admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-09-17 18:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-26T18:00:27.928718+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-05-26 18:00:31 +00:00
parent f8c041144c
commit e6bcbdeb73
66 changed files with 4199 additions and 411 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2012/CVE-2012-60xx/CVE-2012-6077.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2012-6077",
"sourceIdentifier": "secalert@redhat.com",
"published": "2019-11-22T19:15:10.937",
"lastModified": "2019-12-03T19:38:53.963",
"lastModified": "2023-05-26T17:46:26.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:w3-edge:total_cache:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:boldgrid:w3_total_cache:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.9.2.5",
"matchCriteriaId": "2635D645-0A74-41CD-A25E-E23DCA10F8BE"
"matchCriteriaId": "9E22D0D4-A1D8-4B89-BD7B-D9CF28F5E862"
}
]
}

6
CVE-2012/CVE-2012-60xx/CVE-2012-6078.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2012-6078",
"sourceIdentifier": "secalert@redhat.com",
"published": "2019-11-22T19:15:11.077",
"lastModified": "2019-12-04T19:01:10.107",
"lastModified": "2023-05-26T17:46:26.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:w3-edge:total_cache:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:boldgrid:w3_total_cache:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.9.2.5",
"matchCriteriaId": "2635D645-0A74-41CD-A25E-E23DCA10F8BE"
"matchCriteriaId": "9E22D0D4-A1D8-4B89-BD7B-D9CF28F5E862"
}
]
}

6
CVE-2012/CVE-2012-60xx/CVE-2012-6079.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2012-6079",
"sourceIdentifier": "secalert@redhat.com",
"published": "2019-11-22T19:15:11.233",
"lastModified": "2019-12-04T19:02:50.127",
"lastModified": "2023-05-26T17:46:26.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:w3-edge:total_cache:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:boldgrid:w3_total_cache:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.9.2.5",
"matchCriteriaId": "2635D645-0A74-41CD-A25E-E23DCA10F8BE"
"matchCriteriaId": "9E22D0D4-A1D8-4B89-BD7B-D9CF28F5E862"
}
]
}

6
CVE-2014/CVE-2014-87xx/CVE-2014-8724.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2014-8724",
"sourceIdentifier": "cve@mitre.org",
"published": "2014-12-19T15:59:11.173",
"lastModified": "2018-10-09T19:54:30.980",
"lastModified": "2023-05-26T17:46:26.677",
"vulnStatus": "Modified",
"descriptions": [
{
@ -62,9 +62,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:w3edge:total_cache:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:boldgrid:w3_total_cache:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.9.4",
"matchCriteriaId": "C1C4B9C8-CEDE-489C-AE24-C2A975362D21"
"matchCriteriaId": "ECB180BE-CDC3-4E54-B7AE-60A47F9E4337"
}
]
}

6
CVE-2014/CVE-2014-94xx/CVE-2014-9414.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2014-9414",
"sourceIdentifier": "cve@mitre.org",
"published": "2014-12-24T18:59:11.073",
"lastModified": "2018-10-09T19:55:07.467",
"lastModified": "2023-05-26T17:46:26.677",
"vulnStatus": "Modified",
"descriptions": [
{
@ -62,9 +62,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:w3edge:total_cache:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:boldgrid:w3_total_cache:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.9.4",
"matchCriteriaId": "C1C4B9C8-CEDE-489C-AE24-C2A975362D21"
"matchCriteriaId": "ECB180BE-CDC3-4E54-B7AE-60A47F9E4337"
}
]
}

6
CVE-2018/CVE-2018-169xx/CVE-2018-16966.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-16966",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-04-15T21:29:00.233",
"lastModified": "2019-09-03T05:15:11.027",
"lastModified": "2023-05-26T17:54:55.423",
"vulnStatus": "Modified",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:file_manager_project:file_manager:3.0:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "9CA60D63-6C45-4674-96B3-E3C006B685E7"
"criteria": "cpe:2.3:a:webdesi9:file_manager:3.0:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "75ACE73D-1116-4FA4-A5D5-F3F932794C55"
}
]
}

6
CVE-2018/CVE-2018-169xx/CVE-2018-16967.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-16967",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-04-15T21:29:00.310",
"lastModified": "2019-09-03T05:15:12.387",
"lastModified": "2023-05-26T17:54:55.423",
"vulnStatus": "Modified",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:file_manager_project:file_manager:3.0:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "9CA60D63-6C45-4674-96B3-E3C006B685E7"
"criteria": "cpe:2.3:a:webdesi9:file_manager:3.0:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "75ACE73D-1116-4FA4-A5D5-F3F932794C55"
}
]
}

6
CVE-2019/CVE-2019-67xx/CVE-2019-6715.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-6715",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-04-01T20:29:00.847",
"lastModified": "2020-12-23T15:44:16.897",
"lastModified": "2023-05-26T17:46:26.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:w3-edge:total_cache:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:boldgrid:w3_total_cache:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "0.9.4",
"matchCriteriaId": "4F2848E5-9004-4D98-BF23-0ED5CD2DABBF"
"matchCriteriaId": "FFC5BBA5-CC10-47A7-8911-FE40202365DA"
}
]
}

8
CVE-2020/CVE-2020-66xx/CVE-2020-6627.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-6627",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-12-06T15:15:15.730",
"lastModified": "2022-12-07T19:54:11.657",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-26T17:15:09.703",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -130,6 +130,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/172590/Seagate-Central-Storage-2015.0916-User-Creation-Command-Execution.html",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/rapid7/metasploit-framework/pull/12844",
"source": "cve@mitre.org",

1530
CVE-2021/CVE-2021-263xx/CVE-2021-26365.json
View File

File diff suppressed because it is too large Load Diff

20
CVE-2021/CVE-2021-468xx/CVE-2021-46881.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2021-46881",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-05-26T17:15:11.947",
"lastModified": "2023-05-26T17:15:11.947",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/5/",
"source": "psirt@huawei.com"
}
]
}

20
CVE-2021/CVE-2021-468xx/CVE-2021-46882.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2021-46882",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-05-26T17:15:12.703",
"lastModified": "2023-05-26T17:15:12.703",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/5/",
"source": "psirt@huawei.com"
}
]
}

20
CVE-2021/CVE-2021-468xx/CVE-2021-46883.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2021-46883",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-05-26T17:15:12.780",
"lastModified": "2023-05-26T17:15:12.780",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/5/",
"source": "psirt@huawei.com"
}
]
}

20
CVE-2021/CVE-2021-468xx/CVE-2021-46884.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2021-46884",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-05-26T17:15:12.880",
"lastModified": "2023-05-26T17:15:12.880",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/5/",
"source": "psirt@huawei.com"
}
]
}

20
CVE-2021/CVE-2021-468xx/CVE-2021-46885.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2021-46885",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-05-26T17:15:12.987",
"lastModified": "2023-05-26T17:15:12.987",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/5/",
"source": "psirt@huawei.com"
}
]
}

20
CVE-2021/CVE-2021-468xx/CVE-2021-46886.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2021-46886",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-05-26T17:15:13.127",
"lastModified": "2023-05-26T17:15:13.127",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/5/",
"source": "psirt@huawei.com"
}
]
}

20
CVE-2021/CVE-2021-468xx/CVE-2021-46887.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2021-46887",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-05-26T17:15:13.227",
"lastModified": "2023-05-26T17:15:13.227",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Lack of length check vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds read."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/5/",
"source": "psirt@huawei.com"
}
]
}

105
CVE-2022/CVE-2022-225xx/CVE-2022-22508.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-22508",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-05-15T10:15:09.370",
"lastModified": "2023-05-15T12:54:34.183",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T17:09:14.720",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,10 +46,109 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.0.0",
"matchCriteriaId": "194E2F1E-C70A-429E-B61C-B70902A6CDA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.0.0",
"matchCriteriaId": "FEFBC44F-0969-4806-AABD-B02DFEBF8F01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.0.0",
"matchCriteriaId": "7C405ECA-126C-4110-A18A-787D11377CE6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.0.0",
"matchCriteriaId": "7047C70D-268D-45B7-A095-39B5A8345ACB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.0.0",
"matchCriteriaId": "38F84368-415F-4C37-A988-C8DB540F1345"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.0.0",
"matchCriteriaId": "A0B6F1D2-8408-4172-B3E9-7C276CC71433"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.0.0",
"matchCriteriaId": "94383C92-CBC7-4941-B06C-00D889316FEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.0.0",
"matchCriteriaId": "1785F440-BA92-4F37-9A72-F4AC971B3B8A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.7.0.0",
"matchCriteriaId": "A320BED3-0F2F-45C0-9D74-8A21158B8ED9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_rte_\\(for_beckhoff_cx\\)_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.18.40",
"matchCriteriaId": "7BF25557-407B-4FD3-9694-92159C8094B8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_rte_\\(sl\\):*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.18.40",
"matchCriteriaId": "5BC8B234-3EC0-4737-8E12-CAA349FC7962"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.18.40",
"matchCriteriaId": "0C5905D5-B99C-4995-BEC7-A0E01D9E014B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_win_\\(sl\\):*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.18.40",
"matchCriteriaId": "34100446-7766-42D7-ACC4-D9C3193797C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:hmi_\\(sl\\):*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.18.40",
"matchCriteriaId": "2C7CEA77-B831-4047-BA85-B587DDF25C7C"
}
]
}
]
}
],
"references": [
{
"url": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17351&token=a7c02b2825fea2bcaf80c1a8e62097d72ec90f1a&download=",
"source": "info@cert.vde.com"
"source": "info@cert.vde.com",
"tags": [
"Vendor Advisory"
]
}
]
}

19
CVE-2022/CVE-2022-32xx/CVE-2022-3219.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-3219",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-02-23T20:15:12.393",
"lastModified": "2023-03-24T16:15:08.217",
"vulnStatus": "Modified",
"lastModified": "2023-05-26T16:31:34.070",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
@ -25,12 +25,12 @@
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
"impactScore": 1.4
}
]
},
@ -103,7 +103,10 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20230324-0001/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2022/CVE-2022-44xx/CVE-2022-4418.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-4418",
"sourceIdentifier": "security@acronis.com",
"published": "2023-05-18T10:15:09.767",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T17:54:13.907",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@acronis.com",
@ -35,6 +57,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-347"
}
]
},
{
"source": "security@acronis.com",
"type": "Secondary",
@ -46,10 +78,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect_home_office:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8418AF63-E280-4CE2-8E5C-DCD00ABE6557"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-4729",
"source": "security@acronis.com"
"source": "security@acronis.com",
"tags": [
"Vendor Advisory"
]
}
]
}

112
CVE-2022/CVE-2022-454xx/CVE-2022-45450.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-45450",
"sourceIdentifier": "security@acronis.com",
"published": "2023-05-18T10:15:09.413",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T16:56:57.497",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@acronis.com",
@ -35,6 +57,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-552"
}
]
},
{
"source": "security@acronis.com",
"type": "Secondary",
@ -46,10 +78,84 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:agent:*:*:*:*:*:*:*:*",
"versionEndExcluding": "c21.12",
"matchCriteriaId": "2BA43BB6-F08A-4E5B-980E-7794FADB51DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15",
"matchCriteriaId": "547972AF-7F43-4A6D-AFC7-5514DD9995A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*",
"matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*",
"matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*",
"matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*",
"matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update4:*:*:*:*:*:*",
"matchCriteriaId": "9AB8B19B-2B40-4F1B-AE24-1C43D362E4BC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-2410",
"source": "security@acronis.com"
"source": "security@acronis.com",
"tags": [
"Vendor Advisory"
]
}
]
}

102
CVE-2022/CVE-2022-454xx/CVE-2022-45452.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-45452",
"sourceIdentifier": "security@acronis.com",
"published": "2023-05-18T10:15:09.487",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T17:02:04.833",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@acronis.com",
@ -35,6 +57,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
},
{
"source": "security@acronis.com",
"type": "Secondary",
@ -46,10 +78,74 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:agent:*:*:*:*:*:*:*:*",
"versionEndExcluding": "c21.09",
"matchCriteriaId": "7DACDA03-969F-489C-B420-37BED81D9C39"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15",
"matchCriteriaId": "547972AF-7F43-4A6D-AFC7-5514DD9995A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*",
"matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*",
"matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*",
"matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*",
"matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update4:*:*:*:*:*:*",
"matchCriteriaId": "9AB8B19B-2B40-4F1B-AE24-1C43D362E4BC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-3967",
"source": "security@acronis.com"
"source": "security@acronis.com",
"tags": [
"Vendor Advisory"
]
}
]
}

101
CVE-2022/CVE-2022-454xx/CVE-2022-45453.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-45453",
"sourceIdentifier": "security@acronis.com",
"published": "2023-05-18T10:15:09.547",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T17:07:57.610",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@acronis.com",
@ -35,6 +57,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-326"
}
]
},
{
"source": "security@acronis.com",
"type": "Secondary",
@ -46,10 +78,73 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15",
"matchCriteriaId": "547972AF-7F43-4A6D-AFC7-5514DD9995A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*",
"matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*",
"matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*",
"matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*",
"matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update4:*:*:*:*:*:*",
"matchCriteriaId": "9AB8B19B-2B40-4F1B-AE24-1C43D362E4BC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-5112",
"source": "security@acronis.com"
"source": "security@acronis.com",
"tags": [
"Vendor Advisory"
]
}
]
}

102
CVE-2022/CVE-2022-454xx/CVE-2022-45457.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-45457",
"sourceIdentifier": "security@acronis.com",
"published": "2023-05-18T10:15:09.603",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T17:22:49.353",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@acronis.com",
@ -35,6 +57,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
},
{
"source": "security@acronis.com",
"type": "Secondary",
@ -46,10 +78,74 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:agent:*:*:*:*:*:*:*:*",
"versionEndExcluding": "c22.05",
"matchCriteriaId": "77C7EE37-2B7F-4401-9F7F-54EA2C5D04AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15",
"matchCriteriaId": "547972AF-7F43-4A6D-AFC7-5514DD9995A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*",
"matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*",
"matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*",
"matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*",
"matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update4:*:*:*:*:*:*",
"matchCriteriaId": "9AB8B19B-2B40-4F1B-AE24-1C43D362E4BC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-3957",
"source": "security@acronis.com"
"source": "security@acronis.com",
"tags": [
"Vendor Advisory"
]
}
]
}

112
CVE-2022/CVE-2022-454xx/CVE-2022-45458.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-45458",
"sourceIdentifier": "security@acronis.com",
"published": "2023-05-18T10:15:09.657",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T17:20:59.377",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@acronis.com",
@ -35,6 +57,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
},
{
"source": "security@acronis.com",
"type": "Secondary",
@ -46,10 +78,84 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:agent:*:*:*:*:*:*:*:*",
"versionEndExcluding": "c22.05",
"matchCriteriaId": "77C7EE37-2B7F-4401-9F7F-54EA2C5D04AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15",
"matchCriteriaId": "547972AF-7F43-4A6D-AFC7-5514DD9995A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*",
"matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*",
"matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*",
"matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*",
"matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update4:*:*:*:*:*:*",
"matchCriteriaId": "9AB8B19B-2B40-4F1B-AE24-1C43D362E4BC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-3952",
"source": "security@acronis.com"
"source": "security@acronis.com",
"tags": [
"Vendor Advisory"
]
}
]
}

102
CVE-2022/CVE-2022-454xx/CVE-2022-45459.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-45459",
"sourceIdentifier": "security@acronis.com",
"published": "2023-05-18T10:15:09.710",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T17:49:09.873",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@acronis.com",
@ -35,6 +57,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
},
{
"source": "security@acronis.com",
"type": "Secondary",
@ -46,10 +78,74 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:agent:*:*:*:*:*:*:*:*",
"versionEndExcluding": "c22.07",
"matchCriteriaId": "153D2368-8196-43CD-9EC6-74B995006923"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15",
"matchCriteriaId": "547972AF-7F43-4A6D-AFC7-5514DD9995A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*",
"matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*",
"matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*",
"matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*",
"matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update4:*:*:*:*:*:*",
"matchCriteriaId": "9AB8B19B-2B40-4F1B-AE24-1C43D362E4BC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-3196",
"source": "security@acronis.com"
"source": "security@acronis.com",
"tags": [
"Vendor Advisory"
]
}
]
}

68
CVE-2022/CVE-2022-479xx/CVE-2022-47937.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2022-47937",
"sourceIdentifier": "security@apache.org",
"published": "2023-05-15T10:15:10.457",
"lastModified": "2023-05-15T15:15:11.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T16:18:40.227",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPORTED WHEN ASSIGNED ** \n\n\n\n\n\nImproper input validation in the Apache Sling Commons JSON bundle allows an attacker to trigger unexpected errors by supplying specially-crafted input.\n\n\n\n\nNOTE: This vulnerability \nonly affects products that are no longer supported by the maintainer\n\n\n\n\nThe org.apache.sling.commons.json bundle has been deprecated as of March\n 2017 and should not be used anymore. Consumers are encouraged to \nconsider the Apache Sling Commons Johnzon OSGi bundle provided by the \nApache Sling project, but may of course use other JSON libraries.\n\n\n\n\n"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
@ -23,22 +46,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:sling_commons_json:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.0.20",
"matchCriteriaId": "AC792056-7AC0-4E63-B7B4-FCECC3BADA60"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/05/15/2",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://github.com/apache/sling-org-apache-sling-commons-johnzon",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Product"
]
},
{
"url": "https://issues.apache.org/jira/browse/SLING-6536",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.apache.org/thread/sws7z50x47gv0c38q4kx6ktqrvrrg1pm",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
}
]
}

20
CVE-2022/CVE-2022-484xx/CVE-2022-48478.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-48478",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-05-26T17:15:13.347",
"lastModified": "2023-05-26T17:15:13.347",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The facial recognition TA of some products lacks memory length verification. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service."
}
],
"metrics": {},
"references": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202305-0000001532778780",
"source": "psirt@huawei.com"
}
]
}

20
CVE-2022/CVE-2022-484xx/CVE-2022-48479.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-48479",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-05-26T17:15:13.450",
"lastModified": "2023-05-26T17:15:13.450",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The facial recognition TA of some products has the out-of-bounds memory read vulnerability. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service."
}
],
"metrics": {},
"references": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202305-0000001532778780",
"source": "psirt@huawei.com"
}
]
}

20
CVE-2022/CVE-2022-484xx/CVE-2022-48480.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-48480",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-05-26T17:15:13.573",
"lastModified": "2023-05-26T17:15:13.573",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow vulnerability in some phones. Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/5/",
"source": "psirt@huawei.com"
}
]
}

20
CVE-2023/CVE-2023-01xx/CVE-2023-0116.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-0116",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-05-26T17:15:13.627",
"lastModified": "2023-05-26T17:15:13.627",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The reminder module lacks an authentication mechanism for broadcasts received. Successful exploitation of this vulnerability may affect availability."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/5/",
"source": "psirt@huawei.com"
}
]
}

20
CVE-2023/CVE-2023-01xx/CVE-2023-0117.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-0117",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-05-26T17:15:13.743",
"lastModified": "2023-05-26T17:15:13.743",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The online authentication provided by the hwKitAssistant lacks strict identity verification of applications. Successful exploitation of this vulnerability may affect availability of features,such as MeeTime."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/5/",
"source": "psirt@huawei.com"
}
]
}

108
CVE-2023/CVE-2023-16xx/CVE-2023-1692.json
View File

@ -2,23 +2,121 @@
"id": "CVE-2023-1692",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-05-20T15:15:08.717",
"lastModified": "2023-05-22T10:57:01.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T17:16:58.140",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The window management module lacks permission verification.Successful exploitation of this vulnerability may affect confidentiality."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF07E7F-3A18-4B74-B73D-DF3647C2A48F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64118936-E2A5-4935-8594-29DF29B5475A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE0AFB0-A112-484B-BEAD-A7F1BDDCE313"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/4/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202304-0000001506528486",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-16xx/CVE-2023-1693.json
View File

@ -2,23 +2,92 @@
"id": "CVE-2023-1693",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-05-20T15:15:08.767",
"lastModified": "2023-05-22T10:57:01.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T17:15:36.813",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.0",
"matchCriteriaId": "A4CF5005-A2AC-457F-A8B2-4375ED4AF45D"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/4/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202304-0000001506528486",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-16xx/CVE-2023-1694.json
View File

@ -2,23 +2,92 @@
"id": "CVE-2023-1694",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-05-20T15:15:08.810",
"lastModified": "2023-05-22T10:57:01.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T17:14:43.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.0",
"matchCriteriaId": "A4CF5005-A2AC-457F-A8B2-4375ED4AF45D"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/4/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202304-0000001506528486",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

206
CVE-2023/CVE-2023-16xx/CVE-2023-1698.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1698",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-05-15T09:15:09.510",
"lastModified": "2023-05-15T12:54:34.183",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T17:09:45.837",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,10 +46,210 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:compact_controller_100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "20",
"versionEndIncluding": "23",
"matchCriteriaId": "8700EAE8-69B3-4F39-9540-EB3EB11CAB82"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:compact_controller_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "532907AF-7E4A-4065-A799-753FC3313D6C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:edge_controller_firmware:22:*:*:*:*:*:*:*",
"matchCriteriaId": "17FE837A-4BAB-4963-AC1F-5BEEE769AF0C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:edge_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFC57C8-6AF4-4771-B0A0-744137FBFECF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:pfc100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "20",
"versionEndIncluding": "23",
"matchCriteriaId": "F462A5D8-4488-432E-8A63-FEE9B7215398"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:pfc100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F636354-95A2-4B36-9666-1FA57F185432"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:pfc200_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "20",
"versionEndIncluding": "23",
"matchCriteriaId": "29246E43-1289-45FB-A996-35DE3E6D8B67"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:pfc200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "688A3248-7EAA-499D-A47C-A4D4900CDBD1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:touch_panel_600_advanced_firmware:22:-:*:*:*:*:*:*",
"matchCriteriaId": "9A613D7C-29C0-4D4E-ACDA-15BBC6FF0104"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:touch_panel_600_advanced:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8221861-7455-41D5-B310-6AEA822B46CF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:touch_panel_600_marine_firmware:22:-:*:*:*:*:*:*",
"matchCriteriaId": "774CFF47-61B6-48F8-8E1F-E3DC215066AF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:touch_panel_600_marine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83DEFFBC-934D-43BE-92AE-25F8EE8C1E0A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:touch_panel_600_standard_firmware:22:-:*:*:*:*:*:*",
"matchCriteriaId": "FA7A911A-395A-4536-8756-83DB2F62899D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:touch_panel_600_standard:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D7A44C-2D95-4F69-A7DB-435B0A6F9F03"
}
]
}
]
}
],
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-007/",
"source": "info@cert.vde.com"
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2023/CVE-2023-208xx/CVE-2023-20882.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-20882",
"sourceIdentifier": "security@vmware.com",
"published": "2023-05-26T17:15:13.897",
"lastModified": "2023-05-26T17:15:13.897",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In Cloud foundry routing release versions from 0.262.0 and prior to 0.266.0,a bug in the gorouter process can lead to a denial of service of applications hosted on Cloud Foundry. Under the right circumstances, when client connections are closed prematurely, gorouter marks the currently selected backend as failed and removes it from the routing pool."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@vmware.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://www.cloudfoundry.org/blog/cve-2023-20882-gorouter-pruning-via-client-disconnect-resulting-in-dos/",
"source": "security@vmware.com"
}
]
}

32
CVE-2023/CVE-2023-208xx/CVE-2023-20883.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-20883",
"sourceIdentifier": "security@vmware.com",
"published": "2023-05-26T17:15:14.047",
"lastModified": "2023-05-26T17:15:14.047",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In Spring Boot versions 3.0.0 - 3.0.6, 2.7.0 - 2.7.11, 2.6.0 - 2.6.14, 2.5.0 - 2.5.14 and older unsupported versions, there is potential for a denial-of-service (DoS) attack if Spring MVC is used together with a reverse proxy cache."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@vmware.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://spring.io/security/cve-2023-20883",
"source": "security@vmware.com"
}
]
}

32
CVE-2023/CVE-2023-20xx/CVE-2023-2002.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-2002",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-26T17:15:14.113",
"lastModified": "2023-05-26T17:15:14.113",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication."
}
],
"metrics": {},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-250"
}
]
}
],
"references": [
{
"url": "https://www.openwall.com/lists/oss-security/2023/04/16/3",
"source": "secalert@redhat.com"
}
]
}

217
CVE-2023/CVE-2023-20xx/CVE-2023-2004.json
View File

@ -2,221 +2,14 @@
"id": "CVE-2023-2004",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-04-14T21:15:08.547",
"lastModified": "2023-05-02T03:15:08.203",
"vulnStatus": "Modified",
"lastModified": "2023-05-26T17:15:17.503",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "An integer overflow vulnerability was discovered in Freetype in tt_hvadvance_adjust() function in src/truetype/ttgxvar.c."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.13.0",
"matchCriteriaId": "1B585B81-9074-40B9-A6F0-8BADE59E9022"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-2004",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50462",
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186428",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/freetype/freetype/commit/e6fda039ad638866b7a6a5d046f03278ba1b7611",
"source": "secalert@redhat.com",
"tags": [
"Patch"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4AOSGAOPXLBK4A5ZRTVZ4M6QKVLSWMWG/",
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ES2CDRHR2Y4WY6DNDIAPYZFXJU3ZBFAV/",
"source": "secalert@redhat.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FEJZMAUB4XP44HSHEBDWEKFGA7DUHY42/",
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHHD6KNH4WLUE6JG6HRQZWNAJMHJ32X7/",
"source": "secalert@redhat.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KDNGTGQAUZJ6YQDI2AVGYIFFPUMMZLKS/",
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NGWWGQULJ7QRNP4GY57HE7OO7VMRWMPN/",
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RJQI63HWZFL6M26Q6UOHKDY6LD2PFC5Z/",
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFZWDF43D73C5KWFF26GIIVZJKEFPS3K/",
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SLO7BL2MHZYPY6O3OAEAQL3SKYMGGO6M/",
"source": "secalert@redhat.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRSEIYMPWLVPGTC34N2Q3WAUHGGOWSWP/",
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
"metrics": {},
"references": []
}

83
CVE-2023/CVE-2023-21xx/CVE-2023-2181.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2181",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-05-12T21:15:09.490",
"lastModified": "2023-05-15T12:54:39.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T17:50:55.790",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -34,18 +54,71 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.9.8",
"matchCriteriaId": "30A38F00-9BEB-4F52-B352-19A660D77D25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.10.0",
"versionEndExcluding": "15.10.7",
"matchCriteriaId": "69BCC2E4-6B4E-490B-8439-9155D691F8EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.11.0",
"versionEndExcluding": "15.11.3",
"matchCriteriaId": "3005DEA5-BB75-4703-8BE9-3DE477C015CB"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2181.json",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/407859",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://hackerone.com/reports/1938185",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Permissions Required"
]
}
]
}

76
CVE-2023/CVE-2023-272xx/CVE-2023-27217.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-27217",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-18T03:15:11.453",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T16:11:04.130",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow in the ChangeFriendlyName() function of Belkin Smart Outlet V2 F7c063 firmware_2.00.11420.OWRT.PVT_SNSV2 allows attackers to cause a Denial of Service (DoS) via a crafted UPNP request."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:belkin:f7c063_firmware:2.00.11420.owrt.pvt_snsv2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FDB8E8-F3D1-45C1-A4E4-8448627E81D9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:belkin:f7c063:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC53D68-E417-492B-B68E-747FB6DDD717"
}
]
}
]
}
],
"references": [
{
"url": "https://sternumiot.com/iot-blog/mini-smart-plug-v2-vulnerability-buffer-overflow/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-277xx/CVE-2023-27727.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27727",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-09T20:15:56.650",
"lastModified": "2023-04-19T16:09:12.057",
"lastModified": "2023-05-26T16:31:17.513",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -55,8 +55,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx:0.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2B8B0F-C5E9-4DDE-A303-24E63B5C486A"
"criteria": "cpe:2.3:a:f5:njs:0.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2784ECC5-66FE-4666-9B7B-6DC080357DEE"
}
]
}

6
CVE-2023/CVE-2023-277xx/CVE-2023-27728.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27728",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-09T20:15:56.703",
"lastModified": "2023-04-19T16:37:00.527",
"lastModified": "2023-05-26T16:28:40.973",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -55,8 +55,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx:0.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2B8B0F-C5E9-4DDE-A303-24E63B5C486A"
"criteria": "cpe:2.3:a:f5:njs:0.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2784ECC5-66FE-4666-9B7B-6DC080357DEE"
}
]
}

6
CVE-2023/CVE-2023-277xx/CVE-2023-27729.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27729",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-09T20:15:56.740",
"lastModified": "2023-04-19T16:42:28.240",
"lastModified": "2023-05-26T16:27:36.633",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -55,8 +55,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx:0.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2B8B0F-C5E9-4DDE-A303-24E63B5C486A"
"criteria": "cpe:2.3:a:f5:njs:0.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2784ECC5-66FE-4666-9B7B-6DC080357DEE"
}
]
}

6
CVE-2023/CVE-2023-277xx/CVE-2023-27730.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27730",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-09T20:15:56.780",
"lastModified": "2023-04-19T17:00:31.157",
"lastModified": "2023-05-26T16:26:59.573",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -55,8 +55,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:f5:nginx:0.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2B8B0F-C5E9-4DDE-A303-24E63B5C486A"
"criteria": "cpe:2.3:a:f5:njs:0.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2784ECC5-66FE-4666-9B7B-6DC080357DEE"
}
]
}

65
CVE-2023/CVE-2023-286xx/CVE-2023-28623.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28623",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-19T22:15:09.217",
"lastModified": "2023-05-20T11:31:57.830",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T17:25:56.600",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -50,14 +80,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zulip:zulip:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.2",
"matchCriteriaId": "E20F9320-ECEF-463B-82A1-C943B71B5C7E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/zulip/zulip/commit/3df1b4dd7c210c21deb6f829df19412b74573f8d",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/zulip/zulip/security/advisories/GHSA-7p62-pjwg-56rv",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-28xx/CVE-2023-2817.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-2817",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2023-05-26T17:15:17.600",
"lastModified": "2023-05-26T17:15:17.600",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A post-authentication stored cross-site scripting vulnerability exists in Craft CMS versions <= 4.4.11. HTML, including script tags can be injected into field names which, when the field is added to a category or section, will trigger when users visit the Categories or Entries pages respectively."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/craftcms/cms/commit/7655e1009ba6cdbfb230e6bb138b775b69fc7bcb",
"source": "vulnreport@tenable.com"
},
{
"url": "https://www.tenable.com/security/research/tra-2023-20,",
"source": "vulnreport@tenable.com"
}
]
}

70
CVE-2023/CVE-2023-28xx/CVE-2023-2822.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2822",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-20T07:15:43.913",
"lastModified": "2023-05-20T11:31:57.830",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T17:18:09.617",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,22 +93,58 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ellucian:ethos_identity:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.6",
"matchCriteriaId": "B19BF343-C697-4C4B-ABC1-4F9A8CF6EDA9"
}
]
}
]
}
],
"references": [
{
"url": "https://medium.com/@cyberninja717/685bb1675dfb",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://medium.com/@cyberninja717/reflected-cross-site-scripting-vulnerability-in-ellucian-ethos-identity-cas-logout-page-685bb1675dfb",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.229596",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.229596",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

20
CVE-2023/CVE-2023-312xx/CVE-2023-31225.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-31225",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-05-26T17:15:17.830",
"lastModified": "2023-05-26T17:15:17.830",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Gallery app has the risk of hijacking attacks. Successful exploitation of this vulnerability may cause download failures and affect product availability."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/5/",
"source": "psirt@huawei.com"
}
]
}

20
CVE-2023/CVE-2023-312xx/CVE-2023-31226.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-31226",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-05-26T17:15:17.913",
"lastModified": "2023-05-26T17:15:17.913",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The SDK for the MediaPlaybackController module has improper permission verification. Successful exploitation of this vulnerability may affect confidentiality."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/5/",
"source": "psirt@huawei.com"
}
]
}

20
CVE-2023/CVE-2023-312xx/CVE-2023-31227.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-31227",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-05-26T17:15:18.000",
"lastModified": "2023-05-26T17:15:18.000",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The hwPartsDFR module has a vulnerability in API calling verification. Successful exploitation of this vulnerability may affect device confidentiality."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/5/",
"source": "psirt@huawei.com"
}
]
}

78
CVE-2023/CVE-2023-317xx/CVE-2023-31756.json
View File

@ -2,19 +2,89 @@
"id": "CVE-2023-31756",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-19T13:15:08.877",
"lastModified": "2023-05-19T17:53:19.810",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T17:35:26.557",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A command injection vulnerability exists in the administrative web portal in TP-Link Archer VR1600V devices running firmware Versions <= 0.1.0. 0.9.1 v5006.0 Build 220518 Rel.32480n which allows remote attackers, authenticated to the administrative web portal as an administrator user to open an operating system level shell via the 'X_TP_IfName' parameter."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_vr1600v_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "0.1.0_0.9.1_v5006.0_build_200810_rel.53181n",
"matchCriteriaId": "E9C6A8DE-6D84-4451-92A9-115EC12B83DC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_vr1600v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5985B57A-42A7-4D77-ADB2-5C2A095A99DD"
}
]
}
]
}
],
"references": [
{
"url": "https://stanleyjobsonau.github.io/tp-link-advisory.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-323xx/CVE-2023-32303.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32303",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-12T21:15:09.560",
"lastModified": "2023-05-15T12:54:39.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T17:36:37.287",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +66,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:planet:planet:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.1",
"matchCriteriaId": "EED867FB-E5D4-44AA-B656-E9A6EE43C7AC"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/planetlabs/planet-client-python/commit/d71415a83119c5e89d7b80d5f940d162376ee3b7",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/planetlabs/planet-client-python/releases/tag/2.0.1",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/planetlabs/planet-client-python/security/advisories/GHSA-j5fj-rfh6-qj85",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-326xx/CVE-2023-32675.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32675",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-19T20:15:09.230",
"lastModified": "2023-05-20T11:31:57.830",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T17:34:06.543",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +66,41 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vyper_project:vyper:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.3.8",
"matchCriteriaId": "BD6E3906-C87B-4245-9871-27CD85C32EEF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/vyperlang/vyper/commit/02339dfda0f3caabad142060d511d10bfe93c520.",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Broken Link",
"Patch"
]
},
{
"url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-vxmm-cwh2-q762",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
]
}
]
}

75
CVE-2023/CVE-2023-326xx/CVE-2023-32677.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32677",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-19T21:15:08.740",
"lastModified": "2023-05-20T11:31:57.830",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T17:28:42.717",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,24 +64,65 @@
"value": "CWE-862"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zulip:zulip:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.2",
"matchCriteriaId": "E20F9320-ECEF-463B-82A1-C943B71B5C7E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/zulip/zulip/commit/7c2693a2c64904d1d0af8503b57763943648cbe5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/zulip/zulip/security/advisories/GHSA-mrvp-96q6-jpvc",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://zulip.com/help/configure-who-can-invite-to-streams",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://zulip.com/help/restrict-account-creation#change-who-can-send-invitations",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
}
]
}

49
CVE-2023/CVE-2023-326xx/CVE-2023-32679.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32679",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-19T20:15:09.310",
"lastModified": "2023-05-20T11:31:57.830",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T17:33:04.877",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,10 +66,33 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:craftcms:craft_cms:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndExcluding": "4.4.6",
"matchCriteriaId": "9A4ADBBC-7393-491B-BC44-81DD6CABD2A9"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/craftcms/cms/security/advisories/GHSA-vqxf-r9ph-cc9c",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-327xx/CVE-2023-32784.json
View File

@ -2,27 +2,91 @@
"id": "CVE-2023-32784",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-15T06:15:10.427",
"lastModified": "2023-05-20T15:15:08.893",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T16:25:21.913",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. The first character cannot be recovered. In 2.54, there is different API usage and/or random string insertion for mitigation."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:keepass:keepass:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.00",
"versionEndExcluding": "2.54",
"matchCriteriaId": "02B04F85-32CC-4B57-A6DE-2FE8BAD7A17D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/keepassxreboot/keepassxc/discussions/9433",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://github.com/vdohney/keepass-password-dumper",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://sourceforge.net/p/keepass/discussion/329220/thread/f3438e6283/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
]
}
]
}

102
CVE-2023/CVE-2023-332xx/CVE-2023-33203.json
View File

@ -2,31 +2,119 @@
"id": "CVE-2023-33203",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-18T08:15:08.723",
"lastModified": "2023-05-23T13:15:09.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T16:52:01.157",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.2.9",
"matchCriteriaId": "9DB8D56A-80A7-46E9-A9BD-100B7446E81A"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192667",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1210685",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.9",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Release Notes"
]
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6b6bc5b8bd2d4ca9e1efa9ae0f98a0b0687ace75",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
]
}
]
}

20
CVE-2023/CVE-2023-334xx/CVE-2023-33439.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33439",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-26T16:15:09.597",
"lastModified": "2023-05-26T16:15:09.597",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_task.php?id=."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/F14me7wq/bug_report/blob/main/vendors/oretnom23/faculty-evaluation-system/SQLi-1.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-334xx/CVE-2023-33440.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33440",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-26T16:15:10.713",
"lastModified": "2023-05-26T16:15:10.713",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via /eval/ajax.php?action=save_user."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/F14me7wq/bug_report/blob/main/vendors/oretnom23/faculty-evaluation-system/RCE-1.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-337xx/CVE-2023-33720.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33720",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-26T16:15:10.980",
"lastModified": "2023-05-26T16:15:10.980",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "mp4v2 v2.1.2 was discovered to contain a memory leak via the class MP4BytesProperty."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/enzo1982/mp4v2/issues/36",
"source": "cve@mitre.org"
}
]
}

28
CVE-2023/CVE-2023-337xx/CVE-2023-33779.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-33779",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-26T17:15:18.153",
"lastModified": "2023-05-26T17:15:18.153",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A lateral privilege escalation vulnerability in XXL-Job v2.4.1 allows users to execute arbitrary commands on another user's account via a crafted POST request to the component /jobinfo/."
}
],
"metrics": {},
"references": [
{
"url": "http://xxl-job.com",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/silence-silence/xxl-job-lateral-privilege-escalation-vulnerability-/blob/main/README.md",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/xuxueli/xxl-job",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-337xx/CVE-2023-33780.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33780",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-26T17:15:18.680",
"lastModified": "2023-05-26T17:15:18.680",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability in TFDi Design smartCARS 3 v0.7.0 and below allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the body of news article."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/invernyx/smartcars-3-bugs/security/advisories/GHSA-hx8p-f8h7-5h78",
"source": "cve@mitre.org"
}
]
}

6
CVE-2023/CVE-2023-338xx/CVE-2023-33829.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33829",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-24T21:15:11.567",
"lastModified": "2023-05-25T12:40:12.980",
"lastModified": "2023-05-26T17:15:19.063",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -12,6 +12,10 @@
],
"metrics": {},
"references": [
{
"url": "http://packetstormsecurity.com/files/172588/SCM-Manager-1.60-Cross-Site-Scripting.html",
"source": "cve@mitre.org"
},
{
"url": "https://bitbucket.org/sdorra/docker-scm-manager/src/master/",
"source": "cve@mitre.org"

97
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-26T16:00:26.141869+00:00
2023-05-26T18:00:27.928718+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-26T15:59:56.003000+00:00
2023-05-26T17:54:55.423000+00:00
```
### Last Data Feed Release
@ -29,57 +29,68 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
216075
216099
```
### CVEs added in the last Commit
Recently added CVEs: `13`
Recently added CVEs: `24`
* [CVE-2022-39335](CVE-2022/CVE-2022-393xx/CVE-2022-39335.json) (`2023-05-26T14:15:09.600`)
* [CVE-2022-39374](CVE-2022/CVE-2022-393xx/CVE-2022-39374.json) (`2023-05-26T14:15:10.257`)
* [CVE-2022-46945](CVE-2022/CVE-2022-469xx/CVE-2022-46945.json) (`2023-05-26T15:15:09.393`)
* [CVE-2023-25029](CVE-2023/CVE-2023-250xx/CVE-2023-25029.json) (`2023-05-26T14:15:10.463`)
* [CVE-2023-25470](CVE-2023/CVE-2023-254xx/CVE-2023-25470.json) (`2023-05-26T14:15:10.643`)
* [CVE-2023-32323](CVE-2023/CVE-2023-323xx/CVE-2023-32323.json) (`2023-05-26T14:15:10.827`)
* [CVE-2023-25034](CVE-2023/CVE-2023-250xx/CVE-2023-25034.json) (`2023-05-26T15:15:10.310`)
* [CVE-2023-25058](CVE-2023/CVE-2023-250xx/CVE-2023-25058.json) (`2023-05-26T15:15:11.393`)
* [CVE-2023-25467](CVE-2023/CVE-2023-254xx/CVE-2023-25467.json) (`2023-05-26T15:15:11.767`)
* [CVE-2023-29098](CVE-2023/CVE-2023-290xx/CVE-2023-29098.json) (`2023-05-26T15:15:12.320`)
* [CVE-2023-30145](CVE-2023/CVE-2023-301xx/CVE-2023-30145.json) (`2023-05-26T15:15:12.880`)
* [CVE-2023-32964](CVE-2023/CVE-2023-329xx/CVE-2023-32964.json) (`2023-05-26T15:15:13.853`)
* [CVE-2023-33394](CVE-2023/CVE-2023-333xx/CVE-2023-33394.json) (`2023-05-26T15:15:14.217`)
* [CVE-2021-46881](CVE-2021/CVE-2021-468xx/CVE-2021-46881.json) (`2023-05-26T17:15:11.947`)
* [CVE-2021-46882](CVE-2021/CVE-2021-468xx/CVE-2021-46882.json) (`2023-05-26T17:15:12.703`)
* [CVE-2021-46883](CVE-2021/CVE-2021-468xx/CVE-2021-46883.json) (`2023-05-26T17:15:12.780`)
* [CVE-2021-46884](CVE-2021/CVE-2021-468xx/CVE-2021-46884.json) (`2023-05-26T17:15:12.880`)
* [CVE-2021-46885](CVE-2021/CVE-2021-468xx/CVE-2021-46885.json) (`2023-05-26T17:15:12.987`)
* [CVE-2021-46886](CVE-2021/CVE-2021-468xx/CVE-2021-46886.json) (`2023-05-26T17:15:13.127`)
* [CVE-2021-46887](CVE-2021/CVE-2021-468xx/CVE-2021-46887.json) (`2023-05-26T17:15:13.227`)
* [CVE-2022-48478](CVE-2022/CVE-2022-484xx/CVE-2022-48478.json) (`2023-05-26T17:15:13.347`)
* [CVE-2022-48479](CVE-2022/CVE-2022-484xx/CVE-2022-48479.json) (`2023-05-26T17:15:13.450`)
* [CVE-2022-48480](CVE-2022/CVE-2022-484xx/CVE-2022-48480.json) (`2023-05-26T17:15:13.573`)
* [CVE-2023-33439](CVE-2023/CVE-2023-334xx/CVE-2023-33439.json) (`2023-05-26T16:15:09.597`)
* [CVE-2023-33440](CVE-2023/CVE-2023-334xx/CVE-2023-33440.json) (`2023-05-26T16:15:10.713`)
* [CVE-2023-33720](CVE-2023/CVE-2023-337xx/CVE-2023-33720.json) (`2023-05-26T16:15:10.980`)
* [CVE-2023-0116](CVE-2023/CVE-2023-01xx/CVE-2023-0116.json) (`2023-05-26T17:15:13.627`)
* [CVE-2023-0117](CVE-2023/CVE-2023-01xx/CVE-2023-0117.json) (`2023-05-26T17:15:13.743`)
* [CVE-2023-20882](CVE-2023/CVE-2023-208xx/CVE-2023-20882.json) (`2023-05-26T17:15:13.897`)
* [CVE-2023-20883](CVE-2023/CVE-2023-208xx/CVE-2023-20883.json) (`2023-05-26T17:15:14.047`)
* [CVE-2023-2002](CVE-2023/CVE-2023-20xx/CVE-2023-2002.json) (`2023-05-26T17:15:14.113`)
* [CVE-2023-2817](CVE-2023/CVE-2023-28xx/CVE-2023-2817.json) (`2023-05-26T17:15:17.600`)
* [CVE-2023-31225](CVE-2023/CVE-2023-312xx/CVE-2023-31225.json) (`2023-05-26T17:15:17.830`)
* [CVE-2023-31226](CVE-2023/CVE-2023-312xx/CVE-2023-31226.json) (`2023-05-26T17:15:17.913`)
* [CVE-2023-31227](CVE-2023/CVE-2023-312xx/CVE-2023-31227.json) (`2023-05-26T17:15:18.000`)
* [CVE-2023-33779](CVE-2023/CVE-2023-337xx/CVE-2023-33779.json) (`2023-05-26T17:15:18.153`)
* [CVE-2023-33780](CVE-2023/CVE-2023-337xx/CVE-2023-33780.json) (`2023-05-26T17:15:18.680`)
### CVEs modified in the last Commit
Recently modified CVEs: `32`
Recently modified CVEs: `41`
* [CVE-2021-24686](CVE-2021/CVE-2021-246xx/CVE-2021-24686.json) (`2023-05-26T15:02:00.180`)
* [CVE-2022-45079](CVE-2022/CVE-2022-450xx/CVE-2022-45079.json) (`2023-05-26T14:02:48.150`)
* [CVE-2022-1755](CVE-2022/CVE-2022-17xx/CVE-2022-1755.json) (`2023-05-26T15:01:55.177`)
* [CVE-2022-36376](CVE-2022/CVE-2022-363xx/CVE-2022-36376.json) (`2023-05-26T15:02:41.920`)
* [CVE-2022-47984](CVE-2022/CVE-2022-479xx/CVE-2022-47984.json) (`2023-05-26T15:07:03.057`)
* [CVE-2023-28529](CVE-2023/CVE-2023-285xx/CVE-2023-28529.json) (`2023-05-26T14:05:13.470`)
* [CVE-2023-20024](CVE-2023/CVE-2023-200xx/CVE-2023-20024.json) (`2023-05-26T14:08:12.587`)
* [CVE-2023-22878](CVE-2023/CVE-2023-228xx/CVE-2023-22878.json) (`2023-05-26T14:14:55.810`)
* [CVE-2023-28950](CVE-2023/CVE-2023-289xx/CVE-2023-28950.json) (`2023-05-26T14:15:16.233`)
* [CVE-2023-20077](CVE-2023/CVE-2023-200xx/CVE-2023-20077.json) (`2023-05-26T14:22:30.640`)
* [CVE-2023-20087](CVE-2023/CVE-2023-200xx/CVE-2023-20087.json) (`2023-05-26T14:28:53.080`)
* [CVE-2023-20166](CVE-2023/CVE-2023-201xx/CVE-2023-20166.json) (`2023-05-26T14:42:33.603`)
* [CVE-2023-20167](CVE-2023/CVE-2023-201xx/CVE-2023-20167.json) (`2023-05-26T14:45:40.920`)
* [CVE-2023-20171](CVE-2023/CVE-2023-201xx/CVE-2023-20171.json) (`2023-05-26T14:54:31.757`)
* [CVE-2023-29013](CVE-2023/CVE-2023-290xx/CVE-2023-29013.json) (`2023-05-26T15:01:44.387`)
* [CVE-2023-27522](CVE-2023/CVE-2023-275xx/CVE-2023-27522.json) (`2023-05-26T15:05:01.460`)
* [CVE-2023-31996](CVE-2023/CVE-2023-319xx/CVE-2023-31996.json) (`2023-05-26T15:15:13.103`)
* [CVE-2023-30774](CVE-2023/CVE-2023-307xx/CVE-2023-30774.json) (`2023-05-26T15:24:56.207`)
* [CVE-2023-20172](CVE-2023/CVE-2023-201xx/CVE-2023-20172.json) (`2023-05-26T15:25:24.413`)
* [CVE-2023-30775](CVE-2023/CVE-2023-307xx/CVE-2023-30775.json) (`2023-05-26T15:26:09.463`)
* [CVE-2023-20173](CVE-2023/CVE-2023-201xx/CVE-2023-20173.json) (`2023-05-26T15:40:03.033`)
* [CVE-2023-28514](CVE-2023/CVE-2023-285xx/CVE-2023-28514.json) (`2023-05-26T15:42:03.927`)
* [CVE-2023-20174](CVE-2023/CVE-2023-201xx/CVE-2023-20174.json) (`2023-05-26T15:44:56.217`)
* [CVE-2023-20189](CVE-2023/CVE-2023-201xx/CVE-2023-20189.json) (`2023-05-26T15:51:50.933`)
* [CVE-2023-20881](CVE-2023/CVE-2023-208xx/CVE-2023-20881.json) (`2023-05-26T15:59:56.003`)
* [CVE-2022-45458](CVE-2022/CVE-2022-454xx/CVE-2022-45458.json) (`2023-05-26T17:20:59.377`)
* [CVE-2022-45457](CVE-2022/CVE-2022-454xx/CVE-2022-45457.json) (`2023-05-26T17:22:49.353`)
* [CVE-2022-45459](CVE-2022/CVE-2022-454xx/CVE-2022-45459.json) (`2023-05-26T17:49:09.873`)
* [CVE-2022-4418](CVE-2022/CVE-2022-44xx/CVE-2022-4418.json) (`2023-05-26T17:54:13.907`)
* [CVE-2023-27217](CVE-2023/CVE-2023-272xx/CVE-2023-27217.json) (`2023-05-26T16:11:04.130`)
* [CVE-2023-32784](CVE-2023/CVE-2023-327xx/CVE-2023-32784.json) (`2023-05-26T16:25:21.913`)
* [CVE-2023-27730](CVE-2023/CVE-2023-277xx/CVE-2023-27730.json) (`2023-05-26T16:26:59.573`)
* [CVE-2023-27729](CVE-2023/CVE-2023-277xx/CVE-2023-27729.json) (`2023-05-26T16:27:36.633`)
* [CVE-2023-27728](CVE-2023/CVE-2023-277xx/CVE-2023-27728.json) (`2023-05-26T16:28:40.973`)
* [CVE-2023-27727](CVE-2023/CVE-2023-277xx/CVE-2023-27727.json) (`2023-05-26T16:31:17.513`)
* [CVE-2023-33203](CVE-2023/CVE-2023-332xx/CVE-2023-33203.json) (`2023-05-26T16:52:01.157`)
* [CVE-2023-1698](CVE-2023/CVE-2023-16xx/CVE-2023-1698.json) (`2023-05-26T17:09:45.837`)
* [CVE-2023-1694](CVE-2023/CVE-2023-16xx/CVE-2023-1694.json) (`2023-05-26T17:14:43.323`)
* [CVE-2023-2004](CVE-2023/CVE-2023-20xx/CVE-2023-2004.json) (`2023-05-26T17:15:17.503`)
* [CVE-2023-33829](CVE-2023/CVE-2023-338xx/CVE-2023-33829.json) (`2023-05-26T17:15:19.063`)
* [CVE-2023-1693](CVE-2023/CVE-2023-16xx/CVE-2023-1693.json) (`2023-05-26T17:15:36.813`)
* [CVE-2023-1692](CVE-2023/CVE-2023-16xx/CVE-2023-1692.json) (`2023-05-26T17:16:58.140`)
* [CVE-2023-2822](CVE-2023/CVE-2023-28xx/CVE-2023-2822.json) (`2023-05-26T17:18:09.617`)
* [CVE-2023-28623](CVE-2023/CVE-2023-286xx/CVE-2023-28623.json) (`2023-05-26T17:25:56.600`)
* [CVE-2023-32677](CVE-2023/CVE-2023-326xx/CVE-2023-32677.json) (`2023-05-26T17:28:42.717`)
* [CVE-2023-32679](CVE-2023/CVE-2023-326xx/CVE-2023-32679.json) (`2023-05-26T17:33:04.877`)
* [CVE-2023-32675](CVE-2023/CVE-2023-326xx/CVE-2023-32675.json) (`2023-05-26T17:34:06.543`)
* [CVE-2023-31756](CVE-2023/CVE-2023-317xx/CVE-2023-31756.json) (`2023-05-26T17:35:26.557`)
* [CVE-2023-32303](CVE-2023/CVE-2023-323xx/CVE-2023-32303.json) (`2023-05-26T17:36:37.287`)
* [CVE-2023-2181](CVE-2023/CVE-2023-21xx/CVE-2023-2181.json) (`2023-05-26T17:50:55.790`)
## Download and Usage