admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 03:27:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-10T23:55:47.047247+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-10 23:55:50 +00:00
parent 5d2a3862af
commit dd80e8a1de
58 changed files with 5976 additions and 221 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
CVE-2021/CVE-2021-258xx/CVE-2021-25827.json
View File

@ -2,27 +2,91 @@
"id": "CVE-2021-25827",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T20:15:09.397",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-10T23:24:27.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Emby Server < 4.7.12.0 is vulnerable to a login bypass attack by setting the X-Forwarded-For header to a local IP-address."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-290"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:emby:emby:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.12.0",
"matchCriteriaId": "D8269B6B-081E-4BA9-BF1F-92730FFD72F5"
}
]
}
]
}
],
"references": [
{
"url": "https://emby.media/community/index.php?/topic/98191-emby-server-46-released/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/EmbySupport/security/security/advisories/GHSA-fffj-6fr6-3fgf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://github.com/MediaBrowser/Emby/issues/3784",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

14
CVE-2022/CVE-2022-398xx/CVE-2022-39803.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-39803",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:15.120",
"lastModified": "2023-06-27T16:37:09.723",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T20:15:14.243",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated ACIS Part and Assembly (.sat, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated ACIS Part and Assembly (.sat, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-398xx/CVE-2022-39804.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-39804",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:15.327",
"lastModified": "2023-06-27T17:16:44.390",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T20:15:14.360",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated SolidWorks Part (.sldprt, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated SolidWorks Part (.sldprt, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-398xx/CVE-2022-39805.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-39805",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:15.543",
"lastModified": "2023-06-27T17:16:48.887",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T20:15:14.440",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated Computer Graphics Metafile (.cgm, CgmTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated Computer Graphics Metafile (.cgm, CgmTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-398xx/CVE-2022-39806.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-39806",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:15.750",
"lastModified": "2023-06-27T17:16:53.210",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T20:15:14.523",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated SolidWorks Drawing (.slddrw, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated SolidWorks Drawing (.slddrw, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-398xx/CVE-2022-39808.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-39808",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:16.173",
"lastModified": "2023-06-27T17:19:56.367",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T20:15:14.617",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-411xx/CVE-2022-41167.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41167",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:16.793",
"lastModified": "2023-06-27T15:55:04.977",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T20:15:14.697",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dwg, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dwg, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

24
CVE-2022/CVE-2022-411xx/CVE-2022-41168.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41168",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:16.960",
"lastModified": "2022-10-12T20:00:41.527",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T20:15:14.773",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated CATIA5 Part (.catpart, CatiaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated CATIA5 Part (.catpart, CatiaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -46,6 +46,24 @@
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-411xx/CVE-2022-41170.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41170",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:17.437",
"lastModified": "2023-06-27T16:06:54.550",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T20:15:14.850",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated CATIA4 Part (.model, CatiaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated CATIA4 Part (.model, CatiaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-411xx/CVE-2022-41172.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41172",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:17.817",
"lastModified": "2023-06-27T15:22:01.463",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T20:15:14.923",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dxf, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dxf, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-411xx/CVE-2022-41175.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41175",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:18.487",
"lastModified": "2023-06-27T15:22:05.237",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T20:15:15.000",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated Enhanced Metafile (.emf, emf.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated Enhanced Metafile (.emf, emf.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-411xx/CVE-2022-41177.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41177",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:18.857",
"lastModified": "2023-06-27T15:22:09.450",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T20:15:15.073",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated Iges Part and Assembly (.igs, .iges, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated Iges Part and Assembly (.igs, .iges, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-411xx/CVE-2022-41179.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41179",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:19.293",
"lastModified": "2023-06-27T15:20:47.173",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T20:15:15.153",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated Jupiter Tesselation (.jt, JtTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated Jupiter Tesselation (.jt, JtTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-411xx/CVE-2022-41180.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41180",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:19.523",
"lastModified": "2023-06-27T15:20:52.047",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T21:15:09.227",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated Portable Document Format (.pdf, PDFPublishing.dll) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated Portable Document Format (.pdf, PDFPublishing.dll) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-411xx/CVE-2022-41184.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41184",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:20.543",
"lastModified": "2023-06-27T15:20:55.047",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T21:15:09.327",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated Windows Cursor File (.cur, ico.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated Windows Cursor File (.cur, ico.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-411xx/CVE-2022-41185.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41185",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:20.700",
"lastModified": "2023-06-27T15:20:59.053",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T21:15:09.397",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated Visual Design Stream (.vds, MataiPersistence.dll) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated Visual Design Stream (.vds, MataiPersistence.dll) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-411xx/CVE-2022-41186.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41186",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:20.927",
"lastModified": "2023-06-27T15:17:41.347",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T21:15:09.467",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, a Remote Code Execution can be triggered when payload forces a stack-based overflow and or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, a Remote Code Execution can be triggered when payload forces a stack-based overflow and or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-411xx/CVE-2022-41187.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41187",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:21.137",
"lastModified": "2023-06-27T15:18:00.647",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T21:15:09.540",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-411xx/CVE-2022-41189.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41189",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:21.543",
"lastModified": "2023-06-27T15:18:06.620",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T21:15:09.613",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dwg, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dwg, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-411xx/CVE-2022-41190.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41190",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:21.840",
"lastModified": "2023-06-27T15:18:11.237",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T21:15:09.690",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dxf, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dxf, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-411xx/CVE-2022-41191.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41191",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:22.307",
"lastModified": "2023-06-27T15:22:14.090",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T21:15:09.763",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-411xx/CVE-2022-41193.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41193",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:23.213",
"lastModified": "2023-06-27T15:30:59.420",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T21:15:09.837",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated Encapsulated Post Script (.eps, ai.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated Encapsulated Post Script (.eps, ai.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-411xx/CVE-2022-41195.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41195",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:24.100",
"lastModified": "2023-06-27T15:31:08.927",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T21:15:09.913",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated EAAmiga Interchange File Format (.iff, 2d.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated EAAmiga Interchange File Format (.iff, 2d.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-411xx/CVE-2022-41196.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41196",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:24.520",
"lastModified": "2023-06-27T15:31:19.807",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T21:15:09.993",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-411xx/CVE-2022-41198.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41198",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:25.433",
"lastModified": "2023-06-27T15:31:27.230",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T21:15:10.063",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated SketchUp (.skp, SketchUp.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated SketchUp (.skp, SketchUp.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-411xx/CVE-2022-41199.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41199",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:25.923",
"lastModified": "2023-06-27T15:22:33.103",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T21:15:10.147",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated Open Inventor File (.iv, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated Open Inventor File (.iv, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-412xx/CVE-2022-41200.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41200",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:26.097",
"lastModified": "2023-06-27T15:22:36.767",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T21:15:10.223",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated Scalable Vector Graphic (.svg, svg.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated Scalable Vector Graphic (.svg, svg.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-412xx/CVE-2022-41201.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41201",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:26.203",
"lastModified": "2023-06-27T15:22:47.807",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T21:15:10.300",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated Right Hemisphere Binary (.rh, rh.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated Right Hemisphere Binary (.rh, rh.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-412xx/CVE-2022-41202.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41202",
"sourceIdentifier": "cna@sap.com",
"published": "2022-10-11T21:15:26.303",
"lastModified": "2023-06-27T15:22:55.293",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T21:15:10.373",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens a manipulated Visual Design Stream (.vds, vds.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory."
"value": "Due to lack of proper memory management, when a victim opens a manipulated Visual Design Stream (.vds, vds.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.\n\n"
},
{
"lang": "es",
@ -40,7 +40,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -54,12 +54,16 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}

14
CVE-2022/CVE-2022-412xx/CVE-2022-41211.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41211",
"sourceIdentifier": "cna@sap.com",
"published": "2022-11-08T22:15:18.623",
"lastModified": "2023-06-27T14:06:08.953",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T21:15:10.447",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Due to lack of proper memory management, when a victim opens manipulated file received from untrusted sources in SAP 3D Visual Enterprise Author and SAP 3D Visual Enterprise Viewer, Arbitrary Code Execution can be triggered when payload forces:Re-use of dangling pointer which refers to overwritten space in memory. The accessed memory must be filled with code to execute the attack. Therefore, repeated success is unlikely.Stack-based buffer overflow. Since the memory overwritten is random, based on access rights of the memory, repeated success is not assured."
"value": "Due to lack of proper memory management, when a victim opens manipulated file received from untrusted sources in SAP 3D Visual Enterprise Author and SAP 3D Visual Enterprise Viewer, Arbitrary Code Execution can be triggered when payload forces:Re-use of dangling pointer which refers to overwritten space in memory. The accessed memory must be filled with code to execute the attack. Therefore, repeated success is unlikely.Stack-based buffer overflow. Since the memory overwritten is random, based on access rights of the memory, repeated success is not assured.\n\n"
}
],
"metrics": {
@ -56,7 +56,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -70,9 +70,13 @@
]
},
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"

6
CVE-2022/CVE-2022-479xx/CVE-2022-47927.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47927",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-12T06:15:08.167",
"lastModified": "2023-05-21T22:15:14.720",
"lastModified": "2023-07-10T23:15:08.933",
"vulnStatus": "Modified",
"descriptions": [
{
@ -102,6 +102,10 @@
}
],
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00011.html",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AP65YEN762IBNQPOYGUVLTQIDLM5XD2A/",
"source": "cve@mitre.org",

1366
CVE-2023/CVE-2023-216xx/CVE-2023-21635.json
View File

File diff suppressed because it is too large Load Diff

1528
CVE-2023/CVE-2023-216xx/CVE-2023-21637.json
View File

File diff suppressed because it is too large Load Diff

1015
CVE-2023/CVE-2023-216xx/CVE-2023-21638.json
View File

File diff suppressed because it is too large Load Diff

205
CVE-2023/CVE-2023-216xx/CVE-2023-21640.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21640",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-07-04T05:15:10.450",
"lastModified": "2023-07-05T13:00:36.033",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-10T23:38:21.937",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
@ -34,10 +54,189 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:snapdragon_8_gen_1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "985A7570-846E-4ED8-8EF0-E529231CE0B1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:snapdragon_8_gen_1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB1B4D9-EAE6-4395-8B8A-C97F15A64DFA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708"
}
]
}
]
}
],
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin",
"source": "product-security@qualcomm.com"
"source": "product-security@qualcomm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-223xx/CVE-2023-22319.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22319",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:10.897",
"lastModified": "2023-07-06T15:16:38.363",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-10T23:55:12.697",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:milesight:milesightvpn:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4943376D-ADEB-4BC5-BAF4-81C14233E3C0"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1701",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

43
CVE-2023/CVE-2023-228xx/CVE-2023-22835.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-22835",
"sourceIdentifier": "cve-coordination@palantir.com",
"published": "2023-07-10T21:15:10.540",
"lastModified": "2023-07-10T21:15:10.540",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A security defect was identified that enabled a user of Foundry Issues to perform a Denial of Service attack by submitting malformed data in an Issue that caused loss of frontend functionality to all issue participants.\n\nThis defect was resolved with the release of Foundry Issues 2.510.0 and Foundry Frontend 6.228.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@palantir.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0
}
]
},
"references": [
{
"url": "https://palantir.safebase.us/?tcuUid=0e2e79bd-cc03-42a8-92c2-c0e68a1ea53d",
"source": "cve-coordination@palantir.com"
}
]
}

32
CVE-2023/CVE-2023-244xx/CVE-2023-24486.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-24486",
"sourceIdentifier": "secure@citrix.com",
"published": "2023-07-10T21:15:10.600",
"lastModified": "2023-07-10T21:15:10.600",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Citrix Workspace app for Linux that, if exploited, may result in a malicious local user being able to gain access to the Citrix Virtual Apps and Desktops session of another user who is using the same computer from which the ICA session is launched."
}
],
"metrics": {},
"weaknesses": [
{
"source": "secure@citrix.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://support.citrix.com/article/CTX477618/citrix-workspace-app-for-linux-security-bulletin-for-cve202324486",
"source": "secure@citrix.com"
}
]
}

55
CVE-2023/CVE-2023-244xx/CVE-2023-24487.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-24487",
"sourceIdentifier": "secure@citrix.com",
"published": "2023-07-10T21:15:10.650",
"lastModified": "2023-07-10T21:15:10.650",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Arbitrary file read\u00a0in Citrix ADC and Citrix Gateway?"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@citrix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "secure@citrix.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-253"
}
]
}
],
"references": [
{
"url": "https://support.citrix.com/article/CTX477714/citrix-adc-and-citrix-gateway-security-bulletin-for-cve202324487-cve202324488",
"source": "secure@citrix.com"
}
]
}

55
CVE-2023/CVE-2023-244xx/CVE-2023-24488.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-24488",
"sourceIdentifier": "secure@citrix.com",
"published": "2023-07-10T21:15:10.707",
"lastModified": "2023-07-10T21:15:10.707",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross site scripting vulnerability\u00a0in Citrix ADC and Citrix Gateway?\u00a0in allows and attacker to perform cross site scripting"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@citrix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "secure@citrix.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://support.citrix.com/article/CTX477714/citrix-adc-and-citrix-gateway-security-bulletin-for-cve202324487-cve202324488",
"source": "secure@citrix.com"
}
]
}

55
CVE-2023/CVE-2023-244xx/CVE-2023-24489.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-24489",
"sourceIdentifier": "secure@citrix.com",
"published": "2023-07-10T22:15:09.197",
"lastModified": "2023-07-10T22:15:09.197",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@citrix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "secure@citrix.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://support.citrix.com/article/CTX559517/sharefile-storagezones-controller-security-update-for-cve202324489",
"source": "secure@citrix.com"
}
]
}

55
CVE-2023/CVE-2023-244xx/CVE-2023-24490.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-24490",
"sourceIdentifier": "secure@citrix.com",
"published": "2023-07-10T22:15:09.263",
"lastModified": "2023-07-10T22:15:09.263",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Users with only access to launch VDA applications can launch an unauthorized desktop\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@citrix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "secure@citrix.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://support.citrix.com/article/CTX559370/windows-and-linux-virtual-delivery-agent-for-cvad-and-citrix-daas-security-bulletin-cve202324490",
"source": "secure@citrix.com"
}
]
}

8
CVE-2023/CVE-2023-261xx/CVE-2023-26136.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26136",
"sourceIdentifier": "report@snyk.io",
"published": "2023-07-01T05:15:16.103",
"lastModified": "2023-07-08T00:02:00.740",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-10T23:15:09.030",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -108,6 +108,10 @@
"Release Notes"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html",
"source": "report@snyk.io"
},
{
"url": "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873",
"source": "report@snyk.io",

55
CVE-2023/CVE-2023-307xx/CVE-2023-30765.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-30765",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-07-10T20:15:15.237",
"lastModified": "2023-07-10T20:15:15.237",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n?Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contain improper access controls that could allow an attacker to alter privilege management configurations, resulting in privilege escalation.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-01",
"source": "ics-cert@hq.dhs.gov"
}
]
}

43
CVE-2023/CVE-2023-309xx/CVE-2023-30956.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-30956",
"sourceIdentifier": "cve-coordination@palantir.com",
"published": "2023-07-10T22:15:09.337",
"lastModified": "2023-07-10T22:15:09.337",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A security defect was identified in Foundry Comments that enabled a user to discover the contents of an attachment submitted to another comment if they knew the internal UUID of the target attachment. This defect was resolved with the release of Foundry Comments 2.267.0.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@palantir.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://palantir.safebase.us/?tcuUid=40367943-738c-4e69-b852-4a503c77478a",
"source": "cve-coordination@palantir.com"
}
]
}

43
CVE-2023/CVE-2023-309xx/CVE-2023-30960.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-30960",
"sourceIdentifier": "cve-coordination@palantir.com",
"published": "2023-07-10T22:15:09.410",
"lastModified": "2023-07-10T22:15:09.410",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A security defect was discovered in Foundry job-tracker that enabled users to query metadata related to builds on resources they did not have access to. This defect was resolved with the release of job-tracker 4.645.0. The service was rolled out to all affected Foundry instances. No further intervention is required.\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@palantir.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://palantir.safebase.us/?tcuUid=115d9bf4-201f-4cfe-b2fc-219e3a2d945b",
"source": "cve-coordination@palantir.com"
}
]
}

43
CVE-2023/CVE-2023-309xx/CVE-2023-30963.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-30963",
"sourceIdentifier": "cve-coordination@palantir.com",
"published": "2023-07-10T22:15:09.477",
"lastModified": "2023-07-10T22:15:09.477",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A security defect was discovered in Foundry Frontend which enabled users to perform Stored XSS attacks in Slate if Foundry's CSP were to be bypassed. This defect was resolved with the release of Foundry Frontend 6.229.0. The service was rolled out to all affected Foundry instances. No further intervention is required.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@palantir.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://palantir.safebase.us/?tcuUid=3c6b63b7-fb67-4202-a94a-9c83515efb8a",
"source": "cve-coordination@palantir.com"
}
]
}

69
CVE-2023/CVE-2023-33xx/CVE-2023-3336.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3336",
"sourceIdentifier": "psirt@moxa.com",
"published": "2023-07-05T10:15:10.193",
"lastModified": "2023-07-05T13:00:26.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-10T23:37:04.847",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "psirt@moxa.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
},
{
"source": "psirt@moxa.com",
"type": "Secondary",
@ -46,10 +76,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:moxa:tn-5900_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3",
"matchCriteriaId": "ABA65A45-A850-440B-8B4B-191D46059E71"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:moxa:tn-5900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1E9F45-0ED4-4223-BC9B-D2E01A583DCA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230401-tn-5900-series-user-enumeration-vulnerability",
"source": "psirt@moxa.com"
"source": "psirt@moxa.com",
"tags": [
"Vendor Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-343xx/CVE-2023-34316.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34316",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-07-10T20:15:15.310",
"lastModified": "2023-07-10T20:15:15.310",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "?An attacker could bypass the latest Delta Electronics InfraSuite Device Master (versions prior to 1.0.7) patch, which could allow an attacker to retrieve file contents."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-01",
"source": "ics-cert@hq.dhs.gov"
}
]
}

47
CVE-2023/CVE-2023-344xx/CVE-2023-34432.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-34432",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-10T21:15:10.763",
"lastModified": "2023-07-10T21:15:10.763",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A heap buffer overflow vulnerability was found in sox, in the lsx_readbuf function at sox/src/formats_i.c:98:16. This flaw can lead to a denial of service, code execution, or information disclosure."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-34432",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2212291",
"source": "secalert@redhat.com"
}
]
}

239
CVE-2023/CVE-2023-357xx/CVE-2023-35786.json
View File

@ -2,19 +2,250 @@
"id": "CVE-2023-35786",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-05T06:15:21.090",
"lastModified": "2023-07-05T13:00:26.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-10T23:33:29.193",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Zoho ManageEngine ADManager Plus before 7183 allows admin users to exploit an XXE issue to view files."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1",
"matchCriteriaId": "B9D72627-17F9-427E-907B-56EA0A498131"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:-:*:*:*:*:*:*",
"matchCriteriaId": "DB6D57E0-63FB-4ED2-8F7A-D882EB4925BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7100:*:*:*:*:*:*",
"matchCriteriaId": "736740CB-A328-4163-BAC4-6C881A24C8B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7101:*:*:*:*:*:*",
"matchCriteriaId": "9B806083-7309-4215-AF81-DCC4D90B7876"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7102:*:*:*:*:*:*",
"matchCriteriaId": "A741CDA8-D1A8-4F83-AE54-7D3D3C433825"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7110:*:*:*:*:*:*",
"matchCriteriaId": "09563D6F-690B-4C7A-BA25-52D009724A74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7111:*:*:*:*:*:*",
"matchCriteriaId": "30FAC23B-831E-4904-AB3B-85A3C068CEB8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7112:*:*:*:*:*:*",
"matchCriteriaId": "9347D3CF-B5D1-4ACE-83E1-73748EF15120"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7113:*:*:*:*:*:*",
"matchCriteriaId": "322E0562-4586-4DF4-A935-C2447883495B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7114:*:*:*:*:*:*",
"matchCriteriaId": "EB9151D6-BD21-4268-9371-FF702C1AD84B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7115:*:*:*:*:*:*",
"matchCriteriaId": "B371E93E-7C85-42DD-AA7F-9B43D8D02963"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7116:*:*:*:*:*:*",
"matchCriteriaId": "094EEFA4-BD16-4F79-8133-62F9E2C8C675"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7117:*:*:*:*:*:*",
"matchCriteriaId": "DC5A6297-98E3-45C8-95FB-7F4E65D133BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7118:*:*:*:*:*:*",
"matchCriteriaId": "93C96678-34B7-4FCE-9DBD-1A7B3E0943BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7120:*:*:*:*:*:*",
"matchCriteriaId": "9E9B9E88-919F-4CF7-99DC-72E50BDF65A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7121:*:*:*:*:*:*",
"matchCriteriaId": "7848B31C-AB51-486B-8655-7D7A060BAFFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7122:*:*:*:*:*:*",
"matchCriteriaId": "1CFB5C4A-B717-4CC2-AE03-336C63D17B96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7123:*:*:*:*:*:*",
"matchCriteriaId": "456D49D7-F04D-4003-B429-8D5504959D04"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7124:*:*:*:*:*:*",
"matchCriteriaId": "BB788440-904B-430E-BF5B-12ADA816477E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7125:*:*:*:*:*:*",
"matchCriteriaId": "876CC4D6-9546-4D39-965A-EF5A4AF4AD93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7126:*:*:*:*:*:*",
"matchCriteriaId": "85432FE8-946F-448D-A92A-FF549EDC52F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7130:*:*:*:*:*:*",
"matchCriteriaId": "813E1389-A949-427C-92C6-3974702FEA5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7131:*:*:*:*:*:*",
"matchCriteriaId": "34A48841-EA09-4917-A6FF-DF645B581426"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7140:*:*:*:*:*:*",
"matchCriteriaId": "1C042646-9D36-4712-9E5D-40E55FCF7C24"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7141:*:*:*:*:*:*",
"matchCriteriaId": "9E6CD67A-7F5A-4F29-B563-7E4D72A1149F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7150:*:*:*:*:*:*",
"matchCriteriaId": "77A0C792-A8B7-48F8-9AD7-96B0CBAD4EBF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7151:*:*:*:*:*:*",
"matchCriteriaId": "7E53B3CB-4351-4E24-B80C-D62CC483D4D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7160:*:*:*:*:*:*",
"matchCriteriaId": "0068E901-62D2-4C4D-96F8-7823B0DF7DA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7161:*:*:*:*:*:*",
"matchCriteriaId": "CF70BA56-3478-4DA5-B013-4D9B820D2219"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7162:*:*:*:*:*:*",
"matchCriteriaId": "28E1833F-24C8-44EC-9B66-4D832AB1C9AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7163:*:*:*:*:*:*",
"matchCriteriaId": "7DCA2AF7-8732-4095-BB6F-6F40EADD7449"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7170:*:*:*:*:*:*",
"matchCriteriaId": "54247785-E55A-407D-A667-1734E7C84DF8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7171:*:*:*:*:*:*",
"matchCriteriaId": "5C8887B2-D378-4A7D-B678-9B2C68953E76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7180:*:*:*:*:*:*",
"matchCriteriaId": "ADD4EAD7-275A-4467-9217-102051BE49C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7181:*:*:*:*:*:*",
"matchCriteriaId": "8181AF41-779F-4289-BECE-03C2731FDA21"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7182:*:*:*:*:*:*",
"matchCriteriaId": "2BFB486E-9256-4B56-98BF-24B5A56415A2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2023-35786.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

153
CVE-2023/CVE-2023-359xx/CVE-2023-35972.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35972",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-07-05T15:15:09.367",
"lastModified": "2023-07-05T16:25:41.353",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-10T23:48:12.443",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +54,137 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.5.4.0",
"versionEndExcluding": "8.6.0.21",
"matchCriteriaId": "F16AFF8F-596A-4153-8529-36AD2E142066"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.7.0.0",
"versionEndExcluding": "8.10.0.7",
"matchCriteriaId": "DC566921-54C3-4368-A7FB-1F68F964975C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.11.0.0",
"versionEndExcluding": "8.11.1.1",
"matchCriteriaId": "A22E7E61-B318-47C8-8C72-498A17031997"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.4.0.0",
"versionEndExcluding": "10.4.0.2",
"matchCriteriaId": "6418722E-304A-46EF-8D9E-EB42596F0DFC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:arubanetworks:mc-va-10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51A31372-168E-4182-BFE0-440403454DC5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:arubanetworks:mc-va-1k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F519E5CF-474B-4564-9DC4-AE6FC58A48A7"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:arubanetworks:mc-va-250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51478694-008E-47A4-B8AF-497BA81EC80D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:arubanetworks:mc-va-50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A10EF4D1-35E8-41BB-8453-19F0F3623D25"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:arubanetworks:mcr-va-10k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA5AF43C-F2E3-44E7-B4E3-AC315B0B0DB2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:arubanetworks:mcr-va-1k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "276FF1F2-7353-4AF4-8BDA-8B78B5DCF688"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:arubanetworks:mcr-va-50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBCAB5D5-EB6D-460A-A8C7-0A2A9E813776"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:arubanetworks:mcr-va-500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "413B049C-8B7F-4BAC-8170-2BF3B0EEA43F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:arubanetworks:mcr-va-5k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F87B24FC-9C99-4CF7-9481-74686E48E800"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:arubanetworks:sd-wan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47E812E5-4476-4335-97D7-3D0E2A5E9E9B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:mcr-hw-10k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA9CA7B-AC2C-408A-B759-E2F4778B20ED"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:mcr-hw-1k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A42369-3558-4015-AF7B-7F2E2465AE61"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arubanetworks:mcr-hw-5k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D8DDC4-17FB-4A9D-BB01-E8C130B04ED2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-008.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

54
CVE-2023/CVE-2023-35xx/CVE-2023-3505.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3505",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-04T16:15:09.620",
"lastModified": "2023-07-05T13:00:31.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-10T23:18:54.143",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,14 +93,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:onesttech:onest_customer_relation_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B72FCE-8FF4-4333-AAD0-C19AE16F4163"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.232953",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.232953",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

84
CVE-2023/CVE-2023-36xx/CVE-2023-3605.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-3605",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-10T20:15:15.377",
"lastModified": "2023-07-10T20:15:15.377",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PHPGurukul Online Shopping Portal 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Registration Page. The manipulation leads to improper restriction of excessive authentication attempts. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-233467."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-307"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.233467",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.233467",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-36xx/CVE-2023-3606.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-3606",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-10T21:15:10.823",
"lastModified": "2023-07-10T21:15:10.823",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in TamronOS up to 20230703. It has been classified as critical. This affects an unknown part of the file /api/ping. The manipulation of the argument host leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-233475. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://github.com/d4n-sec/cve/blob/main/TamronOS%20IPTV.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.233475",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.233475",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-36xx/CVE-2023-3607.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-3607",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-10T21:15:10.887",
"lastModified": "2023-07-10T21:15:10.887",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in kodbox 1.26. It has been declared as critical. This vulnerability affects the function Execute of the file webconsole.php.txt of the component WebConsole Plug-In. The manipulation leads to os command injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-233476. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 5.1,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://github.com/mohdkey/cve/blob/main/kodbox.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.233476",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.233476",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-36xx/CVE-2023-3608.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-3608",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-10T22:15:09.530",
"lastModified": "2023-07-10T22:15:09.530",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Ruijie BCR810W 2.5.10. It has been rated as critical. This issue affects some unknown processing of the component Tracert Page. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-233477 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.4,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://github.com/cq535454518/cve/blob/main/RG-BCR810W.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.233477",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.233477",
"source": "cna@vuldb.com"
}
]
}

86
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-07-10T20:00:38.363993+00:00
2023-07-10T23:55:47.047247+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-07-10T19:43:22.273000+00:00
2023-07-10T23:55:12.697000+00:00
```
### Last Data Feed Release
@ -29,54 +29,60 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
219638
219654
```
### CVEs added in the last Commit
Recently added CVEs: `10`
Recently added CVEs: `16`
* [CVE-2016-15034](CVE-2016/CVE-2016-150xx/CVE-2016-15034.json) (`2023-07-10T18:15:10.260`)
* [CVE-2023-23348](CVE-2023/CVE-2023-233xx/CVE-2023-23348.json) (`2023-07-10T18:15:10.637`)
* [CVE-2023-26590](CVE-2023/CVE-2023-265xx/CVE-2023-26590.json) (`2023-07-10T18:15:10.707`)
* [CVE-2023-32627](CVE-2023/CVE-2023-326xx/CVE-2023-32627.json) (`2023-07-10T18:15:10.767`)
* [CVE-2023-34318](CVE-2023/CVE-2023-343xx/CVE-2023-34318.json) (`2023-07-10T18:15:10.833`)
* [CVE-2023-36936](CVE-2023/CVE-2023-369xx/CVE-2023-36936.json) (`2023-07-10T18:15:10.897`)
* [CVE-2023-36939](CVE-2023/CVE-2023-369xx/CVE-2023-36939.json) (`2023-07-10T18:15:10.963`)
* [CVE-2023-36940](CVE-2023/CVE-2023-369xx/CVE-2023-36940.json) (`2023-07-10T18:15:11.013`)
* [CVE-2023-3599](CVE-2023/CVE-2023-35xx/CVE-2023-3599.json) (`2023-07-10T18:15:11.157`)
* [CVE-2023-34347](CVE-2023/CVE-2023-343xx/CVE-2023-34347.json) (`2023-07-10T19:15:09.630`)
* [CVE-2023-30765](CVE-2023/CVE-2023-307xx/CVE-2023-30765.json) (`2023-07-10T20:15:15.237`)
* [CVE-2023-34316](CVE-2023/CVE-2023-343xx/CVE-2023-34316.json) (`2023-07-10T20:15:15.310`)
* [CVE-2023-3605](CVE-2023/CVE-2023-36xx/CVE-2023-3605.json) (`2023-07-10T20:15:15.377`)
* [CVE-2023-22835](CVE-2023/CVE-2023-228xx/CVE-2023-22835.json) (`2023-07-10T21:15:10.540`)
* [CVE-2023-24486](CVE-2023/CVE-2023-244xx/CVE-2023-24486.json) (`2023-07-10T21:15:10.600`)
* [CVE-2023-24487](CVE-2023/CVE-2023-244xx/CVE-2023-24487.json) (`2023-07-10T21:15:10.650`)
* [CVE-2023-24488](CVE-2023/CVE-2023-244xx/CVE-2023-24488.json) (`2023-07-10T21:15:10.707`)
* [CVE-2023-34432](CVE-2023/CVE-2023-344xx/CVE-2023-34432.json) (`2023-07-10T21:15:10.763`)
* [CVE-2023-3606](CVE-2023/CVE-2023-36xx/CVE-2023-3606.json) (`2023-07-10T21:15:10.823`)
* [CVE-2023-3607](CVE-2023/CVE-2023-36xx/CVE-2023-3607.json) (`2023-07-10T21:15:10.887`)
* [CVE-2023-24489](CVE-2023/CVE-2023-244xx/CVE-2023-24489.json) (`2023-07-10T22:15:09.197`)
* [CVE-2023-24490](CVE-2023/CVE-2023-244xx/CVE-2023-24490.json) (`2023-07-10T22:15:09.263`)
* [CVE-2023-30956](CVE-2023/CVE-2023-309xx/CVE-2023-30956.json) (`2023-07-10T22:15:09.337`)
* [CVE-2023-30960](CVE-2023/CVE-2023-309xx/CVE-2023-30960.json) (`2023-07-10T22:15:09.410`)
* [CVE-2023-30963](CVE-2023/CVE-2023-309xx/CVE-2023-30963.json) (`2023-07-10T22:15:09.477`)
* [CVE-2023-3608](CVE-2023/CVE-2023-36xx/CVE-2023-3608.json) (`2023-07-10T22:15:09.530`)
### CVEs modified in the last Commit
Recently modified CVEs: `61`
Recently modified CVEs: `41`
* [CVE-2022-25598](CVE-2022/CVE-2022-255xx/CVE-2022-25598.json) (`2023-07-10T19:34:21.907`)
* [CVE-2022-25180](CVE-2022/CVE-2022-251xx/CVE-2022-25180.json) (`2023-07-10T19:34:39.193`)
* [CVE-2022-25829](CVE-2022/CVE-2022-258xx/CVE-2022-25829.json) (`2023-07-10T19:38:44.327`)
* [CVE-2022-25830](CVE-2022/CVE-2022-258xx/CVE-2022-25830.json) (`2023-07-10T19:38:51.537`)
* [CVE-2022-2596](CVE-2022/CVE-2022-25xx/CVE-2022-2596.json) (`2023-07-10T19:39:10.997`)
* [CVE-2022-2598](CVE-2022/CVE-2022-25xx/CVE-2022-2598.json) (`2023-07-10T19:39:39.117`)
* [CVE-2022-25763](CVE-2022/CVE-2022-257xx/CVE-2022-25763.json) (`2023-07-10T19:39:54.603`)
* [CVE-2022-25755](CVE-2022/CVE-2022-257xx/CVE-2022-25755.json) (`2023-07-10T19:40:16.493`)
* [CVE-2022-25823](CVE-2022/CVE-2022-258xx/CVE-2022-25823.json) (`2023-07-10T19:43:10.917`)
* [CVE-2022-25826](CVE-2022/CVE-2022-258xx/CVE-2022-25826.json) (`2023-07-10T19:43:14.443`)
* [CVE-2022-25827](CVE-2022/CVE-2022-258xx/CVE-2022-25827.json) (`2023-07-10T19:43:18.893`)
* [CVE-2022-25828](CVE-2022/CVE-2022-258xx/CVE-2022-25828.json) (`2023-07-10T19:43:22.273`)
* [CVE-2023-22906](CVE-2023/CVE-2023-229xx/CVE-2023-22906.json) (`2023-07-10T18:02:51.287`)
* [CVE-2023-28364](CVE-2023/CVE-2023-283xx/CVE-2023-28364.json) (`2023-07-10T18:03:02.537`)
* [CVE-2023-33201](CVE-2023/CVE-2023-332xx/CVE-2023-33201.json) (`2023-07-10T18:03:45.390`)
* [CVE-2023-3506](CVE-2023/CVE-2023-35xx/CVE-2023-3506.json) (`2023-07-10T18:06:17.870`)
* [CVE-2023-3504](CVE-2023/CVE-2023-35xx/CVE-2023-3504.json) (`2023-07-10T18:11:30.447`)
* [CVE-2023-28365](CVE-2023/CVE-2023-283xx/CVE-2023-28365.json) (`2023-07-10T18:14:49.573`)
* [CVE-2023-36817](CVE-2023/CVE-2023-368xx/CVE-2023-36817.json) (`2023-07-10T18:36:51.220`)
* [CVE-2023-25516](CVE-2023/CVE-2023-255xx/CVE-2023-25516.json) (`2023-07-10T18:39:07.970`)
* [CVE-2023-25521](CVE-2023/CVE-2023-255xx/CVE-2023-25521.json) (`2023-07-10T18:43:01.463`)
* [CVE-2023-25522](CVE-2023/CVE-2023-255xx/CVE-2023-25522.json) (`2023-07-10T18:44:05.397`)
* [CVE-2023-25523](CVE-2023/CVE-2023-255xx/CVE-2023-25523.json) (`2023-07-10T18:45:05.597`)
* [CVE-2023-2846](CVE-2023/CVE-2023-28xx/CVE-2023-2846.json) (`2023-07-10T18:51:01.550`)
* [CVE-2023-26299](CVE-2023/CVE-2023-262xx/CVE-2023-26299.json) (`2023-07-10T18:53:00.020`)
* [CVE-2022-41186](CVE-2022/CVE-2022-411xx/CVE-2022-41186.json) (`2023-07-10T21:15:09.467`)
* [CVE-2022-41187](CVE-2022/CVE-2022-411xx/CVE-2022-41187.json) (`2023-07-10T21:15:09.540`)
* [CVE-2022-41189](CVE-2022/CVE-2022-411xx/CVE-2022-41189.json) (`2023-07-10T21:15:09.613`)
* [CVE-2022-41190](CVE-2022/CVE-2022-411xx/CVE-2022-41190.json) (`2023-07-10T21:15:09.690`)
* [CVE-2022-41191](CVE-2022/CVE-2022-411xx/CVE-2022-41191.json) (`2023-07-10T21:15:09.763`)
* [CVE-2022-41193](CVE-2022/CVE-2022-411xx/CVE-2022-41193.json) (`2023-07-10T21:15:09.837`)
* [CVE-2022-41195](CVE-2022/CVE-2022-411xx/CVE-2022-41195.json) (`2023-07-10T21:15:09.913`)
* [CVE-2022-41196](CVE-2022/CVE-2022-411xx/CVE-2022-41196.json) (`2023-07-10T21:15:09.993`)
* [CVE-2022-41198](CVE-2022/CVE-2022-411xx/CVE-2022-41198.json) (`2023-07-10T21:15:10.063`)
* [CVE-2022-41199](CVE-2022/CVE-2022-411xx/CVE-2022-41199.json) (`2023-07-10T21:15:10.147`)
* [CVE-2022-41200](CVE-2022/CVE-2022-412xx/CVE-2022-41200.json) (`2023-07-10T21:15:10.223`)
* [CVE-2022-41201](CVE-2022/CVE-2022-412xx/CVE-2022-41201.json) (`2023-07-10T21:15:10.300`)
* [CVE-2022-41202](CVE-2022/CVE-2022-412xx/CVE-2022-41202.json) (`2023-07-10T21:15:10.373`)
* [CVE-2022-41211](CVE-2022/CVE-2022-412xx/CVE-2022-41211.json) (`2023-07-10T21:15:10.447`)
* [CVE-2022-47927](CVE-2022/CVE-2022-479xx/CVE-2022-47927.json) (`2023-07-10T23:15:08.933`)
* [CVE-2023-26136](CVE-2023/CVE-2023-261xx/CVE-2023-26136.json) (`2023-07-10T23:15:09.030`)
* [CVE-2023-3505](CVE-2023/CVE-2023-35xx/CVE-2023-3505.json) (`2023-07-10T23:18:54.143`)
* [CVE-2023-21635](CVE-2023/CVE-2023-216xx/CVE-2023-21635.json) (`2023-07-10T23:27:42.030`)
* [CVE-2023-21637](CVE-2023/CVE-2023-216xx/CVE-2023-21637.json) (`2023-07-10T23:31:13.807`)
* [CVE-2023-21638](CVE-2023/CVE-2023-216xx/CVE-2023-21638.json) (`2023-07-10T23:32:10.557`)
* [CVE-2023-35786](CVE-2023/CVE-2023-357xx/CVE-2023-35786.json) (`2023-07-10T23:33:29.193`)
* [CVE-2023-3336](CVE-2023/CVE-2023-33xx/CVE-2023-3336.json) (`2023-07-10T23:37:04.847`)
* [CVE-2023-21640](CVE-2023/CVE-2023-216xx/CVE-2023-21640.json) (`2023-07-10T23:38:21.937`)
* [CVE-2023-35972](CVE-2023/CVE-2023-359xx/CVE-2023-35972.json) (`2023-07-10T23:48:12.443`)
* [CVE-2023-22319](CVE-2023/CVE-2023-223xx/CVE-2023-22319.json) (`2023-07-10T23:55:12.697`)
## Download and Usage