admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 11:07:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-12-05T03:00:22.359454+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-12-05 03:00:27 +00:00
parent ac68486f17
commit e3479c0c81
35 changed files with 2387 additions and 146 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
CVE-2022/CVE-2022-425xx/CVE-2022-42536.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-42536",
"sourceIdentifier": "security@android.com",
"published": "2023-11-29T22:15:07.110",
"lastModified": "2023-11-30T13:39:19.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-05T01:56:14.107",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,66 @@
"value": "Ejecuci\u00f3n remota de c\u00f3digo"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
}
]
}
]
}
],
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-07-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2022/CVE-2022-425xx/CVE-2022-42537.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-42537",
"sourceIdentifier": "security@android.com",
"published": "2023-11-29T22:15:07.173",
"lastModified": "2023-11-30T13:39:19.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-05T01:56:07.767",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,66 @@
"value": "Ejecuci\u00f3n remota de c\u00f3digo"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
}
]
}
]
}
],
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-07-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2022/CVE-2022-425xx/CVE-2022-42538.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-42538",
"sourceIdentifier": "security@android.com",
"published": "2023-11-29T22:15:07.220",
"lastModified": "2023-11-30T13:39:19.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-05T01:55:59.613",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,66 @@
"value": "Elevaci\u00f3n de privilegios"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
}
]
}
]
}
],
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-07-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2022/CVE-2022-425xx/CVE-2022-42539.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-42539",
"sourceIdentifier": "security@android.com",
"published": "2023-11-29T22:15:07.267",
"lastModified": "2023-11-30T13:39:19.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-05T01:55:52.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,66 @@
"value": "Divulgaci\u00f3n de informaci\u00f3n"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
}
]
}
]
}
],
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-07-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2022/CVE-2022-425xx/CVE-2022-42540.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-42540",
"sourceIdentifier": "security@android.com",
"published": "2023-11-29T22:15:07.317",
"lastModified": "2023-11-30T13:39:19.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-05T01:55:42.027",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,66 @@
"value": "Elevaci\u00f3n de privilegios"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
}
]
}
]
}
],
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-07-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2022/CVE-2022-425xx/CVE-2022-42541.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-42541",
"sourceIdentifier": "security@android.com",
"published": "2023-11-29T22:15:07.363",
"lastModified": "2023-11-30T13:39:19.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-05T01:55:33.250",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,66 @@
"value": "Ejecuci\u00f3n remota de c\u00f3digo"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
}
]
}
]
}
],
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/chromecast/2023-07-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-333xx/CVE-2023-33333.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-33333",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-30T14:15:08.323",
"lastModified": "2023-11-30T14:48:40.677",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-05T01:59:20.337",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugins Complianz, Really Simple Plugins Complianz Premium allows Cross-Site Scripting (XSS).This issue affects Complianz: from n/a through 6.4.4; Complianz Premium: from n/a through 6.4.6.1.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Really Simple Plugins Complianz, Really Simple Plugins Complianz Premium permite Cross-Site Scripting (XSS). Este problema afecta a Complianz: desde n/a hasta 6.4.4; Complianz Premium: desde n/a hasta 6.4.6.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,14 +70,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:really-simple-plugins:complianz:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.4.6",
"matchCriteriaId": "07CB090D-90D9-4822-BBEA-D8108F6E38E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:really-simple-plugins:complianz:*:*:*:*:premium:wordpress:*:*",
"versionEndExcluding": "6.4.7",
"matchCriteriaId": "FA45E269-AA1E-41EE-ACF8-64C053EA2BBF"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/complianz-gdpr-premium/wordpress-complianz-premium-plugin-6-4-6-1-csrf-to-site-wide-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://patchstack.com/database/vulnerability/complianz-gdpr/wordpress-complianz-plugin-6-4-4-csrf-lead-to-site-wide-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

640
CVE-2023/CVE-2023-37xx/CVE-2023-3741.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3741",
"sourceIdentifier": "psirt-info@cyber.jp.nec.com",
"published": "2023-11-30T01:15:07.187",
"lastModified": "2023-11-30T13:39:13.380",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-05T01:52:00.197",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,8 +14,41 @@
"value": "Una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en NEC Platforms DT900 and DT900S Series, todas las versiones, permite a un atacante ejecutar cualquier comando en el dispositivo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
},
{
"source": "psirt-info@cyber.jp.nec.com",
"type": "Secondary",
@ -27,10 +60,609 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:itk-6dgs-1\\(bk\\)tel_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D34FA4D-DBF4-4A41-9E11-74B2BB3E1824"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:itk-6dgs-1\\(bk\\)tel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2F866A1-FE6B-4C03-8738-1201C2E6848F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:itk-32lcgs-1\\(bk\\)tel_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69FECFD5-0ACB-41B0-9AD8-1EA6EB0D1205"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:itk-32lcgs-1\\(bk\\)tel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "559BCF01-8716-4F42-8FA2-95DB68744E91"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:itk-32tcgs-1\\(bk\\)tel_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F6B893-3360-42B3-8779-B4F166BEBADC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:itk-32tcgs-1\\(bk\\)tel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "977F829C-51E0-4408-86EB-4A5F4F2AF02B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:itk-6d-1\\(bk\\)tel_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC34950E-33C6-4CDF-94F9-CB6D7F7D3953"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:itk-6d-1\\(bk\\)tel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D81DD6F-5026-4F53-BEA7-F66249EAFC55"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:itk-12d-1\\(bk\\)tel_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15FA9B5C-BF54-46BA-97CA-42D4A071B0C8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:itk-12d-1\\(bk\\)tel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCF0DF4-594A-46C5-A3DC-BB38856D6A52"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:itk-8lcx-1\\(bk\\)tel_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37E9D966-2B63-4DFF-BA57-0B1A0556BCC4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:itk-8lcx-1\\(bk\\)tel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "083510DD-C5B1-44B1-9CB7-D5A42FBAAC9A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:itk-8tcgx-1\\(bk\\)tel_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3AE0212-F703-40AE-A20F-5987DFE88363"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:itk-8tcgx-1\\(bk\\)tel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E484F75-1CEB-43EE-B56A-8449562F1D96"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:itk-6dgs-1a\\(bk\\)tel_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10375D05-E64E-4BF9-8A2C-46AE94B13A1A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:itk-6dgs-1a\\(bk\\)tel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D73BE74-0868-462E-B8C7-4A1540EDF103"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:itk-32lcgs-1a\\(bk\\)tel_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFADF7DF-3198-4249-BF53-7CAF692E033F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:itk-32lcgs-1a\\(bk\\)tel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7538E9-EA61-4494-9958-475097C1A655"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:itk-32tcgs-1a\\(bk\\)tel_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF30F9E-0CAE-4E3D-94D0-5131D419E7A5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:itk-32tcgs-1a\\(bk\\)tel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F18ADDA-F8E7-4502-8413-89335DAD271A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:itk-6dgs-1p\\(bk\\)tel_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F0F713-C37A-422B-BD01-99E91F35CA2F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:itk-6dgs-1p\\(bk\\)tel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE2B688-B9DA-405C-B4CC-0A8CC3CB0BB6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:itk-32lcgs-1p\\(bk\\)tel_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC8ABE27-1577-4D4E-90C4-D7EDB7EBFC6A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:itk-32lcgs-1p\\(bk\\)tel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75A896BD-D903-455B-B188-B8CDBE8AAFFC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:itk-32tcgs-1p\\(bk\\)tel_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E699313-5667-4261-B744-930B9E1B8593"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:itk-32tcgs-1p\\(bk\\)tel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D173DF06-51BA-49A2-A708-BD3050BA52D2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:itk-6d-1p\\(bk\\)tel_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B103B15-D567-484E-BA7C-56B7461213D0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:itk-6d-1p\\(bk\\)tel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3018EA32-2B4A-46ED-9573-FF40233B1F65"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:itk-12d-1p\\(bk\\)tel_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D18351C0-30C7-44A3-B958-45398A2B6494"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:itk-12d-1p\\(bk\\)tel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDE89E1E-EEF5-46C4-8E09-11C212481BFD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:itk-6dg-1p\\(bk\\)tel_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D7A06E0-238E-421E-AA0C-A6213F20250E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:itk-6dg-1p\\(bk\\)tel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "749CF6D9-E0BC-40E0-960F-A8BE63F9C644"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:itk-12dg-1p\\(bk\\)tel_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBC02EF-7A5E-4145-AB39-765A0C65F37C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:itk-12dg-1p\\(bk\\)tel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A94570B8-1E9E-4D95-8CE0-7D03A9C90BDD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:itk-8lcx-1p\\(bk\\)tel_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34A49F73-9178-4F55-9CF8-043CA50F82C5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:itk-8lcx-1p\\(bk\\)tel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C0DD87-4B3B-45CF-BBFF-37287E9B3813"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:itk-8lcg-1p\\(bk\\)tel_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EE144BC-8DCC-4036-ABD7-B68F306839B5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:itk-8lcg-1p\\(bk\\)tel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9DD939D2-E4CF-4EC9-971A-55A240A59BCA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:itk-32lcg-1p\\(bk\\)tel_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D077F3E8-87E3-4613-A980-9111B88B48B0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:itk-32lcg-1p\\(bk\\)tel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DF0D11E-592C-4514-9F41-56C96C57E7F7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:itk-8tcgx-1p\\(bk\\)tel_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31A24B52-4C28-4ABC-AAAA-1FC0CAE732DF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:itk-8tcgx-1p\\(bk\\)tel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D39AA9A-FA93-4445-A7B1-F956FE7079CC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nec:itk-32tcg-1p\\(bk\\)tel_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "632954BD-9AE3-446B-A4CB-99495700867F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nec:itk-32tcg-1p\\(bk\\)tel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1447B2-28E9-400B-86AF-10606CEC3543"
}
]
}
]
}
],
"references": [
{
"url": "https://https://jpn.nec.com/security-info/secinfo/nv23-011_en.html",
"source": "psirt-info@cyber.jp.nec.com"
"source": "psirt-info@cyber.jp.nec.com",
"tags": [
"Broken Link"
]
}
]
}

64
CVE-2023/CVE-2023-404xx/CVE-2023-40458.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40458",
"sourceIdentifier": "security@sierrawireless.com",
"published": "2023-11-29T23:15:20.367",
"lastModified": "2023-12-04T23:15:24.800",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-05T01:55:09.410",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security@sierrawireless.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
},
{
"source": "security@sierrawireless.com",
"type": "Secondary",
@ -50,10 +80,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sierrawireless:aleos:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.9.8",
"matchCriteriaId": "79B70B8B-C6C1-428C-88A5-5E85AE32C187"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sierrawireless:aleos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10.0",
"versionEndIncluding": "4.16.2",
"matchCriteriaId": "BB0B824A-C2A5-4637-B779-397D96FCE3B2"
}
]
}
]
}
],
"references": [
{
"url": "https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2023-006/#sthash.5ZcnyPM1.dpbs",
"source": "security@sierrawireless.com"
"source": "security@sierrawireless.com",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-472xx/CVE-2023-47272.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-47272",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-06T00:15:09.380",
"lastModified": "2023-12-04T13:15:07.500",
"lastModified": "2023-12-05T01:15:07.110",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
@ -118,6 +118,10 @@
"Release Notes"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00005.html",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GILSR762MJB3BNJOVOCMW2JXEPV46IIQ/",
"source": "cve@mitre.org"

51
CVE-2023/CVE-2023-482xx/CVE-2023-48282.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48282",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-30T13:15:08.503",
"lastModified": "2023-11-30T13:38:42.753",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-05T01:59:29.907",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Andrea Landonio Taxonomy filter allows Cross Site Request Forgery.This issue affects Taxonomy filter: from n/a through 2.2.9.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el filtro Andrea Landonio Taxonomy permite la Cross Site Request Forgery. Este problema afecta al filtro Taxonomy: desde n/a hasta 2.2.9."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:andrealandonio:taxonomy_filter:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.2.9",
"matchCriteriaId": "63E3862A-7B68-4DE2-A673-9C8B8B249B15"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/taxonomy-filter/wordpress-taxonomy-filter-plugin-2-2-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-482xx/CVE-2023-48283.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48283",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-30T13:15:08.713",
"lastModified": "2023-11-30T13:38:42.753",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-05T02:00:00.967",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in PressTigers Simple Testimonials Showcase allows Cross Site Request Forgery.This issue affects Simple Testimonials Showcase: from n/a through 1.1.5.\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de Cross-Site Request Forgery (CSRF) en PressTigers Simple Testimonials Showcase permite Cross Site Request Forgery. Este problema afecta a Simple Testimonials Showcase: desde n/a hasta 1.1.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:presstigers:simple_testimonials_showcase:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.5",
"matchCriteriaId": "4264D259-DA4D-4B7B-8436-A6F923A00518"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/simple-testimonials-showcase/wordpress-simple-testimonials-showcase-plugin-1-1-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-482xx/CVE-2023-48284.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48284",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-30T13:15:08.933",
"lastModified": "2023-11-30T13:38:42.753",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-05T02:00:11.640",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in WebToffee Decorator \u2013 WooCommerce Email Customizer allows Cross Site Request Forgery.This issue affects Decorator \u2013 WooCommerce Email Customizer: from n/a through 1.2.7.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en WebToffee Decorator \u2013 WooCommerce Email Customizer permite Cross Site Request Forgery. Este problema afecta a Decorator \u2013 WooCommerce Email Customizer: desde n/a hasta 1.2.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webtoffee:decorator:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.7",
"matchCriteriaId": "406844A1-6369-4E92-BA88-27A62F2F64C9"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/decorator-woocommerce-email-customizer/wordpress-decorator-woocommerce-email-customizer-plugin-1-2-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-483xx/CVE-2023-48315.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-48315",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-05T01:15:07.230",
"lastModified": "2023-12-05T01:15:07.230",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause remote code execution due to memory overflow vulnerabilities in Azure RTOS NETX Duo. The affected components include processes/functions related to ftp and sntp in RTOS v6.2.1 and below. The fixes have been included in NetX Duo release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
},
{
"lang": "en",
"value": "CWE-825"
}
]
}
],
"references": [
{
"url": "https://github.com/azure-rtos/netxduo/security/advisories/GHSA-rj6h-jjg2-7gf3",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2023/CVE-2023-483xx/CVE-2023-48316.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-48316",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-05T01:15:07.503",
"lastModified": "2023-12-05T01:15:07.503",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause remote code execution due to memory overflow vulnerabilities in Azure RTOS NETX Duo. The affected components include processes/functions related to snmp, smtp, ftp and dtls in RTOS v6.2.1 and below. The fixes have been included in NetX Duo release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
},
{
"lang": "en",
"value": "CWE-825"
}
]
}
],
"references": [
{
"url": "https://github.com/azure-rtos/netxduo/security/advisories/GHSA-3cmf-r288-xhwq",
"source": "security-advisories@github.com"
}
]
}

51
CVE-2023/CVE-2023-483xx/CVE-2023-48323.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48323",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-30T13:15:09.123",
"lastModified": "2023-11-30T13:38:42.753",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-05T02:00:16.967",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Awesome Support Team Awesome Support \u2013 WordPress HelpDesk & Support Plugin allows Cross Site Request Forgery.This issue affects Awesome Support \u2013 WordPress HelpDesk & Support Plugin: from n/a through 6.1.4.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Awesome Support Team Awesome Support \u2013 WordPress HelpDesk & Support Plugin permite Cross Site Request Forgery. Este problema afecta a Awesome Support \u2013 WordPress HelpDesk & Support Plugin: desde n/a hasta 6.1.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:getawesomesupport:awesome_support:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "6.1.4",
"matchCriteriaId": "E6C4A909-BB30-4D21-9CA4-566600A172D3"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/awesome-support/wordpress-awesome-support-wordpress-helpdesk-support-plugin-plugin-6-1-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-483xx/CVE-2023-48330.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48330",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-30T13:15:09.310",
"lastModified": "2023-11-30T13:38:42.753",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-05T02:00:23.417",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Mike Strand Bulk Comment Remove allows Cross Site Request Forgery.This issue affects Bulk Comment Remove: from n/a through 2.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Mike Strand Bulk Comment Remove permite Cross Site Request Forgery. Este problema afecta a Bulk Comment Remove: de n/a a 2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:supremo:bulk_comment_remove:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.0",
"matchCriteriaId": "7F7F07DA-0919-4E29-96E5-D675C092A7EA"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/bulk-comment-remove/wordpress-bulk-comment-remove-plugin-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-483xx/CVE-2023-48331.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48331",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-30T13:15:09.500",
"lastModified": "2023-11-30T13:38:42.753",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-05T02:00:32.513",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Stormhill Media MyBookTable Bookstore by Stormhill Media allows Cross Site Request Forgery.This issue affects MyBookTable Bookstore by Stormhill Media: from n/a through 3.3.4.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Stormhill Media MyBookTable Bookstore de Stormhill Media permite Cross Site Request Forgery. Este problema afecta a MyBookTable Bookstore de Stormhill Media: desde n/a hasta 3.3.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormhillmedia:mybook_table_bookstore:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.3.4",
"matchCriteriaId": "69DA258B-FC99-4A76-99B1-7A90BF745901"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/mybooktable/wordpress-mybooktable-bookstore-by-stormhill-media-plugin-3-3-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-483xx/CVE-2023-48334.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48334",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-30T13:15:09.693",
"lastModified": "2023-11-30T13:38:42.753",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-05T02:00:37.353",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in DAEXT League Table allows Cross Site Request Forgery.This issue affects League Table: from n/a through 1.13.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en DAEXT League Table permite Cross Site Request Forgery. Este problema afecta a League Table: desde n/a hasta 1.13."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:daext:league_table:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.13",
"matchCriteriaId": "8D7EAC59-7EBD-4BA1-B688-C20A3B6C3333"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/league-table-lite/wordpress-league-table-plugin-1-13-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-486xx/CVE-2023-48691.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-48691",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-05T01:15:07.747",
"lastModified": "2023-12-05T01:15:07.747",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause an out-of-bounds write in Azure RTOS NETX Duo, that could lead to remote code execution. The affected components include process related to IGMP protocol in RTOS v6.2.1 and below. The fix has been included in NetX Duo release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://github.com/azure-rtos/netxduo/security/advisories/GHSA-fwmg-rj6g-w99p",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2023/CVE-2023-486xx/CVE-2023-48692.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-48692",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-05T01:15:07.957",
"lastModified": "2023-12-05T01:15:07.957",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause remote code execution due to memory overflow vulnerabilities in Azure RTOS NETX Duo. The affected components include processes/functions related to icmp, tcp, snmp, dhcp, nat and ftp in RTOS v6.2.1 and below. The fixes have been included in NetX Duo release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.2,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
},
{
"lang": "en",
"value": "CWE-825"
}
]
}
],
"references": [
{
"url": "https://github.com/azure-rtos/netxduo/security/advisories/GHSA-m2rx-243p-9w64",
"source": "security-advisories@github.com"
}
]
}

55
CVE-2023/CVE-2023-486xx/CVE-2023-48693.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-48693",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-05T01:15:08.167",
"lastModified": "2023-12-05T01:15:08.167",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": " Azure RTOS ThreadX is an advanced real-time operating system (RTOS) designed specifically for deeply embedded applications. An attacker can cause arbitrary read and write due to vulnerability in parameter checking mechanism in Azure RTOS ThreadX, which may lead to privilege escalation. The affected components include RTOS ThreadX v6.2.1 and below. The fixes have been included in ThreadX release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 8.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://github.com/azure-rtos/threadx/security/advisories/GHSA-p7w6-62rq-vrf9",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2023/CVE-2023-486xx/CVE-2023-48694.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-48694",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-05T01:15:08.393",
"lastModified": "2023-12-05T01:15:08.393",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to expired pointer dereference and type confusion vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in host stack and host class, related to device linked classes, ASIX, Prolific, SWAR, audio, CDC ECM in RTOS v6.2.1 and below. The fixes have been included in USBX release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-825"
},
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"references": [
{
"url": "https://github.com/azure-rtos/usbx/security/advisories/GHSA-qjw8-7w86-44qj",
"source": "security-advisories@github.com"
}
]
}

55
CVE-2023/CVE-2023-486xx/CVE-2023-48695.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-48695",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-05T01:15:08.640",
"lastModified": "2023-12-05T01:15:08.640",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to out of bounds write vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in host and device classes, related to CDC ECM and RNDIS in RTOS v6.2.1 and below. The fixes have been included in USBX release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.9,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://github.com/azure-rtos/usbx/security/advisories/GHSA-mwj9-rpph-v8wc",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2023/CVE-2023-486xx/CVE-2023-48696.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-48696",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-05T01:15:08.877",
"lastModified": "2023-12-05T01:15:08.877",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to expired pointer dereference vulnerabilities in Azure RTOS USBX. The affected components include components in host class, related to CDC ACM in RTOS v6.2.1 and below. The fixes have been included in USBX release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.4,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-754"
},
{
"lang": "en",
"value": "CWE-825"
}
]
}
],
"references": [
{
"url": "https://github.com/azure-rtos/usbx/security/advisories/GHSA-h733-98hq-f884",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-486xx/CVE-2023-48697.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-48697",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-05T01:15:09.120",
"lastModified": "2023-12-05T01:15:09.120",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to memory buffer and pointer vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in pictbridge and host class, related to PIMA, storage, CDC ACM, ECM, audio, hub in RTOS v6.2.1 and below. The fixes have been included in USBX release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
},
{
"lang": "en",
"value": "CWE-787"
},
{
"lang": "en",
"value": "CWE-825"
}
]
}
],
"references": [
{
"url": "https://github.com/azure-rtos/usbx/security/advisories/GHSA-p2p9-wp2q-wjv4",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2023/CVE-2023-486xx/CVE-2023-48698.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-48698",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-05T01:15:09.353",
"lastModified": "2023-12-05T01:15:09.353",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to expired pointer dereference vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in host stack and host classes, related to device linked classes, GSER and HID in RTOS v6.2.1 and below. The fixes have been included in USBX release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.5,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-754"
},
{
"lang": "en",
"value": "CWE-825"
}
]
}
],
"references": [
{
"url": "https://github.com/azure-rtos/usbx/security/advisories/GHSA-grhp-f66q-x857",
"source": "security-advisories@github.com"
}
]
}

51
CVE-2023/CVE-2023-487xx/CVE-2023-48744.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48744",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-30T13:15:09.893",
"lastModified": "2023-11-30T13:38:42.753",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-05T02:00:43.043",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Offshore Web Master Availability Calendar allows Cross Site Request Forgery.This issue affects Availability Calendar: from n/a through 1.2.6.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Offshore Web Master Availability Calendar permite Cross Site Request Forgery. Este problema afecta a Availability Calendar: desde n/a hasta 1.2.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:offshorewebmaster:availability_calendar:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.6",
"matchCriteriaId": "A1BF5656-0A17-41EA-95E9-6A97EC4B5C05"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/availability-calendar/wordpress-availability-calendar-plugin-1-2-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-490xx/CVE-2023-49082.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-49082",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-29T20:15:08.180",
"lastModified": "2023-11-29T20:53:05.993",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-05T01:51:49.997",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Improper validation makes it possible for an attacker to modify the HTTP request (e.g. insert a new header) or even create a new HTTP request if the attacker controls the HTTP method. The vulnerability occurs only if the attacker can control the HTTP method (GET, POST etc.) of the request. If the attacker can control the HTTP version of the request it will be able to modify the request (request smuggling). This issue has been patched in version 3.9.0."
},
{
"lang": "es",
"value": "aiohttp es un framework cliente/servidor HTTP as\u00edncrono para asyncio y Python. Una validaci\u00f3n inadecuada hace posible que un atacante modifique la solicitud HTTP (por ejemplo, inserte un nuevo encabezado) o incluso cree una nueva solicitud HTTP si el atacante controla el m\u00e9todo HTTP. La vulnerabilidad ocurre s\u00f3lo si el atacante puede controlar el m\u00e9todo HTTP (GET, POST, etc.) de la solicitud. Si el atacante puede controlar la versi\u00f3n HTTP de la solicitud, podr\u00e1 modificar la solicitud (contrabando de solicitudes). Este problema se solucion\u00f3 en la versi\u00f3n 3.9.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,14 +74,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:aiohttp:aiohttp:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.9.0",
"matchCriteriaId": "B601D31B-56AB-4C39-8CC0-12CFA373E53A"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/jnovikov/7f411ae9fe6a9a7804cf162a3bdbb44b",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-qvrw-v9rv-5rjx",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-490xx/CVE-2023-49083.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-49083",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-29T19:15:07.967",
"lastModified": "2023-11-29T21:15:07.823",
"lastModified": "2023-12-05T02:15:06.827",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling `load_pem_pkcs7_certificates` or `load_der_pkcs7_certificates` could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service (DoS) for any application attempting to deserialize a PKCS7 blob/certificate. The consequences extend to potential disruptions in system availability and stability. This vulnerability has been patched in version 41.0.6."
},
{
"lang": "es",
"value": "cryptography es un paquete dise\u00f1ado para exponer recetas y primitivas criptogr\u00e1ficas a los desarrolladores de Python. Llamar a `load_pem_pkcs7_certificates` o `load_der_pkcs7_certificates` podr\u00eda provocar una desreferencia de puntero NULL y un error de segmentaci\u00f3n. La explotaci\u00f3n de esta vulnerabilidad plantea un grave riesgo de Denegaci\u00f3n de Servicio (DoS) para cualquier aplicaci\u00f3n que intente deserializar un blob/certificado PKCS7. Las consecuencias se extienden a posibles interrupciones en la disponibilidad y estabilidad del sistema. Esta vulnerabilidad ha sido parcheada en la versi\u00f3n 41.0.6."
}
],
"metrics": {
@ -17,20 +21,20 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
@ -47,10 +51,6 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/11/29/2",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/pyca/cryptography/commit/f09c261ca10a31fe41b1262306db7f8f1da0e48a",
"source": "security-advisories@github.com"

50
CVE-2023/CVE-2023-491xx/CVE-2023-49103.json
View File

@ -1,8 +1,8 @@
{
"id": "CVE-2023-49103",
"sourceIdentifier": "secure@microsoft.com",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-21T22:15:08.277",
"lastModified": "2023-12-05T00:15:08.323",
"lastModified": "2023-12-05T01:15:09.570",
"vulnStatus": "Modified",
"cisaExploitAdd": "2023-11-30",
"cisaActionDue": "2023-12-21",
@ -20,29 +20,9 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
@ -59,6 +39,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
@ -99,11 +99,11 @@
"references": [
{
"url": "https://owncloud.com/security-advisories/disclosure-of-sensitive-credentials-and-configuration-in-containerized-deployments/",
"source": "secure@microsoft.com"
"source": "cve@mitre.org"
},
{
"url": "https://owncloud.org/security",
"source": "secure@microsoft.com"
"source": "cve@mitre.org"
}
]
}

63
CVE-2023/CVE-2023-496xx/CVE-2023-49693.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-49693",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2023-11-29T23:15:20.567",
"lastModified": "2023-11-30T13:39:19.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-05T01:54:46.047",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
},
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
@ -50,14 +80,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netgear:prosafe_network_management_system:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.7.0.34",
"matchCriteriaId": "910077CB-66F7-44DC-8FD8-0CE742C16AA4"
}
]
}
]
}
],
"references": [
{
"url": "https://kb.netgear.com/000065886/Security-Advisory-for-Sensitive-Information-Disclosure-on-the-NMS300-PSV-2023-0126",
"source": "vulnreport@tenable.com"
"source": "vulnreport@tenable.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.tenable.com/security/research/tra-2023-39",
"source": "vulnreport@tenable.com"
"source": "vulnreport@tenable.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-496xx/CVE-2023-49694.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-49694",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2023-11-29T23:15:20.750",
"lastModified": "2023-11-30T13:39:13.380",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-05T01:54:34.097",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
@ -50,14 +80,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netgear:prosafe_network_management_system:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.7.0.31",
"matchCriteriaId": "9A616F4D-0720-4399-8630-F0A017A50439"
}
]
}
]
}
],
"references": [
{
"url": "https://kb.netgear.com/000065885/Security-Advisory-for-Vertical-Privilege-Escalation-on-the-NMS300-PSV-2023-0127",
"source": "vulnreport@tenable.com"
"source": "vulnreport@tenable.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.tenable.com/security/research/tra-2023-39",
"source": "vulnreport@tenable.com"
"source": "vulnreport@tenable.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-61xx/CVE-2023-6137.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-6137",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-30T13:15:10.503",
"lastModified": "2023-11-30T13:38:42.753",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-05T01:57:48.153",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in finnj Frontier Post allows Cross Site Request Forgery.This issue affects Frontier Post: from n/a through 6.1.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en finnj Frontier Post permite Cross Site Request Forgery. Este problema afecta a Frontier Post: desde n/a hasta 6.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpfrontier:frontier_post:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "6.1",
"matchCriteriaId": "AB28576E-B5A5-4169-AD0B-7FBB169AC6F7"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/frontier-post/wordpress-frontier-post-plugin-6-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

74
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-12-05T00:55:18.356104+00:00
2023-12-05T03:00:22.359454+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-12-05T00:15:09.840000+00:00
2023-12-05T02:15:06.827000+00:00
```
### Last Data Feed Release
@ -23,53 +23,59 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain
2023-12-04T01:00:13.555729+00:00
2023-12-05T01:00:13.564848+00:00
```
### Total Number of included CVEs
```plain
232240
232250
```
### CVEs added in the last Commit
Recently added CVEs: `77`
Recently added CVEs: `10`
* [CVE-2023-5944](CVE-2023/CVE-2023-59xx/CVE-2023-5944.json) (`2023-12-04T23:15:27.940`)
* [CVE-2023-21162](CVE-2023/CVE-2023-211xx/CVE-2023-21162.json) (`2023-12-04T23:15:22.217`)
* [CVE-2023-21163](CVE-2023/CVE-2023-211xx/CVE-2023-21163.json) (`2023-12-04T23:15:22.377`)
* [CVE-2023-21164](CVE-2023/CVE-2023-211xx/CVE-2023-21164.json) (`2023-12-04T23:15:22.430`)
* [CVE-2023-21166](CVE-2023/CVE-2023-211xx/CVE-2023-21166.json) (`2023-12-04T23:15:22.477`)
* [CVE-2023-21215](CVE-2023/CVE-2023-212xx/CVE-2023-21215.json) (`2023-12-04T23:15:22.523`)
* [CVE-2023-21216](CVE-2023/CVE-2023-212xx/CVE-2023-21216.json) (`2023-12-04T23:15:22.570`)
* [CVE-2023-21217](CVE-2023/CVE-2023-212xx/CVE-2023-21217.json) (`2023-12-04T23:15:22.617`)
* [CVE-2023-21218](CVE-2023/CVE-2023-212xx/CVE-2023-21218.json) (`2023-12-04T23:15:22.667`)
* [CVE-2023-21227](CVE-2023/CVE-2023-212xx/CVE-2023-21227.json) (`2023-12-04T23:15:22.720`)
* [CVE-2023-21228](CVE-2023/CVE-2023-212xx/CVE-2023-21228.json) (`2023-12-04T23:15:22.767`)
* [CVE-2023-21263](CVE-2023/CVE-2023-212xx/CVE-2023-21263.json) (`2023-12-04T23:15:22.813`)
* [CVE-2023-21401](CVE-2023/CVE-2023-214xx/CVE-2023-21401.json) (`2023-12-04T23:15:22.970`)
* [CVE-2023-21402](CVE-2023/CVE-2023-214xx/CVE-2023-21402.json) (`2023-12-04T23:15:23.027`)
* [CVE-2023-21403](CVE-2023/CVE-2023-214xx/CVE-2023-21403.json) (`2023-12-04T23:15:23.070`)
* [CVE-2023-26941](CVE-2023/CVE-2023-269xx/CVE-2023-26941.json) (`2023-12-05T00:15:08.110`)
* [CVE-2023-26942](CVE-2023/CVE-2023-269xx/CVE-2023-26942.json) (`2023-12-05T00:15:08.163`)
* [CVE-2023-26943](CVE-2023/CVE-2023-269xx/CVE-2023-26943.json) (`2023-12-05T00:15:08.227`)
* [CVE-2023-35690](CVE-2023/CVE-2023-356xx/CVE-2023-35690.json) (`2023-12-04T23:15:23.507`)
* [CVE-2023-49284](CVE-2023/CVE-2023-492xx/CVE-2023-49284.json) (`2023-12-05T00:15:08.737`)
* [CVE-2023-49289](CVE-2023/CVE-2023-492xx/CVE-2023-49289.json) (`2023-12-05T00:15:08.967`)
* [CVE-2023-49290](CVE-2023/CVE-2023-492xx/CVE-2023-49290.json) (`2023-12-05T00:15:09.190`)
* [CVE-2023-49291](CVE-2023/CVE-2023-492xx/CVE-2023-49291.json) (`2023-12-05T00:15:09.403`)
* [CVE-2023-49292](CVE-2023/CVE-2023-492xx/CVE-2023-49292.json) (`2023-12-05T00:15:09.627`)
* [CVE-2023-5808](CVE-2023/CVE-2023-58xx/CVE-2023-5808.json) (`2023-12-05T00:15:09.840`)
* [CVE-2023-48315](CVE-2023/CVE-2023-483xx/CVE-2023-48315.json) (`2023-12-05T01:15:07.230`)
* [CVE-2023-48316](CVE-2023/CVE-2023-483xx/CVE-2023-48316.json) (`2023-12-05T01:15:07.503`)
* [CVE-2023-48691](CVE-2023/CVE-2023-486xx/CVE-2023-48691.json) (`2023-12-05T01:15:07.747`)
* [CVE-2023-48692](CVE-2023/CVE-2023-486xx/CVE-2023-48692.json) (`2023-12-05T01:15:07.957`)
* [CVE-2023-48693](CVE-2023/CVE-2023-486xx/CVE-2023-48693.json) (`2023-12-05T01:15:08.167`)
* [CVE-2023-48694](CVE-2023/CVE-2023-486xx/CVE-2023-48694.json) (`2023-12-05T01:15:08.393`)
* [CVE-2023-48695](CVE-2023/CVE-2023-486xx/CVE-2023-48695.json) (`2023-12-05T01:15:08.640`)
* [CVE-2023-48696](CVE-2023/CVE-2023-486xx/CVE-2023-48696.json) (`2023-12-05T01:15:08.877`)
* [CVE-2023-48697](CVE-2023/CVE-2023-486xx/CVE-2023-48697.json) (`2023-12-05T01:15:09.120`)
* [CVE-2023-48698](CVE-2023/CVE-2023-486xx/CVE-2023-48698.json) (`2023-12-05T01:15:09.353`)
### CVEs modified in the last Commit
Recently modified CVEs: `3`
Recently modified CVEs: `24`
* [CVE-2023-21394](CVE-2023/CVE-2023-213xx/CVE-2023-21394.json) (`2023-12-04T23:15:22.860`)
* [CVE-2023-40458](CVE-2023/CVE-2023-404xx/CVE-2023-40458.json) (`2023-12-04T23:15:24.800`)
* [CVE-2023-49103](CVE-2023/CVE-2023-491xx/CVE-2023-49103.json) (`2023-12-05T00:15:08.323`)
* [CVE-2022-42541](CVE-2022/CVE-2022-425xx/CVE-2022-42541.json) (`2023-12-05T01:55:33.250`)
* [CVE-2022-42540](CVE-2022/CVE-2022-425xx/CVE-2022-42540.json) (`2023-12-05T01:55:42.027`)
* [CVE-2022-42539](CVE-2022/CVE-2022-425xx/CVE-2022-42539.json) (`2023-12-05T01:55:52.587`)
* [CVE-2022-42538](CVE-2022/CVE-2022-425xx/CVE-2022-42538.json) (`2023-12-05T01:55:59.613`)
* [CVE-2022-42537](CVE-2022/CVE-2022-425xx/CVE-2022-42537.json) (`2023-12-05T01:56:07.767`)
* [CVE-2022-42536](CVE-2022/CVE-2022-425xx/CVE-2022-42536.json) (`2023-12-05T01:56:14.107`)
* [CVE-2023-47272](CVE-2023/CVE-2023-472xx/CVE-2023-47272.json) (`2023-12-05T01:15:07.110`)
* [CVE-2023-49103](CVE-2023/CVE-2023-491xx/CVE-2023-49103.json) (`2023-12-05T01:15:09.570`)
* [CVE-2023-49082](CVE-2023/CVE-2023-490xx/CVE-2023-49082.json) (`2023-12-05T01:51:49.997`)
* [CVE-2023-3741](CVE-2023/CVE-2023-37xx/CVE-2023-3741.json) (`2023-12-05T01:52:00.197`)
* [CVE-2023-49694](CVE-2023/CVE-2023-496xx/CVE-2023-49694.json) (`2023-12-05T01:54:34.097`)
* [CVE-2023-49693](CVE-2023/CVE-2023-496xx/CVE-2023-49693.json) (`2023-12-05T01:54:46.047`)
* [CVE-2023-40458](CVE-2023/CVE-2023-404xx/CVE-2023-40458.json) (`2023-12-05T01:55:09.410`)
* [CVE-2023-6137](CVE-2023/CVE-2023-61xx/CVE-2023-6137.json) (`2023-12-05T01:57:48.153`)
* [CVE-2023-33333](CVE-2023/CVE-2023-333xx/CVE-2023-33333.json) (`2023-12-05T01:59:20.337`)
* [CVE-2023-48282](CVE-2023/CVE-2023-482xx/CVE-2023-48282.json) (`2023-12-05T01:59:29.907`)
* [CVE-2023-48283](CVE-2023/CVE-2023-482xx/CVE-2023-48283.json) (`2023-12-05T02:00:00.967`)
* [CVE-2023-48284](CVE-2023/CVE-2023-482xx/CVE-2023-48284.json) (`2023-12-05T02:00:11.640`)
* [CVE-2023-48323](CVE-2023/CVE-2023-483xx/CVE-2023-48323.json) (`2023-12-05T02:00:16.967`)
* [CVE-2023-48330](CVE-2023/CVE-2023-483xx/CVE-2023-48330.json) (`2023-12-05T02:00:23.417`)
* [CVE-2023-48331](CVE-2023/CVE-2023-483xx/CVE-2023-48331.json) (`2023-12-05T02:00:32.513`)
* [CVE-2023-48334](CVE-2023/CVE-2023-483xx/CVE-2023-48334.json) (`2023-12-05T02:00:37.353`)
* [CVE-2023-48744](CVE-2023/CVE-2023-487xx/CVE-2023-48744.json) (`2023-12-05T02:00:43.043`)
* [CVE-2023-49083](CVE-2023/CVE-2023-490xx/CVE-2023-49083.json) (`2023-12-05T02:15:06.827`)
## Download and Usage