mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-09 16:05:11 +00:00
Auto-Update: 2023-06-13T12:00:30.040701+00:00
This commit is contained in:
parent
3922ab2256
commit
d9decfb934
@ -2,12 +2,12 @@
|
||||
"id": "CVE-2023-28937",
|
||||
"sourceIdentifier": "vultures@jpcert.or.jp",
|
||||
"published": "2023-06-01T02:15:09.717",
|
||||
"lastModified": "2023-06-08T13:45:18.817",
|
||||
"vulnStatus": "Analyzed",
|
||||
"lastModified": "2023-06-13T10:15:10.047",
|
||||
"vulnStatus": "Modified",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "DataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. DataSpider Servista is data integration software. ScriptRunner and ScriptRunner for Amazon SQS are used to start the configured processes on DataSpider Servista. The cryptographic key is embedded in ScriptRunner and ScriptRunner for Amazon SQS, which is common to all users. If an attacker who can gain access to a target DataSpider Servista instance and obtain a Launch Settings file of ScriptRunner and/or ScriptRunner for Amazon SQS, the attacker may perform operations with the user privilege encrypted in the file."
|
||||
"value": "DataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. DataSpider Servista is data integration software. ScriptRunner and ScriptRunner for Amazon SQS are used to start the configured processes on DataSpider Servista. The cryptographic key is embedded in ScriptRunner and ScriptRunner for Amazon SQS, which is common to all users. If an attacker who can gain access to a target DataSpider Servista instance and obtain a Launch Settings file of ScriptRunner and/or ScriptRunner for Amazon SQS, the attacker may perform operations with the user privilege encrypted in the file. Note that DataSpider Servista and some of the OEM products are affected by this vulnerability. For the details of affected products and versions, refer to the information listed in [References]."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
@ -79,6 +79,18 @@
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://cs.wingarc.com/ja/download/000016244",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
},
|
||||
{
|
||||
"url": "https://cs.wingarc.com/ja/download/000022448",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
},
|
||||
{
|
||||
"url": "https://cs.wingarc.com/ja/download/000023565",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
},
|
||||
{
|
||||
"url": "https://jvn.jp/en/jp/JVN38222042/",
|
||||
"source": "vultures@jpcert.or.jp",
|
||||
@ -86,12 +98,24 @@
|
||||
"Third Party Advisory"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://www.hulft.com/application/files/4416/8420/4506/information_20230519_2_en.pdf",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
},
|
||||
{
|
||||
"url": "https://www.hulft.com/download_file/18675",
|
||||
"source": "vultures@jpcert.or.jp",
|
||||
"tags": [
|
||||
"Product"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://www.justsystems.com/jp/services/actionista/info/20230519_001/",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
},
|
||||
{
|
||||
"url": "https://www.terrasky.co.jp/files/DCSpider_ScriptRunnerVulnerability.pdf",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
}
|
||||
]
|
||||
}
|
24
CVE-2023/CVE-2023-291xx/CVE-2023-29160.json
Normal file
24
CVE-2023/CVE-2023-291xx/CVE-2023-29160.json
Normal file
@ -0,0 +1,24 @@
|
||||
{
|
||||
"id": "CVE-2023-29160",
|
||||
"sourceIdentifier": "vultures@jpcert.or.jp",
|
||||
"published": "2023-06-13T10:15:10.123",
|
||||
"lastModified": "2023-06-13T10:15:10.123",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Stack-based buffer overflow vulnerability exists in FRENIC RHC Loader v1.1.0.3. If a user opens a specially crafted FNE file, sensitive information on the system where the affected product is installed may be disclosed or arbitrary code may be executed."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": [
|
||||
{
|
||||
"url": "https://felib.fujielectric.co.jp/download/details.htm?dataid=45829407&site=global&lang=en",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
},
|
||||
{
|
||||
"url": "https://jvn.jp/en/vu/JVNVU97809354/",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
}
|
||||
]
|
||||
}
|
24
CVE-2023/CVE-2023-291xx/CVE-2023-29167.json
Normal file
24
CVE-2023/CVE-2023-291xx/CVE-2023-29167.json
Normal file
@ -0,0 +1,24 @@
|
||||
{
|
||||
"id": "CVE-2023-29167",
|
||||
"sourceIdentifier": "vultures@jpcert.or.jp",
|
||||
"published": "2023-06-13T10:15:10.167",
|
||||
"lastModified": "2023-06-13T10:15:10.167",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Out-of-bound reads vulnerability exists in FRENIC RHC Loader v1.1.0.3. If a user opens a specially crafted FNE file, sensitive information on the system where the affected product is installed may be disclosed or arbitrary code may be executed."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": [
|
||||
{
|
||||
"url": "https://felib.fujielectric.co.jp/download/details.htm?dataid=45829407&site=global&lang=en",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
},
|
||||
{
|
||||
"url": "https://jvn.jp/en/vu/JVNVU97809354/",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
}
|
||||
]
|
||||
}
|
24
CVE-2023/CVE-2023-294xx/CVE-2023-29498.json
Normal file
24
CVE-2023/CVE-2023-294xx/CVE-2023-29498.json
Normal file
@ -0,0 +1,24 @@
|
||||
{
|
||||
"id": "CVE-2023-29498",
|
||||
"sourceIdentifier": "vultures@jpcert.or.jp",
|
||||
"published": "2023-06-13T10:15:10.210",
|
||||
"lastModified": "2023-06-13T10:15:10.210",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Improper restriction of XML external entity reference (XXE) vulnerability exists in FRENIC RHC Loader v1.1.0.3 and earlier. If a user opens a specially crafted project file, sensitive information on the system where the affected product is installed may be disclosed."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": [
|
||||
{
|
||||
"url": "https://felib.fujielectric.co.jp/download/details.htm?dataid=45829407&site=global&lang=en",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
},
|
||||
{
|
||||
"url": "https://jvn.jp/en/vu/JVNVU97809354/",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
}
|
||||
]
|
||||
}
|
32
CVE-2023/CVE-2023-295xx/CVE-2023-29501.json
Normal file
32
CVE-2023/CVE-2023-295xx/CVE-2023-29501.json
Normal file
@ -0,0 +1,32 @@
|
||||
{
|
||||
"id": "CVE-2023-29501",
|
||||
"sourceIdentifier": "vultures@jpcert.or.jp",
|
||||
"published": "2023-06-13T10:15:10.250",
|
||||
"lastModified": "2023-06-13T10:15:10.250",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Jiyu Kukan Toku-Toku coupon App for iOS versions 3.5.0 and earlier, and Jiyu Kukan Toku-Toku coupon App for Android versions 3.5.0 and earlier are vulnerable to improper server certificate verification. If this vulnerability is exploited, a man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": [
|
||||
{
|
||||
"url": "https://apps.apple.com/jp/app/%E8%87%AA%E9%81%8A%E7%A9%BA%E9%96%93%E3%81%A8%E3%81%8F%E3%81%A8%E3%81%8F%E3%82%AF%E3%83%BC%E3%83%9D%E3%83%B3/id608149604",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
},
|
||||
{
|
||||
"url": "https://jvn.jp/en/jp/JVN33836375/",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
},
|
||||
{
|
||||
"url": "https://play.google.com/store/apps/details?id=jp.runsystem",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
},
|
||||
{
|
||||
"url": "https://www.runsystem.co.jp/g1-pr/17570",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
}
|
||||
]
|
||||
}
|
24
CVE-2023/CVE-2023-307xx/CVE-2023-30762.json
Normal file
24
CVE-2023/CVE-2023-307xx/CVE-2023-30762.json
Normal file
@ -0,0 +1,24 @@
|
||||
{
|
||||
"id": "CVE-2023-30762",
|
||||
"sourceIdentifier": "vultures@jpcert.or.jp",
|
||||
"published": "2023-06-13T10:15:10.293",
|
||||
"lastModified": "2023-06-13T10:15:10.293",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Improper authentication vulnerability exists in KB-AHR series and KB-IRIP series. If this vulnerability is exploited, an arbitrary OS command may be executed on the product or the device settings may be altered. Affected products and versions are as follows: KB-AHR04D versions prior to 91110.1.101106.78, KB-AHR08D versions prior to 91210.1.101106.78, KB-AHR16D versions prior to 91310.1.101106.78, KB-IRIP04A versions prior to 95110.1.100290.78A, KB-IRIP08A versions prior to 95210.1.100290.78A, and KB-IRIP16A versions prior to 95310.1.100290.78A."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": [
|
||||
{
|
||||
"url": "https://jvn.jp/en/vu/JVNVU90812349/",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
},
|
||||
{
|
||||
"url": "https://www.kbdevice.com/news/%e3%83%ac%e3%82%b3%e3%83%bc%e3%83%80%e3%83%bc%e3%81%ae%e3%83%8d%e3%83%83%e3%83%88%e3%83%af%e3%83%bc%e3%82%af%e6%94%bb%e6%92%83%e3%81%ab%e5%af%be%e3%81%99%e3%82%8b%e3%82%a2%e3%83%83%e3%83%97%e3%83%87/",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
}
|
||||
]
|
||||
}
|
24
CVE-2023/CVE-2023-307xx/CVE-2023-30764.json
Normal file
24
CVE-2023/CVE-2023-307xx/CVE-2023-30764.json
Normal file
@ -0,0 +1,24 @@
|
||||
{
|
||||
"id": "CVE-2023-30764",
|
||||
"sourceIdentifier": "vultures@jpcert.or.jp",
|
||||
"published": "2023-06-13T10:15:10.330",
|
||||
"lastModified": "2023-06-13T10:15:10.330",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "OS command injection vulnerability exists in KB-AHR series and KB-IRIP series. If this vulnerability is exploited, an arbitrary OS command may be executed on the product or the device settings may be altered. Affected products and versions are as follows: KB-AHR04D versions prior to 91110.1.101106.78, KB-AHR08D versions prior to 91210.1.101106.78, KB-AHR16D versions prior to 91310.1.101106.78, KB-IRIP04A versions prior to 95110.1.100290.78A, KB-IRIP08A versions prior to 95210.1.100290.78A, and KB-IRIP16A versions prior to 95310.1.100290.78A."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": [
|
||||
{
|
||||
"url": "https://jvn.jp/en/vu/JVNVU90812349/",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
},
|
||||
{
|
||||
"url": "https://www.kbdevice.com/news/%e3%83%ac%e3%82%b3%e3%83%bc%e3%83%80%e3%83%bc%e3%81%ae%e3%83%8d%e3%83%83%e3%83%88%e3%83%af%e3%83%bc%e3%82%af%e6%94%bb%e6%92%83%e3%81%ab%e5%af%be%e3%81%99%e3%82%8b%e3%82%a2%e3%83%83%e3%83%97%e3%83%87/",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
}
|
||||
]
|
||||
}
|
24
CVE-2023/CVE-2023-307xx/CVE-2023-30766.json
Normal file
24
CVE-2023/CVE-2023-307xx/CVE-2023-30766.json
Normal file
@ -0,0 +1,24 @@
|
||||
{
|
||||
"id": "CVE-2023-30766",
|
||||
"sourceIdentifier": "vultures@jpcert.or.jp",
|
||||
"published": "2023-06-13T10:15:10.370",
|
||||
"lastModified": "2023-06-13T10:15:10.370",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Hidden functionality issue exists in KB-AHR series and KB-IRIP series. If this vulnerability is exploited, an arbitrary OS command may be executed on the product or the device settings may be altered. Affected products and versions are as follows: KB-AHR04D versions prior to 91110.1.101106.78, KB-AHR08D versions prior to 91210.1.101106.78, KB-AHR16D versions prior to 91310.1.101106.78, KB-IRIP04A versions prior to 95110.1.100290.78A, KB-IRIP08A versions prior to 95210.1.100290.78A, and KB-IRIP16A versions prior to 95310.1.100290.78A."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": [
|
||||
{
|
||||
"url": "https://jvn.jp/en/vu/JVNVU90812349/",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
},
|
||||
{
|
||||
"url": "https://www.kbdevice.com/news/%e3%83%ac%e3%82%b3%e3%83%bc%e3%83%80%e3%83%bc%e3%81%ae%e3%83%8d%e3%83%83%e3%83%88%e3%83%af%e3%83%bc%e3%82%af%e6%94%bb%e6%92%83%e3%81%ab%e5%af%be%e3%81%99%e3%82%8b%e3%82%a2%e3%83%83%e3%83%97%e3%83%87/",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
}
|
||||
]
|
||||
}
|
24
CVE-2023/CVE-2023-311xx/CVE-2023-31195.json
Normal file
24
CVE-2023/CVE-2023-311xx/CVE-2023-31195.json
Normal file
@ -0,0 +1,24 @@
|
||||
{
|
||||
"id": "CVE-2023-31195",
|
||||
"sourceIdentifier": "vultures@jpcert.or.jp",
|
||||
"published": "2023-06-13T10:15:10.410",
|
||||
"lastModified": "2023-06-13T10:15:10.410",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "ASUS Router RT-AX3000 Firmware versions prior to 3.0.0.4.388.23403 uses sensitive cookies without 'Secure' attribute. When an attacker is in a position to be able to mount a man-in-the-middle attack, and a user is tricked to log into the affected device through an unencrypted ('http') connection, the user's session may be hijacked."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": [
|
||||
{
|
||||
"url": "https://jvn.jp/en/jp/JVN34232595/",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
},
|
||||
{
|
||||
"url": "https://www.asus.com/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ax3000/helpdesk_bios/?model2Name=RT-AX3000",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
}
|
||||
]
|
||||
}
|
24
CVE-2023/CVE-2023-311xx/CVE-2023-31196.json
Normal file
24
CVE-2023/CVE-2023-311xx/CVE-2023-31196.json
Normal file
@ -0,0 +1,24 @@
|
||||
{
|
||||
"id": "CVE-2023-31196",
|
||||
"sourceIdentifier": "vultures@jpcert.or.jp",
|
||||
"published": "2023-06-13T10:15:10.450",
|
||||
"lastModified": "2023-06-13T10:15:10.450",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing authentication for critical function in Wi-Fi AP UNIT allows a remote unauthenticated attacker to obtain sensitive information of the affected products. Affected products and versions are as follows: AC-PD-WAPU v1.05_B04 and earlier, AC-PD-WAPUM v1.05_B04 and earlier, AC-PD-WAPU-P v1.05_B04P and earlier, AC-PD-WAPUM-P v1.05_B04P and earlier, AC-WAPU-300 v1.00_B07 and earlier, AC-WAPUM-300 v1.00_B07 and earlier, AC-WAPU-300-P v1.00_B07 and earlier, and AC-WAPUM-300-P v1.00_B07 and earlier"
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": [
|
||||
{
|
||||
"url": "https://jvn.jp/en/jp/JVN28412757/",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
},
|
||||
{
|
||||
"url": "https://www.inaba.co.jp/abaniact/news/Wi-Fi_AP_UNIT%E3%81%AB%E3%81%8A%E3%81%91%E3%82%8B%E8%A4%87%E6%95%B0%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6.pdf",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
}
|
||||
]
|
||||
}
|
24
CVE-2023/CVE-2023-311xx/CVE-2023-31198.json
Normal file
24
CVE-2023/CVE-2023-311xx/CVE-2023-31198.json
Normal file
@ -0,0 +1,24 @@
|
||||
{
|
||||
"id": "CVE-2023-31198",
|
||||
"sourceIdentifier": "vultures@jpcert.or.jp",
|
||||
"published": "2023-06-13T10:15:10.493",
|
||||
"lastModified": "2023-06-13T10:15:10.493",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "OS command injection vulnerability exists in Wi-Fi AP UNIT allows. If this vulnerability is exploited, a remote authenticated attacker with an administrative privilege to execute an arbitrary OS command. Affected products and versions are as follows: AC-PD-WAPU v1.05_B04 and earlier, AC-PD-WAPUM v1.05_B04 and earlier, AC-PD-WAPU-P v1.05_B04P and earlier, AC-PD-WAPUM-P v1.05_B04P and earlier, AC-WAPU-300 v1.00_B07 and earlier, AC-WAPUM-300 v1.00_B07 and earlier, AC-WAPU-300-P v1.00_B07 and earlier, and AC-WAPUM-300-P v1.00_B07 and earlier"
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": [
|
||||
{
|
||||
"url": "https://jvn.jp/en/jp/JVN28412757/",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
},
|
||||
{
|
||||
"url": "https://www.inaba.co.jp/abaniact/news/Wi-Fi_AP_UNIT%E3%81%AB%E3%81%8A%E3%81%91%E3%82%8B%E8%A4%87%E6%95%B0%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6.pdf",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
}
|
||||
]
|
||||
}
|
24
CVE-2023/CVE-2023-325xx/CVE-2023-32546.json
Normal file
24
CVE-2023/CVE-2023-325xx/CVE-2023-32546.json
Normal file
@ -0,0 +1,24 @@
|
||||
{
|
||||
"id": "CVE-2023-32546",
|
||||
"sourceIdentifier": "vultures@jpcert.or.jp",
|
||||
"published": "2023-06-13T10:15:10.533",
|
||||
"lastModified": "2023-06-13T10:15:10.533",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Code injection vulnerability exists in Chatwork Desktop Application (Mac) 2.6.43 and earlier. If this vulnerability is exploited, a non-administrative user of the Mac where the product is installed may store and obtain audio and image data from the product without the user's consent."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": [
|
||||
{
|
||||
"url": "https://go.chatwork.com/ja/download/",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
},
|
||||
{
|
||||
"url": "https://jvn.jp/en/jp/JVN96828492/",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
}
|
||||
]
|
||||
}
|
24
CVE-2023/CVE-2023-325xx/CVE-2023-32548.json
Normal file
24
CVE-2023/CVE-2023-325xx/CVE-2023-32548.json
Normal file
@ -0,0 +1,24 @@
|
||||
{
|
||||
"id": "CVE-2023-32548",
|
||||
"sourceIdentifier": "vultures@jpcert.or.jp",
|
||||
"published": "2023-06-13T10:15:10.573",
|
||||
"lastModified": "2023-06-13T10:15:10.573",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "OS command injection vulnerability exists in WPS Office version 10.8.0.6186. If a remote attacker who can conduct a man-in-the-middle attack connects the product to a malicious server and sends a specially crafted data, an arbitrary OS command may be executed on the system where the product is installed."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": [
|
||||
{
|
||||
"url": "https://jvn.jp/en/jp/JVN36060509/",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
},
|
||||
{
|
||||
"url": "https://support.kingsoft.jp/about/20230605.html",
|
||||
"source": "vultures@jpcert.or.jp"
|
||||
}
|
||||
]
|
||||
}
|
59
CVE-2023/CVE-2023-32xx/CVE-2023-3218.json
Normal file
59
CVE-2023/CVE-2023-32xx/CVE-2023-3218.json
Normal file
@ -0,0 +1,59 @@
|
||||
{
|
||||
"id": "CVE-2023-3218",
|
||||
"sourceIdentifier": "security@huntr.dev",
|
||||
"published": "2023-06-13T11:15:08.930",
|
||||
"lastModified": "2023-06-13T11:15:08.930",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Race Condition within a Thread in GitHub repository it-novum/openitcockpit prior to 4.6.5."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV30": [
|
||||
{
|
||||
"source": "security@huntr.dev",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.0",
|
||||
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "HIGH",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 6.5,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 1.2,
|
||||
"impactScore": 5.2
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "security@huntr.dev",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-366"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://github.com/it-novum/openitcockpit/commit/2c2c243964dda97a82eddb3804e39f9665c574bb",
|
||||
"source": "security@huntr.dev"
|
||||
},
|
||||
{
|
||||
"url": "https://huntr.dev/bounties/94d50b11-20ca-46e3-9086-dd6836421675",
|
||||
"source": "security@huntr.dev"
|
||||
}
|
||||
]
|
||||
}
|
66
README.md
66
README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
|
||||
### Last Repository Update
|
||||
|
||||
```plain
|
||||
2023-06-13T10:00:27.326675+00:00
|
||||
2023-06-13T12:00:30.040701+00:00
|
||||
```
|
||||
|
||||
### Most recent CVE Modification Timestamp synchronized with NVD
|
||||
|
||||
```plain
|
||||
2023-06-13T09:15:18.733000+00:00
|
||||
2023-06-13T11:15:08.930000+00:00
|
||||
```
|
||||
|
||||
### Last Data Feed Release
|
||||
@ -29,61 +29,33 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
|
||||
### Total Number of included CVEs
|
||||
|
||||
```plain
|
||||
217534
|
||||
217547
|
||||
```
|
||||
|
||||
### CVEs added in the last Commit
|
||||
|
||||
Recently added CVEs: `34`
|
||||
Recently added CVEs: `13`
|
||||
|
||||
* [CVE-2023-22639](CVE-2023/CVE-2023-226xx/CVE-2023-22639.json) (`2023-06-13T09:15:16.177`)
|
||||
* [CVE-2023-25609](CVE-2023/CVE-2023-256xx/CVE-2023-25609.json) (`2023-06-13T09:15:16.227`)
|
||||
* [CVE-2023-25910](CVE-2023/CVE-2023-259xx/CVE-2023-25910.json) (`2023-06-13T09:15:16.280`)
|
||||
* [CVE-2023-26204](CVE-2023/CVE-2023-262xx/CVE-2023-26204.json) (`2023-06-13T09:15:16.417`)
|
||||
* [CVE-2023-26207](CVE-2023/CVE-2023-262xx/CVE-2023-26207.json) (`2023-06-13T09:15:16.467`)
|
||||
* [CVE-2023-26210](CVE-2023/CVE-2023-262xx/CVE-2023-26210.json) (`2023-06-13T09:15:16.510`)
|
||||
* [CVE-2023-27465](CVE-2023/CVE-2023-274xx/CVE-2023-27465.json) (`2023-06-13T09:15:16.557`)
|
||||
* [CVE-2023-27997](CVE-2023/CVE-2023-279xx/CVE-2023-27997.json) (`2023-06-13T09:15:16.613`)
|
||||
* [CVE-2023-28000](CVE-2023/CVE-2023-280xx/CVE-2023-28000.json) (`2023-06-13T09:15:16.660`)
|
||||
* [CVE-2023-28829](CVE-2023/CVE-2023-288xx/CVE-2023-28829.json) (`2023-06-13T09:15:16.707`)
|
||||
* [CVE-2023-29129](CVE-2023/CVE-2023-291xx/CVE-2023-29129.json) (`2023-06-13T09:15:16.767`)
|
||||
* [CVE-2023-29175](CVE-2023/CVE-2023-291xx/CVE-2023-29175.json) (`2023-06-13T09:15:17.027`)
|
||||
* [CVE-2023-29178](CVE-2023/CVE-2023-291xx/CVE-2023-29178.json) (`2023-06-13T09:15:17.077`)
|
||||
* [CVE-2023-30757](CVE-2023/CVE-2023-307xx/CVE-2023-30757.json) (`2023-06-13T09:15:17.323`)
|
||||
* [CVE-2023-30897](CVE-2023/CVE-2023-308xx/CVE-2023-30897.json) (`2023-06-13T09:15:17.703`)
|
||||
* [CVE-2023-30901](CVE-2023/CVE-2023-309xx/CVE-2023-30901.json) (`2023-06-13T09:15:17.763`)
|
||||
* [CVE-2023-31238](CVE-2023/CVE-2023-312xx/CVE-2023-31238.json) (`2023-06-13T09:15:18.093`)
|
||||
* [CVE-2023-33121](CVE-2023/CVE-2023-331xx/CVE-2023-33121.json) (`2023-06-13T09:15:18.323`)
|
||||
* [CVE-2023-33122](CVE-2023/CVE-2023-331xx/CVE-2023-33122.json) (`2023-06-13T09:15:18.380`)
|
||||
* [CVE-2023-33123](CVE-2023/CVE-2023-331xx/CVE-2023-33123.json) (`2023-06-13T09:15:18.437`)
|
||||
* [CVE-2023-33124](CVE-2023/CVE-2023-331xx/CVE-2023-33124.json) (`2023-06-13T09:15:18.500`)
|
||||
* [CVE-2023-33305](CVE-2023/CVE-2023-333xx/CVE-2023-33305.json) (`2023-06-13T09:15:18.563`)
|
||||
* [CVE-2023-33919](CVE-2023/CVE-2023-339xx/CVE-2023-33919.json) (`2023-06-13T09:15:18.620`)
|
||||
* [CVE-2023-33920](CVE-2023/CVE-2023-339xx/CVE-2023-33920.json) (`2023-06-13T09:15:18.677`)
|
||||
* [CVE-2023-33921](CVE-2023/CVE-2023-339xx/CVE-2023-33921.json) (`2023-06-13T09:15:18.733`)
|
||||
* [CVE-2023-29160](CVE-2023/CVE-2023-291xx/CVE-2023-29160.json) (`2023-06-13T10:15:10.123`)
|
||||
* [CVE-2023-29167](CVE-2023/CVE-2023-291xx/CVE-2023-29167.json) (`2023-06-13T10:15:10.167`)
|
||||
* [CVE-2023-29498](CVE-2023/CVE-2023-294xx/CVE-2023-29498.json) (`2023-06-13T10:15:10.210`)
|
||||
* [CVE-2023-29501](CVE-2023/CVE-2023-295xx/CVE-2023-29501.json) (`2023-06-13T10:15:10.250`)
|
||||
* [CVE-2023-30762](CVE-2023/CVE-2023-307xx/CVE-2023-30762.json) (`2023-06-13T10:15:10.293`)
|
||||
* [CVE-2023-30764](CVE-2023/CVE-2023-307xx/CVE-2023-30764.json) (`2023-06-13T10:15:10.330`)
|
||||
* [CVE-2023-30766](CVE-2023/CVE-2023-307xx/CVE-2023-30766.json) (`2023-06-13T10:15:10.370`)
|
||||
* [CVE-2023-31195](CVE-2023/CVE-2023-311xx/CVE-2023-31195.json) (`2023-06-13T10:15:10.410`)
|
||||
* [CVE-2023-31196](CVE-2023/CVE-2023-311xx/CVE-2023-31196.json) (`2023-06-13T10:15:10.450`)
|
||||
* [CVE-2023-31198](CVE-2023/CVE-2023-311xx/CVE-2023-31198.json) (`2023-06-13T10:15:10.493`)
|
||||
* [CVE-2023-32546](CVE-2023/CVE-2023-325xx/CVE-2023-32546.json) (`2023-06-13T10:15:10.533`)
|
||||
* [CVE-2023-32548](CVE-2023/CVE-2023-325xx/CVE-2023-32548.json) (`2023-06-13T10:15:10.573`)
|
||||
* [CVE-2023-3218](CVE-2023/CVE-2023-32xx/CVE-2023-3218.json) (`2023-06-13T11:15:08.930`)
|
||||
|
||||
|
||||
### CVEs modified in the last Commit
|
||||
|
||||
Recently modified CVEs: `17`
|
||||
Recently modified CVEs: `1`
|
||||
|
||||
* [CVE-2018-4834](CVE-2018/CVE-2018-48xx/CVE-2018-4834.json) (`2023-06-13T09:15:13.620`)
|
||||
* [CVE-2022-31465](CVE-2022/CVE-2022-314xx/CVE-2022-31465.json) (`2023-06-13T09:15:14.300`)
|
||||
* [CVE-2022-39136](CVE-2022/CVE-2022-391xx/CVE-2022-39136.json) (`2023-06-13T09:15:14.517`)
|
||||
* [CVE-2022-40226](CVE-2022/CVE-2022-402xx/CVE-2022-40226.json) (`2023-06-13T09:15:14.680`)
|
||||
* [CVE-2022-41660](CVE-2022/CVE-2022-416xx/CVE-2022-41660.json) (`2023-06-13T09:15:15.023`)
|
||||
* [CVE-2022-41661](CVE-2022/CVE-2022-416xx/CVE-2022-41661.json) (`2023-06-13T09:15:15.097`)
|
||||
* [CVE-2022-41662](CVE-2022/CVE-2022-416xx/CVE-2022-41662.json) (`2023-06-13T09:15:15.177`)
|
||||
* [CVE-2022-41663](CVE-2022/CVE-2022-416xx/CVE-2022-41663.json) (`2023-06-13T09:15:15.243`)
|
||||
* [CVE-2022-41664](CVE-2022/CVE-2022-416xx/CVE-2022-41664.json) (`2023-06-13T09:15:15.310`)
|
||||
* [CVE-2022-41665](CVE-2022/CVE-2022-416xx/CVE-2022-41665.json) (`2023-06-13T09:15:15.380`)
|
||||
* [CVE-2022-43398](CVE-2022/CVE-2022-433xx/CVE-2022-43398.json) (`2023-06-13T09:15:15.707`)
|
||||
* [CVE-2022-43439](CVE-2022/CVE-2022-434xx/CVE-2022-43439.json) (`2023-06-13T09:15:15.790`)
|
||||
* [CVE-2022-43545](CVE-2022/CVE-2022-435xx/CVE-2022-43545.json) (`2023-06-13T09:15:15.870`)
|
||||
* [CVE-2022-43546](CVE-2022/CVE-2022-435xx/CVE-2022-43546.json) (`2023-06-13T09:15:15.957`)
|
||||
* [CVE-2023-1323](CVE-2023/CVE-2023-13xx/CVE-2023-1323.json) (`2023-06-13T08:15:09.070`)
|
||||
* [CVE-2023-2518](CVE-2023/CVE-2023-25xx/CVE-2023-2518.json) (`2023-06-13T08:15:09.163`)
|
||||
* [CVE-2023-25957](CVE-2023/CVE-2023-259xx/CVE-2023-25957.json) (`2023-06-13T09:15:16.340`)
|
||||
* [CVE-2023-28937](CVE-2023/CVE-2023-289xx/CVE-2023-28937.json) (`2023-06-13T10:15:10.047`)
|
||||
|
||||
|
||||
## Download and Usage
|
||||
|
Loading…
x
Reference in New Issue
Block a user