diff --git a/CVE-2002/CVE-2002-19xx/CVE-2002-1912.json b/CVE-2002/CVE-2002-19xx/CVE-2002-1912.json index 08092866583..c75da26c348 100644 --- a/CVE-2002/CVE-2002-19xx/CVE-2002-1912.json +++ b/CVE-2002/CVE-2002-19xx/CVE-2002-1912.json @@ -2,7 +2,7 @@ "id": "CVE-2002-1912", "sourceIdentifier": "cve@mitre.org", "published": "2002-12-31T05:00:00.000", - "lastModified": "2008-09-05T20:31:50.027", + "lastModified": "2023-12-28T15:29:29.727", "vulnStatus": "Analyzed", "descriptions": [ { @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ], "cvssMetricV2": [ { "source": "nvd@nist.gov", @@ -44,7 +66,7 @@ "description": [ { "lang": "en", - "value": "NVD-CWE-Other" + "value": "CWE-476" } ] } @@ -81,17 +103,35 @@ "url": "http://www.globalintersec.com/adv/skystream-2002021001.txt", "source": "cve@mitre.org", "tags": [ + "Broken Link", "Exploit", "Patch" ] }, { "url": "http://www.iss.net/security_center/static/10380.php", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://www.securityfocus.com/archive/1/295516", + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://www.securityfocus.com/bid/5977", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2004/CVE-2004-00xx/CVE-2004-0079.json b/CVE-2004/CVE-2004-00xx/CVE-2004-0079.json index ec2045a8bd6..894ade2615c 100644 --- a/CVE-2004/CVE-2004-00xx/CVE-2004-0079.json +++ b/CVE-2004/CVE-2004-00xx/CVE-2004-0079.json @@ -2,8 +2,8 @@ "id": "CVE-2004-0079", "sourceIdentifier": "cve@mitre.org", "published": "2004-11-23T05:00:00.000", - "lastModified": "2021-11-08T15:48:31.713", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T15:33:29.973", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -22,6 +22,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ], "cvssMetricV2": [ { "source": "nvd@nist.gov", @@ -55,14 +77,13 @@ "description": [ { "lang": "en", - "value": "NVD-CWE-Other" + "value": "CWE-476" } ] } ], "configurations": [ { - "operator": "AND", "nodes": [ { "operator": "OR", @@ -118,7 +139,6 @@ ] }, { - "operator": "AND", "nodes": [ { "operator": "OR", @@ -1364,173 +1384,325 @@ "references": [ { "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://docs.info.apple.com/article.html?artnum=61798", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://marc.info/?l=bugtraq&m=107953412903636&w=2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "http://marc.info/?l=bugtraq&m=108403806509920&w=2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] + }, + { + "url": "http://secunia.com/advisories/11139", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://secunia.com/advisories/17381", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://secunia.com/advisories/17398", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://secunia.com/advisories/17401", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://secunia.com/advisories/18247", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.debian.org/security/2004/dsa-465", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://www.kb.cert.org/vuls/id/288574", "source": "cve@mitre.org", - "tags": [ - "US Government Resource" - ] - }, - { - "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", - "source": "cve@mitre.org" - }, - { - "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", - "source": "cve@mitre.org" - }, - { - "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", - "source": "cve@mitre.org" - }, - { - "url": "http://www.openssl.org/news/secadv_20040317.txt", - "source": "cve@mitre.org" - }, - { - "url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html", - "source": "cve@mitre.org" - }, - { - "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html", - "source": "cve@mitre.org" - }, - { - "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html", - "source": "cve@mitre.org" - }, - { - "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html", - "source": "cve@mitre.org" - }, - { - "url": "http://www.redhat.com/support/errata/RHSA-2005-829.html", - "source": "cve@mitre.org" - }, - { - "url": "http://www.redhat.com/support/errata/RHSA-2005-830.html", - "source": "cve@mitre.org" - }, - { - "url": "http://www.securityfocus.com/bid/9899", - "source": "cve@mitre.org", - "tags": [ - "Vendor Advisory" - ] - }, - { - "url": "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", - "source": "cve@mitre.org" - }, - { - "url": "http://www.trustix.org/errata/2004/0012", - "source": "cve@mitre.org" - }, - { - "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", - "source": "cve@mitre.org" - }, - { - "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", - "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "US Government Resource" ] }, + { + "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://www.openssl.org/news/secadv_20040317.txt", + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html", + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] + }, + { + "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://www.redhat.com/support/errata/RHSA-2005-829.html", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://www.redhat.com/support/errata/RHSA-2005-830.html", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://www.securityfocus.com/bid/9899", + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Third Party Advisory", + "VDB Entry", + "Vendor Advisory" + ] + }, + { + "url": "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://www.trustix.org/errata/2004/0012", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Third Party Advisory", + "US Government Resource" + ] + }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2004/CVE-2004-03xx/CVE-2004-0365.json b/CVE-2004/CVE-2004-03xx/CVE-2004-0365.json index 08dd5b0fd6e..2d1b6d6c0e4 100644 --- a/CVE-2004/CVE-2004-03xx/CVE-2004-0365.json +++ b/CVE-2004/CVE-2004-03xx/CVE-2004-0365.json @@ -2,8 +2,8 @@ "id": "CVE-2004-0365", "sourceIdentifier": "cve@mitre.org", "published": "2004-05-04T04:00:00.000", - "lastModified": "2017-10-11T01:29:24.950", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T15:33:14.503", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,6 +15,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ], "cvssMetricV2": [ { "source": "nvd@nist.gov", @@ -48,7 +70,7 @@ "description": [ { "lang": "en", - "value": "NVD-CWE-Other" + "value": "CWE-476" } ] } @@ -62,123 +84,10 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.8.13:*:*:*:*:*:*:*", - "matchCriteriaId": "3240376B-44CB-4BF3-9EA6-05841FE70AF5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.8.14:*:*:*:*:*:*:*", - "matchCriteriaId": "D1329DA0-3B95-4BCB-9A2C-4C5F882B9208" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.8.18:*:*:*:*:*:*:*", - "matchCriteriaId": "9DC35478-9276-4732-9F0D-13CA958C617C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.8.19:*:*:*:*:*:*:*", - "matchCriteriaId": "77000951-EF3E-41D8-8545-497BA3E5C5E1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9:*:*:*:*:*:*:*", - "matchCriteriaId": "83C48EC3-D0BA-4A5D-93B0-6931CB3587AB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.1:*:*:*:*:*:*:*", - "matchCriteriaId": "CB461B6B-B731-4732-AAD0-191BE50189D9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.2:*:*:*:*:*:*:*", - "matchCriteriaId": "19961880-D38A-4785-A7C5-879A061119BE" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.3:*:*:*:*:*:*:*", - "matchCriteriaId": "831705D2-C4DE-475F-B908-8859064AFB38" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.4:*:*:*:*:*:*:*", - "matchCriteriaId": "A4622585-20E2-46E9-B773-74729FF22EEB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.5:*:*:*:*:*:*:*", - "matchCriteriaId": "E86ADCB6-0940-4CB9-85F1-A7694210FB66" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.6:*:*:*:*:*:*:*", - "matchCriteriaId": "042B6289-D2E2-4369-BB40-EA6EE7025D23" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.7:*:*:*:*:*:*:*", - "matchCriteriaId": "C93D7B7E-F5F9-44A2-A87B-4A16634DEDAD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.8:*:*:*:*:*:*:*", - "matchCriteriaId": "F0A48938-30B8-4403-B08A-177FFCB9054B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.9:*:*:*:*:*:*:*", - "matchCriteriaId": "C9A33AA4-CABF-4B6B-8688-8C1BD36D6649" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.10:*:*:*:*:*:*:*", - "matchCriteriaId": "67B81EFD-27C1-411C-AFF3-E5340627E3BA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.11:*:*:*:*:*:*:*", - "matchCriteriaId": "680934CF-7F9B-41E4-AA03-ECD96F477AB9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.12:*:*:*:*:*:*:*", - "matchCriteriaId": "6F1F3D3E-A6D6-4C1A-8BC6-5579C19A7A45" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.13:*:*:*:*:*:*:*", - "matchCriteriaId": "3BCF3AFF-ED4D-40F6-A2DD-04C0A6D3BD64" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.14:*:*:*:*:*:*:*", - "matchCriteriaId": "DBCCE368-64E6-4CEC-B068-9B8BA2527289" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.15:*:*:*:*:*:*:*", - "matchCriteriaId": "CF5374A4-5194-45FD-895D-B04FDC7E853C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.16:*:*:*:*:*:*:*", - "matchCriteriaId": "4038BC6D-DE51-4F1C-A25C-CD7FC6CE8CF6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10:*:*:*:*:*:*:*", - "matchCriteriaId": "338CEFD7-EBC0-43FB-B482-9A3D0834447E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.1:*:*:*:*:*:*:*", - "matchCriteriaId": "136FF83B-2B03-4E5F-95C1-84195BE8392A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.2:*:*:*:*:*:*:*", - "matchCriteriaId": "898E6919-542F-4A31-8CC0-C3C4CE0F9FCF" + "criteria": "cpe:2.3:a:ethereal:ethereal:*:*:*:*:*:*:*:*", + "versionStartIncluding": "0.8.13", + "versionEndExcluding": "0.10.3", + "matchCriteriaId": "6AE67AED-041A-4617-A33A-0DEEB6BE2428" } ] } @@ -188,65 +97,110 @@ "references": [ { "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000835", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://marc.info/?l=bugtraq&m=108058005324316&w=2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "http://marc.info/?l=bugtraq&m=108213710306260&w=2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "http://marc.info/?l=ethereal-dev&m=107962966700423&w=2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] + }, + { + "url": "http://secunia.com/advisories/11185", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://security.gentoo.org/glsa/glsa-200403-07.xml", "source": "cve@mitre.org", "tags": [ - "Vendor Advisory" + "Third Party Advisory" ] }, { "url": "http://www.ethereal.com/appnotes/enpa-sa-00013.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.kb.cert.org/vuls/id/124454", "source": "cve@mitre.org", "tags": [ + "Third Party Advisory", "US Government Resource" ] }, { "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:024", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://www.redhat.com/support/errata/RHSA-2004-136.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.redhat.com/support/errata/RHSA-2004-137.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15571", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A879", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A891", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9196", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2005/CVE-2005-07xx/CVE-2005-0772.json b/CVE-2005/CVE-2005-07xx/CVE-2005-0772.json index 0cf6963594a..0474b2856cf 100644 --- a/CVE-2005/CVE-2005-07xx/CVE-2005-0772.json +++ b/CVE-2005/CVE-2005-07xx/CVE-2005-0772.json @@ -2,7 +2,7 @@ "id": "CVE-2005-0772", "sourceIdentifier": "cve@mitre.org", "published": "2005-06-28T04:00:00.000", - "lastModified": "2011-03-08T02:20:33.987", + "lastModified": "2023-12-28T15:29:13.657", "vulnStatus": "Analyzed", "descriptions": [ { @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ], "cvssMetricV2": [ { "source": "nvd@nist.gov", @@ -44,7 +66,7 @@ "description": [ { "lang": "en", - "value": "NVD-CWE-Other" + "value": "CWE-476" } ] } @@ -58,13 +80,17 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:10.0:*:*:*:*:*:*:*", - "matchCriteriaId": "B94533F3-8954-4772-92A6-7E3EE29D3162" + "criteria": "cpe:2.3:a:veritas:backup_exec:*:*:*:*:*:windows_server:*:*", + "versionStartIncluding": "9.0", + "versionEndIncluding": "10.0", + "matchCriteriaId": "4617C98D-7BD0-4FC7-B8DE-897ABD0F6619" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:10.0_sp1:*:*:*:*:*:*:*", - "matchCriteriaId": "847A5F3C-9BA7-4386-B95D-42F661FE95F9" + "criteria": "cpe:2.3:a:veritas:backup_exec:*:*:*:*:*:netware:*:*", + "versionStartIncluding": "9.0.4019", + "versionEndIncluding": "9.1.307", + "matchCriteriaId": "575E4939-6B49-4153-B2F6-65D98E6912E5" } ] } @@ -72,28 +98,50 @@ } ], "references": [ + { + "url": "http://secunia.com/advisories/15789", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, { "url": "http://securitytracker.com/id?1014273", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://seer.support.veritas.com/docs/276533.htm", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://seer.support.veritas.com/docs/277485.htm", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.idefense.com/application/poi/display?id=270&type=vulnerabilities&flashstatus=true", "source": "cve@mitre.org", "tags": [ + "Broken Link", "Vendor Advisory" ] }, { "url": "http://www.idefense.com/application/poi/display?id=271&type=vulnerabilities", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2008/CVE-2008-00xx/CVE-2008-0062.json b/CVE-2008/CVE-2008-00xx/CVE-2008-0062.json index e3c4ee2763b..0d9cfa9616f 100644 --- a/CVE-2008/CVE-2008-00xx/CVE-2008-0062.json +++ b/CVE-2008/CVE-2008-00xx/CVE-2008-0062.json @@ -2,8 +2,8 @@ "id": "CVE-2008-0062", "sourceIdentifier": "cve@mitre.org", "published": "2008-03-19T10:44:00.000", - "lastModified": "2018-10-15T21:57:08.323", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T15:34:12.043", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,6 +15,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV2": [ { "source": "nvd@nist.gov", @@ -55,34 +77,7 @@ ], "configurations": [ { - "operator": "AND", "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*", - "matchCriteriaId": "6EE39585-CF3B-4493-96D8-B394544C7643" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*", - "matchCriteriaId": "B3267A41-1AE0-48B8-BD1F-DEC8A212851A" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*", - "matchCriteriaId": "D09D5933-A7D9-4A61-B863-CD8E7D5E67D8" - }, - { - "vulnerable": false, - "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*", - "matchCriteriaId": "C73BED9E-29FB-4965-B38F-013FFE5A9170" - } - ] - }, { "operator": "OR", "negate": false, @@ -90,8 +85,78 @@ { "vulnerable": true, "criteria": "cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*", - "versionEndIncluding": "1.6.3_kdc", - "matchCriteriaId": "18C8F666-E82A-40B8-B425-8575057FBB7F" + "versionEndIncluding": "1.6.3", + "matchCriteriaId": "904FBF9F-9269-4088-BD5A-3C773E6F841E" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", + "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", + "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", + "matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*", + "matchCriteriaId": "23E304C9-F780-4358-A58D-1E4C93977704" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", + "matchCriteriaId": "6EBDAFF8-DE44-4E80-B6BD-E341F767F501" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", + "matchCriteriaId": "823BF8BE-2309-4F67-A5E2-EAD98F723468" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*", + "matchCriteriaId": "E3EFD171-01F7-450B-B6F3-0F7E443A2337" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*", + "matchCriteriaId": "72E4DB7F-07C3-46BB-AAA2-05CD0312C57F" } ] } @@ -101,145 +166,351 @@ "references": [ { "url": "http://docs.info.apple.com/article.html?artnum=307562", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00006.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "http://marc.info/?l=bugtraq&m=130497213107107&w=2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] + }, + { + "url": "http://secunia.com/advisories/29420", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://secunia.com/advisories/29423", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://secunia.com/advisories/29424", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://secunia.com/advisories/29428", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://secunia.com/advisories/29435", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://secunia.com/advisories/29438", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://secunia.com/advisories/29450", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://secunia.com/advisories/29451", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://secunia.com/advisories/29457", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://secunia.com/advisories/29462", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://secunia.com/advisories/29464", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://secunia.com/advisories/29516", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://secunia.com/advisories/29663", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://secunia.com/advisories/30535", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5022520.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5022542.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt", "source": "cve@mitre.org", "tags": [ - "Patch" + "Third Party Advisory" ] }, { "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0112", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.debian.org/security/2008/dsa-1524", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://www.gentoo.org/security/en/glsa/glsa-200803-31.xml", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://www.kb.cert.org/vuls/id/895609", "source": "cve@mitre.org", "tags": [ + "Third Party Advisory", "US Government Resource" ] }, { "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:069", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:070", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:071", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.redhat.com/support/errata/RHSA-2008-0164.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.redhat.com/support/errata/RHSA-2008-0180.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.redhat.com/support/errata/RHSA-2008-0181.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.redhat.com/support/errata/RHSA-2008-0182.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.securityfocus.com/archive/1/489761", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://www.securityfocus.com/archive/1/489883/100/0/threaded", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://www.securityfocus.com/bid/28303", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://www.securitytracker.com/id?1019626", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://www.ubuntu.com/usn/usn-587-1", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://www.vupen.com/english/advisories/2008/0922/references", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.vupen.com/english/advisories/2008/0924/references", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.vupen.com/english/advisories/2008/1102/references", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.vupen.com/english/advisories/2008/1744", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41275", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9496", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00537.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00544.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] } ] } \ No newline at end of file diff --git a/CVE-2008/CVE-2008-35xx/CVE-2008-3597.json b/CVE-2008/CVE-2008-35xx/CVE-2008-3597.json index 19352dfd412..73095d0504f 100644 --- a/CVE-2008/CVE-2008-35xx/CVE-2008-3597.json +++ b/CVE-2008/CVE-2008-35xx/CVE-2008-3597.json @@ -2,8 +2,8 @@ "id": "CVE-2008-3597", "sourceIdentifier": "cve@mitre.org", "published": "2008-08-12T17:41:00.000", - "lastModified": "2017-08-08T01:32:01.293", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T15:28:39.323", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,6 +15,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ], "cvssMetricV2": [ { "source": "nvd@nist.gov", @@ -48,7 +70,7 @@ "description": [ { "lang": "en", - "value": "CWE-20" + "value": "CWE-476" } ] } @@ -62,158 +84,24 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.94c:*:*:*:*:*:*:*", - "matchCriteriaId": "E791F863-F7B0-42D0-B06A-085213B04F18" + "criteria": "cpe:2.3:a:skulltag:skulltag:*:*:*:*:*:*:*:*", + "versionEndExcluding": "0.97d2", + "matchCriteriaId": "927C6D8E-F899-4B85-883A-317FD88E8AF8" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.95b:*:*:*:*:*:*:*", - "matchCriteriaId": "6A289784-DBB4-41F1-918E-ADBCFAEEC577" + "criteria": "cpe:2.3:a:skulltag:skulltag:0.97d2:-:*:*:*:*:*:*", + "matchCriteriaId": "86EB1188-EF3C-46D4-A3B9-F1704C7CE85E" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.95c:*:*:*:*:*:*:*", - "matchCriteriaId": "E08AE280-B3AB-44FA-9FD6-F9C8B22D169F" + "criteria": "cpe:2.3:a:skulltag:skulltag:0.97d2:rc2:*:*:*:*:*:*", + "matchCriteriaId": "80D71FBC-1EBD-4082-9172-31465DD4DA8A" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.95d:*:*:*:*:*:*:*", - "matchCriteriaId": "4DB3C295-BE0A-4804-8565-79264AD92A4A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.95e:*:*:*:*:*:*:*", - "matchCriteriaId": "75CA2F11-52DE-4C6E-9E7F-633BD804B51C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.95f:*:*:*:*:*:*:*", - "matchCriteriaId": "5AF345AE-66EA-49DB-A145-7B6CC147AEC1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.95g:*:*:*:*:*:*:*", - "matchCriteriaId": "CB36C355-2008-4EAE-AEBA-376B7C3E208B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.95h:*:*:*:*:*:*:*", - "matchCriteriaId": "86912E64-4EF5-438C-8B14-9AA9353BD417" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.95i:*:*:*:*:*:*:*", - "matchCriteriaId": "D7506853-54FC-4908-B0C4-5D5BFE7BEEA3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.95j:*:*:*:*:*:*:*", - "matchCriteriaId": "E778DEF7-B84F-4813-9449-580A6B071E24" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.95k:*:*:*:*:*:*:*", - "matchCriteriaId": "D6F884F3-771F-4D65-8BBD-C9E3952ACC9C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.96b:*:*:*:*:*:*:*", - "matchCriteriaId": "A621B560-4A27-4E89-8834-76BE60CCCBD9" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.96c:*:*:*:*:*:*:*", - "matchCriteriaId": "336E52F7-6299-45A6-9E9D-03F2C8FC3A83" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.96d:*:*:*:*:*:*:*", - "matchCriteriaId": "DE120A44-3949-4115-8B0B-02E002D00525" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.96e:*:*:*:*:*:*:*", - "matchCriteriaId": "585EC565-42FF-4BAA-B105-05F583FE6E65" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.96f:*:*:*:*:*:*:*", - "matchCriteriaId": "B2548734-EABD-46A5-9BFB-CB09F1AC7257" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.97b:*:*:*:*:*:*:*", - "matchCriteriaId": "E3D39A0F-938E-42F0-BA02-EB3E7D9E928C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.97c:*:*:*:*:*:*:*", - "matchCriteriaId": "5B728246-CE98-4AA9-8E05-D266B8349FC6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.97c2:*:*:*:*:*:*:*", - "matchCriteriaId": "03DF74FF-96EC-40D9-8E4F-03586B3AF149" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.97c3:*:*:*:*:*:*:*", - "matchCriteriaId": "E5C4A89C-EABB-4E3B-818A-104F4433A154" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.97d:*:*:*:*:*:*:*", - "matchCriteriaId": "FB6EE64A-95E6-409D-A6A1-CD81EDD242A5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.97d:beta_1:*:*:*:*:*:*", - "matchCriteriaId": "EB44B149-7368-4B90-8B86-EA6D1664B691" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.97d:beta_2:*:*:*:*:*:*", - "matchCriteriaId": "B71BC65B-ECDB-49A2-A322-F201EA7998A8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.97d:beta_3:*:*:*:*:*:*", - "matchCriteriaId": "AD70CF45-2F6D-4618-AEBA-CFEE08F1A7DB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.97d:beta_4:*:*:*:*:*:*", - "matchCriteriaId": "48187081-98A4-440D-B615-E3B0FE78E93A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.97d:beta_4.1:*:*:*:*:*:*", - "matchCriteriaId": "34637E02-713C-4A07-A24E-4AA5A5751671" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.97d:rc10:*:*:*:*:*:*", - "matchCriteriaId": "2C510EA6-998D-442B-B25B-729FF738A86B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.97d:rc9:*:*:*:*:*:*", - "matchCriteriaId": "94AC2093-8D95-4360-9B39-6C105563165A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.97d2:*:*:*:*:*:*:*", - "matchCriteriaId": "DD03F691-C0FC-44DE-8BFA-E0F125574832" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.97d2:rc2:*:*:*:*:*:*", - "matchCriteriaId": "E6E3DC9A-A4DE-4858-B3F7-367F96E2825A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:skulltag_team:skulltag:0.97d2:rc3:*:*:*:*:*:*", - "matchCriteriaId": "6A962844-4FA4-411C-81D7-A145E6359D12" + "criteria": "cpe:2.3:a:skulltag:skulltag:0.97d2:rc3:*:*:*:*:*:*", + "matchCriteriaId": "C577331C-A4E6-422E-8195-F7947BD5044C" } ] } @@ -223,22 +111,41 @@ "references": [ { "url": "http://aluigi.altervista.org/adv/skulltagod-adv.txt", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://secunia.com/advisories/31427", + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Vendor Advisory" + ] }, { "url": "http://skulltag.com/forum/viewtopic.php?f=1&t=14716", "source": "cve@mitre.org", "tags": [ + "Broken Link", "Patch" ] }, { "url": "http://www.vupen.com/english/advisories/2008/2325", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44363", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2008/CVE-2008-51xx/CVE-2008-5183.json b/CVE-2008/CVE-2008-51xx/CVE-2008-5183.json index d2c58969922..9b7d10f3e38 100644 --- a/CVE-2008/CVE-2008-51xx/CVE-2008-5183.json +++ b/CVE-2008/CVE-2008-51xx/CVE-2008-5183.json @@ -2,8 +2,8 @@ "id": "CVE-2008-5183", "sourceIdentifier": "security@ubuntu.com", "published": "2008-11-21T02:30:00.453", - "lastModified": "2017-09-29T01:32:30.087", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T15:35:17.220", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,6 +15,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ], "cvssMetricV2": [ { "source": "nvd@nist.gov", @@ -48,7 +70,7 @@ "description": [ { "lang": "en", - "value": "CWE-399" + "value": "CWE-476" } ] } @@ -63,383 +85,65 @@ { "vulnerable": true, "criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*", - "versionEndIncluding": "1.3.7", - "matchCriteriaId": "6E8DB5A3-0C79-4D3D-BF78-7448D527B670" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*", - "matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*", - "matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*", - "matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*", - "matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*", - "matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*", - "matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*", - "matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*", - "matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*", - "matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*", - "matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*", - "matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*", - "matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*", - "matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*", - "matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*", - "matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*", - "matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*", - "matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*", - "matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*", - "matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*", - "matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*", - "matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*", - "matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*", - "matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*", - "matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*", - "matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*", - "matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*", - "matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*", - "matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*", - "matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*", - "matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*", - "matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*", - "matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*", - "matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*", - "matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*", - "matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*", - "matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*", - "matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*", - "matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*", - "matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*", - "matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*", - "matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*", - "matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*", - "matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*", - "matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2:b1:*:*:*:*:*:*", - "matchCriteriaId": "AFB34629-DB13-4164-8A18-BD818E50528B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2:b2:*:*:*:*:*:*", - "matchCriteriaId": "2D432471-B5FD-4B1D-82DF-6F3152752071" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2:rc1:*:*:*:*:*:*", - "matchCriteriaId": "960DE41E-63DB-45EB-9B19-6349BDA05086" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2:rc2:*:*:*:*:*:*", - "matchCriteriaId": "A57D2299-3409-4907-9FC0-5C3C715CDB37" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2:rc3:*:*:*:*:*:*", - "matchCriteriaId": "C7EB92FA-3669-4530-BE69-84CF01D98FF4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*", - "matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*", - "matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*", - "matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*", - "matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*", - "matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*", - "matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*", - "matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*", - "matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*", - "matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*", - "matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*", - "matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*", - "matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*", - "matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.3:b1:*:*:*:*:*:*", - "matchCriteriaId": "690C4DEC-1467-4D7D-8E73-6EE1758439D5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.3:rc1:*:*:*:*:*:*", - "matchCriteriaId": "FB5CA96B-411E-47BE-81A1-1C2E240A25F4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.3:rc2:*:*:*:*:*:*", - "matchCriteriaId": "AA5A29C9-1913-4B8F-B162-66E71BEABD1A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*", - "matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*", - "matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*", - "matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*", - "matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*", - "matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*", - "matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*", - "matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39" + "versionEndIncluding": "1.3.9", + "matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.5.6", + "matchCriteriaId": "A9759850-4805-447C-AF3F-5CD462E24810" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.5.6", + "matchCriteriaId": "2779F6D3-C4B4-4600-88EF-24B26741CEB8" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "1B42AB65-443B-4655-BAEA-4EB4A43D9509" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", + "matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", + "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244" } ] } @@ -449,79 +153,156 @@ "references": [ { "url": "http://lab.gnucitizen.org/projects/cups-0day", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Broken Link" + ] }, { "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Mailing List" + ] }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Mailing List" + ] + }, + { + "url": "http://secunia.com/advisories/33937", + "source": "security@ubuntu.com", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://secunia.com/advisories/43521", + "source": "security@ubuntu.com", + "tags": [ + "Broken Link" + ] }, { "url": "http://support.apple.com/kb/HT3438", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://www.debian.org/security/2011/dsa-2176", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.openwall.com/lists/oss-security/2008/11/19/3", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Mailing List" + ] }, { "url": "http://www.openwall.com/lists/oss-security/2008/11/19/4", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Mailing List" + ] }, { "url": "http://www.openwall.com/lists/oss-security/2008/11/20/1", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Mailing List" + ] }, { "url": "http://www.redhat.com/support/errata/RHSA-2008-1029.html", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.securityfocus.com/bid/32419", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Broken Link", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://www.securitytracker.com/id?1021396", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Broken Link", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://www.vupen.com/english/advisories/2009/0422", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.vupen.com/english/advisories/2011/0535", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://bugs.launchpad.net/ubuntu/+source/cups/+bug/298241", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46684", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10586", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://www.exploit-db.com/exploits/7150", - "source": "security@ubuntu.com" + "source": "security@ubuntu.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2009/CVE-2009-09xx/CVE-2009-0949.json b/CVE-2009/CVE-2009-09xx/CVE-2009-0949.json index ab1c0fd4abe..c34e798c494 100644 --- a/CVE-2009/CVE-2009-09xx/CVE-2009-0949.json +++ b/CVE-2009/CVE-2009-09xx/CVE-2009-0949.json @@ -2,8 +2,8 @@ "id": "CVE-2009-0949", "sourceIdentifier": "cve@mitre.org", "published": "2009-06-09T17:30:00.657", - "lastModified": "2018-10-10T19:32:33.693", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T15:21:37.460", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,6 +15,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ], "cvssMetricV2": [ { "source": "nvd@nist.gov", @@ -48,7 +70,7 @@ "description": [ { "lang": "en", - "value": "CWE-399" + "value": "CWE-476" } ] } @@ -63,393 +85,101 @@ { "vulnerable": true, "criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*", - "versionEndIncluding": "1.3.9", - "matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*", - "matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*", - "matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7" - }, + "versionEndExcluding": "1.3.10", + "matchCriteriaId": "DB4D1818-1AE2-42FE-9856-5519EF7E0DAA" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*", - "matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28" + "criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", + "matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*", - "matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46" + "criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*", + "matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*", - "matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4" + "criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*", + "matchCriteriaId": "4747CC68-FAF4-482F-929A-9DA6C24CB663" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*", - "matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*", - "matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*", - "matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*", - "matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*", - "matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*", - "matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*", - "matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*", - "matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*", - "matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*", - "matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*", - "matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*", - "matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*", - "matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*", - "matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*", - "matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*", - "matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*", - "matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*", - "matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*", - "matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*", - "matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*", - "matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*", - "matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*", - "matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*", - "matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*", - "matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*", - "matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*", - "matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*", - "matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*", - "matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*", - "matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4" - }, + "criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*", + "matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*", - "matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C" + "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", + "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*", - "matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E" + "criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", + "matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*", - "matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*", - "matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*", - "matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*", - "matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*", - "matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*", - "matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*", - "matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*", - "matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2:b1:*:*:*:*:*:*", - "matchCriteriaId": "AFB34629-DB13-4164-8A18-BD818E50528B" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2:b2:*:*:*:*:*:*", - "matchCriteriaId": "2D432471-B5FD-4B1D-82DF-6F3152752071" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2:rc1:*:*:*:*:*:*", - "matchCriteriaId": "960DE41E-63DB-45EB-9B19-6349BDA05086" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2:rc2:*:*:*:*:*:*", - "matchCriteriaId": "A57D2299-3409-4907-9FC0-5C3C715CDB37" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2:rc3:*:*:*:*:*:*", - "matchCriteriaId": "C7EB92FA-3669-4530-BE69-84CF01D98FF4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*", - "matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*", - "matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*", - "matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*", - "matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*", - "matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*", - "matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*", - "matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*", - "matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*", - "matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*", - "matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*", - "matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*", - "matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*", - "matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.3:b1:*:*:*:*:*:*", - "matchCriteriaId": "690C4DEC-1467-4D7D-8E73-6EE1758439D5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.3:rc1:*:*:*:*:*:*", - "matchCriteriaId": "FB5CA96B-411E-47BE-81A1-1C2E240A25F4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.3:rc2:*:*:*:*:*:*", - "matchCriteriaId": "AA5A29C9-1913-4B8F-B162-66E71BEABD1A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*", - "matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*", - "matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*", - "matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*", - "matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*", - "matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F" - }, + "criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", + "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*", - "matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C" + "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.0.0", + "versionEndExcluding": "10.4.11", + "matchCriteriaId": "2F5DEE66-117C-4844-8FD4-065D0820A808" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*", - "matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39" + "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.5.0", + "versionEndExcluding": "10.5.8", + "matchCriteriaId": "7A880FA4-5DBF-4894-8DAC-C3CD147D1EB7" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*", - "matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C" + "criteria": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.0.0", + "versionEndExcluding": "10.4.11", + "matchCriteriaId": "B9ACE85A-56A0-404C-AB58-A4F5CA73243C" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*", - "matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16" + "criteria": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.5.0", + "versionEndExcluding": "10.5.8", + "matchCriteriaId": "7F74FAC0-CC05-4797-9DE2-F7CE5CB8FC19" } ] } @@ -459,68 +189,156 @@ "references": [ { "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] + }, + { + "url": "http://secunia.com/advisories/35322", + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Vendor Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/35328", + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Vendor Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/35340", + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Vendor Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/35342", + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Vendor Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/35685", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "http://secunia.com/advisories/36701", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://securitytracker.com/id?1022321", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://support.apple.com/kb/HT3865", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://www.coresecurity.com/content/AppleCUPS-null-pointer-vulnerability", "source": "cve@mitre.org", "tags": [ - "Exploit" + "Exploit", + "Third Party Advisory" ] }, { "url": "http://www.debian.org/security/2009/dsa-1811", "source": "cve@mitre.org", "tags": [ - "Patch" + "Third Party Advisory" ] }, { "url": "http://www.redhat.com/support/errata/RHSA-2009-1082.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.redhat.com/support/errata/RHSA-2009-1083.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.securityfocus.com/archive/1/504032/100/0/threaded", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://www.securityfocus.com/bid/35169", "source": "cve@mitre.org", "tags": [ - "Exploit" + "Broken Link", + "Exploit", + "Third Party Advisory", + "VDB Entry" ] }, { "url": "http://www.ubuntu.com/usn/USN-780-1", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=500972", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50926", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9631", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2009/CVE-2009-26xx/CVE-2009-2698.json b/CVE-2009/CVE-2009-26xx/CVE-2009-2698.json index 45694357691..c27ad0c86a5 100644 --- a/CVE-2009/CVE-2009-26xx/CVE-2009-2698.json +++ b/CVE-2009/CVE-2009-26xx/CVE-2009-2698.json @@ -2,8 +2,8 @@ "id": "CVE-2009-2698", "sourceIdentifier": "cve@mitre.org", "published": "2009-08-27T17:30:00.233", - "lastModified": "2023-11-07T02:04:12.667", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-28T15:22:01.253", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -22,6 +22,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV2": [ { "source": "nvd@nist.gov", @@ -131,12 +153,105 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*", + "matchCriteriaId": "7000D33B-F3C7-43E8-8FC7-9B97AADC3E12" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", + "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:4.8:*:*:*:*:*:*:*", + "matchCriteriaId": "7F2976D5-83A5-4A52-A1E6-D0E17F23FD62" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:5.3:*:*:*:*:*:*:*", + "matchCriteriaId": "941713DB-B1DE-4953-9A9C-174EAFDCB3E6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*", + "matchCriteriaId": "73322DEE-27A6-4D18-88A3-ED7F9CAEABD5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", + "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.3:*:*:*:*:*:*:*", + "matchCriteriaId": "1F87B994-28E4-4095-8770-6433DE9C93AB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*", + "matchCriteriaId": "5B5DCF29-6830-45FF-BC88-17E2249C653D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vmware:vcenter_server:4.0:-:*:*:*:*:*:*", + "matchCriteriaId": "D467EE9D-6A1F-4462-9BDA-C68B7EE375E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*", + "matchCriteriaId": "13771B15-CD71-472A-BE56-718B87D5825D" + } + ] + } + ] } ], "references": [ { "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1e0c14f49d6b393179f423abbac47f85618d3d46", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00008.html", @@ -150,20 +265,21 @@ "url": "http://rhn.redhat.com/errata/RHSA-2009-1222.html", "source": "cve@mitre.org", "tags": [ - "Vendor Advisory" + "Third Party Advisory" ] }, { "url": "http://rhn.redhat.com/errata/RHSA-2009-1223.html", "source": "cve@mitre.org", "tags": [ - "Vendor Advisory" + "Third Party Advisory" ] }, { "url": "http://secunia.com/advisories/23073", "source": "cve@mitre.org", "tags": [ + "Broken Link", "Vendor Advisory" ] }, @@ -171,6 +287,7 @@ "url": "http://secunia.com/advisories/36430", "source": "cve@mitre.org", "tags": [ + "Broken Link", "Vendor Advisory" ] }, @@ -178,6 +295,7 @@ "url": "http://secunia.com/advisories/36510", "source": "cve@mitre.org", "tags": [ + "Broken Link", "Vendor Advisory" ] }, @@ -185,6 +303,7 @@ "url": "http://secunia.com/advisories/37105", "source": "cve@mitre.org", "tags": [ + "Broken Link", "Vendor Advisory" ] }, @@ -192,6 +311,7 @@ "url": "http://secunia.com/advisories/37298", "source": "cve@mitre.org", "tags": [ + "Broken Link", "Vendor Advisory" ] }, @@ -199,6 +319,7 @@ "url": "http://secunia.com/advisories/37471", "source": "cve@mitre.org", "tags": [ + "Broken Link", "Vendor Advisory" ] }, @@ -213,6 +334,7 @@ "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19", "source": "cve@mitre.org", "tags": [ + "Broken Link", "Vendor Advisory" ] }, @@ -220,6 +342,7 @@ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:051", "source": "cve@mitre.org", "tags": [ + "Broken Link", "Third Party Advisory" ] }, @@ -234,6 +357,7 @@ "url": "http://www.redhat.com/support/errata/RHSA-2009-1233.html", "source": "cve@mitre.org", "tags": [ + "Broken Link", "Third Party Advisory" ] }, @@ -241,6 +365,7 @@ "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded", "source": "cve@mitre.org", "tags": [ + "Broken Link", "Third Party Advisory", "VDB Entry" ] @@ -249,6 +374,7 @@ "url": "http://www.securityfocus.com/archive/1/512019/100/0/threaded", "source": "cve@mitre.org", "tags": [ + "Broken Link", "Third Party Advisory", "VDB Entry" ] @@ -257,6 +383,7 @@ "url": "http://www.securityfocus.com/bid/36108", "source": "cve@mitre.org", "tags": [ + "Broken Link", "Exploit", "Patch", "Third Party Advisory", @@ -267,6 +394,7 @@ "url": "http://www.securitytracker.com/id?1022761", "source": "cve@mitre.org", "tags": [ + "Broken Link", "Third Party Advisory", "VDB Entry" ] @@ -304,6 +432,7 @@ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11514", "source": "cve@mitre.org", "tags": [ + "Broken Link", "Third Party Advisory" ] }, @@ -311,6 +440,7 @@ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8557", "source": "cve@mitre.org", "tags": [ + "Broken Link", "Third Party Advisory" ] }, @@ -318,6 +448,7 @@ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9142", "source": "cve@mitre.org", "tags": [ + "Broken Link", "Third Party Advisory" ] } diff --git a/CVE-2009/CVE-2009-48xx/CVE-2009-4895.json b/CVE-2009/CVE-2009-48xx/CVE-2009-4895.json index 63f579be3c7..f14fe890350 100644 --- a/CVE-2009/CVE-2009-48xx/CVE-2009-4895.json +++ b/CVE-2009/CVE-2009-48xx/CVE-2009-4895.json @@ -2,8 +2,8 @@ "id": "CVE-2009-4895", "sourceIdentifier": "cve@mitre.org", "published": "2010-09-08T20:00:02.620", - "lastModified": "2023-11-07T02:04:53.470", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-28T15:22:24.383", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,6 +15,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.0, + "impactScore": 3.6 + } + ], "cvssMetricV2": [ { "source": "nvd@nist.gov", @@ -49,6 +71,10 @@ { "lang": "en", "value": "CWE-362" + }, + { + "lang": "en", + "value": "CWE-476" } ] } @@ -129,7 +155,10 @@ "references": [ { "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=703625118069f9f8960d356676662d3db5a9d116", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.debian.org/security/2010/dsa-2094", @@ -190,8 +219,7 @@ "source": "cve@mitre.org", "tags": [ "Issue Tracking", - "Patch", - "Vendor Advisory" + "Patch" ] }, { diff --git a/CVE-2019/CVE-2019-131xx/CVE-2019-13147.json b/CVE-2019/CVE-2019-131xx/CVE-2019-13147.json index 2ecf0b1b785..15a7afe7845 100644 --- a/CVE-2019/CVE-2019-131xx/CVE-2019-13147.json +++ b/CVE-2019/CVE-2019-131xx/CVE-2019-13147.json @@ -2,8 +2,8 @@ "id": "CVE-2019-13147", "sourceIdentifier": "cve@mitre.org", "published": "2019-07-02T00:15:10.397", - "lastModified": "2023-11-12T23:15:07.857", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T15:58:45.607", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,13 +15,13 @@ } ], "metrics": { - "cvssMetricV30": [ + "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -90,6 +90,21 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" + } + ] + } + ] } ], "references": [ @@ -103,7 +118,10 @@ }, { "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00006.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-264xx/CVE-2021-26443.json b/CVE-2021/CVE-2021-264xx/CVE-2021-26443.json index 4ce208d3272..80a8413e659 100644 --- a/CVE-2021/CVE-2021-264xx/CVE-2021-26443.json +++ b/CVE-2021/CVE-2021-264xx/CVE-2021-26443.json @@ -2,8 +2,8 @@ "id": "CVE-2021-26443", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:16:35.060", - "lastModified": "2021-11-10T16:01:42.403", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:46.900", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 2.3, "impactScore": 6.0 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-264xx/CVE-2021-26444.json b/CVE-2021/CVE-2021-264xx/CVE-2021-26444.json index 6281b622d2a..e3cb44804eb 100644 --- a/CVE-2021/CVE-2021-264xx/CVE-2021-26444.json +++ b/CVE-2021/CVE-2021-264xx/CVE-2021-26444.json @@ -2,12 +2,12 @@ "id": "CVE-2021-26444", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:16:35.257", - "lastModified": "2021-11-17T03:31:23.590", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:47.200", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure RTOS Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-42301, CVE-2021-42323." + "value": "Azure RTOS Information Disclosure Vulnerability" }, { "lang": "es", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.3, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", diff --git a/CVE-2021/CVE-2021-281xx/CVE-2021-28117.json b/CVE-2021/CVE-2021-281xx/CVE-2021-28117.json index d7b4e67f21d..c0e95bc4fa5 100644 --- a/CVE-2021/CVE-2021-281xx/CVE-2021-28117.json +++ b/CVE-2021/CVE-2021-281xx/CVE-2021-28117.json @@ -2,8 +2,8 @@ "id": "CVE-2021-28117", "sourceIdentifier": "cve@mitre.org", "published": "2021-03-20T21:15:11.827", - "lastModified": "2023-11-16T22:15:27.497", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T16:24:49.047", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -96,7 +96,10 @@ "references": [ { "url": "https://github.com/KDE/discover/commit/fcd3b30552bf03a384b1a16f9bb8db029c111356", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/KDE/discover/releases", diff --git a/CVE-2021/CVE-2021-369xx/CVE-2021-36957.json b/CVE-2021/CVE-2021-369xx/CVE-2021-36957.json index 796d5ef8187..35e8ccdac50 100644 --- a/CVE-2021/CVE-2021-369xx/CVE-2021-36957.json +++ b/CVE-2021/CVE-2021-369xx/CVE-2021-36957.json @@ -2,8 +2,8 @@ "id": "CVE-2021-36957", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:17:55.947", - "lastModified": "2021-11-10T15:44:38.960", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:47.430", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-386xx/CVE-2021-38631.json b/CVE-2021/CVE-2021-386xx/CVE-2021-38631.json index b3feb246101..7f62d53fa61 100644 --- a/CVE-2021/CVE-2021-386xx/CVE-2021-38631.json +++ b/CVE-2021/CVE-2021-386xx/CVE-2021-38631.json @@ -2,12 +2,12 @@ "id": "CVE-2021-38631", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:18:34.993", - "lastModified": "2021-11-12T18:59:17.390", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:47.650", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41371." + "value": "Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-386xx/CVE-2021-38665.json b/CVE-2021/CVE-2021-386xx/CVE-2021-38665.json index c876790f674..ebcbd99ef3e 100644 --- a/CVE-2021/CVE-2021-386xx/CVE-2021-38665.json +++ b/CVE-2021/CVE-2021-386xx/CVE-2021-38665.json @@ -2,8 +2,8 @@ "id": "CVE-2021-38665", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:18:35.180", - "lastModified": "2021-11-10T18:37:52.727", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:47.883", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.4, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.0 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", diff --git a/CVE-2021/CVE-2021-386xx/CVE-2021-38666.json b/CVE-2021/CVE-2021-386xx/CVE-2021-38666.json index 5dd271059df..b02d427939f 100644 --- a/CVE-2021/CVE-2021-386xx/CVE-2021-38666.json +++ b/CVE-2021/CVE-2021-386xx/CVE-2021-38666.json @@ -2,8 +2,8 @@ "id": "CVE-2021-38666", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:18:35.350", - "lastModified": "2021-11-10T16:38:58.247", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:48.077", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-404xx/CVE-2021-40442.json b/CVE-2021/CVE-2021-404xx/CVE-2021-40442.json index bebfdc49e6d..19d9a9ff096 100644 --- a/CVE-2021/CVE-2021-404xx/CVE-2021-40442.json +++ b/CVE-2021/CVE-2021-404xx/CVE-2021-40442.json @@ -2,8 +2,8 @@ "id": "CVE-2021-40442", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:18.077", - "lastModified": "2021-11-10T18:47:38.487", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:48.297", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-404xx/CVE-2021-40457.json b/CVE-2021/CVE-2021-404xx/CVE-2021-40457.json index d965585f6e8..eec821e725e 100644 --- a/CVE-2021/CVE-2021-404xx/CVE-2021-40457.json +++ b/CVE-2021/CVE-2021-404xx/CVE-2021-40457.json @@ -2,8 +2,8 @@ "id": "CVE-2021-40457", "sourceIdentifier": "secure@microsoft.com", "published": "2021-10-13T01:15:09.937", - "lastModified": "2021-10-19T17:35:05.743", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:48.583", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.4, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.0 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", diff --git a/CVE-2021/CVE-2021-413xx/CVE-2021-41349.json b/CVE-2021/CVE-2021-413xx/CVE-2021-41349.json index 056c9634ae2..a70f34dc6a3 100644 --- a/CVE-2021/CVE-2021-413xx/CVE-2021-41349.json +++ b/CVE-2021/CVE-2021-413xx/CVE-2021-41349.json @@ -2,12 +2,12 @@ "id": "CVE-2021-41349", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:28.653", - "lastModified": "2021-11-10T17:39:14.420", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:49.513", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Microsoft Exchange Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-42305." + "value": "Microsoft Exchange Server Spoofing Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-413xx/CVE-2021-41351.json b/CVE-2021/CVE-2021-413xx/CVE-2021-41351.json index eaa5a373e7d..e4de400da55 100644 --- a/CVE-2021/CVE-2021-413xx/CVE-2021-41351.json +++ b/CVE-2021/CVE-2021-413xx/CVE-2021-41351.json @@ -2,8 +2,8 @@ "id": "CVE-2021-41351", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:28.947", - "lastModified": "2021-11-10T17:51:38.867", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:49.793", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-413xx/CVE-2021-41352.json b/CVE-2021/CVE-2021-413xx/CVE-2021-41352.json index 73cb89252fc..16ccbedbe66 100644 --- a/CVE-2021/CVE-2021-413xx/CVE-2021-41352.json +++ b/CVE-2021/CVE-2021-413xx/CVE-2021-41352.json @@ -2,8 +2,8 @@ "id": "CVE-2021-41352", "sourceIdentifier": "secure@microsoft.com", "published": "2021-10-13T01:15:13.683", - "lastModified": "2021-10-19T17:37:00.433", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:50.037", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-413xx/CVE-2021-41356.json b/CVE-2021/CVE-2021-413xx/CVE-2021-41356.json index 333eafe8b8d..512915a7bc8 100644 --- a/CVE-2021/CVE-2021-413xx/CVE-2021-41356.json +++ b/CVE-2021/CVE-2021-413xx/CVE-2021-41356.json @@ -2,8 +2,8 @@ "id": "CVE-2021-41356", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:29.197", - "lastModified": "2021-11-10T17:29:05.583", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:50.600", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-413xx/CVE-2021-41363.json b/CVE-2021/CVE-2021-413xx/CVE-2021-41363.json index 98ab4c3c3c7..46096ece3ed 100644 --- a/CVE-2021/CVE-2021-413xx/CVE-2021-41363.json +++ b/CVE-2021/CVE-2021-413xx/CVE-2021-41363.json @@ -2,8 +2,8 @@ "id": "CVE-2021-41363", "sourceIdentifier": "secure@microsoft.com", "published": "2021-10-13T01:15:14.103", - "lastModified": "2021-10-19T19:22:08.270", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:50.900", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.2, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.1, + "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", diff --git a/CVE-2021/CVE-2021-413xx/CVE-2021-41366.json b/CVE-2021/CVE-2021-413xx/CVE-2021-41366.json index e6b10723201..c672df4082a 100644 --- a/CVE-2021/CVE-2021-413xx/CVE-2021-41366.json +++ b/CVE-2021/CVE-2021-413xx/CVE-2021-41366.json @@ -2,8 +2,8 @@ "id": "CVE-2021-41366", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:29.403", - "lastModified": "2021-11-12T18:56:25.880", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:51.123", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-413xx/CVE-2021-41367.json b/CVE-2021/CVE-2021-413xx/CVE-2021-41367.json index bc1f0932574..e8bfd23ee51 100644 --- a/CVE-2021/CVE-2021-413xx/CVE-2021-41367.json +++ b/CVE-2021/CVE-2021-413xx/CVE-2021-41367.json @@ -2,12 +2,12 @@ "id": "CVE-2021-41367", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:29.603", - "lastModified": "2021-11-12T18:57:25.817", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:51.370", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "NTFS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-41370, CVE-2021-42283." + "value": "NTFS Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-413xx/CVE-2021-41368.json b/CVE-2021/CVE-2021-413xx/CVE-2021-41368.json index e7abd761f18..61672d4ff65 100644 --- a/CVE-2021/CVE-2021-413xx/CVE-2021-41368.json +++ b/CVE-2021/CVE-2021-413xx/CVE-2021-41368.json @@ -2,8 +2,8 @@ "id": "CVE-2021-41368", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:29.810", - "lastModified": "2021-11-12T17:13:40.420", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:51.630", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 4.2 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", diff --git a/CVE-2021/CVE-2021-413xx/CVE-2021-41370.json b/CVE-2021/CVE-2021-413xx/CVE-2021-41370.json index ec9e86ceace..5d639d7c24a 100644 --- a/CVE-2021/CVE-2021-413xx/CVE-2021-41370.json +++ b/CVE-2021/CVE-2021-413xx/CVE-2021-41370.json @@ -2,12 +2,12 @@ "id": "CVE-2021-41370", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:30.057", - "lastModified": "2021-11-12T17:15:39.847", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:51.893", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "NTFS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-41367, CVE-2021-42283." + "value": "NTFS Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-413xx/CVE-2021-41371.json b/CVE-2021/CVE-2021-413xx/CVE-2021-41371.json index 8f2a74b6673..e635117d57e 100644 --- a/CVE-2021/CVE-2021-413xx/CVE-2021-41371.json +++ b/CVE-2021/CVE-2021-413xx/CVE-2021-41371.json @@ -2,12 +2,12 @@ "id": "CVE-2021-41371", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:30.297", - "lastModified": "2021-11-10T21:19:57.057", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:52.137", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38631." + "value": "Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-413xx/CVE-2021-41372.json b/CVE-2021/CVE-2021-413xx/CVE-2021-41372.json index dfbc60b3f94..739460093eb 100644 --- a/CVE-2021/CVE-2021-413xx/CVE-2021-41372.json +++ b/CVE-2021/CVE-2021-413xx/CVE-2021-41372.json @@ -2,12 +2,12 @@ "id": "CVE-2021-41372", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:30.517", - "lastModified": "2021-11-12T17:32:32.197", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:52.370", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Power BI Report Server Spoofing Vulnerability" + "value": "

A Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability exists when Power BI Report Server Template file (pbix) containing HTML files is uploaded to the server and HTML files are accessed directly by the victim.

\n

Combining these 2 vulnerabilities together, an attacker is able to upload malicious Power BI templates files to the server using the victim's session and run scripts in the security context of the user and perform privilege escalation in case the victim has admin privileges when the victim access one of the HTML files present in the malicious Power BI template uploaded.

\n

The security update addresses the vulnerability by helping to ensure that Power BI Report Server properly sanitize file uploads.

\n" }, { "lang": "es", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 7.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.7 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", diff --git a/CVE-2021/CVE-2021-413xx/CVE-2021-41373.json b/CVE-2021/CVE-2021-413xx/CVE-2021-41373.json index f30449acf53..86ce9b17c4b 100644 --- a/CVE-2021/CVE-2021-413xx/CVE-2021-41373.json +++ b/CVE-2021/CVE-2021-413xx/CVE-2021-41373.json @@ -2,8 +2,8 @@ "id": "CVE-2021-41373", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:30.793", - "lastModified": "2021-11-10T21:31:11.930", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:52.673", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-413xx/CVE-2021-41374.json b/CVE-2021/CVE-2021-413xx/CVE-2021-41374.json index 8bbf8306be7..7cf178ef6a8 100644 --- a/CVE-2021/CVE-2021-413xx/CVE-2021-41374.json +++ b/CVE-2021/CVE-2021-413xx/CVE-2021-41374.json @@ -2,12 +2,12 @@ "id": "CVE-2021-41374", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:31.037", - "lastModified": "2021-11-10T20:05:45.710", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:52.897", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Sphere Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41375, CVE-2021-41376." + "value": "Azure Sphere Information Disclosure Vulnerability" }, { "lang": "es", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.4, + "impactScore": 5.2 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", diff --git a/CVE-2021/CVE-2021-413xx/CVE-2021-41375.json b/CVE-2021/CVE-2021-413xx/CVE-2021-41375.json index a955225dd6d..729118c3295 100644 --- a/CVE-2021/CVE-2021-413xx/CVE-2021-41375.json +++ b/CVE-2021/CVE-2021-413xx/CVE-2021-41375.json @@ -2,12 +2,12 @@ "id": "CVE-2021-41375", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:31.260", - "lastModified": "2021-11-10T21:16:17.433", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:53.127", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Sphere Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41374, CVE-2021-41376." + "value": "Azure Sphere Information Disclosure Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 0.8, "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-413xx/CVE-2021-41376.json b/CVE-2021/CVE-2021-413xx/CVE-2021-41376.json index cb1b432a8eb..9b8c269c20b 100644 --- a/CVE-2021/CVE-2021-413xx/CVE-2021-41376.json +++ b/CVE-2021/CVE-2021-413xx/CVE-2021-41376.json @@ -2,12 +2,12 @@ "id": "CVE-2021-41376", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:31.483", - "lastModified": "2021-11-10T21:17:00.110", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:53.353", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Sphere Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41374, CVE-2021-41375." + "value": "Azure Sphere Information Disclosure Vulnerability" }, { "lang": "es", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 2.3, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 0.8, + "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", diff --git a/CVE-2021/CVE-2021-413xx/CVE-2021-41377.json b/CVE-2021/CVE-2021-413xx/CVE-2021-41377.json index c6bfa11255a..0c682510656 100644 --- a/CVE-2021/CVE-2021-413xx/CVE-2021-41377.json +++ b/CVE-2021/CVE-2021-413xx/CVE-2021-41377.json @@ -2,8 +2,8 @@ "id": "CVE-2021-41377", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:31.707", - "lastModified": "2021-11-12T20:37:26.893", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:53.593", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-413xx/CVE-2021-41378.json b/CVE-2021/CVE-2021-413xx/CVE-2021-41378.json index 42f37ca6c91..c3aefeb218d 100644 --- a/CVE-2021/CVE-2021-413xx/CVE-2021-41378.json +++ b/CVE-2021/CVE-2021-413xx/CVE-2021-41378.json @@ -2,8 +2,8 @@ "id": "CVE-2021-41378", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:31.913", - "lastModified": "2021-11-12T20:33:55.097", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:53.907", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", diff --git a/CVE-2021/CVE-2021-413xx/CVE-2021-41379.json b/CVE-2021/CVE-2021-413xx/CVE-2021-41379.json index 6d38d9aa5bb..347da3844d9 100644 --- a/CVE-2021/CVE-2021-413xx/CVE-2021-41379.json +++ b/CVE-2021/CVE-2021-413xx/CVE-2021-41379.json @@ -2,8 +2,8 @@ "id": "CVE-2021-41379", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:32.127", - "lastModified": "2021-11-12T20:17:30.037", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:54.133", + "vulnStatus": "Modified", "cisaExploitAdd": "2022-03-03", "cisaActionDue": "2022-03-17", "cisaRequiredAction": "Apply updates per vendor instructions.", @@ -21,8 +21,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", @@ -74,7 +94,7 @@ "description": [ { "lang": "en", - "value": "CWE-269" + "value": "CWE-59" } ] } diff --git a/CVE-2021/CVE-2021-422xx/CVE-2021-42274.json b/CVE-2021/CVE-2021-422xx/CVE-2021-42274.json index 7caa1455ab3..1310999e4b2 100644 --- a/CVE-2021/CVE-2021-422xx/CVE-2021-42274.json +++ b/CVE-2021/CVE-2021-422xx/CVE-2021-42274.json @@ -2,8 +2,8 @@ "id": "CVE-2021-42274", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:43.317", - "lastModified": "2021-11-12T20:16:06.023", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:54.347", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.0 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", diff --git a/CVE-2021/CVE-2021-422xx/CVE-2021-42275.json b/CVE-2021/CVE-2021-422xx/CVE-2021-42275.json index 5f9ed9ac6cd..2eb9e36dd77 100644 --- a/CVE-2021/CVE-2021-422xx/CVE-2021-42275.json +++ b/CVE-2021/CVE-2021-422xx/CVE-2021-42275.json @@ -2,8 +2,8 @@ "id": "CVE-2021-42275", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:43.570", - "lastModified": "2021-11-12T20:07:09.077", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:54.560", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-422xx/CVE-2021-42276.json b/CVE-2021/CVE-2021-422xx/CVE-2021-42276.json index b5005f84856..8446de956b7 100644 --- a/CVE-2021/CVE-2021-422xx/CVE-2021-42276.json +++ b/CVE-2021/CVE-2021-422xx/CVE-2021-42276.json @@ -2,8 +2,8 @@ "id": "CVE-2021-42276", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:43.800", - "lastModified": "2021-11-12T20:06:16.707", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:54.763", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-422xx/CVE-2021-42277.json b/CVE-2021/CVE-2021-422xx/CVE-2021-42277.json index b20a0481e64..0854449972e 100644 --- a/CVE-2021/CVE-2021-422xx/CVE-2021-42277.json +++ b/CVE-2021/CVE-2021-422xx/CVE-2021-42277.json @@ -2,8 +2,8 @@ "id": "CVE-2021-42277", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:44.063", - "lastModified": "2021-11-12T19:42:03.327", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:54.970", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", diff --git a/CVE-2021/CVE-2021-422xx/CVE-2021-42278.json b/CVE-2021/CVE-2021-422xx/CVE-2021-42278.json index 5c7ae1b5d90..b23840546ff 100644 --- a/CVE-2021/CVE-2021-422xx/CVE-2021-42278.json +++ b/CVE-2021/CVE-2021-422xx/CVE-2021-42278.json @@ -2,8 +2,8 @@ "id": "CVE-2021-42278", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:44.300", - "lastModified": "2021-11-12T19:01:09.060", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:55.160", + "vulnStatus": "Modified", "cisaExploitAdd": "2022-04-11", "cisaActionDue": "2022-05-02", "cisaRequiredAction": "Apply updates per vendor instructions.", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42282, CVE-2021-42287, CVE-2021-42291." + "value": "Active Directory Domain Services Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -21,8 +21,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", @@ -74,7 +94,7 @@ "description": [ { "lang": "en", - "value": "CWE-269" + "value": "CWE-20" } ] } diff --git a/CVE-2021/CVE-2021-422xx/CVE-2021-42279.json b/CVE-2021/CVE-2021-422xx/CVE-2021-42279.json index 7e5bf880838..e454540c8d0 100644 --- a/CVE-2021/CVE-2021-422xx/CVE-2021-42279.json +++ b/CVE-2021/CVE-2021-422xx/CVE-2021-42279.json @@ -2,8 +2,8 @@ "id": "CVE-2021-42279", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:44.560", - "lastModified": "2021-11-12T18:56:48.957", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:55.363", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.2, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 2.5 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", diff --git a/CVE-2021/CVE-2021-422xx/CVE-2021-42280.json b/CVE-2021/CVE-2021-422xx/CVE-2021-42280.json index 6b909d66d73..4c19d5c6f69 100644 --- a/CVE-2021/CVE-2021-422xx/CVE-2021-42280.json +++ b/CVE-2021/CVE-2021-422xx/CVE-2021-42280.json @@ -2,8 +2,8 @@ "id": "CVE-2021-42280", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:44.770", - "lastModified": "2021-11-12T18:36:39.673", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:55.567", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", diff --git a/CVE-2021/CVE-2021-422xx/CVE-2021-42282.json b/CVE-2021/CVE-2021-422xx/CVE-2021-42282.json index 1c847567147..dfa42aba9d6 100644 --- a/CVE-2021/CVE-2021-422xx/CVE-2021-42282.json +++ b/CVE-2021/CVE-2021-422xx/CVE-2021-42282.json @@ -2,12 +2,12 @@ "id": "CVE-2021-42282", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:44.987", - "lastModified": "2022-05-23T17:42:15.450", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:55.820", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42287, CVE-2021-42291." + "value": "Active Directory Domain Services Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", diff --git a/CVE-2021/CVE-2021-422xx/CVE-2021-42283.json b/CVE-2021/CVE-2021-422xx/CVE-2021-42283.json index eb942ecf6c7..08ff0401c80 100644 --- a/CVE-2021/CVE-2021-422xx/CVE-2021-42283.json +++ b/CVE-2021/CVE-2021-422xx/CVE-2021-42283.json @@ -2,12 +2,12 @@ "id": "CVE-2021-42283", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:45.213", - "lastModified": "2022-05-23T17:42:15.497", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:56.020", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "NTFS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-41367, CVE-2021-41370." + "value": "NTFS Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.0, + "impactScore": 6.0 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", diff --git a/CVE-2021/CVE-2021-422xx/CVE-2021-42284.json b/CVE-2021/CVE-2021-422xx/CVE-2021-42284.json index 250e82e9b55..e5f5fb0aa9b 100644 --- a/CVE-2021/CVE-2021-422xx/CVE-2021-42284.json +++ b/CVE-2021/CVE-2021-422xx/CVE-2021-42284.json @@ -2,8 +2,8 @@ "id": "CVE-2021-42284", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:45.437", - "lastModified": "2022-06-28T14:11:45.273", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:56.230", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.0 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", diff --git a/CVE-2021/CVE-2021-422xx/CVE-2021-42285.json b/CVE-2021/CVE-2021-422xx/CVE-2021-42285.json index 28e6bb01590..ede8cdedc16 100644 --- a/CVE-2021/CVE-2021-422xx/CVE-2021-42285.json +++ b/CVE-2021/CVE-2021-422xx/CVE-2021-42285.json @@ -2,8 +2,8 @@ "id": "CVE-2021-42285", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:45.673", - "lastModified": "2022-05-23T17:42:15.593", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:56.430", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-422xx/CVE-2021-42286.json b/CVE-2021/CVE-2021-422xx/CVE-2021-42286.json index 2fc9d0caccd..70cec143810 100644 --- a/CVE-2021/CVE-2021-422xx/CVE-2021-42286.json +++ b/CVE-2021/CVE-2021-422xx/CVE-2021-42286.json @@ -2,8 +2,8 @@ "id": "CVE-2021-42286", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:45.897", - "lastModified": "2022-05-23T17:42:15.650", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:56.650", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-422xx/CVE-2021-42287.json b/CVE-2021/CVE-2021-422xx/CVE-2021-42287.json index 02ef9e4cea3..f40d5d382de 100644 --- a/CVE-2021/CVE-2021-422xx/CVE-2021-42287.json +++ b/CVE-2021/CVE-2021-422xx/CVE-2021-42287.json @@ -2,8 +2,8 @@ "id": "CVE-2021-42287", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:46.137", - "lastModified": "2022-05-23T17:42:15.677", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:56.857", + "vulnStatus": "Modified", "cisaExploitAdd": "2022-04-11", "cisaActionDue": "2022-05-02", "cisaRequiredAction": "Apply updates per vendor instructions.", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42282, CVE-2021-42291." + "value": "Active Directory Domain Services Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -21,8 +21,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", diff --git a/CVE-2021/CVE-2021-422xx/CVE-2021-42288.json b/CVE-2021/CVE-2021-422xx/CVE-2021-42288.json index fc7c7fa5024..033fce884a2 100644 --- a/CVE-2021/CVE-2021-422xx/CVE-2021-42288.json +++ b/CVE-2021/CVE-2021-422xx/CVE-2021-42288.json @@ -2,8 +2,8 @@ "id": "CVE-2021-42288", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:46.373", - "lastModified": "2022-07-12T17:42:04.277", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:57.040", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "PHYSICAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.5, + "impactScore": 5.2 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", diff --git a/CVE-2021/CVE-2021-422xx/CVE-2021-42291.json b/CVE-2021/CVE-2021-422xx/CVE-2021-42291.json index 5ac4fbf952c..f1334b5dd1d 100644 --- a/CVE-2021/CVE-2021-422xx/CVE-2021-42291.json +++ b/CVE-2021/CVE-2021-422xx/CVE-2021-42291.json @@ -2,12 +2,12 @@ "id": "CVE-2021-42291", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:46.653", - "lastModified": "2022-05-23T17:42:15.720", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:57.257", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42282, CVE-2021-42287." + "value": "Active Directory Domain Services Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", diff --git a/CVE-2021/CVE-2021-422xx/CVE-2021-42292.json b/CVE-2021/CVE-2021-422xx/CVE-2021-42292.json index b97da0edd0b..30a7577033c 100644 --- a/CVE-2021/CVE-2021-422xx/CVE-2021-42292.json +++ b/CVE-2021/CVE-2021-422xx/CVE-2021-42292.json @@ -2,8 +2,8 @@ "id": "CVE-2021-42292", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:47.007", - "lastModified": "2022-07-12T17:42:04.277", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:57.467", + "vulnStatus": "Modified", "cisaExploitAdd": "2021-11-17", "cisaActionDue": "2021-12-01", "cisaRequiredAction": "Apply updates per vendor instructions.", @@ -21,7 +21,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -39,6 +39,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ @@ -74,7 +94,7 @@ "description": [ { "lang": "en", - "value": "NVD-CWE-noinfo" + "value": "NVD-CWE-Other" } ] } diff --git a/CVE-2021/CVE-2021-422xx/CVE-2021-42296.json b/CVE-2021/CVE-2021-422xx/CVE-2021-42296.json index 498aa56cbc4..b6f64024d2e 100644 --- a/CVE-2021/CVE-2021-422xx/CVE-2021-42296.json +++ b/CVE-2021/CVE-2021-422xx/CVE-2021-42296.json @@ -2,8 +2,8 @@ "id": "CVE-2021-42296", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:47.223", - "lastModified": "2021-11-13T04:49:08.583", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:57.697", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-422xx/CVE-2021-42297.json b/CVE-2021/CVE-2021-422xx/CVE-2021-42297.json index 3ce07d452ab..f48cd2a0f8b 100644 --- a/CVE-2021/CVE-2021-422xx/CVE-2021-42297.json +++ b/CVE-2021/CVE-2021-422xx/CVE-2021-42297.json @@ -2,12 +2,12 @@ "id": "CVE-2021-42297", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-24T01:15:08.310", - "lastModified": "2021-11-29T18:31:39.613", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:57.887", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows 10 Update Assistant Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-43211." + "value": "Windows 10 Update Assistant Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.0, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.3, + "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", diff --git a/CVE-2021/CVE-2021-422xx/CVE-2021-42298.json b/CVE-2021/CVE-2021-422xx/CVE-2021-42298.json index 0c23c1adaa3..f0fcfe1c924 100644 --- a/CVE-2021/CVE-2021-422xx/CVE-2021-42298.json +++ b/CVE-2021/CVE-2021-422xx/CVE-2021-42298.json @@ -2,8 +2,8 @@ "id": "CVE-2021-42298", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:47.477", - "lastModified": "2021-11-17T19:34:27.747", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:58.090", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-423xx/CVE-2021-42300.json b/CVE-2021/CVE-2021-423xx/CVE-2021-42300.json index 4b3420dee16..ff8d3ce5be5 100644 --- a/CVE-2021/CVE-2021-423xx/CVE-2021-42300.json +++ b/CVE-2021/CVE-2021-423xx/CVE-2021-42300.json @@ -2,8 +2,8 @@ "id": "CVE-2021-42300", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:47.720", - "lastModified": "2021-11-17T19:34:57.970", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:58.273", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.0, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.5, + "impactScore": 4.0 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", diff --git a/CVE-2021/CVE-2021-423xx/CVE-2021-42301.json b/CVE-2021/CVE-2021-423xx/CVE-2021-42301.json index 1d4b774df67..0d26545f161 100644 --- a/CVE-2021/CVE-2021-423xx/CVE-2021-42301.json +++ b/CVE-2021/CVE-2021-423xx/CVE-2021-42301.json @@ -2,12 +2,12 @@ "id": "CVE-2021-42301", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:47.993", - "lastModified": "2022-07-12T17:42:04.277", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:58.460", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure RTOS Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-26444, CVE-2021-42323." + "value": "Azure RTOS Information Disclosure Vulnerability" }, { "lang": "es", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.3, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", diff --git a/CVE-2021/CVE-2021-423xx/CVE-2021-42302.json b/CVE-2021/CVE-2021-423xx/CVE-2021-42302.json index a5d4058e5a3..bf41cc532f6 100644 --- a/CVE-2021/CVE-2021-423xx/CVE-2021-42302.json +++ b/CVE-2021/CVE-2021-423xx/CVE-2021-42302.json @@ -2,12 +2,12 @@ "id": "CVE-2021-42302", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:48.260", - "lastModified": "2021-11-15T17:14:37.477", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:58.643", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure RTOS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42303, CVE-2021-42304." + "value": "Azure RTOS Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH", + "baseScore": 6.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 4.7 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", diff --git a/CVE-2021/CVE-2021-423xx/CVE-2021-42303.json b/CVE-2021/CVE-2021-423xx/CVE-2021-42303.json index 70db36d353d..7517c7e3443 100644 --- a/CVE-2021/CVE-2021-423xx/CVE-2021-42303.json +++ b/CVE-2021/CVE-2021-423xx/CVE-2021-42303.json @@ -2,12 +2,12 @@ "id": "CVE-2021-42303", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:48.547", - "lastModified": "2021-11-15T17:25:30.963", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:58.823", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure RTOS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42302, CVE-2021-42304." + "value": "Azure RTOS Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH", + "baseScore": 6.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 4.7 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", diff --git a/CVE-2021/CVE-2021-423xx/CVE-2021-42304.json b/CVE-2021/CVE-2021-423xx/CVE-2021-42304.json index 353f711c1b9..0cc6b785878 100644 --- a/CVE-2021/CVE-2021-423xx/CVE-2021-42304.json +++ b/CVE-2021/CVE-2021-423xx/CVE-2021-42304.json @@ -2,12 +2,12 @@ "id": "CVE-2021-42304", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:48.843", - "lastModified": "2021-11-15T17:14:10.870", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:59.013", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure RTOS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42302, CVE-2021-42303." + "value": "Azure RTOS Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH", + "baseScore": 6.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 4.7 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", diff --git a/CVE-2021/CVE-2021-423xx/CVE-2021-42305.json b/CVE-2021/CVE-2021-423xx/CVE-2021-42305.json index 5247c39dbb0..9b4e5950dbe 100644 --- a/CVE-2021/CVE-2021-423xx/CVE-2021-42305.json +++ b/CVE-2021/CVE-2021-423xx/CVE-2021-42305.json @@ -2,12 +2,12 @@ "id": "CVE-2021-42305", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:49.143", - "lastModified": "2021-11-15T20:05:50.373", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:59.187", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Microsoft Exchange Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-41349." + "value": "Microsoft Exchange Server Spoofing Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-423xx/CVE-2021-42306.json b/CVE-2021/CVE-2021-423xx/CVE-2021-42306.json index 01ae7a8af72..d73b1c57ec1 100644 --- a/CVE-2021/CVE-2021-423xx/CVE-2021-42306.json +++ b/CVE-2021/CVE-2021-423xx/CVE-2021-42306.json @@ -2,12 +2,12 @@ "id": "CVE-2021-42306", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-24T01:15:08.363", - "lastModified": "2022-07-12T17:42:04.277", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:59.377", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure Active Directory Information Disclosure Vulnerability" + "value": "

An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential\u202f on an Azure AD Application or Service Principal (which is not recommended). This vulnerability allows a user or service in the tenant with application read access to read the private key data that was added to the application.

\n

Azure AD\u202faddressed this vulnerability by preventing disclosure of any private key\u202fvalues added\u202fto the application.

\n

Microsoft has identified services that could manifest this vulnerability, and steps that customers should take to be protected. Refer to the FAQ section for more information.

\n

For more details on this issue, please refer to the MSRC Blog Entry.

\n" }, { "lang": "es", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", diff --git a/CVE-2021/CVE-2021-423xx/CVE-2021-42308.json b/CVE-2021/CVE-2021-423xx/CVE-2021-42308.json index 94a48eee352..6cfba51ee8c 100644 --- a/CVE-2021/CVE-2021-423xx/CVE-2021-42308.json +++ b/CVE-2021/CVE-2021-423xx/CVE-2021-42308.json @@ -2,8 +2,8 @@ "id": "CVE-2021-42308", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-24T01:15:08.410", - "lastModified": "2021-11-30T07:05:16.387", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:59.590", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.1, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.6, + "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", diff --git a/CVE-2021/CVE-2021-423xx/CVE-2021-42316.json b/CVE-2021/CVE-2021-423xx/CVE-2021-42316.json index d31c810f0ca..4637ee093b9 100644 --- a/CVE-2021/CVE-2021-423xx/CVE-2021-42316.json +++ b/CVE-2021/CVE-2021-423xx/CVE-2021-42316.json @@ -2,12 +2,12 @@ "id": "CVE-2021-42316", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:49.437", - "lastModified": "2021-11-15T19:46:27.680", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:59.763", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability" + "value": "Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-423xx/CVE-2021-42319.json b/CVE-2021/CVE-2021-423xx/CVE-2021-42319.json index b6ed58a7513..2c1568404dc 100644 --- a/CVE-2021/CVE-2021-423xx/CVE-2021-42319.json +++ b/CVE-2021/CVE-2021-423xx/CVE-2021-42319.json @@ -2,8 +2,8 @@ "id": "CVE-2021-42319", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:49.740", - "lastModified": "2021-11-15T21:49:07.790", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:15:59.943", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.0, + "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", diff --git a/CVE-2021/CVE-2021-423xx/CVE-2021-42321.json b/CVE-2021/CVE-2021-423xx/CVE-2021-42321.json index 5b4e7f487b0..d688a5e1b1c 100644 --- a/CVE-2021/CVE-2021-423xx/CVE-2021-42321.json +++ b/CVE-2021/CVE-2021-423xx/CVE-2021-42321.json @@ -2,8 +2,8 @@ "id": "CVE-2021-42321", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:50.047", - "lastModified": "2022-08-29T18:59:05.607", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:16:00.120", + "vulnStatus": "Modified", "cisaExploitAdd": "2021-11-17", "cisaActionDue": "2021-12-01", "cisaRequiredAction": "Apply updates per vendor instructions.", @@ -21,7 +21,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -39,6 +39,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-423xx/CVE-2021-42322.json b/CVE-2021/CVE-2021-423xx/CVE-2021-42322.json index fc9b6f30a7e..4429ebf617c 100644 --- a/CVE-2021/CVE-2021-423xx/CVE-2021-42322.json +++ b/CVE-2021/CVE-2021-423xx/CVE-2021-42322.json @@ -2,8 +2,8 @@ "id": "CVE-2021-42322", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:50.370", - "lastModified": "2021-11-15T21:49:45.687", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:16:00.313", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-423xx/CVE-2021-42323.json b/CVE-2021/CVE-2021-423xx/CVE-2021-42323.json index 36953445507..6c50385fc04 100644 --- a/CVE-2021/CVE-2021-423xx/CVE-2021-42323.json +++ b/CVE-2021/CVE-2021-423xx/CVE-2021-42323.json @@ -2,12 +2,12 @@ "id": "CVE-2021-42323", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:50.673", - "lastModified": "2022-07-12T17:42:04.277", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:16:00.487", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Azure RTOS Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-26444, CVE-2021-42301." + "value": "Azure RTOS Information Disclosure Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.3, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-432xx/CVE-2021-43208.json b/CVE-2021/CVE-2021-432xx/CVE-2021-43208.json index 1d532a72e46..6a69d7f3a37 100644 --- a/CVE-2021/CVE-2021-432xx/CVE-2021-43208.json +++ b/CVE-2021/CVE-2021-432xx/CVE-2021-43208.json @@ -2,12 +2,12 @@ "id": "CVE-2021-43208", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:54.603", - "lastModified": "2021-11-15T19:39:22.027", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:16:00.720", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "3D Viewer Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-43209." + "value": "3D Viewer Remote Code Execution Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-432xx/CVE-2021-43209.json b/CVE-2021/CVE-2021-432xx/CVE-2021-43209.json index 7ff191299da..cc905ce5f1f 100644 --- a/CVE-2021/CVE-2021-432xx/CVE-2021-43209.json +++ b/CVE-2021/CVE-2021-432xx/CVE-2021-43209.json @@ -2,12 +2,12 @@ "id": "CVE-2021-43209", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-10T01:19:54.760", - "lastModified": "2021-11-17T02:32:20.230", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:16:00.907", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "3D Viewer Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-43208." + "value": "3D Viewer Remote Code Execution Vulnerability" }, { "lang": "es", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-432xx/CVE-2021-43211.json b/CVE-2021/CVE-2021-432xx/CVE-2021-43211.json index 1cd7ae69691..6faab72597e 100644 --- a/CVE-2021/CVE-2021-432xx/CVE-2021-43211.json +++ b/CVE-2021/CVE-2021-432xx/CVE-2021-43211.json @@ -2,12 +2,12 @@ "id": "CVE-2021-43211", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-24T01:15:08.457", - "lastModified": "2021-11-30T07:06:45.307", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:16:01.083", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Windows 10 Update Assistant Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42297." + "value": "Windows 10 Update Assistant Elevation of Privilege Vulnerability" }, { "lang": "es", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", diff --git a/CVE-2021/CVE-2021-432xx/CVE-2021-43220.json b/CVE-2021/CVE-2021-432xx/CVE-2021-43220.json index 09dddd40ab3..63385f20a55 100644 --- a/CVE-2021/CVE-2021-432xx/CVE-2021-43220.json +++ b/CVE-2021/CVE-2021-432xx/CVE-2021-43220.json @@ -2,8 +2,8 @@ "id": "CVE-2021-43220", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-24T01:15:08.497", - "lastModified": "2021-11-30T07:07:19.743", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:16:01.253", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.1, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.6, + "impactScore": 1.4 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", diff --git a/CVE-2021/CVE-2021-432xx/CVE-2021-43221.json b/CVE-2021/CVE-2021-432xx/CVE-2021-43221.json index c8801c428b8..6dd3187db70 100644 --- a/CVE-2021/CVE-2021-432xx/CVE-2021-43221.json +++ b/CVE-2021/CVE-2021-432xx/CVE-2021-43221.json @@ -2,8 +2,8 @@ "id": "CVE-2021-43221", "sourceIdentifier": "secure@microsoft.com", "published": "2021-11-24T01:15:08.540", - "lastModified": "2021-11-30T16:35:01.560", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-28T16:16:01.433", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secure@microsoft.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 1.6, "impactScore": 2.5 + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.2, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 2.5 } ], "cvssMetricV2": [ diff --git a/CVE-2021/CVE-2021-454xx/CVE-2021-45435.json b/CVE-2021/CVE-2021-454xx/CVE-2021-45435.json index f0fd1816597..5b0e35e60db 100644 --- a/CVE-2021/CVE-2021-454xx/CVE-2021-45435.json +++ b/CVE-2021/CVE-2021-454xx/CVE-2021-45435.json @@ -2,7 +2,7 @@ "id": "CVE-2021-45435", "sourceIdentifier": "cve@mitre.org", "published": "2022-01-28T15:15:07.590", - "lastModified": "2022-02-02T18:41:12.427", + "lastModified": "2023-12-28T16:46:19.600", "vulnStatus": "Analyzed", "descriptions": [ { @@ -84,8 +84,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:simple_cold_storage_management_system_project:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "927B57F8-82DF-41A0-9935-5F4DE91A86BB" + "criteria": "cpe:2.3:a:oretnom23:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46B90B33-68A7-49D0-AC82-B19068310C9C" } ] } diff --git a/CVE-2022/CVE-2022-229xx/CVE-2022-22995.json b/CVE-2022/CVE-2022-229xx/CVE-2022-22995.json index 120bdd35a88..049ba497e98 100644 --- a/CVE-2022/CVE-2022-229xx/CVE-2022-22995.json +++ b/CVE-2022/CVE-2022-229xx/CVE-2022-22995.json @@ -2,8 +2,8 @@ "id": "CVE-2022-22995", "sourceIdentifier": "psirt@wdc.com", "published": "2022-03-25T23:15:08.410", - "lastModified": "2023-11-07T03:44:01.210", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-28T15:19:51.203", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a", + "source": "psirt@wdc.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -95,7 +95,7 @@ ] }, { - "source": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a", + "source": "psirt@wdc.com", "type": "Secondary", "description": [ { @@ -413,24 +413,68 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netatalk:netatalk:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.1.18", + "matchCriteriaId": "9B3B3806-09AC-4151-9138-19276A22C961" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", + "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", + "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646" + } + ] + } + ] } ], "references": [ { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/55ROUJI22SHZX5EM23QAILZHI67EZQKW/", - "source": "psirt@wdc.com" + "source": "psirt@wdc.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5CZZLFOTUP3QYHGHSDUNENGSLPJ6KGO/", - "source": "psirt@wdc.com" + "source": "psirt@wdc.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XO34FWOIJI6V6PH2XY52WNBBARVWPJG2/", - "source": "psirt@wdc.com" + "source": "psirt@wdc.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://security.gentoo.org/glsa/202311-02", - "source": "psirt@wdc.com" + "source": "psirt@wdc.com", + "tags": [ + "Issue Tracking", + "Third Party Advisory" + ] }, { "url": "https://www.westerndigital.com/support/product-security/wdc-22005-netatalk-security-vulnerabilities", diff --git a/CVE-2022/CVE-2022-231xx/CVE-2022-23125.json b/CVE-2022/CVE-2022-231xx/CVE-2022-23125.json index 49f42b1177f..2bc501fd00c 100644 --- a/CVE-2022/CVE-2022-231xx/CVE-2022-23125.json +++ b/CVE-2022/CVE-2022-231xx/CVE-2022-23125.json @@ -2,8 +2,8 @@ "id": "CVE-2022-23125", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2023-03-28T19:15:10.507", - "lastModified": "2023-11-01T17:15:10.667", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-28T15:12:08.143", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -57,6 +57,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + }, { "source": "zdi-disclosures@trendmicro.com", "type": "Secondary", @@ -124,7 +134,11 @@ }, { "url": "https://security.gentoo.org/glsa/202311-02", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Issue Tracking", + "Third Party Advisory" + ] }, { "url": "https://www.debian.org/security/2023/dsa-5503", diff --git a/CVE-2022/CVE-2022-241xx/CVE-2022-24122.json b/CVE-2022/CVE-2022-241xx/CVE-2022-24122.json index bf24bf811d7..578ab559b51 100644 --- a/CVE-2022/CVE-2022-241xx/CVE-2022-24122.json +++ b/CVE-2022/CVE-2022-241xx/CVE-2022-24122.json @@ -2,8 +2,8 @@ "id": "CVE-2022-24122", "sourceIdentifier": "cve@mitre.org", "published": "2022-01-29T22:15:07.487", - "lastModified": "2023-11-09T14:44:33.733", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T16:04:30.003", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -357,11 +357,17 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSR3AI2IQGRKZCHNKF6S25JGDKUEAWWL/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VVSZKUJAZ2VN6LJ35J2B6YD6BOPQTU3B/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://security.netapp.com/advisory/ntap-20220221-0001/", diff --git a/CVE-2022/CVE-2022-245xx/CVE-2022-24599.json b/CVE-2022/CVE-2022-245xx/CVE-2022-24599.json index 2fa604c655d..9160ea4d906 100644 --- a/CVE-2022/CVE-2022-245xx/CVE-2022-24599.json +++ b/CVE-2022/CVE-2022-245xx/CVE-2022-24599.json @@ -2,8 +2,8 @@ "id": "CVE-2022-24599", "sourceIdentifier": "cve@mitre.org", "published": "2022-02-24T15:15:29.633", - "lastModified": "2023-11-22T03:15:07.263", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-28T15:58:19.167", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -90,6 +90,36 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", + "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", + "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646" + } + ] + } + ] } ], "references": [ @@ -104,19 +134,31 @@ }, { "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00006.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4JXZ6QAMA3TSRY6GUZRY3WTHR7P5TPH/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTETOUJNRR75REYJZTBGF6TAJZYTMXUY/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZPG27YKICLIWUFOPVUOAFAZGOX4BNHY/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-35xx/CVE-2022-3546.json b/CVE-2022/CVE-2022-35xx/CVE-2022-3546.json index 8380cef3919..d16e952019a 100644 --- a/CVE-2022/CVE-2022-35xx/CVE-2022-3546.json +++ b/CVE-2022/CVE-2022-35xx/CVE-2022-3546.json @@ -2,7 +2,7 @@ "id": "CVE-2022-3546", "sourceIdentifier": "cna@vuldb.com", "published": "2022-10-17T12:15:11.217", - "lastModified": "2023-11-07T03:51:24.917", + "lastModified": "2023-12-28T16:46:19.600", "vulnStatus": "Modified", "descriptions": [ { @@ -37,7 +37,7 @@ "impactScore": 2.7 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -70,7 +70,7 @@ ] }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "description": [ { @@ -89,8 +89,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:simple_cold_storage_management_system_project:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "927B57F8-82DF-41A0-9935-5F4DE91A86BB" + "criteria": "cpe:2.3:a:oretnom23:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46B90B33-68A7-49D0-AC82-B19068310C9C" } ] } diff --git a/CVE-2022/CVE-2022-35xx/CVE-2022-3548.json b/CVE-2022/CVE-2022-35xx/CVE-2022-3548.json index 1305fb8b19b..5382f7101a6 100644 --- a/CVE-2022/CVE-2022-35xx/CVE-2022-3548.json +++ b/CVE-2022/CVE-2022-35xx/CVE-2022-3548.json @@ -2,7 +2,7 @@ "id": "CVE-2022-3548", "sourceIdentifier": "cna@vuldb.com", "published": "2022-10-17T12:15:11.397", - "lastModified": "2023-11-07T03:51:25.283", + "lastModified": "2023-12-28T16:46:19.600", "vulnStatus": "Modified", "descriptions": [ { @@ -37,7 +37,7 @@ "impactScore": 2.7 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -70,7 +70,7 @@ ] }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "description": [ { @@ -89,8 +89,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:simple_cold_storage_management_system_project:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "927B57F8-82DF-41A0-9935-5F4DE91A86BB" + "criteria": "cpe:2.3:a:oretnom23:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46B90B33-68A7-49D0-AC82-B19068310C9C" } ] } diff --git a/CVE-2022/CVE-2022-35xx/CVE-2022-3549.json b/CVE-2022/CVE-2022-35xx/CVE-2022-3549.json index 419a3b7365a..75e3af17e20 100644 --- a/CVE-2022/CVE-2022-35xx/CVE-2022-3549.json +++ b/CVE-2022/CVE-2022-35xx/CVE-2022-3549.json @@ -2,7 +2,7 @@ "id": "CVE-2022-3549", "sourceIdentifier": "cna@vuldb.com", "published": "2022-10-17T12:15:11.473", - "lastModified": "2023-11-07T03:51:25.433", + "lastModified": "2023-12-28T16:46:19.600", "vulnStatus": "Modified", "descriptions": [ { @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -70,7 +70,7 @@ ] }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "description": [ { @@ -89,8 +89,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:simple_cold_storage_management_system_project:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "927B57F8-82DF-41A0-9935-5F4DE91A86BB" + "criteria": "cpe:2.3:a:oretnom23:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46B90B33-68A7-49D0-AC82-B19068310C9C" } ] } diff --git a/CVE-2022/CVE-2022-35xx/CVE-2022-3582.json b/CVE-2022/CVE-2022-35xx/CVE-2022-3582.json index 0f085180df9..0ab2b322bc1 100644 --- a/CVE-2022/CVE-2022-35xx/CVE-2022-3582.json +++ b/CVE-2022/CVE-2022-35xx/CVE-2022-3582.json @@ -2,7 +2,7 @@ "id": "CVE-2022-3582", "sourceIdentifier": "cna@vuldb.com", "published": "2022-10-18T11:15:09.890", - "lastModified": "2023-11-07T03:51:28.023", + "lastModified": "2023-12-28T16:46:19.600", "vulnStatus": "Modified", "descriptions": [ { @@ -37,7 +37,7 @@ "impactScore": 1.4 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -70,7 +70,7 @@ ] }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "description": [ { @@ -89,8 +89,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:simple_cold_storage_management_system_project:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "927B57F8-82DF-41A0-9935-5F4DE91A86BB" + "criteria": "cpe:2.3:a:oretnom23:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46B90B33-68A7-49D0-AC82-B19068310C9C" } ] } diff --git a/CVE-2022/CVE-2022-35xx/CVE-2022-3585.json b/CVE-2022/CVE-2022-35xx/CVE-2022-3585.json index 24e70e7d5a8..5dc78690b34 100644 --- a/CVE-2022/CVE-2022-35xx/CVE-2022-3585.json +++ b/CVE-2022/CVE-2022-35xx/CVE-2022-3585.json @@ -2,7 +2,7 @@ "id": "CVE-2022-3585", "sourceIdentifier": "cna@vuldb.com", "published": "2022-10-18T11:15:10.117", - "lastModified": "2023-11-07T03:51:28.430", + "lastModified": "2023-12-28T16:46:19.600", "vulnStatus": "Modified", "descriptions": [ { @@ -37,7 +37,7 @@ "impactScore": 1.4 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -74,7 +74,7 @@ ] }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "description": [ { @@ -93,8 +93,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:simple_cold_storage_management_system_project:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "927B57F8-82DF-41A0-9935-5F4DE91A86BB" + "criteria": "cpe:2.3:a:oretnom23:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46B90B33-68A7-49D0-AC82-B19068310C9C" } ] } diff --git a/CVE-2022/CVE-2022-35xx/CVE-2022-3587.json b/CVE-2022/CVE-2022-35xx/CVE-2022-3587.json index 63ab5a664f6..440b1d90b85 100644 --- a/CVE-2022/CVE-2022-35xx/CVE-2022-3587.json +++ b/CVE-2022/CVE-2022-35xx/CVE-2022-3587.json @@ -2,7 +2,7 @@ "id": "CVE-2022-3587", "sourceIdentifier": "cna@vuldb.com", "published": "2022-10-18T13:15:10.510", - "lastModified": "2023-11-07T03:51:28.613", + "lastModified": "2023-12-28T16:46:19.600", "vulnStatus": "Modified", "descriptions": [ { @@ -37,7 +37,7 @@ "impactScore": 2.7 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -70,7 +70,7 @@ ] }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "description": [ { @@ -89,8 +89,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:simple_cold_storage_management_system_project:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "927B57F8-82DF-41A0-9935-5F4DE91A86BB" + "criteria": "cpe:2.3:a:oretnom23:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46B90B33-68A7-49D0-AC82-B19068310C9C" } ] } diff --git a/CVE-2022/CVE-2022-422xx/CVE-2022-42232.json b/CVE-2022/CVE-2022-422xx/CVE-2022-42232.json index 557a8425f94..4db752dd137 100644 --- a/CVE-2022/CVE-2022-422xx/CVE-2022-42232.json +++ b/CVE-2022/CVE-2022-422xx/CVE-2022-42232.json @@ -2,7 +2,7 @@ "id": "CVE-2022-42232", "sourceIdentifier": "cve@mitre.org", "published": "2022-10-14T17:15:16.843", - "lastModified": "2022-10-17T17:45:09.220", + "lastModified": "2023-12-28T16:46:19.600", "vulnStatus": "Analyzed", "descriptions": [ { @@ -59,8 +59,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:simple_cold_storage_management_system_project:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "927B57F8-82DF-41A0-9935-5F4DE91A86BB" + "criteria": "cpe:2.3:a:oretnom23:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46B90B33-68A7-49D0-AC82-B19068310C9C" } ] } diff --git a/CVE-2022/CVE-2022-422xx/CVE-2022-42241.json b/CVE-2022/CVE-2022-422xx/CVE-2022-42241.json index 03cfb48d547..01e97c1489a 100644 --- a/CVE-2022/CVE-2022-422xx/CVE-2022-42241.json +++ b/CVE-2022/CVE-2022-422xx/CVE-2022-42241.json @@ -2,7 +2,7 @@ "id": "CVE-2022-42241", "sourceIdentifier": "cve@mitre.org", "published": "2022-10-06T18:17:58.167", - "lastModified": "2022-10-06T19:13:00.580", + "lastModified": "2023-12-28T16:46:19.600", "vulnStatus": "Analyzed", "descriptions": [ { @@ -59,8 +59,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:simple_cold_storage_management_system_project:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "927B57F8-82DF-41A0-9935-5F4DE91A86BB" + "criteria": "cpe:2.3:a:oretnom23:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46B90B33-68A7-49D0-AC82-B19068310C9C" } ] } diff --git a/CVE-2022/CVE-2022-422xx/CVE-2022-42242.json b/CVE-2022/CVE-2022-422xx/CVE-2022-42242.json index caf76b259f8..940a1fded56 100644 --- a/CVE-2022/CVE-2022-422xx/CVE-2022-42242.json +++ b/CVE-2022/CVE-2022-422xx/CVE-2022-42242.json @@ -2,7 +2,7 @@ "id": "CVE-2022-42242", "sourceIdentifier": "cve@mitre.org", "published": "2022-10-06T18:18:23.363", - "lastModified": "2022-10-06T19:13:53.067", + "lastModified": "2023-12-28T16:46:19.600", "vulnStatus": "Analyzed", "descriptions": [ { @@ -59,8 +59,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:simple_cold_storage_management_system_project:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "927B57F8-82DF-41A0-9935-5F4DE91A86BB" + "criteria": "cpe:2.3:a:oretnom23:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46B90B33-68A7-49D0-AC82-B19068310C9C" } ] } diff --git a/CVE-2022/CVE-2022-422xx/CVE-2022-42243.json b/CVE-2022/CVE-2022-422xx/CVE-2022-42243.json index 6e4551d25ea..4f0305f681d 100644 --- a/CVE-2022/CVE-2022-422xx/CVE-2022-42243.json +++ b/CVE-2022/CVE-2022-422xx/CVE-2022-42243.json @@ -2,7 +2,7 @@ "id": "CVE-2022-42243", "sourceIdentifier": "cve@mitre.org", "published": "2022-10-06T18:18:24.127", - "lastModified": "2022-10-06T19:17:29.520", + "lastModified": "2023-12-28T16:46:19.600", "vulnStatus": "Analyzed", "descriptions": [ { @@ -59,8 +59,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:simple_cold_storage_management_system_project:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "927B57F8-82DF-41A0-9935-5F4DE91A86BB" + "criteria": "cpe:2.3:a:oretnom23:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46B90B33-68A7-49D0-AC82-B19068310C9C" } ] } diff --git a/CVE-2022/CVE-2022-422xx/CVE-2022-42249.json b/CVE-2022/CVE-2022-422xx/CVE-2022-42249.json index d8e819deaf7..058458a71f2 100644 --- a/CVE-2022/CVE-2022-422xx/CVE-2022-42249.json +++ b/CVE-2022/CVE-2022-422xx/CVE-2022-42249.json @@ -2,7 +2,7 @@ "id": "CVE-2022-42249", "sourceIdentifier": "cve@mitre.org", "published": "2022-10-06T18:18:24.427", - "lastModified": "2022-10-06T19:20:21.100", + "lastModified": "2023-12-28T16:46:19.600", "vulnStatus": "Analyzed", "descriptions": [ { @@ -59,8 +59,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:simple_cold_storage_management_system_project:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "927B57F8-82DF-41A0-9935-5F4DE91A86BB" + "criteria": "cpe:2.3:a:oretnom23:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46B90B33-68A7-49D0-AC82-B19068310C9C" } ] } diff --git a/CVE-2022/CVE-2022-422xx/CVE-2022-42250.json b/CVE-2022/CVE-2022-422xx/CVE-2022-42250.json index 4862bffc08b..fcaf9db2a4d 100644 --- a/CVE-2022/CVE-2022-422xx/CVE-2022-42250.json +++ b/CVE-2022/CVE-2022-422xx/CVE-2022-42250.json @@ -2,7 +2,7 @@ "id": "CVE-2022-42250", "sourceIdentifier": "cve@mitre.org", "published": "2022-10-06T18:18:24.697", - "lastModified": "2022-10-06T19:22:51.160", + "lastModified": "2023-12-28T16:46:19.600", "vulnStatus": "Analyzed", "descriptions": [ { @@ -59,8 +59,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:simple_cold_storage_management_system_project:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "927B57F8-82DF-41A0-9935-5F4DE91A86BB" + "criteria": "cpe:2.3:a:oretnom23:simple_cold_storage_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46B90B33-68A7-49D0-AC82-B19068310C9C" } ] } diff --git a/CVE-2022/CVE-2022-43xx/CVE-2022-4393.json b/CVE-2022/CVE-2022-43xx/CVE-2022-4393.json index 4f2f383834a..a790b2f213e 100644 --- a/CVE-2022/CVE-2022-43xx/CVE-2022-4393.json +++ b/CVE-2022/CVE-2022-43xx/CVE-2022-4393.json @@ -2,8 +2,8 @@ "id": "CVE-2022-4393", "sourceIdentifier": "contact@wpscan.com", "published": "2023-01-09T23:15:28.033", - "lastModified": "2023-11-13T14:11:26.470", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T15:41:02.893", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-451xx/CVE-2022-45188.json b/CVE-2022/CVE-2022-451xx/CVE-2022-45188.json index ca5d4c13f15..e67795f3286 100644 --- a/CVE-2022/CVE-2022-451xx/CVE-2022-45188.json +++ b/CVE-2022/CVE-2022-451xx/CVE-2022-45188.json @@ -2,8 +2,8 @@ "id": "CVE-2022-45188", "sourceIdentifier": "cve@mitre.org", "published": "2022-11-12T05:15:12.907", - "lastModified": "2023-11-07T03:54:40.037", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-28T15:12:38.110", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -66,24 +66,82 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", + "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", + "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" + } + ] + } + ] } ], "references": [ { "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZYWSGVA6WXREMB6PV56HAHKU7R6KPOP/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GEAFLA5L2SHOUFBAGUXIF2TZLGBXGJKT/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SG6WZW5LXFVH3P7ZVZRGHUVJEMEFKQLI/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html", @@ -110,7 +168,11 @@ }, { "url": "https://security.gentoo.org/glsa/202311-02", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Third Party Advisory" + ] }, { "url": "https://sourceforge.net/projects/netatalk/files/netatalk/", @@ -122,7 +184,10 @@ }, { "url": "https://www.debian.org/security/2023/dsa-5503", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-49xx/CVE-2022-4907.json b/CVE-2022/CVE-2022-49xx/CVE-2022-4907.json index 37ab8b27918..e75c7a43c5e 100644 --- a/CVE-2022/CVE-2022-49xx/CVE-2022-4907.json +++ b/CVE-2022/CVE-2022-49xx/CVE-2022-4907.json @@ -2,8 +2,8 @@ "id": "CVE-2022-4907", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2023-07-29T00:15:10.860", - "lastModified": "2023-11-13T05:15:08.490", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T15:39:50.990", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -62,6 +62,41 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", + "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C" + } + ] + } + ] } ], "references": [ @@ -78,21 +113,29 @@ "source": "chrome-cve-admin@google.com", "tags": [ "Exploit", - "Issue Tracking", - "Vendor Advisory" + "Issue Tracking" ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LE64KGGOISKPKMYROSDT4K6QFVDIRF6/", - "source": "chrome-cve-admin@google.com" + "source": "chrome-cve-admin@google.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B6SAST6CB5KKCQKH75ER2UQ3ICYPHCIZ/", - "source": "chrome-cve-admin@google.com" + "source": "chrome-cve-admin@google.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://www.debian.org/security/2023/dsa-5552", - "source": "chrome-cve-admin@google.com" + "source": "chrome-cve-admin@google.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2680.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2680.json index 2e39045a8fc..fbdfba59ef9 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2680.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2680.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2680", "sourceIdentifier": "secalert@redhat.com", "published": "2023-09-13T17:15:09.697", - "lastModified": "2023-11-16T16:15:30.260", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T16:23:09.520", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -130,7 +130,10 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20231116-0001/", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-274xx/CVE-2023-27447.json b/CVE-2023/CVE-2023-274xx/CVE-2023-27447.json index d370964171c..283d1a7d4af 100644 --- a/CVE-2023/CVE-2023-274xx/CVE-2023-27447.json +++ b/CVE-2023/CVE-2023-274xx/CVE-2023-27447.json @@ -2,8 +2,8 @@ "id": "CVE-2023-27447", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-28T11:15:07.973", - "lastModified": "2023-12-28T11:15:07.973", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:45.763", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-325xx/CVE-2023-32513.json b/CVE-2023/CVE-2023-325xx/CVE-2023-32513.json index a36119f5362..52f3cda6354 100644 --- a/CVE-2023/CVE-2023-325xx/CVE-2023-32513.json +++ b/CVE-2023/CVE-2023-325xx/CVE-2023-32513.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32513", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-28T11:15:08.590", - "lastModified": "2023-12-28T11:15:08.590", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:45.763", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-327xx/CVE-2023-32795.json b/CVE-2023/CVE-2023-327xx/CVE-2023-32795.json index 8ba53da6621..2343278b370 100644 --- a/CVE-2023/CVE-2023-327xx/CVE-2023-32795.json +++ b/CVE-2023/CVE-2023-327xx/CVE-2023-32795.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32795", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-28T11:15:08.833", - "lastModified": "2023-12-28T11:15:08.833", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:45.763", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-348xx/CVE-2023-34829.json b/CVE-2023/CVE-2023-348xx/CVE-2023-34829.json index 6d01a722b07..86cea15b6a0 100644 --- a/CVE-2023/CVE-2023-348xx/CVE-2023-34829.json +++ b/CVE-2023/CVE-2023-348xx/CVE-2023-34829.json @@ -2,12 +2,16 @@ "id": "CVE-2023-34829", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-28T03:15:07.587", - "lastModified": "2023-12-28T03:15:07.587", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:53.403", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Incorrect access control in TP-Link Tapo before v3.1.315 allows attackers to access user credentials in plaintext." + }, + { + "lang": "es", + "value": "El control de acceso incorrecto en TP-Link Tapo anterior a v3.1.315 permite a los atacantes acceder a las credenciales de usuario en texto plano." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-363xx/CVE-2023-36381.json b/CVE-2023/CVE-2023-363xx/CVE-2023-36381.json index 46bf416ab97..1c8acdc23ce 100644 --- a/CVE-2023/CVE-2023-363xx/CVE-2023-36381.json +++ b/CVE-2023/CVE-2023-363xx/CVE-2023-36381.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36381", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-28T11:15:09.067", - "lastModified": "2023-12-28T11:15:09.067", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:45.763", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3654.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3654.json index 9839a348480..736d36c8ef0 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3654.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3654.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3654", "sourceIdentifier": "office@cyberdanube.com", "published": "2023-10-03T09:15:10.247", - "lastModified": "2023-11-02T10:15:11.023", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T15:20:38.820", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -101,7 +101,10 @@ "references": [ { "url": "https://doi.org/10.35011/ww2q-d522", - "source": "office@cyberdanube.com" + "source": "office@cyberdanube.com", + "tags": [ + "Technical Description" + ] }, { "url": "https://www.cashit.at/", diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3655.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3655.json index f8e1294fbc8..d8b7ed5fa88 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3655.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3655.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3655", "sourceIdentifier": "office@cyberdanube.com", "published": "2023-10-03T08:15:35.680", - "lastModified": "2023-11-02T10:15:13.703", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T15:20:29.200", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -101,7 +101,10 @@ "references": [ { "url": "https://doi.org/10.35011/ww2q-d522", - "source": "office@cyberdanube.com" + "source": "office@cyberdanube.com", + "tags": [ + "Technical Description" + ] }, { "url": "https://www.cashit.at/", diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3656.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3656.json index cd28a31b8dd..faa6715aae4 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3656.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3656.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3656", "sourceIdentifier": "office@cyberdanube.com", "published": "2023-10-03T08:15:35.930", - "lastModified": "2023-11-02T10:15:14.067", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T15:20:34.697", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -105,7 +105,10 @@ "references": [ { "url": "https://doi.org/10.35011/ww2q-d522", - "source": "office@cyberdanube.com" + "source": "office@cyberdanube.com", + "tags": [ + "Technical Description" + ] }, { "url": "https://www.cashit.at/", diff --git a/CVE-2023/CVE-2023-382xx/CVE-2023-38200.json b/CVE-2023/CVE-2023-382xx/CVE-2023-38200.json index c06c73b2f71..c1f0e18485d 100644 --- a/CVE-2023/CVE-2023-382xx/CVE-2023-38200.json +++ b/CVE-2023/CVE-2023-382xx/CVE-2023-38200.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38200", "sourceIdentifier": "secalert@redhat.com", "published": "2023-07-24T16:15:12.067", - "lastModified": "2023-11-12T03:15:26.253", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T15:40:32.947", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -106,6 +106,36 @@ "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*", + "matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*", + "matchCriteriaId": "FB056B47-1F45-4CE4-81F6-872F66C24C29" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*", + "matchCriteriaId": "26041661-0280-4544-AA0A-BC28FCED4699" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*", + "matchCriteriaId": "E07C1C58-0E5F-4B56-9B8D-5DE67DB00F79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*", + "matchCriteriaId": "62D3FD78-5B63-4A1B-B4EE-9B098844691E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*", + "matchCriteriaId": "F32CA554-F9D7-425B-8F1C-89678507F28C" } ] } @@ -119,8 +149,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:fedoraproject:fedora:-:*:*:*:*:*:*:*", - "matchCriteriaId": "D3FEADDA-2AEE-4F65-9401-971B585664A8" + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" } ] } @@ -130,7 +160,10 @@ "references": [ { "url": "https://access.redhat.com/errata/RHSA-2023:5080", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/security/cve/CVE-2023-38200", @@ -156,7 +189,10 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZIZZB5NHNCS5D2AEH3ZAO6OQC72IK7WS/", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Mailing List" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-407xx/CVE-2023-40791.json b/CVE-2023/CVE-2023-407xx/CVE-2023-40791.json index 49a21513cc1..f7016358678 100644 --- a/CVE-2023/CVE-2023-407xx/CVE-2023-40791.json +++ b/CVE-2023/CVE-2023-407xx/CVE-2023-40791.json @@ -2,8 +2,8 @@ "id": "CVE-2023-40791", "sourceIdentifier": "cve@mitre.org", "published": "2023-10-16T03:15:09.273", - "lastModified": "2023-11-10T18:15:08.277", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T16:13:37.483", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -66,6 +66,114 @@ ] } ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098" + } + ] + } + ] } ], "references": [ @@ -95,11 +203,18 @@ }, { "url": "https://lore.kernel.org/linux-crypto/20571.1690369076%40warthog.procyon.org.uk/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://security.netapp.com/advisory/ntap-20231110-0009/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-416xx/CVE-2023-41615.json b/CVE-2023/CVE-2023-416xx/CVE-2023-41615.json index e5d17ec161a..496ee708d27 100644 --- a/CVE-2023/CVE-2023-416xx/CVE-2023-41615.json +++ b/CVE-2023/CVE-2023-416xx/CVE-2023-41615.json @@ -2,8 +2,8 @@ "id": "CVE-2023-41615", "sourceIdentifier": "cve@mitre.org", "published": "2023-09-08T03:15:09.060", - "lastModified": "2023-11-14T20:19:32.323", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T16:23:14.277", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -70,7 +70,10 @@ "references": [ { "url": "https://medium.com/%40guravtushar231/sql-injection-in-login-field-a9073780f7e8", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] }, { "url": "https://phpgurukul.com/student-management-system-using-php-and-mysql/", diff --git a/CVE-2023/CVE-2023-426xx/CVE-2023-42627.json b/CVE-2023/CVE-2023-426xx/CVE-2023-42627.json index 093bccb2024..0be0f64f82a 100644 --- a/CVE-2023/CVE-2023-426xx/CVE-2023-42627.json +++ b/CVE-2023/CVE-2023-426xx/CVE-2023-42627.json @@ -2,8 +2,8 @@ "id": "CVE-2023-42627", "sourceIdentifier": "security@liferay.com", "published": "2023-10-17T13:15:11.677", - "lastModified": "2023-11-10T03:15:07.293", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T16:13:12.767", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -219,7 +219,11 @@ }, { "url": "https://www.pentagrid.ch/en/blog/stored-cross-site-scripting-vulnerabilities-in-liferay-portal/", - "source": "security@liferay.com" + "source": "security@liferay.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-426xx/CVE-2023-42628.json b/CVE-2023/CVE-2023-426xx/CVE-2023-42628.json index 636b8e93681..875e1adef21 100644 --- a/CVE-2023/CVE-2023-426xx/CVE-2023-42628.json +++ b/CVE-2023/CVE-2023-426xx/CVE-2023-42628.json @@ -2,8 +2,8 @@ "id": "CVE-2023-42628", "sourceIdentifier": "security@liferay.com", "published": "2023-10-17T12:15:10.043", - "lastModified": "2023-11-10T03:15:07.417", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T16:13:28.370", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -634,7 +634,11 @@ }, { "url": "https://www.pentagrid.ch/en/blog/stored-cross-site-scripting-vulnerabilities-in-liferay-portal/", - "source": "security@liferay.com" + "source": "security@liferay.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-426xx/CVE-2023-42629.json b/CVE-2023/CVE-2023-426xx/CVE-2023-42629.json index a998bed7b03..25c592498a2 100644 --- a/CVE-2023/CVE-2023-426xx/CVE-2023-42629.json +++ b/CVE-2023/CVE-2023-426xx/CVE-2023-42629.json @@ -2,8 +2,8 @@ "id": "CVE-2023-42629", "sourceIdentifier": "security@liferay.com", "published": "2023-10-17T09:15:10.167", - "lastModified": "2023-11-10T03:15:07.523", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T16:13:32.073", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -199,7 +199,11 @@ }, { "url": "https://www.pentagrid.ch/en/blog/stored-cross-site-scripting-vulnerabilities-in-liferay-portal/", - "source": "security@liferay.com" + "source": "security@liferay.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-437xx/CVE-2023-43796.json b/CVE-2023/CVE-2023-437xx/CVE-2023-43796.json index 35d4059bead..923f474dc2f 100644 --- a/CVE-2023/CVE-2023-437xx/CVE-2023-43796.json +++ b/CVE-2023/CVE-2023-437xx/CVE-2023-43796.json @@ -2,8 +2,8 @@ "id": "CVE-2023-43796", "sourceIdentifier": "security-advisories@github.com", "published": "2023-10-31T17:15:23.270", - "lastModified": "2023-11-10T03:15:07.610", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T16:13:08.610", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -96,6 +96,26 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", + "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646" + } + ] + } + ] } ], "references": [ @@ -115,11 +135,17 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IDEEZMFJBDLTFHQUTZRJJNCOZGQ2ZVS/", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VH3RNC5ZPQZ4OKPSL4E6BBJSZOQLGDEY/", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Mailing List" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-457xx/CVE-2023-45701.json b/CVE-2023/CVE-2023-457xx/CVE-2023-45701.json index f94d824194c..e3bca26ec2c 100644 --- a/CVE-2023/CVE-2023-457xx/CVE-2023-45701.json +++ b/CVE-2023/CVE-2023-457xx/CVE-2023-45701.json @@ -2,12 +2,16 @@ "id": "CVE-2023-45701", "sourceIdentifier": "psirt@hcl.com", "published": "2023-12-28T07:15:07.697", - "lastModified": "2023-12-28T07:15:07.697", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:53.403", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "HCL Launch could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.\n" + }, + { + "lang": "es", + "value": "HCL Launch podr\u00eda permitir a un atacante remoto obtener informaci\u00f3n confidencial cuando se devuelve un mensaje de error t\u00e9cnico detallado en el navegador. Esta informaci\u00f3n podr\u00eda usarse en futuros ataques contra el sistema." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-457xx/CVE-2023-45702.json b/CVE-2023/CVE-2023-457xx/CVE-2023-45702.json index 5e9b756393b..b9f7f1aaffe 100644 --- a/CVE-2023/CVE-2023-457xx/CVE-2023-45702.json +++ b/CVE-2023/CVE-2023-457xx/CVE-2023-45702.json @@ -2,12 +2,16 @@ "id": "CVE-2023-45702", "sourceIdentifier": "psirt@hcl.com", "published": "2023-12-28T08:15:35.710", - "lastModified": "2023-12-28T08:15:35.710", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:53.403", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An HCL UrbanCode Deploy Agent installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts..\n" + }, + { + "lang": "es", + "value": "Un agente de implementaci\u00f3n HCL UrbanCode instalado como un servicio de Windows en una ubicaci\u00f3n no est\u00e1ndar podr\u00eda estar sujeto a un ataque de denegaci\u00f3n de servicio por parte de cuentas locales." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-458xx/CVE-2023-45871.json b/CVE-2023/CVE-2023-458xx/CVE-2023-45871.json index 93b3a19b6d9..9591a452c43 100644 --- a/CVE-2023/CVE-2023-458xx/CVE-2023-45871.json +++ b/CVE-2023/CVE-2023-458xx/CVE-2023-45871.json @@ -2,8 +2,8 @@ "id": "CVE-2023-45871", "sourceIdentifier": "cve@mitre.org", "published": "2023-10-15T01:15:09.027", - "lastModified": "2023-11-10T18:15:08.733", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T16:18:15.007", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -45,7 +45,7 @@ "description": [ { "lang": "en", - "value": "CWE-120" + "value": "CWE-131" } ] } @@ -86,7 +86,10 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20231110-0001/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4527.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4527.json index 846fe2158cf..06eadbece2c 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4527.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4527.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4527", "sourceIdentifier": "secalert@redhat.com", "published": "2023-09-18T17:15:55.067", - "lastModified": "2023-11-16T16:15:34.163", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T16:23:01.123", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -251,6 +251,141 @@ ] } ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F" + } + ] + } + ] } ], "references": [ @@ -321,7 +456,10 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20231116-0012/", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-468xx/CVE-2023-46846.json b/CVE-2023/CVE-2023-468xx/CVE-2023-46846.json index d18fdf77613..3694b016a01 100644 --- a/CVE-2023/CVE-2023-468xx/CVE-2023-46846.json +++ b/CVE-2023/CVE-2023-468xx/CVE-2023-46846.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46846", "sourceIdentifier": "secalert@redhat.com", "published": "2023-11-03T08:15:07.953", - "lastModified": "2023-11-30T22:15:08.547", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-28T16:24:10.387", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -134,6 +134,21 @@ "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47" }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*", + "matchCriteriaId": "5A47EF78-A5B6-4B89-8B74-EEB0647C549F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*", + "matchCriteriaId": "32AF225E-94C0-4D07-900C-DD868C05F554" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*", + "matchCriteriaId": "23D471AC-7DCA-4425-AD91-E5D928753A8C" + }, { "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", @@ -243,7 +258,10 @@ }, { "url": "https://access.redhat.com/errata/RHSA-2023:7213", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/security/cve/CVE-2023-46846", @@ -269,7 +287,10 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20231130-0002/", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-469xx/CVE-2023-46918.json b/CVE-2023/CVE-2023-469xx/CVE-2023-46918.json index 6a9a66654f6..78bcf1cf82d 100644 --- a/CVE-2023/CVE-2023-469xx/CVE-2023-46918.json +++ b/CVE-2023/CVE-2023-469xx/CVE-2023-46918.json @@ -2,12 +2,16 @@ "id": "CVE-2023-46918", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-27T22:15:16.597", - "lastModified": "2023-12-27T22:15:16.597", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:59.150", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Phlox com.phlox.simpleserver.plus (aka Simple HTTP Server PLUS) 1.8.1-plus has an Android manifest file that contains an entry with the android:allowBackup attribute set to true. This could be leveraged by an attacker with physical access to the device." + }, + { + "lang": "es", + "value": "Phlox com.phlox.simpleserver.plus (aka Simple HTTP Server PLUS) 1.8.1-plus tiene un archivo de manifiesto de Android que contiene una entrada con el atributo android:allowBackup establecido en verdadero. Esto podr\u00eda ser aprovechado por un atacante con acceso f\u00edsico al dispositivo." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-469xx/CVE-2023-46987.json b/CVE-2023/CVE-2023-469xx/CVE-2023-46987.json new file mode 100644 index 00000000000..adb963cf182 --- /dev/null +++ b/CVE-2023/CVE-2023-469xx/CVE-2023-46987.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-46987", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-12-28T15:15:07.550", + "lastModified": "2023-12-28T15:15:07.550", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SeaCMS v12.9 was discovered to contain a remote code execution (RCE) vulnerability via the component /augap/adminip.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://seacms.com", + "source": "cve@mitre.org" + }, + { + "url": "http://www.seacms.com/", + "source": "cve@mitre.org" + }, + { + "url": "https://blog.csdn.net/weixin_72610998/article/details/133420747?spm=1001.2014.3001.5501", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-469xx/CVE-2023-46989.json b/CVE-2023/CVE-2023-469xx/CVE-2023-46989.json index dccc7cd524d..e87571d1424 100644 --- a/CVE-2023/CVE-2023-469xx/CVE-2023-46989.json +++ b/CVE-2023/CVE-2023-469xx/CVE-2023-46989.json @@ -2,12 +2,16 @@ "id": "CVE-2023-46989", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-28T06:15:44.227", - "lastModified": "2023-12-28T06:15:44.227", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:53.403", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "SQL Injection vulnerability in the Innovadeluxe Quick Order module for PrestaShop before v.1.4.0, allows local attackers to execute arbitrary code via the getProducts() function in the productlist.php file." + }, + { + "lang": "es", + "value": "Vulnerabilidad de inyecci\u00f3n SQL en el m\u00f3dulo Innovadeluxe Quick Order para PrestaShop anterior a v.1.4.0, permite a atacantes locales ejecutar c\u00f3digo arbitrario a trav\u00e9s de la funci\u00f3n getProducts() en el archivo productlist.php." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-46xx/CVE-2023-4671.json b/CVE-2023/CVE-2023-46xx/CVE-2023-4671.json index ffdd7296605..0ca2726ad69 100644 --- a/CVE-2023/CVE-2023-46xx/CVE-2023-4671.json +++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4671.json @@ -2,12 +2,16 @@ "id": "CVE-2023-4671", "sourceIdentifier": "iletisim@usom.gov.tr", "published": "2023-12-28T10:15:08.043", - "lastModified": "2023-12-28T10:15:08.043", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:53.403", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Talent Software ECOP allows Command Line Execution through SQL Injection.This issue affects ECOP: before 32255.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n inadecuada de elementos especiales utilizados en un comando SQL ('inyecci\u00f3n SQL') en Talent Software ECOP permite la ejecuci\u00f3n de l\u00ednea de comando mediante inyecci\u00f3n SQL. Este problema afecta a ECOP: anterior a 32255." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-46xx/CVE-2023-4672.json b/CVE-2023/CVE-2023-46xx/CVE-2023-4672.json index 1404d9c7fcb..353a40adf29 100644 --- a/CVE-2023/CVE-2023-46xx/CVE-2023-4672.json +++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4672.json @@ -2,12 +2,16 @@ "id": "CVE-2023-4672", "sourceIdentifier": "iletisim@usom.gov.tr", "published": "2023-12-28T10:15:08.423", - "lastModified": "2023-12-28T10:15:08.423", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:53.403", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Talent Software ECOP allows Reflected XSS.This issue affects ECOP: before 32255.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Talent Software ECOP permite XSS reflejado. Este problema afecta a ECOP: anterior a 32255." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-487xx/CVE-2023-48719.json b/CVE-2023/CVE-2023-487xx/CVE-2023-48719.json index d98b2801237..21119da7e5a 100644 --- a/CVE-2023/CVE-2023-487xx/CVE-2023-48719.json +++ b/CVE-2023/CVE-2023-487xx/CVE-2023-48719.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48719", "sourceIdentifier": "help@fluidattacks.com", "published": "2023-12-21T21:15:12.590", - "lastModified": "2023-12-22T12:18:32.690", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T16:56:12.793", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -50,14 +50,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpgurukul:student_result_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "6FD4B746-334F-47DF-B70F-2DC6E80F23D4" + } + ] + } + ] + } + ], "references": [ { "url": "https://fluidattacks.com/advisories/gilels/", - "source": "help@fluidattacks.com" + "source": "help@fluidattacks.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://projectworlds.in/", - "source": "help@fluidattacks.com" + "source": "help@fluidattacks.com", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-487xx/CVE-2023-48723.json b/CVE-2023/CVE-2023-487xx/CVE-2023-48723.json index 37dd87a2666..92132edbc6b 100644 --- a/CVE-2023/CVE-2023-487xx/CVE-2023-48723.json +++ b/CVE-2023/CVE-2023-487xx/CVE-2023-48723.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48723", "sourceIdentifier": "help@fluidattacks.com", "published": "2023-12-21T22:15:14.823", - "lastModified": "2023-12-22T12:18:32.690", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T15:53:46.960", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -50,14 +50,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpgurukul:student_result_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "6FD4B746-334F-47DF-B70F-2DC6E80F23D4" + } + ] + } + ] + } + ], "references": [ { "url": "https://fluidattacks.com/advisories/gilels/", - "source": "help@fluidattacks.com" + "source": "help@fluidattacks.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://projectworlds.in/", - "source": "help@fluidattacks.com" + "source": "help@fluidattacks.com", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-490xx/CVE-2023-49000.json b/CVE-2023/CVE-2023-490xx/CVE-2023-49000.json index 3facdb55687..46c139dc460 100644 --- a/CVE-2023/CVE-2023-490xx/CVE-2023-49000.json +++ b/CVE-2023/CVE-2023-490xx/CVE-2023-49000.json @@ -2,12 +2,16 @@ "id": "CVE-2023-49000", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-27T22:15:16.653", - "lastModified": "2023-12-27T22:15:16.653", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:59.150", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue in ArtistScope ArtisBrowser v.34.1.5 and before allows an attacker to bypass intended access restrictions via interaction with the com.artis.browser.IntentReceiverActivity component." + }, + { + "lang": "es", + "value": "Un problema en ArtistScope ArtisBrowser v.34.1.5 y anteriores permite a un atacante omitir las restricciones de acceso previstas mediante la interacci\u00f3n con el componente com.artis.browser.IntentReceiverActivity." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-490xx/CVE-2023-49001.json b/CVE-2023/CVE-2023-490xx/CVE-2023-49001.json index 568b3f5ee8d..50d2db2da65 100644 --- a/CVE-2023/CVE-2023-490xx/CVE-2023-49001.json +++ b/CVE-2023/CVE-2023-490xx/CVE-2023-49001.json @@ -2,12 +2,16 @@ "id": "CVE-2023-49001", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-27T22:15:16.700", - "lastModified": "2023-12-27T22:15:16.700", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:59.150", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue in Indi Browser (aka kvbrowser) v.12.11.23 allows an attacker to bypass intended access restrictions via interaction with the com.example.gurry.kvbrowswer.webview component." + }, + { + "lang": "es", + "value": "Un problema en Indi Browser (aka kvbrowser) v.12.11.23 permite a un atacante omitir las restricciones de acceso previstas mediante la interacci\u00f3n con el componente com.example.gurry.kvbrowswer.webview." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-490xx/CVE-2023-49002.json b/CVE-2023/CVE-2023-490xx/CVE-2023-49002.json index ab7c7f2a6c9..d0e1df41d0c 100644 --- a/CVE-2023/CVE-2023-490xx/CVE-2023-49002.json +++ b/CVE-2023/CVE-2023-490xx/CVE-2023-49002.json @@ -2,12 +2,16 @@ "id": "CVE-2023-49002", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-27T22:15:16.750", - "lastModified": "2023-12-27T22:15:16.750", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:59.150", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue in Xenom Technologies (sinous) Phone Dialer-voice Call Dialer v.1.2.5 allows an attacker to bypass intended access restrictions via interaction with com.funprime.calldialer.ui.activities.OutgoingActivity." + }, + { + "lang": "es", + "value": "Un problema en Xenom Technologies (sinous) Phone Dialer-voice Call Dialer v.1.2.5 permite a un atacante omitir las restricciones de acceso previstas mediante la interacci\u00f3n con com.funprime.calldialer.ui.activities.OutgoingActivity." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-490xx/CVE-2023-49003.json b/CVE-2023/CVE-2023-490xx/CVE-2023-49003.json index f0d1eae6d79..6747b067dbb 100644 --- a/CVE-2023/CVE-2023-490xx/CVE-2023-49003.json +++ b/CVE-2023/CVE-2023-490xx/CVE-2023-49003.json @@ -2,12 +2,16 @@ "id": "CVE-2023-49003", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-27T22:15:16.790", - "lastModified": "2023-12-27T22:15:16.790", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:53.403", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue in simplemobiletools Simple Dialer 5.18.1 allows an attacker to bypass intended access restrictions via interaction with com.simplemobiletools.dialer.activities.DialerActivity." + }, + { + "lang": "es", + "value": "Un problema en simplemobiletools Simple Dialer 5.18.1 permite a un atacante omitirlas restricciones de acceso previstas mediante la interacci\u00f3n con com.simplemobiletools.dialer.activities.DialerActivity." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-491xx/CVE-2023-49148.json b/CVE-2023/CVE-2023-491xx/CVE-2023-49148.json index 6f5e29fef38..7ef524a6483 100644 --- a/CVE-2023/CVE-2023-491xx/CVE-2023-49148.json +++ b/CVE-2023/CVE-2023-491xx/CVE-2023-49148.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49148", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-18T22:15:10.347", - "lastModified": "2023-12-19T13:42:29.533", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T16:51:57.970", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Kulwant Nagi Affiliate Booster \u2013 Pros & Cons, Notice, and CTA Blocks for Affiliates.This issue affects Affiliate Booster \u2013 Pros & Cons, Notice, and CTA Blocks for Affiliates: from n/a through 3.0.5.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Kulwant Nagi Affiliate Booster \u2013 Pros & Cons, Notice, and CTA Blocks for Affiliates. Este problema afecta a Kulwant Nagi Affiliate Booster \u2013 Pros & Cons, Notice, and CTA Blocks for Affiliates: desde n/a hasta 3.0.5." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:affiliatebooster:affiliate_booster:*:*:*:*:wordpress:*:*:*", + "versionEndIncluding": "3.0.5", + "matchCriteriaId": "61A58258-5A48-49D8-902E-778E8B76675A" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/affiliatebooster-blocks/wordpress-affiliate-booster-plugin-3-0-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-492xx/CVE-2023-49228.json b/CVE-2023/CVE-2023-492xx/CVE-2023-49228.json index 78194c7cef7..6970f7d4f3f 100644 --- a/CVE-2023/CVE-2023-492xx/CVE-2023-49228.json +++ b/CVE-2023/CVE-2023-492xx/CVE-2023-49228.json @@ -2,12 +2,16 @@ "id": "CVE-2023-49228", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-28T04:15:08.023", - "lastModified": "2023-12-28T04:15:08.023", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:53.403", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses hard-coded credentials, which allows an attacker with physical access and sufficient knowledge to execute arbitrary commands as root." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Peplink Balance Two antes de 8.4.0. La autenticaci\u00f3n del puerto de consola utiliza credenciales codificadas, lo que permite a un atacante con acceso f\u00edsico y conocimiento suficiente ejecutar comandos arbitrarios como root." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-492xx/CVE-2023-49229.json b/CVE-2023/CVE-2023-492xx/CVE-2023-49229.json index da076c32519..311a73aa5c1 100644 --- a/CVE-2023/CVE-2023-492xx/CVE-2023-49229.json +++ b/CVE-2023/CVE-2023-492xx/CVE-2023-49229.json @@ -2,12 +2,16 @@ "id": "CVE-2023-49229", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-28T04:15:08.100", - "lastModified": "2023-12-28T04:15:08.100", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:53.403", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue was discovered in Peplink Balance Two before 8.4.0. A missing authorization check in the administration web service allows read-only, unprivileged users to obtain sensitive information about the device configuration." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Peplink Balance Two antes de 8.4.0. Una verificaci\u00f3n de autorizaci\u00f3n faltante en el servicio web de administraci\u00f3n permite a los usuarios sin privilegios y de solo lectura obtener informaci\u00f3n confidencial sobre la configuraci\u00f3n del dispositivo." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-492xx/CVE-2023-49230.json b/CVE-2023/CVE-2023-492xx/CVE-2023-49230.json index c1156372d20..5848fdbfccf 100644 --- a/CVE-2023/CVE-2023-492xx/CVE-2023-49230.json +++ b/CVE-2023/CVE-2023-492xx/CVE-2023-49230.json @@ -2,12 +2,16 @@ "id": "CVE-2023-49230", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-28T04:15:08.150", - "lastModified": "2023-12-28T04:15:08.150", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:53.403", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue was discovered in Peplink Balance Two before 8.4.0. A missing authorization check in captive portals allows attackers to modify the portals' configurations without prior authentication." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Peplink Balance Two antes de 8.4.0. Una verificaci\u00f3n de autorizaci\u00f3n faltante en portales cautivos permite a los atacantes modificar las configuraciones de los portales sin autenticaci\u00f3n previa." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-494xx/CVE-2023-49469.json b/CVE-2023/CVE-2023-494xx/CVE-2023-49469.json index 118e55b71f6..a7603057497 100644 --- a/CVE-2023/CVE-2023-494xx/CVE-2023-49469.json +++ b/CVE-2023/CVE-2023-494xx/CVE-2023-49469.json @@ -2,12 +2,16 @@ "id": "CVE-2023-49469", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-28T06:15:44.340", - "lastModified": "2023-12-28T06:15:44.340", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:53.403", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Reflected Cross Site Scripting (XSS) vulnerability in Shaarli v0.12.2, allows remote attackers to execute arbitrary code via search tag function." + }, + { + "lang": "es", + "value": "Vulnerabilidad reflejada de Cross Site Scripting (XSS) en Shaarli v0.12.2, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de la funci\u00f3n de etiqueta de b\u00fasqueda." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-500xx/CVE-2023-50038.json b/CVE-2023/CVE-2023-500xx/CVE-2023-50038.json index db77b746fec..8af78b15004 100644 --- a/CVE-2023/CVE-2023-500xx/CVE-2023-50038.json +++ b/CVE-2023/CVE-2023-500xx/CVE-2023-50038.json @@ -2,12 +2,16 @@ "id": "CVE-2023-50038", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-28T07:15:08.790", - "lastModified": "2023-12-28T07:15:08.790", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:53.403", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "There is an arbitrary file upload vulnerability in the background of textpattern cms v4.8.8, which leads to the loss of server permissions." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de carga de archivos arbitraria en el background de textpattern cms v4.8.8, lo que provoca la p\u00e9rdida de permisos del servidor." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-502xx/CVE-2023-50267.json b/CVE-2023/CVE-2023-502xx/CVE-2023-50267.json new file mode 100644 index 00000000000..08f3a092a08 --- /dev/null +++ b/CVE-2023/CVE-2023-502xx/CVE-2023-50267.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-50267", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-12-28T16:16:01.650", + "lastModified": "2023-12-28T16:16:01.650", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "MeterSphere is a one-stop open source continuous testing platform. Prior to 2.10.10-lts, the authenticated attackers can update resources which don't belong to him if the resource ID is known. This issue if fixed in 2.10.10-lts. There are no known workarounds." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + }, + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/metersphere/metersphere/security/advisories/GHSA-rcp4-c5p2-58v9", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-504xx/CVE-2023-50445.json b/CVE-2023/CVE-2023-504xx/CVE-2023-50445.json index e964b986dbe..50e59b5a1f2 100644 --- a/CVE-2023/CVE-2023-504xx/CVE-2023-50445.json +++ b/CVE-2023/CVE-2023-504xx/CVE-2023-50445.json @@ -2,12 +2,16 @@ "id": "CVE-2023-50445", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-28T05:15:08.427", - "lastModified": "2023-12-28T05:15:08.427", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:53.403", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7., allows local attackers to execute arbitrary code via the get_system_log and get_crash_log functions of the logread module, as well as the upgrade_online function of the upgrade module." + }, + { + "lang": "es", + "value": "Vulnerabilidad de inyecci\u00f3n de Shell\nGL.iNet A1300 v4.4.6\nAX1800 v4.4.6\nAXT1800 v4.4.6\nMT3000 v4.4.6\nMT2500 v4.4.6\nMT6000 v4.5.0\nMT1300 v4.3.7\nMT300N-V2 v4.3.7\nAR750S v4 .3.7\nAR750 v4.3.7\nAR300M v4.3.7\nB1300 v4.3.7.\nPermite a atacantes locales ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de las funciones get_system_log y get_crash_log del m\u00f3dulo logread, as\u00ed como la funci\u00f3n Upgrade_online del m\u00f3dulo de actualizaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-504xx/CVE-2023-50470.json b/CVE-2023/CVE-2023-504xx/CVE-2023-50470.json new file mode 100644 index 00000000000..0d3601391d7 --- /dev/null +++ b/CVE-2023/CVE-2023-504xx/CVE-2023-50470.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-50470", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-12-28T15:15:07.617", + "lastModified": "2023-12-28T15:15:07.617", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A cross-site scripting (XSS) vulnerability in the component admin_ Video.php of SeaCMS v12.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://seacms.com", + "source": "cve@mitre.org" + }, + { + "url": "https://blog.csdn.net/weixin_72610998/article/details/134784075?spm=1001.2014.3001.5502", + "source": "cve@mitre.org" + }, + { + "url": "https://www.seacms.net/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-506xx/CVE-2023-50692.json b/CVE-2023/CVE-2023-506xx/CVE-2023-50692.json index 4e30faf4049..03bd1da04fc 100644 --- a/CVE-2023/CVE-2023-506xx/CVE-2023-50692.json +++ b/CVE-2023/CVE-2023-506xx/CVE-2023-50692.json @@ -2,12 +2,16 @@ "id": "CVE-2023-50692", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-28T06:15:44.400", - "lastModified": "2023-12-28T06:15:44.400", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:53.403", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "File Upload vulnerability in JIZHICMS v.2.5, allows remote attacker to execute arbitrary code via a crafted file uploaded and downloaded to the download_url parameter in the app/admin/exts/ directory." + }, + { + "lang": "es", + "value": "Vulnerabilidad de carga de archivos en JIZHICMS v.2.5, permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo manipulado cargado y descargado en el par\u00e1metro download_url en el directorio app/admin/exts/." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50825.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50825.json index 5ea66f93efd..d353135b47c 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50825.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50825.json @@ -2,16 +2,40 @@ "id": "CVE-2023-50825", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-21T15:15:11.953", - "lastModified": "2023-12-21T18:15:38.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T15:38:49.707", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Terrier Tenacity iframe Shortcode allows Stored XSS.This issue affects iframe Shortcode: from n/a through 2.0.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Terrier Tenacity iframe Shortcode permite XSS almacenado. Este problema afecta el iframe Shortcode: desde n/a hasta 2.0." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jacksonwhelan:iframe_shortcode:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.0", + "matchCriteriaId": "CE189701-1925-4F08-96EE-0F0843D44D8F" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/iframe-shortcode/wordpress-iframe-shortcode-plugin-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50836.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50836.json index ba8e7480ffa..3a4fd26b070 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50836.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50836.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50836", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-28T11:15:09.333", - "lastModified": "2023-12-28T11:15:09.333", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:45.763", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50848.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50848.json index e036283ba70..d00c4f73775 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50848.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50848.json @@ -2,12 +2,16 @@ "id": "CVE-2023-50848", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-28T12:15:42.750", - "lastModified": "2023-12-28T12:15:42.750", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:45.763", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.34.0.\n\n" + }, + { + "lang": "es", + "value": "Neutralizaci\u00f3n incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL (\"inyecci\u00f3n SQL\") en Aaron J 404 Solution. Este problema afecta a 404 Solution: desde n/a hasta 2.34.0." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50849.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50849.json index fc78afa4c5c..054d5ca65c5 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50849.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50849.json @@ -2,12 +2,16 @@ "id": "CVE-2023-50849", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-28T12:15:42.997", - "lastModified": "2023-12-28T12:15:42.997", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:45.763", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in E2Pdf.Com E2Pdf \u2013 Export To Pdf Tool for WordPress.This issue affects E2Pdf \u2013 Export To Pdf Tool for WordPress: from n/a through 1.20.23.\n\n" + }, + { + "lang": "es", + "value": "Neutralizaci\u00f3n incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL ('inyecci\u00f3n SQL') en E2Pdf.Com E2Pdf \u2013 Export To Pdf Tool for WordPress. Este problema afecta a E2Pdf \u2013 Export To Pdf Tool for WordPress: desde n/a hasta 1.20.23 ." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50851.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50851.json index 3d30ed1a696..c49547707a5 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50851.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50851.json @@ -2,12 +2,16 @@ "id": "CVE-2023-50851", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-28T12:15:43.193", - "lastModified": "2023-12-28T12:15:43.193", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:45.763", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in N Squared Appointment Booking Calendar \u2014 Simply Schedule Appointments Booking Plugin.This issue affects Appointment Booking Calendar \u2014 Simply Schedule Appointments Booking Plugin: from n/a before 1.6.6.1.\n\n" + }, + { + "lang": "es", + "value": "Neutralizaci\u00f3n incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL ('inyecci\u00f3n SQL') en N Squared Appointment Booking Calendar \u2014 Simply Schedule Appointments Booking Plugin. Este problema afecta a Appointment Booking Calendar \u2014 Simply Schedule Appointments Booking Plugin: desde n/a antes de 1.6. 6.1." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50852.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50852.json index d7cb1849938..2631b3d8ac5 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50852.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50852.json @@ -2,12 +2,16 @@ "id": "CVE-2023-50852", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-28T12:15:43.390", - "lastModified": "2023-12-28T12:15:43.390", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:45.763", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in StylemixThemes Booking Calendar | Appointment Booking | BookIt.This issue affects Booking Calendar | Appointment Booking | BookIt: from n/a through 2.4.3.\n\n" + }, + { + "lang": "es", + "value": "Neutralizaci\u00f3n incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL ('inyecci\u00f3n SQL') en StylemixThemes Booking Calendar | Appointment Booking | BookIt. Este problema afecta a Booking Calendar | Appointment Booking | BookIt: desde n/a hasta 2.4.3." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50853.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50853.json index ede0cec8a24..7169ea143c6 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50853.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50853.json @@ -2,12 +2,16 @@ "id": "CVE-2023-50853", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-28T12:15:43.577", - "lastModified": "2023-12-28T12:15:43.577", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:45.763", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nasirahmed Advanced Form Integration \u2013 Connect WooCommerce and Contact Form 7 to Google Sheets and other platforms.This issue affects Advanced Form Integration \u2013 Connect WooCommerce and Contact Form 7 to Google Sheets and other platforms: from n/a through 1.75.0.\n\n" + }, + { + "lang": "es", + "value": "Neutralizaci\u00f3n incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL ('inyecci\u00f3n SQL') en Nasirahmed Advanced Form Integration \u2013 Connect WooCommerce and Contact Form 7 to Google Sheets and other platforms. Este problema afecta a Advanced Form Integration \u2013 Connect WooCommerce and Contact Form 7 to Google Sheets and other platforms: desde n/a hasta 1.75.0." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50854.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50854.json index f61c289d946..904867f8d97 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50854.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50854.json @@ -2,12 +2,16 @@ "id": "CVE-2023-50854", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-28T12:15:43.767", - "lastModified": "2023-12-28T12:15:43.767", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:45.763", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Squirrly Squirrly SEO - Advanced Pack.This issue affects Squirrly SEO - Advanced Pack: from n/a through 2.3.8.\n\n" + }, + { + "lang": "es", + "value": "Neutralizaci\u00f3n incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL (\"Inyecci\u00f3n SQL\") en Squirrly Squirrly SEO - Advanced Pack. Este problema afecta a Squirrly SEO - Advanced Pack: desde n/a hasta 2.3.8." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50855.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50855.json index fa7b7301d5c..ed19a9ccc96 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50855.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50855.json @@ -2,12 +2,16 @@ "id": "CVE-2023-50855", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-28T12:15:43.953", - "lastModified": "2023-12-28T12:15:43.953", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:45.763", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Sam Perrow Pre* Party Resource Hints.This issue affects Pre* Party Resource Hints: from n/a through 1.8.18.\n\n" + }, + { + "lang": "es", + "value": "Neutralizaci\u00f3n incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL (\"Inyecci\u00f3n SQL\") en Sam Perrow Pre* Party Resource Hints. Este problema afecta a Pre* Party Resource Hints: desde n/a hasta 1.8.18." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50856.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50856.json index 270555c11e8..fdafd589424 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50856.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50856.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50856", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-28T11:15:09.560", - "lastModified": "2023-12-28T11:15:09.560", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:45.763", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50857.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50857.json index eae960f516e..4112c9b579e 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50857.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50857.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50857", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-28T11:15:09.900", - "lastModified": "2023-12-28T11:15:09.900", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:45.763", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50858.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50858.json index 0dc993a4d06..eb64aea2b83 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50858.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50858.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50858", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-28T11:15:10.120", - "lastModified": "2023-12-28T11:15:10.120", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:45.763", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50859.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50859.json index 9a3dd7284f5..c194b72c784 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50859.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50859.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50859", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-28T11:15:10.357", - "lastModified": "2023-12-28T11:15:10.357", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:45.763", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50860.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50860.json index cb67f64ba08..a4d0997a044 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50860.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50860.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50860", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-28T11:15:10.573", - "lastModified": "2023-12-28T11:15:10.573", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:45.763", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50873.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50873.json index 73341429d3f..933a8181d8b 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50873.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50873.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50873", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-28T11:15:10.797", - "lastModified": "2023-12-28T11:15:10.797", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:45.763", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50874.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50874.json index 9e96334d65b..69087ca6c2c 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50874.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50874.json @@ -2,12 +2,16 @@ "id": "CVE-2023-50874", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-28T10:15:08.730", - "lastModified": "2023-12-28T10:15:08.730", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:53.403", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Darren Cooney WordPress Infinite Scroll \u2013 Ajax Load More allows Stored XSS.This issue affects WordPress Infinite Scroll \u2013 Ajax Load More: from n/a through 6.1.0.1.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Darren Cooney WordPress Infinite Scroll \u2013 Ajax Load More permite XSS almacenado. Este problema afecta a WordPress Infinite Scroll \u2013 Ajax Load More: desde n/a hasta 6.1.0.1 ." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51006.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51006.json index 489e2058d83..bdba3866c95 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51006.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51006.json @@ -2,12 +2,16 @@ "id": "CVE-2023-51006", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-28T04:15:08.227", - "lastModified": "2023-12-28T04:15:08.227", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:53.403", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue in the openFile method of Chinese Perpetual Calendar v9.0.0 allows attackers to read any file via unspecified vectors." + }, + { + "lang": "es", + "value": "Un problema en el m\u00e9todo openFile de Chinese Perpetual Calendar v9.0.0 permite a los atacantes leer cualquier archivo a trav\u00e9s de vectores no especificados." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51010.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51010.json index 93cb3e70b30..25e61973b0a 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51010.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51010.json @@ -2,12 +2,16 @@ "id": "CVE-2023-51010", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-28T04:15:08.280", - "lastModified": "2023-12-28T04:15:08.280", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:53.403", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue in the export component AdSdkH5Activity of com.sdjictec.qdmetro v4.2.2 allows attackers to open a crafted URL without any filtering or checking." + }, + { + "lang": "es", + "value": "Un problema en el componente de exportaci\u00f3n AdSdkH5Activity de com.sdjictec.qdmetro v4.2.2 permite a los atacantes abrir una URL manipulada sin ning\u00fan filtrado o verificaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-515xx/CVE-2023-51501.json b/CVE-2023/CVE-2023-515xx/CVE-2023-51501.json index f91bd8cc98e..d96a4a5a0fa 100644 --- a/CVE-2023/CVE-2023-515xx/CVE-2023-51501.json +++ b/CVE-2023/CVE-2023-515xx/CVE-2023-51501.json @@ -2,12 +2,16 @@ "id": "CVE-2023-51501", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-28T10:15:09.033", - "lastModified": "2023-12-28T10:15:09.033", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:45.763", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Undsgn Uncode - Creative & WooCommerce WordPress Theme allows Reflected XSS.This issue affects Uncode - Creative & WooCommerce WordPress Theme: from n/a through 2.8.6.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Undsgn Uncode - Creative & WooCommerce WordPress Theme permite XSS reflejado. Este problema afecta a Uncode - Creative & WooCommerce WordPress Theme: desde n/a hasta 2.8.6." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-520xx/CVE-2023-52079.json b/CVE-2023/CVE-2023-520xx/CVE-2023-52079.json new file mode 100644 index 00000000000..de2d93b7e4e --- /dev/null +++ b/CVE-2023/CVE-2023-520xx/CVE-2023-52079.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2023-52079", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-12-28T16:16:01.863", + "lastModified": "2023-12-28T16:16:01.863", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "msgpackr is a fast MessagePack NodeJS/JavaScript implementation. Prior to 1.10.1, when decoding user supplied MessagePack messages, users can trigger stuck threads by crafting messages that keep the decoder stuck in a loop. The fix is available in v1.10.1. \nExploits seem to require structured cloning, replacing the 0x70 extension with your own (that throws an error or does something other than recursive referencing) should mitigate the issue." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.2, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-674" + }, + { + "lang": "en", + "value": "CWE-754" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/kriszyp/msgpackr/commit/18f44f8800e2261341cdf489d1ba1e35a0133602", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/kriszyp/msgpackr/security/advisories/GHSA-7hpj-7hhx-2fgx", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-520xx/CVE-2023-52081.json b/CVE-2023/CVE-2023-520xx/CVE-2023-52081.json new file mode 100644 index 00000000000..842fe120e76 --- /dev/null +++ b/CVE-2023/CVE-2023-520xx/CVE-2023-52081.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2023-52081", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-12-28T16:16:02.090", + "lastModified": "2023-12-28T16:16:02.090", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "ffcss is a CLI interface to apply and configure Firefox CSS themes. Prior to 0.2.0, the function `lookupPreprocess()` is meant to apply some transformations to a string by disabling characters in the regex `[-_ .]`. However, due to the use of late Unicode normalization of type NFKD, it is possible to bypass that validation and re-introduce all the characters in the regex `[-_ .]`. The `lookupPreprocess()` can be easily bypassed with equivalent Unicode characters like U+FE4D (\ufe4d), which would result in the omitted U+005F (_), for instance. The `lookupPreprocess()` function is only ever used to search for themes loosely (case insensitively, while ignoring dashes, underscores and dots), so the actual security impact is classified as low. This vulnerability is fixed in 0.2.0. There are no known workarounds." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-176" + }, + { + "lang": "en", + "value": "CWE-74" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/ewen-lbh/ffcss/commit/f9c491874b858a32fcae15045f169fd7d02f90dc", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/ewen-lbh/ffcss/security/advisories/GHSA-wpmx-564x-h2mh", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-520xx/CVE-2023-52082.json b/CVE-2023/CVE-2023-520xx/CVE-2023-52082.json new file mode 100644 index 00000000000..64caff7fd65 --- /dev/null +++ b/CVE-2023/CVE-2023-520xx/CVE-2023-52082.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-52082", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-12-28T16:16:02.290", + "lastModified": "2023-12-28T16:16:02.290", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Lychee is a free photo-management tool. Prior to 5.0.2, Lychee is vulnerable to an SQL injection on any binding when using mysql/mariadb. This injection is only active for users with the `.env` settings set to DB_LOG_SQL=true and DB_LOG_SQL_EXPLAIN=true. The defaults settings of Lychee are safe. The patch is provided on version 5.0.2. To work around this issue, disable SQL EXPLAIN logging.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/LycheeOrg/Lychee/commit/33354a2ce7cf700cc4ee537b7b8b94dfc1e84ad4", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/LycheeOrg/Lychee/security/advisories/GHSA-rjwv-5j3m-p5x4", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-59xx/CVE-2023-5961.json b/CVE-2023/CVE-2023-59xx/CVE-2023-5961.json index d32b14198f8..898ded4cea2 100644 --- a/CVE-2023/CVE-2023-59xx/CVE-2023-5961.json +++ b/CVE-2023/CVE-2023-59xx/CVE-2023-5961.json @@ -2,16 +2,40 @@ "id": "CVE-2023-5961", "sourceIdentifier": "psirt@moxa.com", "published": "2023-12-23T09:15:07.730", - "lastModified": "2023-12-25T03:08:20.540", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T15:26:49.127", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A Cross-Site Request Forgery (CSRF) vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. An attacker can exploit this vulnerability to trick a client into making an unintentional request to the web server, which will be treated as an authentic request. This vulnerability may lead an attacker to perform operations on behalf of the victimized user.\n\n" + }, + { + "lang": "es", + "value": "Se identific\u00f3 una vulnerabilidad de Cross-Site Request Forgery (CSRF) en las versiones de firmware de la serie ioLogik E1200 v3.3 y anteriores. Un atacante puede aprovechar esta vulnerabilidad para enga\u00f1ar a un cliente para que realice una solicitud no intencionada al servidor web, que ser\u00e1 tratada como una solicitud aut\u00e9ntica. Esta vulnerabilidad puede llevar a un atacante a realizar operaciones en nombre del usuario v\u00edctima." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "psirt@moxa.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + }, { "source": "psirt@moxa.com", "type": "Secondary", @@ -46,10 +80,295 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:moxa:iologik_e1210_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.3", + "matchCriteriaId": "CF14969B-6E9F-4553-96EB-7BE6C5834260" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:moxa:iologik_e1210:-:*:*:*:*:*:*:*", + "matchCriteriaId": "67DDCD42-10D5-46B2-AB91-66EF30D5D645" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:moxa:iologik_e1211_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.3", + "matchCriteriaId": "D03FA4E2-4A30-4ED9-BA4D-5546FC0BA939" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:moxa:iologik_e1211:-:*:*:*:*:*:*:*", + "matchCriteriaId": "308E46FB-488A-4907-9A69-AACDE23A3394" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:moxa:iologik_e1212_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.3", + "matchCriteriaId": "BA133D93-4A1D-419A-92C5-C0C0A35187B5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:moxa:iologik_e1212:-:*:*:*:*:*:*:*", + "matchCriteriaId": "616E5D0B-0D3A-4808-8C15-2FDC35E8605C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:moxa:iologik_e1213_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.3", + "matchCriteriaId": "6E39755B-9625-4D95-B425-BD28B60180CA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:moxa:iologik_e1213:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9AAE4F4E-779C-401F-A75E-AC66757DD313" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:moxa:iologik_e1214_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.3", + "matchCriteriaId": "F59B517D-63C4-4FE5-A89F-B2A235E8239A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:moxa:iologik_e1214:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A0837606-60F7-4563-8F80-AE7C1CC3F469" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:moxa:iologik_e1240_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.3", + "matchCriteriaId": "90601A69-F749-4E68-A034-74B9F046436F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:moxa:iologik_e1240:-:*:*:*:*:*:*:*", + "matchCriteriaId": "77A9D90D-0419-410C-AF65-0FFE0FF2882F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:moxa:iologik_e1241_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.3", + "matchCriteriaId": "38280BA6-C262-45AC-AD33-813523F64DAB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:moxa:iologik_e1241:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3239D045-8A7C-4407-B77C-E82C178D8B90" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:moxa:iologik_e1242_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.3", + "matchCriteriaId": "EB237801-4287-4A30-8CE8-DB90FAB5C118" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:moxa:iologik_e1242:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5D40DF4C-0EA9-44B0-8D8C-D1FC2AB5A357" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:moxa:iologik_e1260_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.3", + "matchCriteriaId": "ACDAE3E7-675E-44BF-BD57-BF5C31B969A5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:moxa:iologik_e1260:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B0B4FA04-BF84-4B8A-A295-0312A3790F2E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:moxa:iologik_e1262_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.3", + "matchCriteriaId": "485CCB1F-A642-48B2-A8AD-4A7EBB5791BD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:moxa:iologik_e1262:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3366C39B-50FD-497B-A6A1-875CEB8913C5" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-235250-iologik-e1200-series-web-server-vulnerability", - "source": "psirt@moxa.com" + "source": "psirt@moxa.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-68xx/CVE-2023-6879.json b/CVE-2023/CVE-2023-68xx/CVE-2023-6879.json index ae3508fa01a..d8c8d9072a0 100644 --- a/CVE-2023/CVE-2023-68xx/CVE-2023-6879.json +++ b/CVE-2023/CVE-2023-68xx/CVE-2023-6879.json @@ -2,12 +2,16 @@ "id": "CVE-2023-6879", "sourceIdentifier": "cve-coordination@google.com", "published": "2023-12-27T23:15:07.530", - "lastModified": "2023-12-27T23:15:07.530", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:53.403", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Increasing the resolution of video frames, while performing a multi-threaded encode, can result in a heap overflow in av1_loop_restoration_dealloc().\n\n" + }, + { + "lang": "es", + "value": "Aumentar la resoluci\u00f3n de los fotogramas de v\u00eddeo, mientras se realiza una codificaci\u00f3n multiproceso, puede provocar un desbordamiento del mont\u00f3n en av1_loop_restoration_dealloc()." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-71xx/CVE-2023-7123.json b/CVE-2023/CVE-2023-71xx/CVE-2023-7123.json index 487d1767520..d3a3010edd8 100644 --- a/CVE-2023/CVE-2023-71xx/CVE-2023-7123.json +++ b/CVE-2023/CVE-2023-71xx/CVE-2023-7123.json @@ -2,12 +2,16 @@ "id": "CVE-2023-7123", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-28T00:15:12.310", - "lastModified": "2023-12-28T00:15:12.310", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:53.403", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, has been found in SourceCodester Medicine Tracking System 1.0. This issue affects some unknown processing of the file /classes/Master.php? f=save_medicine. The manipulation of the argument id/name/description leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249095." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en SourceCodester Medicine Tracking System 1.0 y clasificada como cr\u00edtica. Este problema afecta alg\u00fan procesamiento desconocido del archivo /classes/Master.php? f=save_medicine. La manipulaci\u00f3n del argumento id/name/description conduce a la inyecci\u00f3n de SQL. El ataque puede iniciarse de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-249095." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-71xx/CVE-2023-7124.json b/CVE-2023/CVE-2023-71xx/CVE-2023-7124.json index 7a14d80b1b0..68ead073dae 100644 --- a/CVE-2023/CVE-2023-71xx/CVE-2023-7124.json +++ b/CVE-2023/CVE-2023-71xx/CVE-2023-7124.json @@ -2,12 +2,16 @@ "id": "CVE-2023-7124", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-28T03:15:08.070", - "lastModified": "2023-12-28T03:15:08.070", - "vulnStatus": "Received", + "lastModified": "2023-12-28T15:09:53.403", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as problematic, was found in code-projects E-Commerce Site 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument keyword with the input