admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-12-21T23:00:25.161980+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-12-21 23:00:28 +00:00
parent 663d2c654f
commit e1f2f4be5e
60 changed files with 2200 additions and 134 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CVE-2021/CVE-2021-257xx/CVE-2021-25736.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-25736",
"sourceIdentifier": "jordan@liggitt.net",
"published": "2023-10-30T03:15:07.653",
"lastModified": "2023-11-16T16:01:35.093",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-21T22:15:07.533",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -130,6 +130,10 @@
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20231221-0003/",
"source": "jordan@liggitt.net"
}
]
}

5
CVE-2022/CVE-2022-251xx/CVE-2022-25183.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-25183",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-02-15T17:15:09.197",
"lastModified": "2023-10-25T18:16:56.450",
"vulnStatus": "Modified",
"lastModified": "2023-12-21T21:54:23.297",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -98,7 +98,6 @@
"url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2586",
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
]

4
CVE-2022/CVE-2022-272xx/CVE-2022-27208.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-27208",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-03-15T17:15:11.653",
"lastModified": "2023-10-25T18:16:59.113",
"vulnStatus": "Modified",
"lastModified": "2023-12-21T21:53:59.197",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-272xx/CVE-2022-27212.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-27212",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-03-15T17:15:12.130",
"lastModified": "2023-10-25T18:16:59.393",
"vulnStatus": "Modified",
"lastModified": "2023-12-21T21:54:02.937",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",

8
CVE-2022/CVE-2022-272xx/CVE-2022-27217.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-27217",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-03-15T17:15:12.777",
"lastModified": "2023-10-25T18:16:59.703",
"vulnStatus": "Modified",
"lastModified": "2023-12-21T21:55:10.330",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jenkins:vmware_vrealize_automation:*:*:*:*:*:jenkins:*:*",
"criteria": "cpe:2.3:a:jenkins:vmware_vrealize_codestream:*:*:*:*:*:jenkins:*:*",
"versionEndIncluding": "1.2",
"matchCriteriaId": "2B8E5AEF-936C-405A-AC37-E7D7A60762EF"
"matchCriteriaId": "41430DE4-EC4C-4C4D-9BA1-76F134C525C8"
}
]
}

4
CVE-2022/CVE-2022-272xx/CVE-2022-27218.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-27218",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-03-15T17:15:12.877",
"lastModified": "2023-10-25T18:16:59.763",
"vulnStatus": "Modified",
"lastModified": "2023-12-21T21:53:32.773",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",

8
CVE-2022/CVE-2022-281xx/CVE-2022-28135.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-28135",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-03-29T13:15:08.137",
"lastModified": "2023-10-25T18:17:00.000",
"vulnStatus": "Modified",
"lastModified": "2023-12-21T21:53:55.317",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -85,8 +85,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jenkins:instant-messaging:*:*:*:*:*:jenkins:*:*",
"versionEndIncluding": "1.41",
"matchCriteriaId": "96D088EA-D804-4C93-9FFA-A5B53F04458F"
"versionEndExcluding": "1.42",
"matchCriteriaId": "29F130A7-5B0F-487D-91D6-61F59EFFE724"
}
]
}

4
CVE-2022/CVE-2022-290xx/CVE-2022-29044.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-29044",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-04-12T20:15:09.470",
"lastModified": "2023-10-25T18:17:02.203",
"vulnStatus": "Modified",
"lastModified": "2023-12-21T21:54:07.530",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-290xx/CVE-2022-29045.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-29045",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-04-12T20:15:09.520",
"lastModified": "2023-10-25T18:17:02.290",
"vulnStatus": "Modified",
"lastModified": "2023-12-21T21:54:37.523",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-290xx/CVE-2022-29047.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-29047",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-04-12T20:15:09.613",
"lastModified": "2023-10-25T18:17:02.417",
"vulnStatus": "Modified",
"lastModified": "2023-12-21T21:54:31.177",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-290xx/CVE-2022-29049.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-29049",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-04-12T20:15:09.713",
"lastModified": "2023-10-25T18:17:02.553",
"vulnStatus": "Modified",
"lastModified": "2023-12-21T21:54:41.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-309xx/CVE-2022-30945.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-30945",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-05-17T15:15:08.647",
"lastModified": "2023-10-25T18:17:02.800",
"vulnStatus": "Modified",
"lastModified": "2023-12-21T21:54:14.583",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",

20
CVE-2022/CVE-2022-309xx/CVE-2022-30949.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-30949",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-05-17T15:15:08.963",
"lastModified": "2023-10-25T18:17:03.077",
"vulnStatus": "Modified",
"lastModified": "2023-12-21T21:54:57.407",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -82,23 +82,11 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jenkins:git:*:*:*:*:*:jenkins:*:*",
"versionEndIncluding": "4.11.1",
"matchCriteriaId": "4FFB6191-5E3A-409C-9E95-371A70CACF2C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jenkins:mercurial:*:*:*:*:*:jenkins:*:*",
"versionEndIncluding": "2.16",
"matchCriteriaId": "EE74985B-DFA6-448B-B7C7-ABA59FA5A29C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jenkins:repo:*:*:*:*:*:jenkins:*:*",
"versionEndIncluding": "1.14.0",
"matchCriteriaId": "2DA0E8DD-892B-40A1-A373-E7C96DAEC7B4"
"versionEndExcluding": "1.15.0",
"matchCriteriaId": "70C720AF-1714-4D69-9FC3-FA3D88F32088"
}
]
}

8
CVE-2022/CVE-2022-31xx/CVE-2022-3172.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-3172",
"sourceIdentifier": "jordan@liggitt.net",
"published": "2023-11-03T20:15:08.550",
"lastModified": "2023-11-14T16:26:22.247",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-21T22:15:08.130",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -139,6 +139,10 @@
"tags": [
"Mailing List"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20231221-0005/",
"source": "jordan@liggitt.net"
}
]
}

26
CVE-2022/CVE-2022-39xx/CVE-2022-3964.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-3964",
"sourceIdentifier": "cna@vuldb.com",
"published": "2022-11-13T08:15:14.657",
"lastModified": "2023-11-07T03:52:01.940",
"vulnStatus": "Modified",
"lastModified": "2023-12-21T21:44:46.807",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 5.2
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -60,7 +60,7 @@
},
"weaknesses": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
@ -81,8 +81,22 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.4",
"versionEndExcluding": "6.0",
"matchCriteriaId": "7683BDAA-2886-4E48-A7DA-A5F826A6ABF1"
"versionEndExcluding": "4.4.4",
"matchCriteriaId": "078D4A14-B5EA-401E-84E6-3212AAC69A65"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0",
"versionEndExcluding": "5.0.3",
"matchCriteriaId": "5CE47406-F17E-4C7D-B924-22DEBD106D45"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.1",
"versionEndExcluding": "5.1.3",
"matchCriteriaId": "952B0691-9892-4CDE-A4E7-1EF0EE51B27B"
}
]
}

19
CVE-2022/CVE-2022-39xx/CVE-2022-3965.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-3965",
"sourceIdentifier": "cna@vuldb.com",
"published": "2022-11-13T08:15:15.367",
"lastModified": "2023-11-07T03:52:02.067",
"vulnStatus": "Modified",
"lastModified": "2023-12-21T21:44:52.820",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 5.2
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -60,7 +60,7 @@
},
"weaknesses": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
@ -81,8 +81,15 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0",
"versionEndExcluding": "6.0",
"matchCriteriaId": "BF67445F-DBBB-4116-8F62-77BBB438988E"
"versionEndExcluding": "5.0.3",
"matchCriteriaId": "5CE47406-F17E-4C7D-B924-22DEBD106D45"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.1",
"versionEndExcluding": "5.1.3",
"matchCriteriaId": "952B0691-9892-4CDE-A4E7-1EF0EE51B27B"
}
]
}

8
CVE-2023/CVE-2023-11xx/CVE-2023-1194.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1194",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-03T08:15:07.490",
"lastModified": "2023-11-13T20:01:15.780",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-21T22:15:08.460",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -154,6 +154,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20231221-0006/",
"source": "secalert@redhat.com"
},
{
"url": "https://www.spinics.net/lists/stable-commits/msg303065.html",
"source": "secalert@redhat.com",

8
CVE-2023/CVE-2023-223xx/CVE-2023-22329.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22329",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:17.390",
"lastModified": "2023-11-28T18:30:16.790",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-21T22:15:08.750",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17066,6 +17066,10 @@
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20231221-0008/",
"source": "secure@intel.com"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00924.html",
"source": "secure@intel.com",

8
CVE-2023/CVE-2023-257xx/CVE-2023-25756.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25756",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:19.770",
"lastModified": "2023-11-30T17:08:47.230",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-21T22:15:11.410",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17066,6 +17066,10 @@
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20231221-0008/",
"source": "secure@intel.com"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00924.html",
"source": "secure@intel.com",

55
CVE-2023/CVE-2023-273xx/CVE-2023-27319.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-27319",
"sourceIdentifier": "security-alert@netapp.com",
"published": "2023-12-21T22:15:13.100",
"lastModified": "2023-12-21T22:15:13.100",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "ONTAP Mediator versions prior to 1.7 are susceptible to a \nvulnerability that can allow an unauthenticated attacker to enumerate \nURLs via REST API.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@netapp.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-alert@netapp.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-209"
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20231221-0011/",
"source": "security-alert@netapp.com"
}
]
}

8
CVE-2023/CVE-2023-283xx/CVE-2023-28376.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28376",
"sourceIdentifier": "secure@intel.com",
"published": "2023-11-14T19:15:21.793",
"lastModified": "2023-11-21T17:41:53.923",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-21T22:15:13.493",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -279,6 +279,10 @@
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20231221-0007/",
"source": "secure@intel.com"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00869.html",
"source": "secure@intel.com",

8
CVE-2023/CVE-2023-340xx/CVE-2023-34055.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34055",
"sourceIdentifier": "security@vmware.com",
"published": "2023-11-28T09:15:07.303",
"lastModified": "2023-12-04T19:58:14.227",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-21T22:15:13.760",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -104,6 +104,10 @@
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20231221-0010/",
"source": "security@vmware.com"
},
{
"url": "https://spring.io/security/cve-2023-34055",
"source": "security@vmware.com",

12
CVE-2023/CVE-2023-368xx/CVE-2023-36803.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36803",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-09-12T17:15:15.717",
"lastModified": "2023-10-16T18:15:15.903",
"vulnStatus": "Modified",
"lastModified": "2023-12-21T21:49:57.347",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -45,7 +45,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "CWE-125"
}
]
}
@ -116,7 +116,11 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/175109/Microsoft-Windows-Kernel-Out-Of-Bounds-Reads-Memory-Disclosure.html",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36803",

43
CVE-2023/CVE-2023-375xx/CVE-2023-37519.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-37519",
"sourceIdentifier": "psirt@hcl.com",
"published": "2023-12-21T22:15:13.930",
"lastModified": "2023-12-21T22:15:13.930",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability. This XSS vulnerability is in the Download Status Report, which is served by the BigFix Server.\u00a0\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@hcl.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 6.0
}
]
},
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109376",
"source": "psirt@hcl.com"
}
]
}

10
CVE-2023/CVE-2023-381xx/CVE-2023-38140.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38140",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-09-12T17:15:16.547",
"lastModified": "2023-10-16T18:15:16.030",
"vulnStatus": "Modified",
"lastModified": "2023-12-21T21:49:53.360",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -110,7 +110,11 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/175108/Microsoft-Windows-Kernel-Paged-Pool-Memory-Disclosure.html",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38140",

8
CVE-2023/CVE-2023-38xx/CVE-2023-3893.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3893",
"sourceIdentifier": "jordan@liggitt.net",
"published": "2023-11-03T18:15:08.623",
"lastModified": "2023-11-14T18:00:02.837",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-21T22:15:14.160",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -118,6 +118,10 @@
"tags": [
"Mailing List"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20231221-0004/",
"source": "jordan@liggitt.net"
}
]
}

8
CVE-2023/CVE-2023-39xx/CVE-2023-3955.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3955",
"sourceIdentifier": "jordan@liggitt.net",
"published": "2023-10-31T21:15:08.613",
"lastModified": "2023-11-08T18:29:32.170",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-21T22:15:14.280",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -155,6 +155,10 @@
"tags": [
"Technical Description"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20231221-0002/",
"source": "jordan@liggitt.net"
}
]
}

63
CVE-2023/CVE-2023-410xx/CVE-2023-41097.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-41097",
"sourceIdentifier": "product-security@silabs.com",
"published": "2023-12-21T21:15:08.020",
"lastModified": "2023-12-21T21:15:08.020",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-208"
},
{
"lang": "en",
"value": "CWE-385"
}
]
}
],
"references": [
{
"url": "https://github.com/SiliconLabs/gecko_sdk/releases",
"source": "product-security@silabs.com"
},
{
"url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/069Vm0000007rArIAI?operationContext=S1",
"source": "product-security@silabs.com"
}
]
}

8
CVE-2023/CVE-2023-419xx/CVE-2023-41993.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41993",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-21T19:15:11.660",
"lastModified": "2023-11-16T03:15:07.190",
"vulnStatus": "Modified",
"lastModified": "2023-12-21T22:15:14.453",
"vulnStatus": "Undergoing Analysis",
"cisaExploitAdd": "2023-09-25",
"cisaActionDue": "2023-10-16",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
@ -229,6 +229,10 @@
"url": "https://support.apple.com/kb/HT213926",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/kb/HT213930",
"source": "product-security@apple.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5527",
"source": "product-security@apple.com",

8
CVE-2023/CVE-2023-436xx/CVE-2023-43665.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43665",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-03T05:15:30.047",
"lastModified": "2023-11-13T15:29:25.847",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-21T22:15:14.690",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -122,6 +122,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20231221-0001/",
"source": "cve@mitre.org"
},
{
"url": "https://www.djangoproject.com/weblog/2023/oct/04/security-releases/",
"source": "cve@mitre.org",

71
CVE-2023/CVE-2023-466xx/CVE-2023-46645.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2023-46645",
"sourceIdentifier": "product-cna@github.com",
"published": "2023-12-21T21:15:08.347",
"lastModified": "2023-12-21T21:15:08.347",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability was identified in GitHub Enterprise Server that allowed arbitrary file reading when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.7.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1. This vulnerability was reported via the GitHub Bug Bounty program.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.7/admin/release-notes#3.7.19",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7",
"source": "product-cna@github.com"
}
]
}

67
CVE-2023/CVE-2023-466xx/CVE-2023-46646.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-46646",
"sourceIdentifier": "product-cna@github.com",
"published": "2023-12-21T21:15:08.620",
"lastModified": "2023-12-21T21:15:08.620",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper access control in all versions of GitHub Enterprise Server allows unauthorized users to view private repository names via the \"Get a check run\" API endpoint. This vulnerability did not allow unauthorized access to any repository content besides the name.\u00a0This vulnerability affected GitHub Enterprise Server version 3.7.0 and above and was fixed in version 3.17.19, 3.8.12, 3.9.7 3.10.4, and 3.11.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"references": [
{
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.7/admin/release-notes#3.7.19",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7",
"source": "product-cna@github.com"
}
]
}

67
CVE-2023/CVE-2023-466xx/CVE-2023-46647.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-46647",
"sourceIdentifier": "product-cna@github.com",
"published": "2023-12-21T21:15:08.930",
"lastModified": "2023-12-21T21:15:08.930",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper privilege management in all versions of GitHub Enterprise Server allows users with authorized access to the management console with an editor role to escalate their privileges by making requests to the endpoint used for bootstrapping the instance.\u00a0This vulnerability affected GitHub Enterprise Server version 3.8.0 and above and was fixed in version 3.8.12, 3.9.6, 3.10.3, and 3.11.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.3",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.0",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.6",
"source": "product-cna@github.com"
}
]
}

67
CVE-2023/CVE-2023-466xx/CVE-2023-46648.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-46648",
"sourceIdentifier": "product-cna@github.com",
"published": "2023-12-21T21:15:09.257",
"lastModified": "2023-12-21T21:15:09.257",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An insufficient entropy vulnerability was identified in GitHub Enterprise Server (GHES) that allowed an attacker to brute force a user invitation to the GHES Management Console. To exploit this vulnerability, an attacker would need knowledge that a user invitation was pending. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1. This vulnerability was reported via the GitHub Bug Bounty program.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-331"
}
]
}
],
"references": [
{
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7",
"source": "product-cna@github.com"
}
]
}

71
CVE-2023/CVE-2023-466xx/CVE-2023-46649.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2023-46649",
"sourceIdentifier": "product-cna@github.com",
"published": "2023-12-21T21:15:09.573",
"lastModified": "2023-12-21T21:15:09.573",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A race condition in GitHub Enterprise Server was identified that could allow an attacker administrator access. To exploit this, an organization needs to be converted from a user.\u00a0This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.7.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1.\u00a0"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.3,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"references": [
{
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.7/admin/release-notes#3.7.19",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7",
"source": "product-cna@github.com"
}
]
}

59
CVE-2023/CVE-2023-486xx/CVE-2023-48685.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-48685",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-21T21:15:09.867",
"lastModified": "2023-12-21T21:15:09.867",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.\u00a0The 'psd' parameter of the login.php resource\u00a0does not validate the characters received and they\u00a0are sent unfiltered to the database.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/barenboim/",
"source": "help@fluidattacks.com"
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
}
]
}

59
CVE-2023/CVE-2023-486xx/CVE-2023-48686.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-48686",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-21T21:15:10.200",
"lastModified": "2023-12-21T21:15:10.200",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.\u00a0The 'user' parameter of the login.php resource\u00a0does not validate the characters received and they\u00a0are sent unfiltered to the database.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/barenboim/",
"source": "help@fluidattacks.com"
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
}
]
}

59
CVE-2023/CVE-2023-486xx/CVE-2023-48687.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-48687",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-21T21:15:10.507",
"lastModified": "2023-12-21T21:15:10.507",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.\u00a0The 'from' parameter of the reservation.php resource\u00a0does not validate the characters received and they\u00a0are sent unfiltered to the database.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/barenboim/",
"source": "help@fluidattacks.com"
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
}
]
}

59
CVE-2023/CVE-2023-486xx/CVE-2023-48688.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-48688",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-21T21:15:10.830",
"lastModified": "2023-12-21T21:15:10.830",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.\u00a0The 'to' parameter of the reservation.php resource\u00a0does not validate the characters received and they\u00a0are sent unfiltered to the database.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/barenboim/",
"source": "help@fluidattacks.com"
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
}
]
}

59
CVE-2023/CVE-2023-486xx/CVE-2023-48689.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-48689",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-21T21:15:11.130",
"lastModified": "2023-12-21T21:15:11.130",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.\u00a0The 'byname' parameter of the train.php resource\u00a0does not validate the characters received and they\u00a0are sent unfiltered to the database.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/barenboim/",
"source": "help@fluidattacks.com"
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
}
]
}

59
CVE-2023/CVE-2023-486xx/CVE-2023-48690.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-48690",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-21T21:15:11.437",
"lastModified": "2023-12-21T21:15:11.437",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.\u00a0The 'bynum' parameter of the train.php resource\u00a0does not validate the characters received and they\u00a0are sent unfiltered to the database.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/barenboim/",
"source": "help@fluidattacks.com"
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
}
]
}

59
CVE-2023/CVE-2023-487xx/CVE-2023-48716.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-48716",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-21T21:15:11.710",
"lastModified": "2023-12-21T21:15:11.710",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.\u00a0The 'class_id' parameter of the add_classes.php resource\u00a0does not validate the characters received and they\u00a0are sent unfiltered to the database.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/gilels/",
"source": "help@fluidattacks.com"
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
}
]
}

59
CVE-2023/CVE-2023-487xx/CVE-2023-48717.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-48717",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-21T21:15:12.013",
"lastModified": "2023-12-21T21:15:12.013",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.\u00a0The 'class_name' parameter of the add_classes.php resource\u00a0does not validate the characters received and they\u00a0are sent unfiltered to the database.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/gilels/",
"source": "help@fluidattacks.com"
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
}
]
}

59
CVE-2023/CVE-2023-487xx/CVE-2023-48718.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-48718",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-21T21:15:12.297",
"lastModified": "2023-12-21T21:15:12.297",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.\u00a0The 'class_name' parameter of the add_students.php resource\u00a0does not validate the characters received and they\u00a0are sent unfiltered to the database.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/gilels/",
"source": "help@fluidattacks.com"
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
}
]
}

59
CVE-2023/CVE-2023-487xx/CVE-2023-48719.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-48719",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-21T21:15:12.590",
"lastModified": "2023-12-21T21:15:12.590",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.\u00a0The 'roll_no' parameter of the add_students.php resource\u00a0does not validate the characters received and they\u00a0are sent unfiltered to the database.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/gilels/",
"source": "help@fluidattacks.com"
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
}
]
}

59
CVE-2023/CVE-2023-487xx/CVE-2023-48720.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-48720",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-21T21:15:12.870",
"lastModified": "2023-12-21T21:15:12.870",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.\u00a0The 'password' parameter of the login.php resource\u00a0does not validate the characters received and they\u00a0are sent unfiltered to the database.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/gilels/",
"source": "help@fluidattacks.com"
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
}
]
}

59
CVE-2023/CVE-2023-487xx/CVE-2023-48722.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-48722",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-21T21:15:13.160",
"lastModified": "2023-12-21T21:15:13.160",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.\u00a0The 'class_name' parameter of the add_results.php resource\u00a0does not validate the characters received and they\u00a0are sent unfiltered to the database.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/gilels/",
"source": "help@fluidattacks.com"
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
}
]
}

59
CVE-2023/CVE-2023-487xx/CVE-2023-48723.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-48723",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-21T22:15:14.823",
"lastModified": "2023-12-21T22:15:14.823",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.\u00a0The 'rno' parameter of the add_results.php resource\u00a0does not validate the characters received and they\u00a0are sent unfiltered to the database.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/gilels/",
"source": "help@fluidattacks.com"
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
}
]
}

12
CVE-2023/CVE-2023-48xx/CVE-2023-4809.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-4809",
"sourceIdentifier": "secteam@freebsd.org",
"published": "2023-09-06T20:15:08.080",
"lastModified": "2023-09-12T15:50:18.057",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-21T22:15:15.217",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "In pf packet processing with a 'scrub fragment reassemble' rule, a packet containing multiple IPv6 fragment headers would be reassembled, and then immediately processed. That is, a packet with multiple fragment extension headers would not be recognized as the correct ultimate payload. Instead a packet with multiple IPv6 fragment headers would unexpectedly be interpreted as a fragmented packet, rather than as whatever the real payload is.\n\n\n\n\nAs a result, IPv6 fragments may bypass pf firewall rules written on the assumption all fragments have been reassembled and, as a result, be forwarded or processed by the host.\n\n"
},
{
"lang": "es",
"value": "En el procesamiento de paquetes pf con una regla 'scrub fragment reassemble', un paquete que contenga m\u00faltiples encabezados de fragmentos IPv6 se reensamblar\u00eda y luego se procesar\u00eda inmediatamente. Es decir, un paquete con m\u00faltiples encabezados de extensi\u00f3n de fragmentos no ser\u00eda reconocido como el payload final correcto. En cambio, un paquete con m\u00faltiples encabezados de fragmentos IPv6 se interpretar\u00eda inesperadamente como un paquete fragmentado, en lugar de como cualquier payload real. Como resultado, los fragmentos de IPv6 pueden eludir las reglas del firewall escritas bajo el supuesto de que todos los fragmentos se han reensamblado y, como resultado, el host los reenv\u00eda o procesa."
}
],
"metrics": {
@ -162,6 +166,10 @@
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20231221-0009/",
"source": "secteam@freebsd.org"
}
]
}

71
CVE-2023/CVE-2023-513xx/CVE-2023-51379.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2023-51379",
"sourceIdentifier": "product-cna@github.com",
"published": "2023-12-21T21:15:13.480",
"lastModified": "2023-12-21T21:15:13.480",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be updated with an improperly scoped token. This vulnerability did not allow unauthorized access to any repository content as it also required contents:write and issues:read permissions. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.17.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1.\u00a0"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.7/admin/release-notes#3.7.19",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7",
"source": "product-cna@github.com"
}
]
}

71
CVE-2023/CVE-2023-513xx/CVE-2023-51380.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2023-51380",
"sourceIdentifier": "product-cna@github.com",
"published": "2023-12-21T21:15:13.757",
"lastModified": "2023-12-21T21:15:13.757",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be read with an improperly scoped token.\u00a0This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.17.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1.\u00a0"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.7/admin/release-notes#3.7.19",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7",
"source": "product-cna@github.com"
}
]
}

67
CVE-2023/CVE-2023-66xx/CVE-2023-6690.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-6690",
"sourceIdentifier": "product-cna@github.com",
"published": "2023-12-21T21:15:14.053",
"lastModified": "2023-12-21T21:15:14.053",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on transferred repositories by making a GraphQL mutation to alter repository permissions during the transfer.\u00a0This vulnerability affected GitHub Enterprise Server version 3.8.0 and above and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 3.9,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.5,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"references": [
{
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7",
"source": "product-cna@github.com"
}
]
}

71
CVE-2023/CVE-2023-67xx/CVE-2023-6746.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2023-6746",
"sourceIdentifier": "product-cna@github.com",
"published": "2023-12-21T21:15:14.303",
"lastModified": "2023-12-21T21:15:14.303",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An insertion of sensitive information into log file vulnerability was identified in the log files for a GitHub Enterprise Server back-end service that could permit an `adversary in the middle attack` when combined with other phishing techniques. To exploit this, an attacker would need access to the log files for the GitHub Enterprise Server appliance, a backup archive created with GitHub Enterprise Server Backup Utilities, or a service which received streamed logs.\u00a0This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.17.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1.\u00a0"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.7,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"references": [
{
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.7/admin/release-notes#3.7.19",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7",
"source": "product-cna@github.com"
}
]
}

67
CVE-2023/CVE-2023-68xx/CVE-2023-6802.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-6802",
"sourceIdentifier": "product-cna@github.com",
"published": "2023-12-21T21:15:14.570",
"lastModified": "2023-12-21T21:15:14.570",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An insertion of sensitive information into the log file in the audit log in GitHub Enterprise Server was identified\u00a0that could allow an attacker to gain access to the management console. To exploit this, an attacker would need access to the log files for the GitHub Enterprise Server appliance, a backup archive created with GitHub Enterprise Server Backup Utilities, or a service which received streamed logs.\u00a0This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1.\u00a0"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"references": [
{
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7",
"source": "product-cna@github.com"
}
]
}

67
CVE-2023/CVE-2023-68xx/CVE-2023-6803.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-6803",
"sourceIdentifier": "product-cna@github.com",
"published": "2023-12-21T21:15:14.800",
"lastModified": "2023-12-21T21:15:14.800",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A race condition in GitHub Enterprise Server allows an outside collaborator to be added while a repository is being transferred. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1. \n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.3,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"references": [
{
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7",
"source": "product-cna@github.com"
}
]
}

67
CVE-2023/CVE-2023-68xx/CVE-2023-6804.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-6804",
"sourceIdentifier": "product-cna@github.com",
"published": "2023-12-21T21:15:15.020",
"lastModified": "2023-12-21T21:15:15.020",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper privilege management allowed arbitrary workflows to be committed and run using an improperly scoped PAT. To exploit this, a workflow must have already existed in the target repo. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1. \n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7",
"source": "product-cna@github.com"
}
]
}

63
CVE-2023/CVE-2023-68xx/CVE-2023-6847.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-6847",
"sourceIdentifier": "product-cna@github.com",
"published": "2023-12-21T21:15:15.340",
"lastModified": "2023-12-21T21:15:15.340",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An improper authentication vulnerability was identified in GitHub Enterprise Server that allowed a bypass of Private Mode by using a specially crafted API request. To exploit this vulnerability, an attacker would need network access to the Enterprise Server appliance configured in Private Mode. This vulnerability affected all versions of GitHub Enterprise Server since 3.9 and was fixed in version 3.9.7, 3.10.4, and 3.11.1. This vulnerability was reported via the GitHub Bug Bounty program.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7",
"source": "product-cna@github.com"
}
]
}

88
CVE-2023/CVE-2023-70xx/CVE-2023-7050.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-7050",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-21T22:15:15.397",
"lastModified": "2023-12-21T22:15:15.397",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in PHPGurukul Online Notes Sharing System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file user/profile.php. The manipulation of the argument name/email leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248737 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/note_sharing_storedxss..md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.248737",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.248737",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-70xx/CVE-2023-7051.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-7051",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-21T22:15:15.773",
"lastModified": "2023-12-21T22:15:15.773",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /user/manage-notes.php of the component Notes Handler. The manipulation of the argument delid leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248738 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/csrf_delete_notes.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.248738",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.248738",
"source": "cna@vuldb.com"
}
]
}

103
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-12-21T21:00:24.563922+00:00
2023-12-21T23:00:25.161980+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-12-21T20:58:23.043000+00:00
2023-12-21T22:15:15.773000+00:00
```
### Last Data Feed Release
@ -29,62 +29,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
234007
234038
```
### CVEs added in the last Commit
Recently added CVEs: `18`
Recently added CVEs: `31`
* [CVE-2023-32747](CVE-2023/CVE-2023-327xx/CVE-2023-32747.json) (`2023-12-21T19:15:08.160`)
* [CVE-2023-32799](CVE-2023/CVE-2023-327xx/CVE-2023-32799.json) (`2023-12-21T19:15:08.520`)
* [CVE-2023-44481](CVE-2023/CVE-2023-444xx/CVE-2023-44481.json) (`2023-12-21T19:15:08.820`)
* [CVE-2023-44482](CVE-2023/CVE-2023-444xx/CVE-2023-44482.json) (`2023-12-21T19:15:09.157`)
* [CVE-2023-45124](CVE-2023/CVE-2023-451xx/CVE-2023-45124.json) (`2023-12-21T19:15:09.657`)
* [CVE-2023-45125](CVE-2023/CVE-2023-451xx/CVE-2023-45125.json) (`2023-12-21T19:15:10.263`)
* [CVE-2023-45126](CVE-2023/CVE-2023-451xx/CVE-2023-45126.json) (`2023-12-21T19:15:10.900`)
* [CVE-2023-45127](CVE-2023/CVE-2023-451xx/CVE-2023-45127.json) (`2023-12-21T19:15:11.357`)
* [CVE-2023-47191](CVE-2023/CVE-2023-471xx/CVE-2023-47191.json) (`2023-12-21T19:15:11.767`)
* [CVE-2023-49765](CVE-2023/CVE-2023-497xx/CVE-2023-49765.json) (`2023-12-21T19:15:12.173`)
* [CVE-2023-50834](CVE-2023/CVE-2023-508xx/CVE-2023-50834.json) (`2023-12-21T19:15:12.670`)
* [CVE-2023-7039](CVE-2023/CVE-2023-70xx/CVE-2023-7039.json) (`2023-12-21T19:15:13.170`)
* [CVE-2023-46791](CVE-2023/CVE-2023-467xx/CVE-2023-46791.json) (`2023-12-21T20:15:07.547`)
* [CVE-2023-50732](CVE-2023/CVE-2023-507xx/CVE-2023-50732.json) (`2023-12-21T20:15:07.900`)
* [CVE-2023-6546](CVE-2023/CVE-2023-65xx/CVE-2023-6546.json) (`2023-12-21T20:15:08.260`)
* [CVE-2023-7040](CVE-2023/CVE-2023-70xx/CVE-2023-7040.json) (`2023-12-21T20:15:08.553`)
* [CVE-2023-7041](CVE-2023/CVE-2023-70xx/CVE-2023-7041.json) (`2023-12-21T20:15:08.903`)
* [CVE-2023-7042](CVE-2023/CVE-2023-70xx/CVE-2023-7042.json) (`2023-12-21T20:15:09.267`)
* [CVE-2023-48685](CVE-2023/CVE-2023-486xx/CVE-2023-48685.json) (`2023-12-21T21:15:09.867`)
* [CVE-2023-48686](CVE-2023/CVE-2023-486xx/CVE-2023-48686.json) (`2023-12-21T21:15:10.200`)
* [CVE-2023-48687](CVE-2023/CVE-2023-486xx/CVE-2023-48687.json) (`2023-12-21T21:15:10.507`)
* [CVE-2023-48688](CVE-2023/CVE-2023-486xx/CVE-2023-48688.json) (`2023-12-21T21:15:10.830`)
* [CVE-2023-48689](CVE-2023/CVE-2023-486xx/CVE-2023-48689.json) (`2023-12-21T21:15:11.130`)
* [CVE-2023-48690](CVE-2023/CVE-2023-486xx/CVE-2023-48690.json) (`2023-12-21T21:15:11.437`)
* [CVE-2023-48716](CVE-2023/CVE-2023-487xx/CVE-2023-48716.json) (`2023-12-21T21:15:11.710`)
* [CVE-2023-48717](CVE-2023/CVE-2023-487xx/CVE-2023-48717.json) (`2023-12-21T21:15:12.013`)
* [CVE-2023-48718](CVE-2023/CVE-2023-487xx/CVE-2023-48718.json) (`2023-12-21T21:15:12.297`)
* [CVE-2023-48719](CVE-2023/CVE-2023-487xx/CVE-2023-48719.json) (`2023-12-21T21:15:12.590`)
* [CVE-2023-48720](CVE-2023/CVE-2023-487xx/CVE-2023-48720.json) (`2023-12-21T21:15:12.870`)
* [CVE-2023-48722](CVE-2023/CVE-2023-487xx/CVE-2023-48722.json) (`2023-12-21T21:15:13.160`)
* [CVE-2023-51379](CVE-2023/CVE-2023-513xx/CVE-2023-51379.json) (`2023-12-21T21:15:13.480`)
* [CVE-2023-51380](CVE-2023/CVE-2023-513xx/CVE-2023-51380.json) (`2023-12-21T21:15:13.757`)
* [CVE-2023-6690](CVE-2023/CVE-2023-66xx/CVE-2023-6690.json) (`2023-12-21T21:15:14.053`)
* [CVE-2023-6746](CVE-2023/CVE-2023-67xx/CVE-2023-6746.json) (`2023-12-21T21:15:14.303`)
* [CVE-2023-6802](CVE-2023/CVE-2023-68xx/CVE-2023-6802.json) (`2023-12-21T21:15:14.570`)
* [CVE-2023-6803](CVE-2023/CVE-2023-68xx/CVE-2023-6803.json) (`2023-12-21T21:15:14.800`)
* [CVE-2023-6804](CVE-2023/CVE-2023-68xx/CVE-2023-6804.json) (`2023-12-21T21:15:15.020`)
* [CVE-2023-6847](CVE-2023/CVE-2023-68xx/CVE-2023-6847.json) (`2023-12-21T21:15:15.340`)
* [CVE-2023-27319](CVE-2023/CVE-2023-273xx/CVE-2023-27319.json) (`2023-12-21T22:15:13.100`)
* [CVE-2023-37519](CVE-2023/CVE-2023-375xx/CVE-2023-37519.json) (`2023-12-21T22:15:13.930`)
* [CVE-2023-48723](CVE-2023/CVE-2023-487xx/CVE-2023-48723.json) (`2023-12-21T22:15:14.823`)
* [CVE-2023-7050](CVE-2023/CVE-2023-70xx/CVE-2023-7050.json) (`2023-12-21T22:15:15.397`)
* [CVE-2023-7051](CVE-2023/CVE-2023-70xx/CVE-2023-7051.json) (`2023-12-21T22:15:15.773`)
### CVEs modified in the last Commit
Recently modified CVEs: `33`
Recently modified CVEs: `28`
* [CVE-2023-4311](CVE-2023/CVE-2023-43xx/CVE-2023-4311.json) (`2023-12-21T19:19:14.283`)
* [CVE-2023-33217](CVE-2023/CVE-2023-332xx/CVE-2023-33217.json) (`2023-12-21T19:24:40.917`)
* [CVE-2023-6553](CVE-2023/CVE-2023-65xx/CVE-2023-6553.json) (`2023-12-21T19:24:54.533`)
* [CVE-2023-33220](CVE-2023/CVE-2023-332xx/CVE-2023-33220.json) (`2023-12-21T19:25:03.250`)
* [CVE-2023-33221](CVE-2023/CVE-2023-332xx/CVE-2023-33221.json) (`2023-12-21T19:25:12.393`)
* [CVE-2023-5005](CVE-2023/CVE-2023-50xx/CVE-2023-5005.json) (`2023-12-21T19:25:31.277`)
* [CVE-2023-6222](CVE-2023/CVE-2023-62xx/CVE-2023-6222.json) (`2023-12-21T19:28:10.553`)
* [CVE-2023-6894](CVE-2023/CVE-2023-68xx/CVE-2023-6894.json) (`2023-12-21T19:29:58.587`)
* [CVE-2023-6203](CVE-2023/CVE-2023-62xx/CVE-2023-6203.json) (`2023-12-21T19:31:59.690`)
* [CVE-2023-6077](CVE-2023/CVE-2023-60xx/CVE-2023-6077.json) (`2023-12-21T19:35:11.607`)
* [CVE-2023-5886](CVE-2023/CVE-2023-58xx/CVE-2023-5886.json) (`2023-12-21T19:46:09.797`)
* [CVE-2023-5348](CVE-2023/CVE-2023-53xx/CVE-2023-5348.json) (`2023-12-21T19:48:38.117`)
* [CVE-2023-5882](CVE-2023/CVE-2023-58xx/CVE-2023-5882.json) (`2023-12-21T19:50:45.183`)
* [CVE-2023-6065](CVE-2023/CVE-2023-60xx/CVE-2023-6065.json) (`2023-12-21T19:51:08.273`)
* [CVE-2023-30867](CVE-2023/CVE-2023-308xx/CVE-2023-30867.json) (`2023-12-21T19:58:39.513`)
* [CVE-2023-3907](CVE-2023/CVE-2023-39xx/CVE-2023-3907.json) (`2023-12-21T20:02:05.927`)
* [CVE-2023-6905](CVE-2023/CVE-2023-69xx/CVE-2023-6905.json) (`2023-12-21T20:07:00.727`)
* [CVE-2023-6904](CVE-2023/CVE-2023-69xx/CVE-2023-6904.json) (`2023-12-21T20:10:56.897`)
* [CVE-2023-22508](CVE-2023/CVE-2023-225xx/CVE-2023-22508.json) (`2023-12-21T20:11:44.330`)
* [CVE-2023-50271](CVE-2023/CVE-2023-502xx/CVE-2023-50271.json) (`2023-12-21T20:14:31.063`)
* [CVE-2023-6903](CVE-2023/CVE-2023-69xx/CVE-2023-6903.json) (`2023-12-21T20:18:03.200`)
* [CVE-2023-49155](CVE-2023/CVE-2023-491xx/CVE-2023-49155.json) (`2023-12-21T20:28:51.350`)
* [CVE-2023-6817](CVE-2023/CVE-2023-68xx/CVE-2023-6817.json) (`2023-12-21T20:32:50.380`)
* [CVE-2023-6289](CVE-2023/CVE-2023-62xx/CVE-2023-6289.json) (`2023-12-21T20:55:29.640`)
* [CVE-2023-6295](CVE-2023/CVE-2023-62xx/CVE-2023-6295.json) (`2023-12-21T20:58:23.043`)
* [CVE-2022-27218](CVE-2022/CVE-2022-272xx/CVE-2022-27218.json) (`2023-12-21T21:53:32.773`)
* [CVE-2022-28135](CVE-2022/CVE-2022-281xx/CVE-2022-28135.json) (`2023-12-21T21:53:55.317`)
* [CVE-2022-27208](CVE-2022/CVE-2022-272xx/CVE-2022-27208.json) (`2023-12-21T21:53:59.197`)
* [CVE-2022-27212](CVE-2022/CVE-2022-272xx/CVE-2022-27212.json) (`2023-12-21T21:54:02.937`)
* [CVE-2022-29044](CVE-2022/CVE-2022-290xx/CVE-2022-29044.json) (`2023-12-21T21:54:07.530`)
* [CVE-2022-30945](CVE-2022/CVE-2022-309xx/CVE-2022-30945.json) (`2023-12-21T21:54:14.583`)
* [CVE-2022-25183](CVE-2022/CVE-2022-251xx/CVE-2022-25183.json) (`2023-12-21T21:54:23.297`)
* [CVE-2022-29047](CVE-2022/CVE-2022-290xx/CVE-2022-29047.json) (`2023-12-21T21:54:31.177`)
* [CVE-2022-29045](CVE-2022/CVE-2022-290xx/CVE-2022-29045.json) (`2023-12-21T21:54:37.523`)
* [CVE-2022-29049](CVE-2022/CVE-2022-290xx/CVE-2022-29049.json) (`2023-12-21T21:54:41.677`)
* [CVE-2022-30949](CVE-2022/CVE-2022-309xx/CVE-2022-30949.json) (`2023-12-21T21:54:57.407`)
* [CVE-2022-27217](CVE-2022/CVE-2022-272xx/CVE-2022-27217.json) (`2023-12-21T21:55:10.330`)
* [CVE-2022-3172](CVE-2022/CVE-2022-31xx/CVE-2022-3172.json) (`2023-12-21T22:15:08.130`)
* [CVE-2023-38140](CVE-2023/CVE-2023-381xx/CVE-2023-38140.json) (`2023-12-21T21:49:53.360`)
* [CVE-2023-36803](CVE-2023/CVE-2023-368xx/CVE-2023-36803.json) (`2023-12-21T21:49:57.347`)
* [CVE-2023-1194](CVE-2023/CVE-2023-11xx/CVE-2023-1194.json) (`2023-12-21T22:15:08.460`)
* [CVE-2023-22329](CVE-2023/CVE-2023-223xx/CVE-2023-22329.json) (`2023-12-21T22:15:08.750`)
* [CVE-2023-25756](CVE-2023/CVE-2023-257xx/CVE-2023-25756.json) (`2023-12-21T22:15:11.410`)
* [CVE-2023-28376](CVE-2023/CVE-2023-283xx/CVE-2023-28376.json) (`2023-12-21T22:15:13.493`)
* [CVE-2023-34055](CVE-2023/CVE-2023-340xx/CVE-2023-34055.json) (`2023-12-21T22:15:13.760`)
* [CVE-2023-3893](CVE-2023/CVE-2023-38xx/CVE-2023-3893.json) (`2023-12-21T22:15:14.160`)
* [CVE-2023-3955](CVE-2023/CVE-2023-39xx/CVE-2023-3955.json) (`2023-12-21T22:15:14.280`)
* [CVE-2023-41993](CVE-2023/CVE-2023-419xx/CVE-2023-41993.json) (`2023-12-21T22:15:14.453`)
* [CVE-2023-43665](CVE-2023/CVE-2023-436xx/CVE-2023-43665.json) (`2023-12-21T22:15:14.690`)
* [CVE-2023-4809](CVE-2023/CVE-2023-48xx/CVE-2023-4809.json) (`2023-12-21T22:15:15.217`)
## Download and Usage