admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-27T20:00:29.517066+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-27 20:00:33 +00:00
parent 7d5308ad61
commit e2d0f1083d
53 changed files with 3020 additions and 192 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
CVE-2021/CVE-2021-365xx/CVE-2021-36580.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2021-36580",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-27T18:15:09.893",
"lastModified": "2023-07-27T18:49:00.260",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Open Redirect vulnerability exists in IceWarp MailServer IceWarp Server Deep Castle 2 Update 1 (13.0.1.2) via the referer parameter."
}
],
"metrics": {},
"references": [
{
"url": "http://icewarp.com",
"source": "cve@mitre.org"
},
{
"url": "http://mail.ziyan.com",
"source": "cve@mitre.org"
},
{
"url": "https://medium.com/@rohitgautam26/cve-2021-36580-69219798231c",
"source": "cve@mitre.org"
}
]
}

24
CVE-2022/CVE-2022-312xx/CVE-2022-31200.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2022-31200",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-27T19:15:09.887",
"lastModified": "2023-07-27T19:15:09.887",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Atmail 5.62 allows XSS via the mail/parse.php?file=html/$this-%3ELanguage/help/filexp.html&FirstLoad=1&HelpFile=file.html Search Terms field."
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/@rohitgautam26/cve-2022-31200-5117bac8d548",
"source": "cve@mitre.org"
},
{
"url": "https://portswigger.net/blog/exploiting-xss-in-post-requests",
"source": "cve@mitre.org"
}
]
}

60
CVE-2022/CVE-2022-373xx/CVE-2022-37331.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-37331",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-21T21:15:10.143",
"lastModified": "2023-07-24T13:09:06.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T18:06:44.010",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openbabel:open_babel:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "259B903A-D1AC-443B-B2F7-878902D29197"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1672",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}

60
CVE-2022/CVE-2022-417xx/CVE-2022-41793.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-41793",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-21T21:15:10.237",
"lastModified": "2023-07-24T13:09:06.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T18:05:37.137",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openbabel:open_babel:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "259B903A-D1AC-443B-B2F7-878902D29197"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1667",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}

48
CVE-2022/CVE-2022-428xx/CVE-2022-42885.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-42885",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-21T21:15:10.327",
"lastModified": "2023-07-24T13:09:06.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T18:04:35.727",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -46,10 +66,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openbabel:open_babel:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "259B903A-D1AC-443B-B2F7-878902D29197"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1668",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}

60
CVE-2022/CVE-2022-434xx/CVE-2022-43467.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-43467",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-21T21:15:10.413",
"lastModified": "2023-07-24T13:09:06.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T18:09:27.027",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openbabel:open_babel:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "259B903A-D1AC-443B-B2F7-878902D29197"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1671",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory",
"Vendor Advisory"
]
}
]
}

60
CVE-2022/CVE-2022-436xx/CVE-2022-43607.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-43607",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-21T21:15:10.497",
"lastModified": "2023-07-24T13:09:06.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T18:10:33.867",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openbabel:open_babel:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "259B903A-D1AC-443B-B2F7-878902D29197"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1664",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}

48
CVE-2022/CVE-2022-444xx/CVE-2022-44451.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-44451",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-21T21:15:10.577",
"lastModified": "2023-07-24T13:09:06.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T18:09:58.440",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -46,10 +66,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openbabel:open_babel:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "259B903A-D1AC-443B-B2F7-878902D29197"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1669",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}

48
CVE-2022/CVE-2022-462xx/CVE-2022-46280.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-46280",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-21T21:15:10.660",
"lastModified": "2023-07-24T13:09:06.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T18:21:01.860",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -46,10 +66,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openbabel:open_babel:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "259B903A-D1AC-443B-B2F7-878902D29197"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1670",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory",
"Vendor Advisory"
]
}
]
}

60
CVE-2022/CVE-2022-462xx/CVE-2022-46289.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-46289",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-21T21:15:10.740",
"lastModified": "2023-07-24T13:09:06.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T18:22:33.393",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openbabel:open_babel:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "259B903A-D1AC-443B-B2F7-878902D29197"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1665",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}

60
CVE-2022/CVE-2022-462xx/CVE-2022-46290.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-46290",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-21T21:15:10.830",
"lastModified": "2023-07-24T13:09:06.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T18:23:11.763",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openbabel:open_babel:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "259B903A-D1AC-443B-B2F7-878902D29197"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1665",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}

60
CVE-2022/CVE-2022-462xx/CVE-2022-46291.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-46291",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-21T21:15:10.917",
"lastModified": "2023-07-24T13:09:06.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T18:31:14.040",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openbabel:open_babel:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "259B903A-D1AC-443B-B2F7-878902D29197"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1666",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}

60
CVE-2022/CVE-2022-462xx/CVE-2022-46292.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-46292",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-21T21:15:10.993",
"lastModified": "2023-07-24T13:09:06.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T18:31:46.030",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openbabel:open_babel:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "259B903A-D1AC-443B-B2F7-878902D29197"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1666",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}

60
CVE-2022/CVE-2022-462xx/CVE-2022-46293.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-46293",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-21T21:15:11.077",
"lastModified": "2023-07-24T13:09:06.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T18:32:17.160",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openbabel:open_babel:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "259B903A-D1AC-443B-B2F7-878902D29197"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1666",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}

60
CVE-2022/CVE-2022-462xx/CVE-2022-46294.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-46294",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-21T21:15:11.160",
"lastModified": "2023-07-24T13:09:06.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T18:48:07.467",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openbabel:open_babel:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "259B903A-D1AC-443B-B2F7-878902D29197"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1666",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}

60
CVE-2022/CVE-2022-462xx/CVE-2022-46295.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-46295",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-21T21:15:11.240",
"lastModified": "2023-07-24T13:09:06.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T18:48:49.197",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openbabel:open_babel:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "259B903A-D1AC-443B-B2F7-878902D29197"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1666",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}

94
CVE-2023/CVE-2023-01xx/CVE-2023-0160.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0160",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-18T17:15:11.313",
"lastModified": "2023-07-18T17:33:48.187",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:48:36.727",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -34,22 +54,84 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.4",
"matchCriteriaId": "18D12E25-2947-44E7-989D-24450E013A1F"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-0160",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mitigation",
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159764",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ed17aa92dc56",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://lore.kernel.org/all/CABcoxUayum5oOqFMMqAeWuS8+EzojquSOSyDA3J_2omY=2EeAg@mail.gmail.com/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
]
}
]
}

54
CVE-2023/CVE-2023-220xx/CVE-2023-22051.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22051",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-07-18T21:15:14.767",
"lastModified": "2023-07-18T22:17:55.173",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:49:02.660",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,58 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:graalvm:21.3.6:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "1612C1DD-47B7-4A52-B709-0E270CE9A814"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:graalvm:22.3.2:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "0D052622-1214-4B93-8638-8F0FBADD4F43"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "908FCFE7-F95A-4E5C-8644-78E737828E27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:graalvm_for_jdk:20.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC3A3A8-4244-4933-AC2C-03540C9F80BE"
}
]
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpujul2023.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

40
CVE-2023/CVE-2023-220xx/CVE-2023-22055.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22055",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-07-18T21:15:15.060",
"lastModified": "2023-07-18T22:17:55.173",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:49:14.280",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.2.7.4",
"matchCriteriaId": "BCB05D19-A5BA-427D-84BE-97118B26FD1B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpujul2023.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

39
CVE-2023/CVE-2023-220xx/CVE-2023-22060.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22060",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-07-18T21:15:15.350",
"lastModified": "2023-07-18T22:17:55.173",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:49:22.710",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:hyperion_workspace:11.2.13.0.000:*:*:*:*:*:*:*",
"matchCriteriaId": "B883616E-CD55-4591-B269-71817BA5FC1A"
}
]
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpujul2023.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

44
CVE-2023/CVE-2023-258xx/CVE-2023-25839.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25839",
"sourceIdentifier": "psirt@esri.com",
"published": "2023-07-19T16:15:09.640",
"lastModified": "2023-07-19T16:55:08.940",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:48:48.527",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,10 +46,48 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:esri:arcgis_insights:2022.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2222BFB2-A8E7-4B2B-BD8C-B32C1EC30624"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/arcgis-insights-security-patches-for-arcgis-insights-2022-1-are-now-available/",
"source": "psirt@esri.com"
"source": "psirt@esri.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-29xx/CVE-2023-2913.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2913",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-07-18T20:15:09.667",
"lastModified": "2023-07-18T22:17:55.173",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:51:33.973",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:thinmanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.0",
"versionEndIncluding": "13.0.2",
"matchCriteriaId": "98565D63-07D0-4B31-AAB3-6B1B83C67046"
}
]
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140160",
"source": "PSIRT@rockwellautomation.com"
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-29xx/CVE-2023-2959.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2959",
"sourceIdentifier": "cve@usom.gov.tr",
"published": "2023-07-17T14:15:10.157",
"lastModified": "2023-07-17T14:22:52.003",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:59:26.280",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "cve@usom.gov.tr",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve@usom.gov.tr",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "cve@usom.gov.tr",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "cve@usom.gov.tr",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:olivaekspertiz:oliva_ekspertiz:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2",
"matchCriteriaId": "D47D3210-173C-4C8C-95DF-D2270E25D2CA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0409",
"source": "cve@usom.gov.tr"
"source": "cve@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-30xx/CVE-2023-3072.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3072",
"sourceIdentifier": "security@hashicorp.com",
"published": "2023-07-20T00:15:10.347",
"lastModified": "2023-07-20T11:19:25.143",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:51:20.287",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 2.5
},
{
"source": "security@hashicorp.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security@hashicorp.com",
"type": "Secondary",
@ -46,10 +76,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hashicorp:nomad:*:*:*:*:-:*:*:*",
"versionStartIncluding": "0.7.0",
"versionEndIncluding": "1.4.10",
"matchCriteriaId": "F1F0C59B-8679-4B6F-BEF0-7A7CAC42333B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hashicorp:nomad:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "0.7.0",
"versionEndIncluding": "1.4.10",
"matchCriteriaId": "29037201-0E0C-46A7-B14C-E4BCF81109B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hashicorp:nomad:*:*:*:*:-:*:*:*",
"versionStartIncluding": "1.5.0",
"versionEndIncluding": "1.5.6",
"matchCriteriaId": "4AC3370E-CB14-4F2C-A4DB-89B181D43EAB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hashicorp:nomad:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "1.5.0",
"versionEndIncluding": "1.5.6",
"matchCriteriaId": "36217272-8A74-45D6-9511-3ED973844FF6"
}
]
}
]
}
],
"references": [
{
"url": "https://discuss.hashicorp.com/t/hcsec-2023-20-nomad-acl-policies-without-label-are-applied-to-unexpected-resources/56270",
"source": "security@hashicorp.com"
"source": "security@hashicorp.com",
"tags": [
"Vendor Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-32xx/CVE-2023-3299.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3299",
"sourceIdentifier": "security@hashicorp.com",
"published": "2023-07-20T00:15:10.447",
"lastModified": "2023-07-20T11:19:25.143",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:50:41.783",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
},
{
"source": "security@hashicorp.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-668"
}
]
},
{
"source": "security@hashicorp.com",
"type": "Secondary",
@ -46,10 +76,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hashicorp:nomad:*:*:*:*:-:*:*:*",
"versionStartIncluding": "1.2.11",
"versionEndIncluding": "1.4.10",
"matchCriteriaId": "7DDC1C77-DCB0-4939-8A29-318B88383A6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hashicorp:nomad:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "1.2.11",
"versionEndIncluding": "1.4.10",
"matchCriteriaId": "73FA6FFB-8FA6-4DAF-92BF-858840933D42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hashicorp:nomad:*:*:*:*:-:*:*:*",
"versionStartIncluding": "1.5.0",
"versionEndIncluding": "1.5.6",
"matchCriteriaId": "4AC3370E-CB14-4F2C-A4DB-89B181D43EAB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hashicorp:nomad:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "1.5.0",
"versionEndIncluding": "1.5.6",
"matchCriteriaId": "36217272-8A74-45D6-9511-3ED973844FF6"
}
]
}
]
}
],
"references": [
{
"url": "https://discuss.hashicorp.com/t/hcsec-2023-21-nomad-caller-acl-tokens-secret-id-is-exposed-to-sentinel/56271",
"source": "security@hashicorp.com"
"source": "security@hashicorp.com",
"tags": [
"Vendor Advisory"
]
}
]
}

96
CVE-2023/CVE-2023-338xx/CVE-2023-33832.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33832",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T01:15:10.197",
"lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T18:50:29.473",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,14 +76,72 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:spectrum_protect_client:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.1.0.0",
"versionEndIncluding": "8.1.17.0",
"matchCriteriaId": "026E0DA7-7069-41A4-A6C3-A5E5DC7DD138"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:spectrum_protect_for_space_management:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.1.0.0",
"versionEndIncluding": "8.1.17.0",
"matchCriteriaId": "6B777AAC-5B05-4FAB-860C-5042B36E1D67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:spectrum_protect_for_virtual_environments:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.1.0.0",
"versionEndIncluding": "8.1.17.0",
"matchCriteriaId": "B371E35A-1EE9-4592-9A20-D52C07F5E534"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/256012",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7011761",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-33xx/CVE-2023-3300.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3300",
"sourceIdentifier": "security@hashicorp.com",
"published": "2023-07-20T00:15:10.527",
"lastModified": "2023-07-20T11:19:25.143",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:22:42.110",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security@hashicorp.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security@hashicorp.com",
"type": "Secondary",
@ -46,10 +76,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hashicorp:nomad:*:*:*:*:-:*:*:*",
"versionStartIncluding": "0.11.0",
"versionEndIncluding": "1.4.1",
"matchCriteriaId": "58A7C99D-2BB6-4733-BE57-24C2673A5DE9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hashicorp:nomad:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "0.11.0",
"versionEndIncluding": "1.4.1",
"matchCriteriaId": "C42C959C-5ED5-4941-B856-B1734E0C4579"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hashicorp:nomad:*:*:*:*:-:*:*:*",
"versionStartIncluding": "1.5.0",
"versionEndIncluding": "1.5.6",
"matchCriteriaId": "4AC3370E-CB14-4F2C-A4DB-89B181D43EAB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hashicorp:nomad:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "1.5.0",
"versionEndIncluding": "1.5.6",
"matchCriteriaId": "36217272-8A74-45D6-9511-3ED973844FF6"
}
]
}
]
}
],
"references": [
{
"url": "https://discuss.hashicorp.com/t/hcsec-2023-22-nomad-search-api-leaks-information-about-csi-plugins/56272",
"source": "security@hashicorp.com"
"source": "security@hashicorp.com",
"tags": [
"Vendor Advisory"
]
}
]
}

60
CVE-2023/CVE-2023-343xx/CVE-2023-34394.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34394",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-07-19T22:15:10.983",
"lastModified": "2023-07-20T11:19:25.143",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T18:21:19.443",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:keysight:geolocation_server:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.4.2",
"matchCriteriaId": "7F090C36-3B0F-4273-BEAF-11BDDFABC104"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-02",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

72
CVE-2023/CVE-2023-35xx/CVE-2023-3581.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3581",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-07-17T16:15:10.410",
"lastModified": "2023-07-17T17:31:42.010",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:46:40.130",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-346"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -46,10 +76,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.8.0",
"versionEndExcluding": "7.8.7",
"matchCriteriaId": "3F71A811-27D2-4953-9C3A-4AC6B27AF1A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.9.0",
"versionEndExcluding": "7.9.5",
"matchCriteriaId": "B0D66512-A095-4557-A9AD-B02E306FC1C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.10.0",
"versionEndExcluding": "7.10.3",
"matchCriteriaId": "401CC11A-1059-44A2-87BA-601024BD178E"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

72
CVE-2023/CVE-2023-35xx/CVE-2023-3582.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3582",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-07-17T16:15:10.487",
"lastModified": "2023-07-17T17:31:42.010",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:49:10.477",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -46,10 +76,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.8.0",
"versionEndExcluding": "7.8.7",
"matchCriteriaId": "3F71A811-27D2-4953-9C3A-4AC6B27AF1A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.9.0",
"versionEndExcluding": "7.9.5",
"matchCriteriaId": "B0D66512-A095-4557-A9AD-B02E306FC1C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.10.0",
"versionEndExcluding": "7.10.3",
"matchCriteriaId": "401CC11A-1059-44A2-87BA-601024BD178E"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-35xx/CVE-2023-3584.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3584",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-07-17T16:15:10.553",
"lastModified": "2023-07-17T17:31:42.010",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:50:14.210",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -46,10 +76,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.8.0",
"versionEndExcluding": "7.8.5",
"matchCriteriaId": "CDD98A01-CCD5-4E18-AFE4-64CC28B479C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.10.0",
"versionEndExcluding": "7.10.3",
"matchCriteriaId": "401CC11A-1059-44A2-87BA-601024BD178E"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

72
CVE-2023/CVE-2023-35xx/CVE-2023-3586.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3586",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-07-17T16:15:10.707",
"lastModified": "2023-07-17T17:31:42.010",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:37:49.247",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -46,10 +76,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.8.0",
"versionEndExcluding": "7.8.7",
"matchCriteriaId": "3F71A811-27D2-4953-9C3A-4AC6B27AF1A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.9.0",
"versionEndExcluding": "7.9.5",
"matchCriteriaId": "B0D66512-A095-4557-A9AD-B02E306FC1C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.10.0",
"versionEndExcluding": "7.10.3",
"matchCriteriaId": "401CC11A-1059-44A2-87BA-601024BD178E"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-35xx/CVE-2023-3587.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3587",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-07-17T16:15:10.780",
"lastModified": "2023-07-17T17:31:42.010",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:40:35.700",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -46,10 +76,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.8.0",
"versionEndExcluding": "7.8.7",
"matchCriteriaId": "3F71A811-27D2-4953-9C3A-4AC6B27AF1A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.10.0",
"versionEndExcluding": "7.10.3",
"matchCriteriaId": "401CC11A-1059-44A2-87BA-601024BD178E"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-35xx/CVE-2023-3590.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3590",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-07-17T16:15:10.857",
"lastModified": "2023-07-17T17:31:42.010",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:23:33.557",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.10.0",
"versionEndExcluding": "7.10.3",
"matchCriteriaId": "401CC11A-1059-44A2-87BA-601024BD178E"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

72
CVE-2023/CVE-2023-35xx/CVE-2023-3591.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3591",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-07-17T16:15:10.933",
"lastModified": "2023-07-17T17:31:42.010",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:23:15.350",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -46,10 +76,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.8.0",
"versionEndExcluding": "7.8.7",
"matchCriteriaId": "3F71A811-27D2-4953-9C3A-4AC6B27AF1A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.9.0",
"versionEndExcluding": "7.9.5",
"matchCriteriaId": "B0D66512-A095-4557-A9AD-B02E306FC1C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.10.0",
"versionEndExcluding": "7.10.3",
"matchCriteriaId": "401CC11A-1059-44A2-87BA-601024BD178E"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

60
CVE-2023/CVE-2023-368xx/CVE-2023-36853.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36853",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-07-19T22:15:11.267",
"lastModified": "2023-07-20T11:19:25.143",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T18:21:02.663",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:keysight:geolocation_server:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.4.2",
"matchCriteriaId": "7F090C36-3B0F-4273-BEAF-11BDDFABC104"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-02",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

24
CVE-2023/CVE-2023-369xx/CVE-2023-36941.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-36941",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-27T18:15:10.353",
"lastModified": "2023-07-27T18:49:00.260",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name, leader, and member fields."
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/@ridheshgohil1092/cve-2023-36941-xss-on-online-fire-reporting-system-v-1-2-df84d7ac3fd1",
"source": "cve@mitre.org"
},
{
"url": "https://packetstormsecurity.com",
"source": "cve@mitre.org"
}
]
}

56
CVE-2023/CVE-2023-36xx/CVE-2023-3692.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3692",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-07-16T01:15:09.893",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:56:48.617",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:admidio:admidio:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.10",
"matchCriteriaId": "1EA8EFD3-7A16-4F71-986E-420C021635C4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/admidio/admidio/commit/d66585d14b1160712a8a9bfaf9769dd3da0e9a83",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/be6616eb-384d-40d6-b1fd-0ec9e4973f12",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-372xx/CVE-2023-37259.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37259",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-18T17:15:11.490",
"lastModified": "2023-07-18T17:33:48.187",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:50:08.540",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +66,49 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:matrix-react-sdk_project:matrix-react-sdk:*:*:*:*:*:node.js:*:*",
"versionStartIncluding": "3.32.0",
"versionEndExcluding": "3.76.0",
"matchCriteriaId": "E73DB529-1353-4F26-BEE4-8AC754FA3B70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:matrix-react-sdk_project:matrix-react-sdk:3.76.0:rc1:*:*:*:node.js:*:*",
"matchCriteriaId": "5664080A-3C0B-423C-A17D-458C8E41BBB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:matrix-react-sdk_project:matrix-react-sdk:3.76.0:rc2:*:*:*:node.js:*:*",
"matchCriteriaId": "3128DB5F-8C45-4362-BF0E-F6F456C2E39E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/matrix-org/matrix-react-sdk/commit/22fcd34c606f32129ebc967fc21f24fb708a98b8",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/matrix-org/matrix-react-sdk/security/advisories/GHSA-c9vx-2g7w-rp65",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-374xx/CVE-2023-37474.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37474",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-14T20:15:09.083",
"lastModified": "2023-07-17T13:02:46.340",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:47:11.887",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security-advisories@github.com",
@ -46,14 +68,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:copyparty_project:copyparty:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.8.2",
"matchCriteriaId": "70E4D74A-BEE5-4FD5-85C2-29C30D148751"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/9001/copyparty/commit/043e3c7dd683113e2b1c15cacb9c8e68f76513ff",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/9001/copyparty/security/advisories/GHSA-pxfv-7rr3-2qjg",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-374xx/CVE-2023-37477.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37477",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-18T19:15:09.757",
"lastModified": "2023-07-18T19:49:32.270",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T18:20:05.917",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,16 +64,51 @@
"value": "CWE-78"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fit2cloud:1panel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.4.3",
"matchCriteriaId": "99A79710-3BD4-49D2-98B3-FCF398F40F8E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/1Panel-dev/1Panel/commit/e17b80cff4975ee343568ff526b62319f499005d",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-p9xf-74xh-mhw5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-374xx/CVE-2023-37480.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37480",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-18T19:15:09.840",
"lastModified": "2023-07-18T19:49:32.270",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:47:29.237",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +66,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ethyca:fides:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.11.0",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "784A4F45-3BA5-4372-8697-3B2BADF59AA3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ethyca/fides/commit/5aea738463960d81821c11ae7ade1d627a46bf32",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/ethyca/fides/security/advisories/GHSA-g95c-2jgm-hqc6",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-374xx/CVE-2023-37481.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37481",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-18T19:15:09.927",
"lastModified": "2023-07-18T19:49:32.270",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:48:07.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,16 +64,51 @@
"value": "CWE-400"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ethyca:fides:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.11.0",
"versionEndExcluding": "2.16.0",
"matchCriteriaId": "784A4F45-3BA5-4372-8697-3B2BADF59AA3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ethyca/fides/commit/8beaace082b325e693dc7682029a3cb7e6c2b69d",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/ethyca/fides/security/advisories/GHSA-3rw2-wfc8-wmj5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-377xx/CVE-2023-37742.json
View File

@ -2,27 +2,89 @@
"id": "CVE-2023-37742",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-21T16:15:09.987",
"lastModified": "2023-07-25T01:15:09.430",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T18:07:19.663",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "WebBoss.io CMS before v3.7.0.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webboss:webboss.io_cms:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.7.0.1",
"matchCriteriaId": "CA1D5124-C407-4F16-9B0F-28152A1F7E64"
}
]
}
]
}
],
"references": [
{
"url": "https://webboss.feedbear.com/updates",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://webboss.io/page/bughunter-acknowledgments.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.realinfosec.net/advisories/WEBBOSS-XSS-2022-0xd3fcf.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2023/CVE-2023-37xx/CVE-2023-3700.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3700",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-07-17T07:15:09.077",
"lastModified": "2023-07-17T13:02:37.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-27T19:54:24.670",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -36,8 +58,18 @@
},
"weaknesses": [
{
"source": "security@huntr.dev",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,14 +78,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:easyappointments:easyappointments:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.5.0",
"matchCriteriaId": "063BC3E9-AA71-49D6-9CEE-F2E7E7B9D687"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/alextselegidis/easyappointments/commit/b37b46019553089db4f22eb2fe998bca84b2cb64",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/e8d530db-a6a7-4f79-a95d-b77654cc04f8",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch"
]
}
]
}

59
CVE-2023/CVE-2023-384xx/CVE-2023-38495.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-38495",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-27T19:15:10.010",
"lastModified": "2023-07-27T19:15:10.010",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Crossplane is a framework for building cloud native control planes without needing to write code. In versions prior to 1.11.5, 1.12.3, and 1.13.0, Crossplane's image backend does not validate the byte contents of Crossplane packages. As such, Crossplane does not detect if an attacker has tampered with a Package. The problem has been fixed in 1.11.5, 1.12.3 and 1.13.0. As a workaround, only use images from trusted sources and keep Package editing/creating privileges to administrators only."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://github.com/crossplane/crossplane/blob/ac8b24fe739c5d942ea885157148497f196c3dd3/security/ADA-security-audit-23.pdf",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/crossplane/crossplane/security/advisories/GHSA-pj4x-2xr5-w87m",
"source": "security-advisories@github.com"
}
]
}

67
CVE-2023/CVE-2023-385xx/CVE-2023-38504.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-38504",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-27T19:15:10.117",
"lastModified": "2023-07-27T19:15:10.117",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Sails is a realtime MVC Framework for Node.js. In Sails apps prior to version 1.5.7,, an attacker can send a virtual request that will cause the node process to crash. This behavior was fixed in Sails v1.5.7. As a workaround, disable the sockets hook and remove the `sails.io.js` client."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-248"
}
]
}
],
"references": [
{
"url": "https://github.com/balderdashy/sails/commit/4a023dc5095a4b30fdc8535f705ed34cd22d2f7d",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/balderdashy/sails/pull/7287",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/balderdashy/sails/releases/tag/v1.5.7",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/balderdashy/sails/security/advisories/GHSA-gpw9-fwm8-7rx7",
"source": "security-advisories@github.com"
}
]
}

71
CVE-2023/CVE-2023-385xx/CVE-2023-38505.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2023-38505",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-27T19:15:10.217",
"lastModified": "2023-07-27T19:15:10.217",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "DietPi-Dashboard is a web dashboard for the operating system DietPi. The dashboard only allows for one TLS handshake to be in process at a given moment. Once a TCP connection is established in HTTPS mode, it will assume that it should be waiting for a handshake, and will stay this way indefinitely until a handshake starts or some error occurs. In version 0.6.1, this can be exploited by simply not starting the handshake, preventing any other TLS handshakes from getting through. An attacker can lock the dashboard in a state where it is waiting for a TLS handshake from the attacker, who won't provide it. This prevents any legitimate traffic from getting to the dashboard, and can last indefinitely. Version 0.6.2 has a patch for this issue. As a workaround, do not use HTTPS mode on the open internet where anyone can connect. Instead, put a reverse proxy in front of the dashboard, and have it handle any HTTPS connections."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-410"
},
{
"lang": "en",
"value": "CWE-412"
}
]
}
],
"references": [
{
"url": "https://asciinema.org/a/8nRKbdf7AkPLmP3QxFZUSmPwp?t=7",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/ravenclaw900/DietPi-Dashboard/commit/79cd78615d28f577454415e4baafe4dcd9d09666",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/ravenclaw900/DietPi-Dashboard/pull/606",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/ravenclaw900/DietPi-Dashboard/security/advisories/GHSA-3jr4-9rxf-fr44",
"source": "security-advisories@github.com"
}
]
}

67
CVE-2023/CVE-2023-385xx/CVE-2023-38510.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-38510",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-27T19:15:10.313",
"lastModified": "2023-07-27T19:15:10.313",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Tolgee is an open-source localization platform. Starting in version 3.14.0 and prior to version 3.23.1, when a request is made using an API key, the backend fails to verify the permission scopes associated with the key, effectively bypassing permission checks entirely for some endpoints. It's important to note that this vulnerability only affects projects that have inadvertently exposed their API keys on the internet. Projects that have kept their API keys secure are not impacted. This issue is fixed in version 3.23.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://github.com/tolgee/tolgee-platform/commit/4776cba67e7bb8c1b0259376e3e5fa3bb46e45c7",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/tolgee/tolgee-platform/pull/1818",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/tolgee/tolgee-platform/releases/tag/v3.23.1",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/tolgee/tolgee-platform/security/advisories/GHSA-4f9j-4vh4-p85v",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2023/CVE-2023-39xx/CVE-2023-3980.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-3980",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-07-27T19:15:10.427",
"lastModified": "2023-07-27T19:15:10.427",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.2."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/omeka/omeka-s/commit/c6833c0531a07bd914e9f85a61bbbc16e9b4c8df",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.dev/bounties/6eb3cb9a-5c78-451f-ae76-0b1e62fe5e54",
"source": "security@huntr.dev"
}
]
}

59
CVE-2023/CVE-2023-39xx/CVE-2023-3981.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-3981",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-07-27T19:15:10.523",
"lastModified": "2023-07-27T19:15:10.523",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Server-Side Request Forgery (SSRF) in GitHub repository omeka/omeka-s prior to 4.0.2."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://github.com/omeka/omeka-s/commit/dc01ca1b03e845db8a6a6b665d8da36c8dcd2c31",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.dev/bounties/f5018226-0063-415d-9675-d7e30934ff78",
"source": "security@huntr.dev"
}
]
}

59
CVE-2023/CVE-2023-39xx/CVE-2023-3982.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-3982",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-07-27T19:15:10.610",
"lastModified": "2023-07-27T19:15:10.610",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.2."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/omeka/omeka-s/commit/27ff6575c88d970ce95e1d4096553a927e2003b9",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.dev/bounties/e5e889ee-5947-4c2a-a72e-9c90e2e2a845",
"source": "security@huntr.dev"
}
]
}

74
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-07-27T18:00:29.080045+00:00
2023-07-27T20:00:29.517066+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-07-27T17:43:29.557000+00:00
2023-07-27T19:59:26.280000+00:00
```
### Last Data Feed Release
@ -29,48 +29,54 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
221160
221170
```
### CVEs added in the last Commit
Recently added CVEs: `4`
Recently added CVEs: `10`
* [CVE-2023-29845](CVE-2023/CVE-2023-298xx/CVE-2023-29845.json) (`2023-07-27T16:15:10.047`)
* [CVE-2023-37900](CVE-2023/CVE-2023-379xx/CVE-2023-37900.json) (`2023-07-27T16:15:10.157`)
* [CVE-2023-38491](CVE-2023/CVE-2023-384xx/CVE-2023-38491.json) (`2023-07-27T16:15:10.810`)
* [CVE-2023-38492](CVE-2023/CVE-2023-384xx/CVE-2023-38492.json) (`2023-07-27T16:15:11.047`)
* [CVE-2021-36580](CVE-2021/CVE-2021-365xx/CVE-2021-36580.json) (`2023-07-27T18:15:09.893`)
* [CVE-2022-31200](CVE-2022/CVE-2022-312xx/CVE-2022-31200.json) (`2023-07-27T19:15:09.887`)
* [CVE-2023-36941](CVE-2023/CVE-2023-369xx/CVE-2023-36941.json) (`2023-07-27T18:15:10.353`)
* [CVE-2023-38495](CVE-2023/CVE-2023-384xx/CVE-2023-38495.json) (`2023-07-27T19:15:10.010`)
* [CVE-2023-38504](CVE-2023/CVE-2023-385xx/CVE-2023-38504.json) (`2023-07-27T19:15:10.117`)
* [CVE-2023-38505](CVE-2023/CVE-2023-385xx/CVE-2023-38505.json) (`2023-07-27T19:15:10.217`)
* [CVE-2023-38510](CVE-2023/CVE-2023-385xx/CVE-2023-38510.json) (`2023-07-27T19:15:10.313`)
* [CVE-2023-3980](CVE-2023/CVE-2023-39xx/CVE-2023-3980.json) (`2023-07-27T19:15:10.427`)
* [CVE-2023-3981](CVE-2023/CVE-2023-39xx/CVE-2023-3981.json) (`2023-07-27T19:15:10.523`)
* [CVE-2023-3982](CVE-2023/CVE-2023-39xx/CVE-2023-3982.json) (`2023-07-27T19:15:10.610`)
### CVEs modified in the last Commit
Recently modified CVEs: `61`
Recently modified CVEs: `42`
* [CVE-2023-22047](CVE-2023/CVE-2023-220xx/CVE-2023-22047.json) (`2023-07-27T17:34:35.567`)
* [CVE-2023-22049](CVE-2023/CVE-2023-220xx/CVE-2023-22049.json) (`2023-07-27T17:34:44.697`)
* [CVE-2023-22045](CVE-2023/CVE-2023-220xx/CVE-2023-22045.json) (`2023-07-27T17:34:53.150`)
* [CVE-2023-22044](CVE-2023/CVE-2023-220xx/CVE-2023-22044.json) (`2023-07-27T17:34:57.563`)
* [CVE-2023-22043](CVE-2023/CVE-2023-220xx/CVE-2023-22043.json) (`2023-07-27T17:35:02.210`)
* [CVE-2023-22037](CVE-2023/CVE-2023-220xx/CVE-2023-22037.json) (`2023-07-27T17:35:52.217`)
* [CVE-2023-22036](CVE-2023/CVE-2023-220xx/CVE-2023-22036.json) (`2023-07-27T17:36:01.857`)
* [CVE-2023-22034](CVE-2023/CVE-2023-220xx/CVE-2023-22034.json) (`2023-07-27T17:36:09.877`)
* [CVE-2023-22035](CVE-2023/CVE-2023-220xx/CVE-2023-22035.json) (`2023-07-27T17:36:23.743`)
* [CVE-2023-22023](CVE-2023/CVE-2023-220xx/CVE-2023-22023.json) (`2023-07-27T17:36:40.013`)
* [CVE-2023-22022](CVE-2023/CVE-2023-220xx/CVE-2023-22022.json) (`2023-07-27T17:36:46.040`)
* [CVE-2023-22014](CVE-2023/CVE-2023-220xx/CVE-2023-22014.json) (`2023-07-27T17:36:51.227`)
* [CVE-2023-22010](CVE-2023/CVE-2023-220xx/CVE-2023-22010.json) (`2023-07-27T17:36:57.110`)
* [CVE-2023-22009](CVE-2023/CVE-2023-220xx/CVE-2023-22009.json) (`2023-07-27T17:37:02.947`)
* [CVE-2023-22006](CVE-2023/CVE-2023-220xx/CVE-2023-22006.json) (`2023-07-27T17:37:09.910`)
* [CVE-2023-22004](CVE-2023/CVE-2023-220xx/CVE-2023-22004.json) (`2023-07-27T17:37:29.850`)
* [CVE-2023-21949](CVE-2023/CVE-2023-219xx/CVE-2023-21949.json) (`2023-07-27T17:38:03.607`)
* [CVE-2023-21974](CVE-2023/CVE-2023-219xx/CVE-2023-21974.json) (`2023-07-27T17:38:13.767`)
* [CVE-2023-21961](CVE-2023/CVE-2023-219xx/CVE-2023-21961.json) (`2023-07-27T17:38:20.417`)
* [CVE-2023-21975](CVE-2023/CVE-2023-219xx/CVE-2023-21975.json) (`2023-07-27T17:38:43.487`)
* [CVE-2023-21983](CVE-2023/CVE-2023-219xx/CVE-2023-21983.json) (`2023-07-27T17:38:49.340`)
* [CVE-2023-21994](CVE-2023/CVE-2023-219xx/CVE-2023-21994.json) (`2023-07-27T17:39:17.963`)
* [CVE-2023-35763](CVE-2023/CVE-2023-357xx/CVE-2023-35763.json) (`2023-07-27T17:40:52.193`)
* [CVE-2023-35189](CVE-2023/CVE-2023-351xx/CVE-2023-35189.json) (`2023-07-27T17:43:17.170`)
* [CVE-2023-33871](CVE-2023/CVE-2023-338xx/CVE-2023-33871.json) (`2023-07-27T17:43:29.557`)
* [CVE-2023-34394](CVE-2023/CVE-2023-343xx/CVE-2023-34394.json) (`2023-07-27T18:21:19.443`)
* [CVE-2023-33832](CVE-2023/CVE-2023-338xx/CVE-2023-33832.json) (`2023-07-27T18:50:29.473`)
* [CVE-2023-3300](CVE-2023/CVE-2023-33xx/CVE-2023-3300.json) (`2023-07-27T19:22:42.110`)
* [CVE-2023-3591](CVE-2023/CVE-2023-35xx/CVE-2023-3591.json) (`2023-07-27T19:23:15.350`)
* [CVE-2023-3590](CVE-2023/CVE-2023-35xx/CVE-2023-3590.json) (`2023-07-27T19:23:33.557`)
* [CVE-2023-3586](CVE-2023/CVE-2023-35xx/CVE-2023-3586.json) (`2023-07-27T19:37:49.247`)
* [CVE-2023-3587](CVE-2023/CVE-2023-35xx/CVE-2023-3587.json) (`2023-07-27T19:40:35.700`)
* [CVE-2023-3581](CVE-2023/CVE-2023-35xx/CVE-2023-3581.json) (`2023-07-27T19:46:40.130`)
* [CVE-2023-37474](CVE-2023/CVE-2023-374xx/CVE-2023-37474.json) (`2023-07-27T19:47:11.887`)
* [CVE-2023-37480](CVE-2023/CVE-2023-374xx/CVE-2023-37480.json) (`2023-07-27T19:47:29.237`)
* [CVE-2023-37481](CVE-2023/CVE-2023-374xx/CVE-2023-37481.json) (`2023-07-27T19:48:07.587`)
* [CVE-2023-0160](CVE-2023/CVE-2023-01xx/CVE-2023-0160.json) (`2023-07-27T19:48:36.727`)
* [CVE-2023-25839](CVE-2023/CVE-2023-258xx/CVE-2023-25839.json) (`2023-07-27T19:48:48.527`)
* [CVE-2023-22051](CVE-2023/CVE-2023-220xx/CVE-2023-22051.json) (`2023-07-27T19:49:02.660`)
* [CVE-2023-3582](CVE-2023/CVE-2023-35xx/CVE-2023-3582.json) (`2023-07-27T19:49:10.477`)
* [CVE-2023-22055](CVE-2023/CVE-2023-220xx/CVE-2023-22055.json) (`2023-07-27T19:49:14.280`)
* [CVE-2023-22060](CVE-2023/CVE-2023-220xx/CVE-2023-22060.json) (`2023-07-27T19:49:22.710`)
* [CVE-2023-37259](CVE-2023/CVE-2023-372xx/CVE-2023-37259.json) (`2023-07-27T19:50:08.540`)
* [CVE-2023-3584](CVE-2023/CVE-2023-35xx/CVE-2023-3584.json) (`2023-07-27T19:50:14.210`)
* [CVE-2023-3299](CVE-2023/CVE-2023-32xx/CVE-2023-3299.json) (`2023-07-27T19:50:41.783`)
* [CVE-2023-3072](CVE-2023/CVE-2023-30xx/CVE-2023-3072.json) (`2023-07-27T19:51:20.287`)
* [CVE-2023-2913](CVE-2023/CVE-2023-29xx/CVE-2023-2913.json) (`2023-07-27T19:51:33.973`)
* [CVE-2023-3700](CVE-2023/CVE-2023-37xx/CVE-2023-3700.json) (`2023-07-27T19:54:24.670`)
* [CVE-2023-3692](CVE-2023/CVE-2023-36xx/CVE-2023-3692.json) (`2023-07-27T19:56:48.617`)
* [CVE-2023-2959](CVE-2023/CVE-2023-29xx/CVE-2023-2959.json) (`2023-07-27T19:59:26.280`)
## Download and Usage