admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 03:27:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-05T05:00:25.481385+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-05 05:00:29 +00:00
parent 1ac6a86924
commit ddeb720320
29 changed files with 1273 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
CVE-2023/CVE-2023-418xx/CVE-2023-41813.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41813",
"sourceIdentifier": "security@pandorafms.com",
"published": "2023-12-29T12:15:43.250",
"lastModified": "2023-12-29T13:56:23.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:51:56.810",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@pandorafms.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@pandorafms.com",
"type": "Secondary",
@ -50,10 +80,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pandorafms:pandora_fms:*:*:*:*:*:*:*:*",
"versionStartIncluding": "700",
"versionEndIncluding": "774",
"matchCriteriaId": "32CA2B6C-ACCC-4EFA-A0CE-C0B45FC888E7"
}
]
}
]
}
],
"references": [
{
"url": "https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/",
"source": "security@pandorafms.com"
"source": "security@pandorafms.com",
"tags": [
"Vendor Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-418xx/CVE-2023-41814.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41814",
"sourceIdentifier": "security@pandorafms.com",
"published": "2023-12-29T12:15:43.487",
"lastModified": "2023-12-29T13:56:23.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:51:23.907",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@pandorafms.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@pandorafms.com",
"type": "Secondary",
@ -50,10 +80,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pandorafms:pandora_fms:*:*:*:*:*:*:*:*",
"versionStartIncluding": "700",
"versionEndIncluding": "774",
"matchCriteriaId": "32CA2B6C-ACCC-4EFA-A0CE-C0B45FC888E7"
}
]
}
]
}
],
"references": [
{
"url": "https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/",
"source": "security@pandorafms.com"
"source": "security@pandorafms.com",
"tags": [
"Vendor Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-418xx/CVE-2023-41815.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41815",
"sourceIdentifier": "security@pandorafms.com",
"published": "2023-12-29T12:15:43.690",
"lastModified": "2023-12-29T13:56:23.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:50:19.743",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@pandorafms.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@pandorafms.com",
"type": "Secondary",
@ -50,10 +80,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pandorafms:pandora_fms:*:*:*:*:*:*:*:*",
"versionStartIncluding": "700",
"versionEndIncluding": "774",
"matchCriteriaId": "32CA2B6C-ACCC-4EFA-A0CE-C0B45FC888E7"
}
]
}
]
}
],
"references": [
{
"url": "https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/",
"source": "security@pandorafms.com"
"source": "security@pandorafms.com",
"tags": [
"Vendor Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-440xx/CVE-2023-44088.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44088",
"sourceIdentifier": "security@pandorafms.com",
"published": "2023-12-29T12:15:43.883",
"lastModified": "2023-12-29T13:56:23.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:49:25.633",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@pandorafms.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "security@pandorafms.com",
"type": "Secondary",
@ -50,10 +80,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pandorafms:pandora_fms:*:*:*:*:*:*:*:*",
"versionStartIncluding": "700",
"versionEndIncluding": "774",
"matchCriteriaId": "32CA2B6C-ACCC-4EFA-A0CE-C0B45FC888E7"
}
]
}
]
}
],
"references": [
{
"url": "https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/",
"source": "security@pandorafms.com"
"source": "security@pandorafms.com",
"tags": [
"Vendor Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-440xx/CVE-2023-44089.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44089",
"sourceIdentifier": "security@pandorafms.com",
"published": "2023-12-29T12:15:44.083",
"lastModified": "2023-12-29T13:56:23.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:48:36.950",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@pandorafms.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@pandorafms.com",
"type": "Secondary",
@ -50,10 +80,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pandorafms:pandora_fms:*:*:*:*:*:*:*:*",
"versionStartIncluding": "700",
"versionEndIncluding": "774",
"matchCriteriaId": "32CA2B6C-ACCC-4EFA-A0CE-C0B45FC888E7"
}
]
}
]
}
],
"references": [
{
"url": "https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/",
"source": "security@pandorafms.com"
"source": "security@pandorafms.com",
"tags": [
"Vendor Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-508xx/CVE-2023-50837.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50837",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T12:15:44.290",
"lastModified": "2023-12-29T13:56:23.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:47:31.270",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webfactoryltd:wp_login_lockdown:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.06",
"matchCriteriaId": "27136227-45D0-4D99-9F7E-EC8D420E3CEC"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/login-lockdown/wordpress-login-lockdown-protect-login-form-plugin-2-06-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

49
CVE-2023/CVE-2023-513xx/CVE-2023-51361.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51361",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T11:15:09.117",
"lastModified": "2023-12-29T13:56:23.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:52:30.367",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,11 +11,31 @@
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Scripting entre sitios') en Ginger Plugins Sticky Chat Widget: Click to chat, SMS, Email, Messages, Call Button, Live Chat and Live Support Button permite XSS almacenado. Este problema afecta a Sticky Chat Widget: Click to chat, SMS, Email, Messages, Call Button, Live Chat and Live Support Button: desde n/a hasta 1.1.8."
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Ginger Plugins Sticky Chat Widget: Click to chat, SMS, Email, Messages, Call Button, Live Chat and Live Support Button permite XSS almacenado. Este problema afecta a Sticky Chat Widget: Click to chat, SMS, Email, Messages, Call Button, Live Chat and Live Support Button: desde n/a hasta 1.1.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gingerplugins:sticky_chat_widget:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.8",
"matchCriteriaId": "3A3ABAA6-2481-4F86-B6F5-7CD4B85A78B0"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/sticky-chat-widget/wordpress-sticky-chat-widget-plugin-1-1-8-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-513xx/CVE-2023-51371.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51371",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T11:15:09.383",
"lastModified": "2023-12-29T13:56:23.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:52:43.767",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bitapps:bit_assist:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.9",
"matchCriteriaId": "0E31F604-6C67-4938-B4FE-668ED119A06E"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/bit-assist/wordpress-chat-button-plugin-1-1-9-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

49
CVE-2023/CVE-2023-513xx/CVE-2023-51372.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51372",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T11:15:09.607",
"lastModified": "2023-12-29T13:56:23.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:53:29.053",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,11 +11,31 @@
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante de generaci\u00f3n de p\u00e1ginas web ('Scripting entre sitios') en HasThemes HashBar \u2013 WordPress Notification Bar permite XSS almacenado. Este problema afecta a HashBar \u2013 WordPress Notification Bar: desde n/a hasta 1.4.1."
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante de generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en HasThemes HashBar \u2013 WordPress Notification Bar permite XSS almacenado. Este problema afecta a HashBar \u2013 WordPress Notification Bar: desde n/a hasta 1.4.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hasthemes:hashbar:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.4.1",
"matchCriteriaId": "1904F885-4FE7-4347-A07A-8740AB72BBFF"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/hashbar-wp-notification-bar/wordpress-hashbar-wordpress-notification-bar-plugin-1-4-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-513xx/CVE-2023-51373.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51373",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T11:15:09.860",
"lastModified": "2023-12-29T13:56:23.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:53:36.090",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nakunakifi:google_photos_gallery_with_shortcodes:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.0.2",
"matchCriteriaId": "EC246737-2DFB-450A-A08E-CEA4DB981DA2"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/google-picasa-albums-viewer/wordpress-google-photos-gallery-with-shortcodes-plugin-4-0-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-513xx/CVE-2023-51374.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51374",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T11:15:10.093",
"lastModified": "2023-12-29T13:56:23.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:53:45.327",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zerobounce:zerobounce_email_verification_\\&_validation:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.11",
"matchCriteriaId": "BD1847D6-BDEE-4F19-AE1A-E0775701E5E1"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/zerobounce/wordpress-zerobounce-email-verification-validation-plugin-1-0-11-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-513xx/CVE-2023-51396.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51396",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T11:15:10.357",
"lastModified": "2023-12-29T13:56:23.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:53:57.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:brizy:brizy-page_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.4.29",
"matchCriteriaId": "1F7BDA5C-8611-410F-9B2D-1947A7D3F30E"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/brizy/wordpress-brizy-page-builder-plugin-2-4-29-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-513xx/CVE-2023-51397.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51397",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T11:15:10.600",
"lastModified": "2023-12-29T13:56:23.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:54:05.133",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:brainstormforce:wp_remote_site_search:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.4",
"matchCriteriaId": "34E0F03E-1306-433B-8AD7-5082B09B9F8B"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-remote-site-search/wordpress-wp-remote-site-search-plugin-1-0-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

49
CVE-2023/CVE-2023-513xx/CVE-2023-51399.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51399",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T11:15:10.830",
"lastModified": "2023-12-29T13:56:23.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:54:13.920",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,11 +11,31 @@
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Scripting entre sitios') en WPFactory Back Button Widget permite XSS almacenado. Este problema afecta a Back Button Widget: desde n/a hasta 1.6.3."
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en WPFactory Back Button Widget permite XSS almacenado. Este problema afecta a Back Button Widget: desde n/a hasta 1.6.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpfactory:back_button_widget:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.6.3",
"matchCriteriaId": "9905B10D-79F9-4740-BEC6-ECB7542775F6"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/back-button-widget/wordpress-back-button-widget-plugin-1-6-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-514xx/CVE-2023-51410.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-51410",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T14:15:46.190",
"lastModified": "2023-12-29T14:46:03.957",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:56:13.670",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in WPVibes WP Mail Log.This issue affects WP Mail Log: from n/a through 1.1.2.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de carga sin restricciones de archivos con tipo peligroso en WPVibes WP Mail Log. Este problema afecta a WP Mail Log: desde n/a hasta 1.1.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpvibes:wp_mail_log:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.2",
"matchCriteriaId": "071E6A07-B3A1-46FB-B937-9C97E1C91DB0"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-mail-log/wordpress-wp-mail-log-plugin-1-1-2-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-514xx/CVE-2023-51411.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-51411",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T14:15:46.437",
"lastModified": "2023-12-29T14:46:03.957",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:56:04.837",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Shabti Kaplan Frontend Admin by DynamiApps.This issue affects Frontend Admin by DynamiApps: from n/a through 3.18.3.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de carga sin restricciones de archivos con tipo peligroso en Shabti Kaplan Frontend Admin by DynamiApps. Este problema afecta a Frontend Admin by DynamiApps: desde n/a hasta 3.18.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dynamiapps:frontend_admin:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.18.3",
"matchCriteriaId": "F70FD5A0-3005-4178-9B76-C63DEF4E6C0D"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/acf-frontend-form-element/wordpress-frontend-admin-by-dynamiapps-plugin-3-18-3-unauthenticated-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-514xx/CVE-2023-51412.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-51412",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T14:15:46.650",
"lastModified": "2023-12-29T14:46:03.957",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:55:51.963",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Piotnet Piotnet Forms.This issue affects Piotnet Forms: from n/a through 1.0.25.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de carga sin restricciones de archivos con tipo peligroso en Piotnet Piotnet Forms. Este problema afecta a Piotnet Forms: desde n/a hasta 1.0.25."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:piotnet:piotnet_forms:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.25",
"matchCriteriaId": "9EC2C6A1-4A4D-4009-92FC-3771AECA314F"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/piotnetforms/wordpress-piotnetforms-plugin-1-0-25-unauthenticated-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-514xx/CVE-2023-51417.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-51417",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T14:15:46.860",
"lastModified": "2023-12-29T14:46:03.957",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:55:40.827",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Joris van Montfort JVM Gutenberg Rich Text Icons.This issue affects JVM Gutenberg Rich Text Icons: from n/a through 1.2.3.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de carga sin restricciones de archivos con tipo peligroso en Joris van Montfort JVM Gutenberg Rich Text Icons. Este problema afecta a JVM Gutenberg Rich Text Icons: desde n/a hasta 1.2.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jorisvm:jvm_gutenberg_rich_text_icons:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.3",
"matchCriteriaId": "5A3E0307-19A4-4A42-B12B-17FE6712E808"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/jvm-rich-text-icons/wordpress-jvm-rich-text-icons-plugin-1-2-3-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-514xx/CVE-2023-51419.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-51419",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T14:15:47.063",
"lastModified": "2023-12-29T14:46:03.957",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:55:29.657",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in Bertha.Ai BERTHA AI. Your AI co-pilot for WordPress and Chrome.This issue affects BERTHA AI. Your AI co-pilot for WordPress and Chrome: from n/a through 1.11.10.7.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de carga sin restricciones de archivos con tipo peligroso en Bertha.Ai BERTHA AI. Your AI co-pilot for WordPress and Chrome. Este problema afecta a BERTHA AI. Your AI co-pilot for WordPress and Chrome: desde n/a hasta 1.11.10.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bertha:bertha_ai:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.11.10.7",
"matchCriteriaId": "34BE949E-C259-4B1A-88DA-6554821CCFE9"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/bertha-ai-free/wordpress-bertha-ai-plugin-1-11-10-7-unauthenticated-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-515xx/CVE-2023-51541.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51541",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T11:15:11.090",
"lastModified": "2023-12-29T13:56:23.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:54:24.427",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:urosevic:stock_ticker:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.23.4",
"matchCriteriaId": "83F4DDDC-6ED5-494B-8B50-E9652C9C4506"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/stock-ticker/wordpress-stock-ticker-plugin-3-23-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-521xx/CVE-2023-52135.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52135",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T11:15:11.337",
"lastModified": "2023-12-29T13:56:23.013",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:53:19.787",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:westguardsolutions:ws_form:*:*:*:*:lite:wordpress:*:*",
"versionEndExcluding": "1.9.171",
"matchCriteriaId": "7AFE140A-03A7-40B2-BEE8-C8D8AFF8FCB5"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ws-form/wordpress-ws-form-lite-drag-drop-contact-form-builder-for-wordpress-plugin-1-9-170-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-523xx/CVE-2023-52323.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52323",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-05T04:15:07.763",
"lastModified": "2024-01-05T04:15:07.763",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst",
"source": "cve@mitre.org"
},
{
"url": "https://pypi.org/project/pycryptodomex/#history",
"source": "cve@mitre.org"
}
]
}

57
CVE-2023/CVE-2023-71xx/CVE-2023-7113.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7113",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-12-29T13:15:11.930",
"lastModified": "2023-12-29T13:56:17.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:56:58.503",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.1.7",
"matchCriteriaId": "4FFBD373-195D-4481-B87D-5B329DBEC33D"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-71xx/CVE-2023-7114.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7114",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-12-29T13:15:12.157",
"lastModified": "2023-12-29T13:56:17.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T04:56:36.817",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -50,10 +80,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:android:*:*",
"versionEndExcluding": "2.10.1",
"matchCriteriaId": "2EE7D251-B237-430F-9432-C40016AF0005"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:iphone_os:*:*",
"versionEndExcluding": "2.10.1",
"matchCriteriaId": "5A692907-D4EE-4406-AC8C-7EEA6403D8E9"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

20
CVE-2024/CVE-2024-220xx/CVE-2024-22075.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-22075",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-05T03:15:08.537",
"lastModified": "2024-01-05T03:15:08.537",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Firefly III (aka firefly-iii) before 6.1.1 allows webhooks HTML Injection."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/firefly-iii/firefly-iii/releases/tag/v6.1.1",
"source": "cve@mitre.org"
}
]
}

20
CVE-2024/CVE-2024-220xx/CVE-2024-22086.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-22086",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-05T04:15:07.833",
"lastModified": "2024-01-05T04:15:07.833",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "handle_request in http.c in cherry through 4b877df has an sscanf stack-based buffer overflow via a long URI, leading to remote code execution."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/hayyp/cherry/issues/1",
"source": "cve@mitre.org"
}
]
}

20
CVE-2024/CVE-2024-220xx/CVE-2024-22087.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-22087",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-05T04:15:07.880",
"lastModified": "2024-01-05T04:15:07.880",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "route in main.c in Pico HTTP Server in C through f3b69a6 has an sprintf stack-based buffer overflow via a long URI, leading to remote code execution."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/foxweb/pico/issues/31",
"source": "cve@mitre.org"
}
]
}

20
CVE-2024/CVE-2024-220xx/CVE-2024-22088.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-22088",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-05T04:15:07.930",
"lastModified": "2024-01-05T04:15:07.930",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Lotos WebServer through 0.1.1 (commit 3eb36cc) has a use-after-free in buffer_avail() at buffer.h via a long URI, because realloc is mishandled."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/chendotjs/lotos/issues/7",
"source": "cve@mitre.org"
}
]
}

46
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-01-05T03:00:33.246535+00:00
2024-01-05T05:00:25.481385+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-01-05T02:15:08.317000+00:00
2024-01-05T04:56:58.503000+00:00
```
### Last Data Feed Release
@ -29,27 +29,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
234891
234896
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `5`
* [CVE-2023-41782](CVE-2023/CVE-2023-417xx/CVE-2023-41782.json) (`2024-01-05T02:15:07.147`)
* [CVE-2023-6493](CVE-2023/CVE-2023-64xx/CVE-2023-6493.json) (`2024-01-05T02:15:07.740`)
* [CVE-2023-52323](CVE-2023/CVE-2023-523xx/CVE-2023-52323.json) (`2024-01-05T04:15:07.763`)
* [CVE-2024-22075](CVE-2024/CVE-2024-220xx/CVE-2024-22075.json) (`2024-01-05T03:15:08.537`)
* [CVE-2024-22086](CVE-2024/CVE-2024-220xx/CVE-2024-22086.json) (`2024-01-05T04:15:07.833`)
* [CVE-2024-22087](CVE-2024/CVE-2024-220xx/CVE-2024-22087.json) (`2024-01-05T04:15:07.880`)
* [CVE-2024-22088](CVE-2024/CVE-2024-220xx/CVE-2024-22088.json) (`2024-01-05T04:15:07.930`)
### CVEs modified in the last Commit
Recently modified CVEs: `6`
Recently modified CVEs: `23`
* [CVE-2023-6879](CVE-2023/CVE-2023-68xx/CVE-2023-6879.json) (`2024-01-05T02:15:07.933`)
* [CVE-2023-7104](CVE-2023/CVE-2023-71xx/CVE-2023-7104.json) (`2024-01-05T02:15:08.063`)
* [CVE-2024-0222](CVE-2024/CVE-2024-02xx/CVE-2024-0222.json) (`2024-01-05T02:15:08.177`)
* [CVE-2024-0223](CVE-2024/CVE-2024-02xx/CVE-2024-0223.json) (`2024-01-05T02:15:08.230`)
* [CVE-2024-0224](CVE-2024/CVE-2024-02xx/CVE-2024-0224.json) (`2024-01-05T02:15:08.270`)
* [CVE-2024-0225](CVE-2024/CVE-2024-02xx/CVE-2024-0225.json) (`2024-01-05T02:15:08.317`)
* [CVE-2023-50837](CVE-2023/CVE-2023-508xx/CVE-2023-50837.json) (`2024-01-05T04:47:31.270`)
* [CVE-2023-44089](CVE-2023/CVE-2023-440xx/CVE-2023-44089.json) (`2024-01-05T04:48:36.950`)
* [CVE-2023-44088](CVE-2023/CVE-2023-440xx/CVE-2023-44088.json) (`2024-01-05T04:49:25.633`)
* [CVE-2023-41815](CVE-2023/CVE-2023-418xx/CVE-2023-41815.json) (`2024-01-05T04:50:19.743`)
* [CVE-2023-41814](CVE-2023/CVE-2023-418xx/CVE-2023-41814.json) (`2024-01-05T04:51:23.907`)
* [CVE-2023-41813](CVE-2023/CVE-2023-418xx/CVE-2023-41813.json) (`2024-01-05T04:51:56.810`)
* [CVE-2023-51361](CVE-2023/CVE-2023-513xx/CVE-2023-51361.json) (`2024-01-05T04:52:30.367`)
* [CVE-2023-51371](CVE-2023/CVE-2023-513xx/CVE-2023-51371.json) (`2024-01-05T04:52:43.767`)
* [CVE-2023-52135](CVE-2023/CVE-2023-521xx/CVE-2023-52135.json) (`2024-01-05T04:53:19.787`)
* [CVE-2023-51372](CVE-2023/CVE-2023-513xx/CVE-2023-51372.json) (`2024-01-05T04:53:29.053`)
* [CVE-2023-51373](CVE-2023/CVE-2023-513xx/CVE-2023-51373.json) (`2024-01-05T04:53:36.090`)
* [CVE-2023-51374](CVE-2023/CVE-2023-513xx/CVE-2023-51374.json) (`2024-01-05T04:53:45.327`)
* [CVE-2023-51396](CVE-2023/CVE-2023-513xx/CVE-2023-51396.json) (`2024-01-05T04:53:57.677`)
* [CVE-2023-51397](CVE-2023/CVE-2023-513xx/CVE-2023-51397.json) (`2024-01-05T04:54:05.133`)
* [CVE-2023-51399](CVE-2023/CVE-2023-513xx/CVE-2023-51399.json) (`2024-01-05T04:54:13.920`)
* [CVE-2023-51541](CVE-2023/CVE-2023-515xx/CVE-2023-51541.json) (`2024-01-05T04:54:24.427`)
* [CVE-2023-51419](CVE-2023/CVE-2023-514xx/CVE-2023-51419.json) (`2024-01-05T04:55:29.657`)
* [CVE-2023-51417](CVE-2023/CVE-2023-514xx/CVE-2023-51417.json) (`2024-01-05T04:55:40.827`)
* [CVE-2023-51412](CVE-2023/CVE-2023-514xx/CVE-2023-51412.json) (`2024-01-05T04:55:51.963`)
* [CVE-2023-51411](CVE-2023/CVE-2023-514xx/CVE-2023-51411.json) (`2024-01-05T04:56:04.837`)
* [CVE-2023-51410](CVE-2023/CVE-2023-514xx/CVE-2023-51410.json) (`2024-01-05T04:56:13.670`)
* [CVE-2023-7114](CVE-2023/CVE-2023-71xx/CVE-2023-7114.json) (`2024-01-05T04:56:36.817`)
* [CVE-2023-7113](CVE-2023/CVE-2023-71xx/CVE-2023-7113.json) (`2024-01-05T04:56:58.503`)
## Download and Usage