE-2023-31669.json) (`2023-05-30T21:56:12.350`)
* [CVE-2023-2845](CVE-2023/CVE-2023-28xx/CVE-2023-2845.json) (`2023-05-30T21:57:09.587`)
* [CVE-2023-2844](CVE-2023/CVE-2023-28xx/CVE-2023-2844.json) (`2023-05-30T21:57:51.747`)
## Download and Usage