Auto-Update: 2023-10-02T14:00:24.670488+00:00

CVE-2021/CVE-2021-344xx/CVE-2021-34434.json

@@ -2,8 +2,8 @@
   "id": "CVE-2021-34434",
   "sourceIdentifier": "emo@eclipse.org",
   "published": "2021-08-30T20:15:07.363",
-  "lastModified": "2022-10-27T12:48:03.960",
+  "lastModified": "2023-10-02T12:15:09.657",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
@@ -149,6 +149,10 @@
         "Mailing List",
         "Third Party Advisory"
       ]
+    },
+    {
+      "url": "https://www.debian.org/security/2023/dsa-5511",
+      "source": "emo@eclipse.org"
     }
   ]
 }

CVE-2021/CVE-2021-410xx/CVE-2021-41039.json

@@ -2,8 +2,8 @@
   "id": "CVE-2021-41039",
   "sourceIdentifier": "emo@eclipse.org",
   "published": "2021-12-01T20:15:07.933",
-  "lastModified": "2021-12-03T15:58:36.960",
+  "lastModified": "2023-10-02T12:15:09.793",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
@@ -114,6 +114,10 @@
         "Patch",
         "Vendor Advisory"
       ]
+    },
+    {
+      "url": "https://www.debian.org/security/2023/dsa-5511",
+      "source": "emo@eclipse.org"
     }
   ]
 }

CVE-2023/CVE-2023-283xx/CVE-2023-28366.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-28366",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2023-09-01T16:15:07.790",
-  "lastModified": "2023-09-15T21:15:09.940",
+  "lastModified": "2023-10-02T12:15:09.913",
   "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
       "value": "The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function."
+    },
+    {
+      "lang": "es",
+      "value": "El intermediario en Eclipse Mosquitto 1.3.2 hasta 2.x anterior a 2.0.16 tiene una p\u00e9rdida de memoria de la que se puede abusar de forma remota cuando un cliente env\u00eda muchos mensajes QoS 2 con ID de mensajes duplicados y no responde a los comandos PUBREC. Esto ocurre debido a un mal manejo de EAGAIN desde la funci\u00f3n de env\u00edo de libc."
     }
   ],
   "metrics": {
@@ -97,6 +101,10 @@
       "tags": [
         "Third Party Advisory"
       ]
+    },
+    {
+      "url": "https://www.debian.org/security/2023/dsa-5511",
+      "source": "cve@mitre.org"
     }
   ]
 }

CVE-2023/CVE-2023-37xx/CVE-2023-3768.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-3768",
   "sourceIdentifier": "cve-coordination@incibe.es",
   "published": "2023-10-02T11:15:50.213",
-  "lastModified": "2023-10-02T11:15:50.213",
+  "lastModified": "2023-10-02T12:57:34.287",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication, achieving a complete system reboot of the device and its services."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de validaci\u00f3n de entrada de datos incorrecta, que podr\u00eda permitir a un atacante con acceso a la red implementar t\u00e9cnicas de fuzzing que le permitir\u00edan obtener conocimiento sobre paquetes especialmente manipulados que crear\u00edan una condici\u00f3n DoS a trav\u00e9s del protocolo MMS al iniciar la comunicaci\u00f3n, logrando un reinicio completo del sistema del dispositivo y sus servicios."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-415xx/CVE-2023-41580.json

@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-41580",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-02T13:15:09.797",
+  "lastModified": "2023-10-02T13:15:09.797",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname parameter at /users/ad-search-result.php. This vulnerability allows attackers to enumerate arbitrary fields in the LDAP server and access sensitive data via a crafted POST request."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/ehtec/phpipam-exploit",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/phpipam/phpipam/commit/c451085476074943eb4056941005c0b61db566c5",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-416xx/CVE-2023-41692.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-41692",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T08:15:38.273",
-  "lastModified": "2023-10-02T08:15:38.273",
+  "lastModified": "2023-10-02T12:57:39.087",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Hennessey Digital Attorney theme <=\u00a03 theme."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en Hennessey Digital Attorney theme en versiones &lt;= 3 themas."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-417xx/CVE-2023-41728.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-41728",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T08:15:38.580",
-  "lastModified": "2023-10-02T08:15:38.580",
+  "lastModified": "2023-10-02T12:57:39.087",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Rescue Themes Rescue Shortcodes plugin <=\u00a02.5 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de colaboradores o superiores) almacenada en el complemento Rescue Themes Rescue Shortcodes en versiones &lt;= 2.5."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-417xx/CVE-2023-41729.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-41729",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T08:15:38.660",
-  "lastModified": "2023-10-02T08:15:38.660",
+  "lastModified": "2023-10-02T12:57:39.087",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SendPress Newsletters plugin <=\u00a01.22.3.31 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento SendPress Newsletters en versiones &lt;= 1.22.3.31."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-417xx/CVE-2023-41731.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-41731",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T08:15:38.733",
-  "lastModified": "2023-10-02T08:15:38.733",
+  "lastModified": "2023-10-02T12:57:39.087",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution WordPress publish post email notification plugin <=\u00a01.0.2.2 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en complemento I Thirteen Web Solution WordPress publish post email notification en versiones &lt;= 1.0.2.2."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-417xx/CVE-2023-41733.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-41733",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T08:15:38.803",
-  "lastModified": "2023-10-02T08:15:38.803",
+  "lastModified": "2023-10-02T12:57:39.087",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability\u00a0in YYDevelopment Back To The Top Button plugin <=\u00a02.1.5 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento dYYDevelopment Back To The Top Button en versiones &lt;= 2.1.5."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-417xx/CVE-2023-41734.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-41734",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T08:15:38.880",
-  "lastModified": "2023-10-02T08:15:38.880",
+  "lastModified": "2023-10-02T12:57:39.087",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in nigauri Insert Estimated Reading Time plugin <=\u00a01.2 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento nigauri Insert Estimated Reading Time en versiones &lt;= 1.2."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-417xx/CVE-2023-41736.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-41736",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T08:15:38.957",
-  "lastModified": "2023-10-02T08:15:38.957",
+  "lastModified": "2023-10-02T12:57:39.087",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Email posts to subscribers plugin <=\u00a06.2 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento Gopi Ramasamy Email posts to subscribers en versiones &lt;= 6.2."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-417xx/CVE-2023-41737.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-41737",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T09:15:11.717",
-  "lastModified": "2023-10-02T09:15:11.717",
+  "lastModified": "2023-10-02T12:57:39.087",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPGens Swifty Bar, sticky bar by WPGens plugin <=\u00a01.2.10 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento WPGens Swifty Bar, sticky bar by WPGens en versiones &lt;= 1.2.10."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-417xx/CVE-2023-41797.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-41797",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T09:15:11.813",
-  "lastModified": "2023-10-02T09:15:11.813",
+  "lastModified": "2023-10-02T12:57:39.087",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Gold Plugins Locations plugin <=\u00a04.0 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de colaboradores o superiores) almacenada en el complemento Gold Plugins Locations en versiones &lt;= 4.0."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-418xx/CVE-2023-41800.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-41800",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T09:15:11.890",
-  "lastModified": "2023-10-02T09:15:11.890",
+  "lastModified": "2023-10-02T12:57:39.087",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in UniConsent UniConsent CMP for GDPR CPRA GPP TCF plugin <=\u00a01.4.2 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en UniConsent UniConsent CMP para el complemento GDPR CPRA GPP TCF en versiones &lt;= 1.4.2."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-418xx/CVE-2023-41847.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-41847",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T09:15:11.967",
-  "lastModified": "2023-10-02T09:15:11.967",
+  "lastModified": "2023-10-02T12:57:39.087",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WEN Solutions Notice Bar plugin <=\u00a03.1.0 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de colaboradores o superiores) almacenada en el complemento WEN Solutions Notice Bar en versiones &lt;= 3.1.0."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-418xx/CVE-2023-41855.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-41855",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T09:15:12.043",
-  "lastModified": "2023-10-02T09:15:12.043",
+  "lastModified": "2023-10-02T12:57:39.087",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Regpacks Regpack plugin <=\u00a00.1 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento Regpacks Regpack en versiones &lt;= 0.1."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-418xx/CVE-2023-41856.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-41856",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T09:15:12.117",
-  "lastModified": "2023-10-02T09:15:12.117",
+  "lastModified": "2023-10-02T12:57:39.087",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ClickToTweet.Com Click To Tweet plugin <=\u00a02.0.14 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en el complemento ClickToTweet.Com Click To Tweet en versiones &lt;= 2.0.14."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-418xx/CVE-2023-41859.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-41859",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T09:15:12.203",
-  "lastModified": "2023-10-02T09:15:12.203",
+  "lastModified": "2023-10-02T12:57:34.287",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ashok Rane Order Delivery Date for WP e-Commerce plugin <=\u00a01.2 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento Ashok Rane Order Delivery Date for WP e-Commerce en versiones &lt;= 1.2."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-421xx/CVE-2023-42132.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-42132",
   "sourceIdentifier": "vultures@jpcert.or.jp",
   "published": "2023-10-02T05:15:26.470",
-  "lastModified": "2023-10-02T05:15:26.470",
+  "lastModified": "2023-10-02T12:57:39.087",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "FD Application Apr. 2022 Edition (Version 9.01) and earlier improperly restricts XML external entity references (XXE). By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker."
+    },
+    {
+      "lang": "es",
+      "value": "FD Application en la edici\u00f3n de abril de 2022 (versi\u00f3n 9.01) y anteriores, restringe incorrectamente las referencias XML external entities (XXE). Al procesar un archivo XML especialmente manipulado, un atacante puede leer archivos arbitrarios del sistema."
     }
   ],
   "metrics": {},

CVE-2023/CVE-2023-431xx/CVE-2023-43191.json

@@ -2,19 +2,79 @@
   "id": "CVE-2023-43191",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2023-09-27T23:15:11.960",
-  "lastModified": "2023-09-28T12:44:13.510",
+  "lastModified": "2023-10-02T13:18:20.010",
-  "vulnStatus": "Awaiting Analysis",
+  "vulnStatus": "Analyzed",
   "descriptions": [
     {
       "lang": "en",
       "value": "JFinalCMS foreground message can be embedded malicious code saved in the database. When users browse the comments, these malicious codes embedded in the HTML will be executed, and the user's browser will be controlled by the attacker, so as to achieve the special purpose of the attacker, such as cookie theft"
+    },
+    {
+      "lang": "es",
+      "value": "El mensaje de primer plano de JFinalCMS puede incluir c\u00f3digo malicioso guardado en la base de datos. Cuando los usuarios navegan por los comentarios, estos c\u00f3digos maliciosos incrustados en el HTML se ejecutar\u00e1n y el atacante controlar\u00e1 el navegador del usuario para lograr el prop\u00f3sito especial del atacante, como el robo de cookies."
     }
   ],
-  "metrics": {},
+  "metrics": {
-  "references": [
+    "cvssMetricV31": [
       {
-      "url": "https://github.com/etn0tw/cmscve_test/blob/main/README.md",
+        "source": "nvd@nist.gov",
-      "source": "cve@mitre.org"
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.4,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.3,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "nvd@nist.gov",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:jrecms:springbootcms:1.0:*:*:*:*:*:*:*",
+              "matchCriteriaId": "F34076A4-D906-47FF-A479-CD4F89469925"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/etn0tw/cmscve_test/blob/main/README.md",
+      "source": "cve@mitre.org",
+      "tags": [
+        "Exploit",
+        "Third Party Advisory"
+      ]
     }
   ]
 }

CVE-2023/CVE-2023-437xx/CVE-2023-43740.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-43740",
   "sourceIdentifier": "help@fluidattacks.com",
   "published": "2023-09-28T21:15:10.110",
-  "lastModified": "2023-09-29T15:15:10.227",
+  "lastModified": "2023-10-02T12:47:45.410",
-  "vulnStatus": "Awaiting Analysis",
+  "vulnStatus": "Analyzed",
   "descriptions": [
     {
       "lang": "en",
@@ -11,11 +11,31 @@
     },
     {
       "lang": "es",
-      "value": "Online Book Store Project v1.0 es vulnerable a una vulnerabilidad de carga de archivos insegura en el par\u00e1metro 'imagen' de la p\u00e1gina admin_edit.php, lo que permite a un atacante autenticado obtener la ejecuci\u00f3n remota de c\u00f3digo en el servidor que aloja la aplicaci\u00f3n."
+      "value": "Online Book Store Project v1.0 es vulnerable a una vulnerabilidad de carga de archivos insegura en el par\u00e1metro 'image' de la p\u00e1gina admin_edit.php, lo que permite a un atacante autenticado obtener la ejecuci\u00f3n remota de c\u00f3digo en el servidor que aloja la aplicaci\u00f3n."
     }
   ],
   "metrics": {
     "cvssMetricV31": [
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 8.8,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.9
+      },
       {
         "source": "help@fluidattacks.com",
         "type": "Secondary",
@@ -39,6 +59,16 @@
     ]
   },
   "weaknesses": [
+    {
+      "source": "nvd@nist.gov",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-434"
+        }
+      ]
+    },
     {
       "source": "help@fluidattacks.com",
       "type": "Secondary",
@@ -50,14 +80,38 @@
       ]
     }
   ],
-  "references": [
+  "configurations": [
     {
-      "url": "https://fluidattacks.com/advisories/shagrath",
+      "nodes": [
-      "source": "help@fluidattacks.com"
-    },
         {
-      "url": "https://projectworlds.in/",
+          "operator": "OR",
-      "source": "help@fluidattacks.com"
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:projectworlds:online_book_store_project:1.0:*:*:*:*:*:*:*",
+              "matchCriteriaId": "463F9305-8E47-4741-B348-425957649B7C"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://fluidattacks.com/advisories/shagrath",
+      "source": "help@fluidattacks.com",
+      "tags": [
+        "Exploit",
+        "Third Party Advisory"
+      ]
+    },
+    {
+      "url": "https://projectworlds.in/",
+      "source": "help@fluidattacks.com",
+      "tags": [
+        "Product"
+      ]
     }
   ]
 }

CVE-2023/CVE-2023-441xx/CVE-2023-44144.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-44144",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T10:15:12.577",
-  "lastModified": "2023-10-02T10:15:12.577",
+  "lastModified": "2023-10-02T12:57:34.287",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-441xx/CVE-2023-44145.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-44145",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T10:15:12.800",
-  "lastModified": "2023-10-02T10:15:12.800",
+  "lastModified": "2023-10-02T12:57:34.287",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-442xx/CVE-2023-44228.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-44228",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T11:15:50.317",
-  "lastModified": "2023-10-02T11:15:50.317",
+  "lastModified": "2023-10-02T12:57:34.287",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Onclick show popup plugin <=\u00a08.1 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento emergente Gopi Ramasamy Onclick en versiones &lt;=&#xa0;8.1."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-442xx/CVE-2023-44230.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-44230",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T11:15:50.393",
-  "lastModified": "2023-10-02T11:15:50.393",
+  "lastModified": "2023-10-02T12:57:34.287",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Popup contact form plugin <=\u00a07.1 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento de formulario de contacto Gopi Ramasamy Popup en versiones &lt;=&#xa0;7.1."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-442xx/CVE-2023-44239.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-44239",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T10:15:12.877",
-  "lastModified": "2023-10-02T10:15:12.877",
+  "lastModified": "2023-10-02T12:57:34.287",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-442xx/CVE-2023-44242.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-44242",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T11:15:50.470",
-  "lastModified": "2023-10-02T11:15:50.470",
+  "lastModified": "2023-10-02T12:57:34.287",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in 2J Slideshow Team Slideshow, Image Slider by 2J plugin <=\u00a01.3.54 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de colaboradores o superiores) almacenada en el complemento 2J Slideshow Team Slideshow, Image Slider by 2J en versiones &lt;= 1.3.54."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-442xx/CVE-2023-44244.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-44244",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T09:15:12.277",
-  "lastModified": "2023-10-02T09:15:12.277",
+  "lastModified": "2023-10-02T12:57:34.287",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FooPlugins FooGallery plugin <=\u00a02.2.44 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en el complemento FooPlugins FooGallery en versiones &lt;= 2.2.44."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-442xx/CVE-2023-44245.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-44245",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T10:15:12.953",
-  "lastModified": "2023-10-02T10:15:12.953",
+  "lastModified": "2023-10-02T12:57:34.287",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-442xx/CVE-2023-44262.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-44262",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T10:15:13.027",
-  "lastModified": "2023-10-02T10:15:13.027",
+  "lastModified": "2023-10-02T12:57:34.287",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-442xx/CVE-2023-44263.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-44263",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T10:15:13.107",
-  "lastModified": "2023-10-02T10:15:13.107",
+  "lastModified": "2023-10-02T12:57:34.287",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",

CVE-2023/CVE-2023-442xx/CVE-2023-44264.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-44264",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T11:15:50.547",
-  "lastModified": "2023-10-02T11:15:50.547",
+  "lastModified": "2023-10-02T12:57:34.287",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Arrow Plugins The Awesome Feed \u2013 Custom Feed plugin <=\u00a02.2.5 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de colaboradores o superiores) almacenada en el complemento Arrow Plugins The Awesome Feed \u2013 Custom Feed en versiones &lt;=&#xa0;2.2.5."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-442xx/CVE-2023-44265.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-44265",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T11:15:50.627",
-  "lastModified": "2023-10-02T11:15:50.627",
+  "lastModified": "2023-10-02T12:57:34.287",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Popup contact form plugin <=\u00a07.1 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento de formulario de contacto Gopi Ramasamy en versiones &lt;=&#xa0;7.1."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-442xx/CVE-2023-44266.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-44266",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T11:15:50.700",
-  "lastModified": "2023-10-02T11:15:50.700",
+  "lastModified": "2023-10-02T12:57:34.287",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jewel Theme WP Adminify plugin <=\u00a03.1.6 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento Jewel Theme WP Adminify en versiones &lt;=&#xa0;3.1.6."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-444xx/CVE-2023-44464.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-44464",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2023-09-29T05:15:46.757",
-  "lastModified": "2023-09-29T12:45:33.353",
+  "lastModified": "2023-10-02T12:51:18.960",
-  "vulnStatus": "Awaiting Analysis",
+  "vulnStatus": "Analyzed",
   "descriptions": [
     {
       "lang": "en",
@@ -14,23 +14,88 @@
       "value": "pretix antes de 2023.7.2 permite a Pillow analizar archivos EPS."
     }
   ],
-  "metrics": {},
+  "metrics": {
-  "references": [
+    "cvssMetricV31": [
       {
-      "url": "https://github.com/pretix/pretix/commit/8583bfb7d97263e9e923ad5d7f123ca1cadc8f2e",
+        "source": "nvd@nist.gov",
-      "source": "cve@mitre.org"
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.8,
+          "baseSeverity": "HIGH"
         },
-    {
+        "exploitabilityScore": 1.8,
-      "url": "https://github.com/pretix/pretix/compare/v2023.7.1...v2023.7.2",
+        "impactScore": 5.9
-      "source": "cve@mitre.org"
+      }
+    ]
   },
+  "weaknesses": [
     {
-      "url": "https://github.com/pretix/pretix/tags",
+      "source": "nvd@nist.gov",
-      "source": "cve@mitre.org"
+      "type": "Primary",
-    },
+      "description": [
         {
-      "url": "https://pretix.eu/about/en/ticketing",
+          "lang": "en",
-      "source": "cve@mitre.org"
+          "value": "NVD-CWE-noinfo"
+        }
+      ]
+    }
+  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:rami:pretix:*:*:*:*:*:*:*:*",
+              "versionEndExcluding": "2023.7.2",
+              "matchCriteriaId": "AA2101CA-673B-4A5D-91F3-3FD1D1474582"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/pretix/pretix/commit/8583bfb7d97263e9e923ad5d7f123ca1cadc8f2e",
+      "source": "cve@mitre.org",
+      "tags": [
+        "Patch"
+      ]
+    },
+    {
+      "url": "https://github.com/pretix/pretix/compare/v2023.7.1...v2023.7.2",
+      "source": "cve@mitre.org",
+      "tags": [
+        "Patch"
+      ]
+    },
+    {
+      "url": "https://github.com/pretix/pretix/tags",
+      "source": "cve@mitre.org",
+      "tags": [
+        "Release Notes"
+      ]
+    },
+    {
+      "url": "https://pretix.eu/about/en/ticketing",
+      "source": "cve@mitre.org",
+      "tags": [
+        "Product"
+      ]
     }
   ]
 }

CVE-2023/CVE-2023-444xx/CVE-2023-44474.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-44474",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T09:15:12.357",
-  "lastModified": "2023-10-02T09:15:12.357",
+  "lastModified": "2023-10-02T12:57:34.287",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in MD Jakir Hosen Tiger Forms \u2013 Drag and Drop Form Builder plugin <=\u00a02.0.0 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en el complemento MD Jakir Hosen Tiger Forms \u2013 Drag and Drop Form Builder en versiones &lt;= 2.0.0."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-444xx/CVE-2023-44477.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-44477",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T09:15:12.437",
-  "lastModified": "2023-10-02T09:15:12.437",
+  "lastModified": "2023-10-02T12:57:34.287",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Boxy Studio Cooked plugin <=\u00a01.7.13 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de colaboradores o superiores) almacenada en el complemento Boxy Studio Cooked en versiones &lt;= 1.7.13."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-444xx/CVE-2023-44479.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-44479",
   "sourceIdentifier": "audit@patchstack.com",
   "published": "2023-10-02T09:15:12.513",
-  "lastModified": "2023-10-02T09:15:12.513",
+  "lastModified": "2023-10-02T12:57:34.287",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jim Krill WP Jump Menu plugin <=\u00a03.6.4 versions."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento Jim Krill WP Jump Menu en versiones &lt;= 3.6.4."
     }
   ],
   "metrics": {

CVE-2023/CVE-2023-51xx/CVE-2023-5106.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-5106",
+  "sourceIdentifier": "cve@gitlab.com",
+  "published": "2023-10-02T12:15:09.997",
+  "lastModified": "2023-10-02T12:57:34.287",
+  "vulnStatus": "Awaiting Analysis",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in CI pipelines through direct transfer group imports."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@gitlab.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 8.2,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 5.8
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@gitlab.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-284"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://gitlab.com/gitlab-org/gitlab/-/commit/67039cfcae80b8fc0496f79be88714873cd169b3",
+      "source": "cve@gitlab.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-51xx/CVE-2023-5157.json

@@ -2,16 +2,40 @@
   "id": "CVE-2023-5157",
   "sourceIdentifier": "secalert@redhat.com",
   "published": "2023-09-27T15:19:41.807",
-  "lastModified": "2023-09-27T15:41:51.143",
+  "lastModified": "2023-10-02T13:22:15.330",
-  "vulnStatus": "Awaiting Analysis",
+  "vulnStatus": "Analyzed",
   "descriptions": [
     {
       "lang": "en",
       "value": "A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service."
+    },
+    {
+      "lang": "es",
+      "value": "Se encontr\u00f3 una vulnerabilidad en MariaDB. Un escaneo de puertos OpenVAS en los puertos 3306 y 4567 permite que un cliente remoto malicioso provoque una denegaci\u00f3n de servicio."
     }
   ],
   "metrics": {
     "cvssMetricV31": [
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.5,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.6
+      },
       {
         "source": "secalert@redhat.com",
         "type": "Secondary",
@@ -34,14 +58,114 @@
       }
     ]
   },
-  "references": [
+  "weaknesses": [
     {
-      "url": "https://access.redhat.com/security/cve/CVE-2023-5157",
+      "source": "nvd@nist.gov",
-      "source": "secalert@redhat.com"
+      "type": "Primary",
-    },
+      "description": [
         {
-      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240246",
+          "lang": "en",
-      "source": "secalert@redhat.com"
+          "value": "CWE-400"
+        }
+      ]
+    }
+  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
+              "versionEndExcluding": "10.4.26",
+              "matchCriteriaId": "FB28D8FF-695D-44AE-80BF-42AC6AA65081"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "10.5.0",
+              "versionEndExcluding": "10.5.17",
+              "matchCriteriaId": "144984F5-B5E4-4890-B84C-0BD4EBD1A575"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "10.6.0",
+              "versionEndExcluding": "10.6.9",
+              "matchCriteriaId": "9397E948-E3C7-4AE0-AB59-D8DF6DC0F85A"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "10.7.0",
+              "versionEndExcluding": "10.7.5",
+              "matchCriteriaId": "3E60C79C-A7E6-4AEF-AD29-38BC63149C60"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "10.8.0",
+              "versionEndExcluding": "10.8.4",
+              "matchCriteriaId": "EB9F7573-E888-42B6-8B57-CAF26300CC16"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
+              "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
+              "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
+              "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://access.redhat.com/security/cve/CVE-2023-5157",
+      "source": "secalert@redhat.com",
+      "tags": [
+        "Third Party Advisory"
+      ]
+    },
+    {
+      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240246",
+      "source": "secalert@redhat.com",
+      "tags": [
+        "Issue Tracking",
+        "Third Party Advisory"
+      ]
     }
   ]
 }

CVE-2023/CVE-2023-51xx/CVE-2023-5160.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-5160",
   "sourceIdentifier": "responsibledisclosure@mattermost.com",
   "published": "2023-10-02T11:15:50.813",
-  "lastModified": "2023-10-02T11:15:50.813",
+  "lastModified": "2023-10-02T12:57:34.287",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Mattermost fails to check the Show Full Name option at the /api/v4/teams/TEAM_ID/top/team_members endpoint allowing\u00a0a member to get the full name of another user even if the Show Full Name option was disabled\n\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "Mattermost no marca la opci\u00f3n \"Show Full Name\" en el endpoint /api/v4/teams/TEAM_ID/top/team_members, lo que permite a un miembro obtener el nombre completo de otro usuario incluso si la opci\u00f3n \"Show Full Name\" est\u00e1 deshabilitada."
     }
   ],
   "metrics": {

README.md

@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-10-02T12:00:25.054241+00:00
+2023-10-02T14:00:24.670488+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-10-02T11:15:50.813000+00:00
+2023-10-02T13:22:15.330000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,33 +29,46 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-226747
+226749
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `14`
+Recently added CVEs: `2`
 
-* [CVE-2023-44144](CVE-2023/CVE-2023-441xx/CVE-2023-44144.json) (`2023-10-02T10:15:12.577`)
+* [CVE-2023-5106](CVE-2023/CVE-2023-51xx/CVE-2023-5106.json) (`2023-10-02T12:15:09.997`)
-* [CVE-2023-44145](CVE-2023/CVE-2023-441xx/CVE-2023-44145.json) (`2023-10-02T10:15:12.800`)
+* [CVE-2023-41580](CVE-2023/CVE-2023-415xx/CVE-2023-41580.json) (`2023-10-02T13:15:09.797`)
-* [CVE-2023-44239](CVE-2023/CVE-2023-442xx/CVE-2023-44239.json) (`2023-10-02T10:15:12.877`)
-* [CVE-2023-44245](CVE-2023/CVE-2023-442xx/CVE-2023-44245.json) (`2023-10-02T10:15:12.953`)
-* [CVE-2023-44262](CVE-2023/CVE-2023-442xx/CVE-2023-44262.json) (`2023-10-02T10:15:13.027`)
-* [CVE-2023-44263](CVE-2023/CVE-2023-442xx/CVE-2023-44263.json) (`2023-10-02T10:15:13.107`)
-* [CVE-2023-3768](CVE-2023/CVE-2023-37xx/CVE-2023-3768.json) (`2023-10-02T11:15:50.213`)
-* [CVE-2023-44228](CVE-2023/CVE-2023-442xx/CVE-2023-44228.json) (`2023-10-02T11:15:50.317`)
-* [CVE-2023-44230](CVE-2023/CVE-2023-442xx/CVE-2023-44230.json) (`2023-10-02T11:15:50.393`)
-* [CVE-2023-44242](CVE-2023/CVE-2023-442xx/CVE-2023-44242.json) (`2023-10-02T11:15:50.470`)
-* [CVE-2023-44264](CVE-2023/CVE-2023-442xx/CVE-2023-44264.json) (`2023-10-02T11:15:50.547`)
-* [CVE-2023-44265](CVE-2023/CVE-2023-442xx/CVE-2023-44265.json) (`2023-10-02T11:15:50.627`)
-* [CVE-2023-44266](CVE-2023/CVE-2023-442xx/CVE-2023-44266.json) (`2023-10-02T11:15:50.700`)
-* [CVE-2023-5160](CVE-2023/CVE-2023-51xx/CVE-2023-5160.json) (`2023-10-02T11:15:50.813`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `0`
+Recently modified CVEs: `40`
 
+* [CVE-2023-44263](CVE-2023/CVE-2023-442xx/CVE-2023-44263.json) (`2023-10-02T12:57:34.287`)
+* [CVE-2023-3768](CVE-2023/CVE-2023-37xx/CVE-2023-3768.json) (`2023-10-02T12:57:34.287`)
+* [CVE-2023-44228](CVE-2023/CVE-2023-442xx/CVE-2023-44228.json) (`2023-10-02T12:57:34.287`)
+* [CVE-2023-44230](CVE-2023/CVE-2023-442xx/CVE-2023-44230.json) (`2023-10-02T12:57:34.287`)
+* [CVE-2023-44242](CVE-2023/CVE-2023-442xx/CVE-2023-44242.json) (`2023-10-02T12:57:34.287`)
+* [CVE-2023-44264](CVE-2023/CVE-2023-442xx/CVE-2023-44264.json) (`2023-10-02T12:57:34.287`)
+* [CVE-2023-44265](CVE-2023/CVE-2023-442xx/CVE-2023-44265.json) (`2023-10-02T12:57:34.287`)
+* [CVE-2023-44266](CVE-2023/CVE-2023-442xx/CVE-2023-44266.json) (`2023-10-02T12:57:34.287`)
+* [CVE-2023-5160](CVE-2023/CVE-2023-51xx/CVE-2023-5160.json) (`2023-10-02T12:57:34.287`)
+* [CVE-2023-42132](CVE-2023/CVE-2023-421xx/CVE-2023-42132.json) (`2023-10-02T12:57:39.087`)
+* [CVE-2023-41692](CVE-2023/CVE-2023-416xx/CVE-2023-41692.json) (`2023-10-02T12:57:39.087`)
+* [CVE-2023-41728](CVE-2023/CVE-2023-417xx/CVE-2023-41728.json) (`2023-10-02T12:57:39.087`)
+* [CVE-2023-41729](CVE-2023/CVE-2023-417xx/CVE-2023-41729.json) (`2023-10-02T12:57:39.087`)
+* [CVE-2023-41731](CVE-2023/CVE-2023-417xx/CVE-2023-41731.json) (`2023-10-02T12:57:39.087`)
+* [CVE-2023-41733](CVE-2023/CVE-2023-417xx/CVE-2023-41733.json) (`2023-10-02T12:57:39.087`)
+* [CVE-2023-41734](CVE-2023/CVE-2023-417xx/CVE-2023-41734.json) (`2023-10-02T12:57:39.087`)
+* [CVE-2023-41736](CVE-2023/CVE-2023-417xx/CVE-2023-41736.json) (`2023-10-02T12:57:39.087`)
+* [CVE-2023-41737](CVE-2023/CVE-2023-417xx/CVE-2023-41737.json) (`2023-10-02T12:57:39.087`)
+* [CVE-2023-41797](CVE-2023/CVE-2023-417xx/CVE-2023-41797.json) (`2023-10-02T12:57:39.087`)
+* [CVE-2023-41800](CVE-2023/CVE-2023-418xx/CVE-2023-41800.json) (`2023-10-02T12:57:39.087`)
+* [CVE-2023-41847](CVE-2023/CVE-2023-418xx/CVE-2023-41847.json) (`2023-10-02T12:57:39.087`)
+* [CVE-2023-41855](CVE-2023/CVE-2023-418xx/CVE-2023-41855.json) (`2023-10-02T12:57:39.087`)
+* [CVE-2023-41856](CVE-2023/CVE-2023-418xx/CVE-2023-41856.json) (`2023-10-02T12:57:39.087`)
+* [CVE-2023-43191](CVE-2023/CVE-2023-431xx/CVE-2023-43191.json) (`2023-10-02T13:18:20.010`)
+* [CVE-2023-5157](CVE-2023/CVE-2023-51xx/CVE-2023-5157.json) (`2023-10-02T13:22:15.330`)
 
 
 ## Download and Usage