admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-04-28T02:00:25.478311+00:00

Browse Source
This commit is contained in:
René Helmke 2023-04-28 04:00:28 +02:00
parent 48ba5590c7
commit deddde5c03
11 changed files with 1144 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

377
CVE-2022/CVE-2022-381xx/CVE-2022-38125.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-38125", "id": "CVE-2022-38125",
"sourceIdentifier": "VulnerabilityReporting@secomea.com", "sourceIdentifier": "VulnerabilityReporting@secomea.com",
"published": "2023-04-19T12:15:07.610", "published": "2023-04-19T12:15:07.610",
"lastModified": "2023-04-19T12:39:28.663", "lastModified": "2023-04-28T00:56:09.640",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{ {
"source": "VulnerabilityReporting@secomea.com", "source": "VulnerabilityReporting@secomea.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{ {
"source": "VulnerabilityReporting@secomea.com", "source": "VulnerabilityReporting@secomea.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,351 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:secomea:sitemanager_3549_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.622465022",
"matchCriteriaId": "17034D9B-EEC0-47C4-B262-C8699DCF31CE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:secomea:sitemanager_3549:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A05A3825-9C8E-43EF-A2DC-F0B06694CCCD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:secomea:sitemanager_3539_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.622465022",
"matchCriteriaId": "5483EDAF-69C3-4E09-9F12-B9E2775CB4D5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:secomea:sitemanager_3539:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D26BFEA-056C-4760-8D10-A0DF3677DAD1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:secomea:sitemanager_3529_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.622465022",
"matchCriteriaId": "36890A42-2A12-4637-8593-1D0DE0402B41"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:secomea:sitemanager_3529:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C5F7D37-729C-4969-9661-C933C9F16980"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:secomea:sitemanager_3349_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.622465022",
"matchCriteriaId": "66D8982B-1087-4C69-8773-998509A9C58C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:secomea:sitemanager_3349:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C7D7926-A5F5-46A1-A6B7-3C99130FA609"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:secomea:sitemanager_3339_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.622465022",
"matchCriteriaId": "4E54B3F5-30F2-4360-BBD9-4A21AEB78151"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:secomea:sitemanager_3339:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF64F7DA-FD12-4231-B792-EF8F79B587CF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:secomea:sitemanager_3329_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.622465022",
"matchCriteriaId": "DD2DF889-5E8C-4183-AFC8-098355C3704E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:secomea:sitemanager_3329:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABE08F2-C6D0-4CA3-99F4-0654653E7BF3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:secomea:sitemanager_1549_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.622465022",
"matchCriteriaId": "DE4EFF13-B933-40F8-957D-5AA71AF0CC95"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:secomea:sitemanager_1549:-:*:*:*:*:*:*:*",
"matchCriteriaId": "402344EC-DDE3-452B-BDD7-63E1DE7EB030"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:secomea:sitemanager_1539_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.622465022",
"matchCriteriaId": "854722A1-8028-4819-BF3E-645875E372B2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:secomea:sitemanager_1539:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5848F390-7F56-44ED-9267-38CA1971DE01"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:secomea:sitemanager_1529_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.622465022",
"matchCriteriaId": "5126CFB4-1AA2-4663-9AB1-EBC101DC9F1C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:secomea:sitemanager_1529:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04157541-64E2-4D44-8101-8BC9972283D0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:secomea:sitemanager_1149_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.622465022",
"matchCriteriaId": "9586E608-B8C6-4531-AA5C-4CEE23290607"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:secomea:sitemanager_1149:-:*:*:*:*:*:*:*",
"matchCriteriaId": "060DA5EF-B6FE-4E02-B0A5-EAAF5CF5AC35"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:secomea:sitemanager_1139_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.622465022",
"matchCriteriaId": "5E7AA2FA-06B5-433A-BE7C-7E3B28838333"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:secomea:sitemanager_1139:-:*:*:*:*:*:*:*",
"matchCriteriaId": "856E0FE1-D1FD-47A3-8DE0-A12F6FBD60E8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:secomea:sitemanager_1129_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.622465022",
"matchCriteriaId": "540F8642-361E-461D-A082-CAB4500BA25B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:secomea:sitemanager_1129:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29BFC1D6-82B6-4E20-BBFB-63F33373D78B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.secomea.com/support/cybersecurity-advisory/", "url": "https://www.secomea.com/support/cybersecurity-advisory/",
"source": "VulnerabilityReporting@secomea.com" "source": "VulnerabilityReporting@secomea.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

59
CVE-2023/CVE-2023-23xx/CVE-2023-2356.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-2356",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-04-28T00:15:08.890",
"lastModified": "2023-04-28T00:15:08.890",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-23"
}
]
}
],
"references": [
{
"url": "https://github.com/mlflow/mlflow/commit/f73147496e05c09a8b83d95fb4f1bf86696c6342",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.dev/bounties/7b5d130d-38eb-4133-8c7d-0dfc9a9d9896",
"source": "security@huntr.dev"
}
]
}

59
CVE-2023/CVE-2023-275xx/CVE-2023-27556.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-27556",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-04-28T01:15:06.967",
"lastModified": "2023-04-28T01:15:06.967",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "IBM Counter Fraud Management for Safer Payments 6.1.0.00, 6.2.0.00, 6.3.0.00 through 6.3.1.03, 6.4.0.00 through 6.4.2.02 and 6.5.0.00 does not properly allocate resources without limits or throttling which could allow a remote attacker to cause a denial of service. IBM X-Force ID: 249190."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249190",
"source": "psirt@us.ibm.com"
},
{
"url": "https://https://www.ibm.com/support/pages/node/6985601",
"source": "psirt@us.ibm.com"
}
]
}

70
CVE-2023/CVE-2023-277xx/CVE-2023-27776.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-27776", "id": "CVE-2023-27776",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-04-19T12:15:08.247", "published": "2023-04-19T12:15:08.247",
"lastModified": "2023-04-19T12:39:28.663", "lastModified": "2023-04-28T01:27:34.680",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability in /index.php?page=category_list of Online Jewelry Shop v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category Name parameter." "value": "A stored cross-site scripting (XSS) vulnerability in /index.php?page=category_list of Online Jewelry Shop v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category Name parameter."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_jewelry_shop_project:online_jewelry_shop:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2A58E7B0-2F47-4520-81CE-4961778710B6"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/lohyt/Persistent-Cross-Site-Scripting-found-in-Online-Jewellery-Store-from-Sourcecodester-website.", "url": "https://github.com/lohyt/Persistent-Cross-Site-Scripting-found-in-Online-Jewellery-Store-from-Sourcecodester-website.",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/lohyt/Persistent-Cross-Site-Scripting-found-in-Online-Jewellery-Store-from-Sourcecodester-website./blob/main/README.md", "url": "https://github.com/lohyt/Persistent-Cross-Site-Scripting-found-in-Online-Jewellery-Store-from-Sourcecodester-website./blob/main/README.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

71
CVE-2023/CVE-2023-281xx/CVE-2023-28143.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28143", "id": "CVE-2023-28143",
"sourceIdentifier": "bugreport@qualys.com", "sourceIdentifier": "bugreport@qualys.com",
"published": "2023-04-18T16:15:09.223", "published": "2023-04-18T16:15:09.223",
"lastModified": "2023-04-18T17:36:19.570", "lastModified": "2023-04-28T00:42:51.857",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
},
{ {
"source": "bugreport@qualys.com", "source": "bugreport@qualys.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-426"
}
]
},
{ {
"source": "bugreport@qualys.com", "source": "bugreport@qualys.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,45 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qualys:cloud_agent:*:*:*:*:*:macos:*:*",
"versionStartIncluding": "2.5.1-75",
"versionEndExcluding": "3.7",
"matchCriteriaId": "1FDE3FE5-9778-453F-A9EE-CC9978DEFEB2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.15",
"matchCriteriaId": "22A86A9E-554E-48DD-A654-AC8AABED90FD"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://qualys.com/security-advisories", "url": "https://qualys.com/security-advisories",
"source": "bugreport@qualys.com" "source": "bugreport@qualys.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

152
CVE-2023/CVE-2023-288xx/CVE-2023-28856.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28856", "id": "CVE-2023-28856",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-18T21:15:09.313", "published": "2023-04-18T21:15:09.313",
"lastModified": "2023-04-21T17:15:07.757", "lastModified": "2023-04-28T01:05:38.303",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -48,24 +68,144 @@
"value": "CWE-617" "value": "CWE-617"
} }
] ]
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-617"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.19",
"matchCriteriaId": "F2B03AA7-7246-4AEB-9C34-37E63E9D734C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0",
"versionEndExcluding": "6.2.12",
"matchCriteriaId": "34A547EB-9F9A-4554-97D5-0141CAE18222"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.11",
"matchCriteriaId": "ADC8DBA4-6974-4E79-9218-286251C25982"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://github.com/redis/redis/commit/bc7fe41e5857a0854d524e2a63a028e9394d2a5c", "url": "https://github.com/redis/redis/commit/bc7fe41e5857a0854d524e2a63a028e9394d2a5c",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/redis/redis/pull/11149", "url": "https://github.com/redis/redis/pull/11149",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Patch"
]
}, },
{ {
"url": "https://github.com/redis/redis/security/advisories/GHSA-hjv8-vjf6-wcr6", "url": "https://github.com/redis/redis/security/advisories/GHSA-hjv8-vjf6-wcr6",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00023.html", "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00023.html",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EQ4DJSO4DMR55AWK6OPVJH5UTEB35R2Z/",
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LPUTH7NBQTZDVJWFNUD24ZCS6NDUFYS6/",
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQGKMKSQE67L32HE6W5EI2I2YKW5VWHI/",
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
} }
] ]
} }

146
CVE-2023/CVE-2023-294xx/CVE-2023-29410.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29410", "id": "CVE-2023-29410",
"sourceIdentifier": "cybersecurity@se.com", "sourceIdentifier": "cybersecurity@se.com",
"published": "2023-04-18T22:15:08.067", "published": "2023-04-18T22:15:08.067",
"lastModified": "2023-04-19T12:39:47.563", "lastModified": "2023-04-28T01:25:19.217",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{ {
"source": "cybersecurity@se.com", "source": "cybersecurity@se.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +66,130 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:insighthome_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.16",
"matchCriteriaId": "371B602D-2BB3-41CF-B07B-558B74AEC130"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:insighthome_firmware:1.16:-:*:*:*:*:*:*",
"matchCriteriaId": "698CF5CB-17DC-405B-9C44-675A80320A65"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:insighthome_firmware:1.16:build_004:*:*:*:*:*:*",
"matchCriteriaId": "039691CA-D243-4D6D-912A-F130F7F6491C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:insighthome:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37CAC057-7F0E-4375-99FE-AEE0EDDEA568"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:insightfacility_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.16",
"matchCriteriaId": "18E2843D-745F-41D7-8B16-2CC18EC64290"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:insightfacility_firmware:1.16:-:*:*:*:*:*:*",
"matchCriteriaId": "F90B0024-6C86-4E85-AE83-F349D34E7416"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:insightfacility_firmware:1.16:build_004:*:*:*:*:*:*",
"matchCriteriaId": "D81ACD8E-4B04-4BCB-894F-4A5828899C16"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:insightfacility:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5011815-3D43-4AA4-9395-31788D06DA10"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:conext_gateway_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.16",
"matchCriteriaId": "3524289C-ACF3-424E-9A1E-A777EBFB89F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:conext_gateway_firmware:1.16:-:*:*:*:*:*:*",
"matchCriteriaId": "62314597-62BC-4531-B5C8-61343262CE9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:conext_gateway_firmware:1.16:build_004:*:*:*:*:*:*",
"matchCriteriaId": "AD27299F-4422-4176-9DFD-86F2E4487366"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:conext_gateway:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E013171F-2BFB-4CB2-9C4B-4EB60A40B255"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-02.pdf", "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-02.pdf",
"source": "cybersecurity@se.com" "source": "cybersecurity@se.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

91
CVE-2023/CVE-2023-295xx/CVE-2023-29526.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29526", "id": "CVE-2023-29526",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-19T00:15:09.213", "published": "2023-04-19T00:15:09.213",
"lastModified": "2023-04-19T12:39:38.607", "lastModified": "2023-04-28T00:50:06.720",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -36,7 +56,7 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security-advisories@github.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -44,20 +64,79 @@
"value": "CWE-74" "value": "CWE-74"
} }
] ]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.11.1",
"versionEndExcluding": "13.10.11",
"matchCriteriaId": "F2A7D825-53C5-4260-81D6-E9F6C61C49BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.4.8",
"matchCriteriaId": "AD2B185D-F8A6-49EB-B485-744F234B8730"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.5",
"versionEndExcluding": "14.10.3",
"matchCriteriaId": "4472030C-B32C-42AD-B137-2FA730A29836"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-gpq5-7p34-vqx5", "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-gpq5-7p34-vqx5",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}, },
{ {
"url": "https://jira.xwiki.org/browse/XRENDERING-694", "url": "https://jira.xwiki.org/browse/XRENDERING-694",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
]
}, },
{ {
"url": "https://jira.xwiki.org/browse/XWIKI-20394", "url": "https://jira.xwiki.org/browse/XWIKI-20394",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

64
CVE-2023/CVE-2023-299xx/CVE-2023-29923.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-29923", "id": "CVE-2023-29923",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-04-19T14:15:07.197", "published": "2023-04-19T14:15:07.197",
"lastModified": "2023-04-19T16:04:03.120", "lastModified": "2023-04-28T01:31:14.110",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "PowerJob V4.3.1 is vulnerable to Insecure Permissions. via the list job interface." "value": "PowerJob V4.3.1 is vulnerable to Insecure Permissions. via the list job interface."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:powerjob:powerjob:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C125B3CC-32C1-4A5A-9261-C72FA03EADE1"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/PowerJob/PowerJob/issues/587", "url": "https://github.com/PowerJob/PowerJob/issues/587",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
} }
] ]
} }

76
CVE-2023/CVE-2023-305xx/CVE-2023-30547.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30547", "id": "CVE-2023-30547",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-17T22:15:10.487", "published": "2023-04-17T22:15:10.487",
"lastModified": "2023-04-18T03:15:28.387", "lastModified": "2023-04-28T01:13:44.617",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -36,8 +56,18 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security-advisories@github.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -46,22 +76,54 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vm2_project:vm2:*:*:*:*:*:node.js:*:*",
"versionEndIncluding": "3.9.16",
"matchCriteriaId": "6D85218D-E019-4345-8171-42A65FFA75AB"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://gist.github.com/leesh3288/381b230b04936dd4d74aaf90cc8bb244", "url": "https://gist.github.com/leesh3288/381b230b04936dd4d74aaf90cc8bb244",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/patriksimek/vm2/commit/4b22e87b102d97d45d112a0931dba1aef7eea049", "url": "https://github.com/patriksimek/vm2/commit/4b22e87b102d97d45d112a0931dba1aef7eea049",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/patriksimek/vm2/commit/f3db4dee4d76b19869df05ba7880d638a880edd5", "url": "https://github.com/patriksimek/vm2/commit/f3db4dee4d76b19869df05ba7880d638a880edd5",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/patriksimek/vm2/security/advisories/GHSA-ch3r-j5x3-6q2m", "url": "https://github.com/patriksimek/vm2/security/advisories/GHSA-ch3r-j5x3-6q2m",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

31
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-04-28T00:00:24.560765+00:00 2023-04-28T02:00:25.478311+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-04-27T23:15:15.050000+00:00 2023-04-28T01:31:14.110000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -23,34 +23,35 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](releases/latest) Download and Changelog: [Click](releases/latest)
```plain ```plain
2023-04-27T00:00:20.965588+00:00 2023-04-28T00:00:20.952519+00:00
``` ```
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
213708 213710
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `7` Recently added CVEs: `2`
* [CVE-2023-1967](CVE-2023/CVE-2023-19xx/CVE-2023-1967.json) (`2023-04-27T22:15:09.187`) * [CVE-2023-2356](CVE-2023/CVE-2023-23xx/CVE-2023-2356.json) (`2023-04-28T00:15:08.890`)
* [CVE-2023-28384](CVE-2023/CVE-2023-283xx/CVE-2023-28384.json) (`2023-04-27T23:15:14.867`) * [CVE-2023-27556](CVE-2023/CVE-2023-275xx/CVE-2023-27556.json) (`2023-04-28T01:15:06.967`)
* [CVE-2023-28400](CVE-2023/CVE-2023-284xx/CVE-2023-28400.json) (`2023-04-27T23:15:14.917`)
* [CVE-2023-28716](CVE-2023/CVE-2023-287xx/CVE-2023-28716.json) (`2023-04-27T23:15:14.963`)
* [CVE-2023-29150](CVE-2023/CVE-2023-291xx/CVE-2023-29150.json) (`2023-04-27T23:15:15.007`)
* [CVE-2023-29169](CVE-2023/CVE-2023-291xx/CVE-2023-29169.json) (`2023-04-27T23:15:15.050`)
* [CVE-2023-30380](CVE-2023/CVE-2023-303xx/CVE-2023-30380.json) (`2023-04-27T22:15:09.917`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `2` Recently modified CVEs: `8`
* [CVE-2019-18269](CVE-2019/CVE-2019-182xx/CVE-2019-18269.json) (`2023-04-27T23:15:14.657`) * [CVE-2022-38125](CVE-2022/CVE-2022-381xx/CVE-2022-38125.json) (`2023-04-28T00:56:09.640`)
* [CVE-2023-27350](CVE-2023/CVE-2023-273xx/CVE-2023-27350.json) (`2023-04-27T22:15:09.740`) * [CVE-2023-27776](CVE-2023/CVE-2023-277xx/CVE-2023-27776.json) (`2023-04-28T01:27:34.680`)
* [CVE-2023-28143](CVE-2023/CVE-2023-281xx/CVE-2023-28143.json) (`2023-04-28T00:42:51.857`)
* [CVE-2023-28856](CVE-2023/CVE-2023-288xx/CVE-2023-28856.json) (`2023-04-28T01:05:38.303`)
* [CVE-2023-29410](CVE-2023/CVE-2023-294xx/CVE-2023-29410.json) (`2023-04-28T01:25:19.217`)
* [CVE-2023-29526](CVE-2023/CVE-2023-295xx/CVE-2023-29526.json) (`2023-04-28T00:50:06.720`)
* [CVE-2023-29923](CVE-2023/CVE-2023-299xx/CVE-2023-29923.json) (`2023-04-28T01:31:14.110`)
* [CVE-2023-30547](CVE-2023/CVE-2023-305xx/CVE-2023-30547.json) (`2023-04-28T01:13:44.617`)
## Download and Usage ## Download and Usage