admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-08T02:00:30.806970+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-08 02:00:34 +00:00
parent 9e78688ca6
commit e7809ac9ae
36 changed files with 2194 additions and 288 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
CVE-2020/CVE-2020-367xx/CVE-2020-36737.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-36737",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-01T04:15:10.113",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T00:00:14.253",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,42 +46,89 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:brainstormforce:import_\\/_export_customizer_settings:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.3",
"matchCriteriaId": "A638C930-8390-4CD1-B6C1-8E13E12BD24E"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2368366%40astra-import-export&new=2368366%40astra-import-export&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/194face3-36ac-4137-af9a-0b98f60e3afb?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

69
CVE-2020/CVE-2020-367xx/CVE-2020-36738.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-36738",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-01T04:15:10.220",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T01:15:06.300",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,42 +46,89 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:coolplugins:cool_timeline:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.0.3",
"matchCriteriaId": "4F98B8C9-83A9-4BCE-A0A6-7327B8402806"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2368335/cool-timeline/trunk/fa-icons/fa-icons-class.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1ce7c895-e94c-46bd-9de1-f5fde29c3475?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

69
CVE-2020/CVE-2020-367xx/CVE-2020-36746.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-36746",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-01T06:15:09.157",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T00:01:40.310",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,42 +46,89 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:menu_swapper_project:menu_swapper:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.1.1",
"matchCriteriaId": "5EDE1F15-C493-4587-951C-43596E60FE2C"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2368729%40menu-swapper&new=2368729%40menu-swapper&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/49a04155-9fa8-45e0-b80b-3836d5271fa7?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

69
CVE-2020/CVE-2020-367xx/CVE-2020-36747.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-36747",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-01T06:15:09.350",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T00:01:28.877",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,42 +46,89 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:brainstormforce:lightweight_sidebar_manager:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.5",
"matchCriteriaId": "59A51D55-FD76-4426-B1BC-08DDCE9BEFB6"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2368387%40sidebar-manager&new=2368387%40sidebar-manager&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/844c5012-f823-46ae-8de2-e2803b7cd063?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

91
CVE-2020/CVE-2020-367xx/CVE-2020-36748.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-36748",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-01T06:15:09.433",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T00:01:19.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -31,6 +31,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
@ -46,42 +66,89 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wedevs:dokan:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.0.9",
"matchCriteriaId": "E0FF6D6A-C648-4765-AD34-9345209DC2F9"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2368433/dokan-lite/trunk/includes/Dashboard/Templates/Orders.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/894c875a-078f-4c1f-83d2-4a6e4a309c3e?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

69
CVE-2020/CVE-2020-367xx/CVE-2020-36749.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-36749",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-01T06:15:09.517",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T00:00:59.577",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,42 +46,89 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:goldplugins:easy_testimonials:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.7",
"matchCriteriaId": "B51C469A-DD80-4141-B183-BA20B6E7059B"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2370405%40easy-testimonials&new=2370405%40easy-testimonials&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8da49c2e-576c-490b-b812-96d15b6d2b1b?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

81
CVE-2021/CVE-2021-43xx/CVE-2021-4389.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4389",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-01T05:15:15.637",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T00:34:23.380",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -36,7 +36,7 @@
},
"weaknesses": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,44 +44,101 @@
"value": "CWE-352"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wensolutions:wp_travel:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.4.7",
"matchCriteriaId": "3755151F-DEFF-4F43-855D-0F4633239013"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2477827/wp-travel/tags/4.4.7/inc/admin/class-admin-metaboxes.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/28dea1e9-e772-488e-b98f-93a46ab84581?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

69
CVE-2021/CVE-2021-43xx/CVE-2021-4390.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4390",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-01T05:15:15.717",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T00:02:37.307",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,42 +46,89 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cf7style:contact_form_7_style:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.2",
"matchCriteriaId": "3ADF24B8-7493-453B-B6C9-DB4B303A77B9"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/contact-form-7-style/trunk/cf7-style-meta-box.php#L546",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2972cdaf-2d0a-4b55-b4f5-ccf01ff5352c?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

69
CVE-2021/CVE-2021-43xx/CVE-2021-4391.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4391",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-01T05:15:15.790",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T00:02:31.327",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,42 +46,89 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpswings:ultimate_gift_cards_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.1.2",
"matchCriteriaId": "0A1A9265-A4DB-4F57-BACD-C6F4639CE0E0"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/woo-gift-cards-lite/tags/2.1.2/admin/class-woocommerce-gift-cards-lite-admin.php?rev=2549904#L461",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2da322ea-0206-4838-8ac4-9dd201bb00bc?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

69
CVE-2021/CVE-2021-43xx/CVE-2021-4392.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4392",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-01T05:15:15.863",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T00:02:25.213",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,42 +46,89 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:implecode:ecommerce_product_catalog:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.9.43",
"matchCriteriaId": "3DBA24C5-E716-4D56-A8C2-59A474E477E7"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2368356%40ecommerce-product-catalog&new=2368356%40ecommerce-product-catalog&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2eb963dd-41c3-43cd-afb7-1be054829ea3?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

69
CVE-2021/CVE-2021-43xx/CVE-2021-4393.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4393",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-01T05:15:15.933",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T00:02:19.453",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,42 +46,89 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:implecode:ecommerce_product_catalog:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.0.18",
"matchCriteriaId": "96C38D6F-916F-4F40-B81C-F516E99AA3BD"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2473569/ecommerce-product-catalog/trunk/modules/cart/includes/orders/includes/register-digital-orders.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/12ecf3d5-1457-405a-8856-517c7d2f2db1?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

69
CVE-2021/CVE-2021-43xx/CVE-2021-4394.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4394",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-01T05:15:16.003",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T00:02:12.540",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,42 +46,89 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:goldplugins:locations:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.0",
"matchCriteriaId": "7E8EB9E1-E2AD-4F09-A41B-1EBC7B59D16D"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2548546%40locations&new=2548546%40locations&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3df9f237-a861-43fc-8623-d42f84d8d5d1?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

93
CVE-2021/CVE-2021-43xx/CVE-2021-4399.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2021-4399",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-01T06:15:09.917",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T00:03:28.733",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Edwiser Bridge plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including,2.0.6. This is due to missing or incorrect nonce validation on the user_data_synchronization_initiater(), course_synchronization_initiater(), users_link_to_moodle_synchronization(), connection_test_initiater(), admin_menus(), and subscribe_handler() function. This makes it possible for unauthenticated attackers to perform unauthorized actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El plugin Edwiser Bridge para WordPress es vulnerable a ataques de tipo Cross-Site Request Forgery (CSRF) en versiones hasta la 2.0.6 inclusive. Esto es debido a la falta o incorrecta validaci\u00f3n nonce en las funciones \"user_data_synchronization_initiater()\", \"course_synchronization_initiater()\", \"users_link_to_moodle_synchronization()\", \"connection_test_initiater()\", \"admin_menus()\" y \"subscribe_handler()\". Esto hace posible que atacantes no autenticados realicen acciones no autorizadas a trav\u00e9s de una solicitud manipulada concedida y puedan enga\u00f1ar a un administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
@ -46,42 +70,87 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:edwiser:bridge:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.0.6",
"matchCriteriaId": "887F368F-C55E-4454-8603-AB7667C56F31"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2478642%40edwiser-bridge&new=2478642%40edwiser-bridge&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6450dafd-5992-4831-87af-e5e47cc8663e?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2021/CVE-2021-44xx/CVE-2021-4400.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2021-4400",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-01T06:15:09.987",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T00:13:31.993",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Better Search plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.5.2. This is due to missing or incorrect nonce validation on the bsearch_process_settings_import() and bsearch_process_settings_export() functions. This makes it possible for unauthenticated attackers to import and export settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El plugin Better Search para WordPress es vulnerable a ataques de tipo Cross-Site Request Forgery (CSRF) en versiones hasta la 2.5.2 inclusive. Esto se debe a la falta o incorrecta validaci\u00f3n nonce en las funciones \"bsearch_process_settings_import()\" y \"bsearch_process_settings_export()\". Esto hace posible que atacantes no autenticados importen y exporten configuraciones a trav\u00e9s de una solicitud manipulada concedida y puedan enga\u00f1ar a un administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace. "
}
],
"metrics": {
@ -46,42 +50,87 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webberzone:better_search:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.5.2",
"matchCriteriaId": "50A863C7-85E4-4678-BA94-37379FC27FE9"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2473344%40better-search&new=2473344%40better-search&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7acbcf74-2bae-412b-bf9d-70287a91deea?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

93
CVE-2021/CVE-2021-44xx/CVE-2021-4401.json
View File

@ -2,18 +2,22 @@
"id": "CVE-2021-4401",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-01T06:15:10.067",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T00:07:04.170",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Style Kits plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.0. This is due to missing or incorrect nonce validation on the update_posts_stylekit() function. This makes it possible for unauthenticated attackers to update style kits for posts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El plugin Style Kits para WordPress es vulnerable a ataques de tipo Cross-Site Request Forgery (CSRF) en versiones hasta la 1.8.0 inlcusive. Esto es debido a la falta o incorrecta validaci\u00f3n nonce en la funci\u00f3n \"update_posts_stylekit()\". Esto hace posible que atacantes no autenticados actualicen los kits de estilo de las entradas a trav\u00e9s de una solicitud manipulada y puedan enga\u00f1ar a un administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -31,6 +35,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -46,42 +70,87 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:analogwp:style_kits:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.8.0",
"matchCriteriaId": "7B2855AB-5376-42D9-AEA0-6C2BF2BCD5BB"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2473676/analogwp-templates/trunk/inc/class-quick-edit.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7cb08fc1-fb8b-4478-8569-eb9b28aff50b?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2021/CVE-2021-44xx/CVE-2021-4402.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2021-4402",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-01T06:15:10.137",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T00:05:14.903",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Multiple Roles plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.1. This is due to missing or incorrect nonce validation on the mu_add_roles_in_signup_meta() and mu_add_roles_in_signup_meta_recently() functions. This makes it possible for unauthenticated attackers to add additional roles to users via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El plugin Multiple Roles para WordPress es vulnerable a ataques de tipo Cross-Site Request Forgery en versiones hasta la 1.3.1 inclusive. Esto es debido a la falta o incorrecta validaci\u00f3n nonce en las funciones \"mu_add_roles_in_signup_meta()\" y \"mu_add_roles_in_signup_meta_recently()\". Esto hace posible que atacantes no autenticados a\u00f1adan roles adicionales a los usuarios a trav\u00e9s de una solicitud manipulada concedida y puedan enga\u00f1ar a un administrador del sitio para realizar una acci\u00f3n como hacer clic en un enlace. "
}
],
"metrics": {
@ -46,42 +50,87 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:multiple_roles_project:multiple_roles:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.3.1",
"matchCriteriaId": "F91F571D-9CD5-44B2-B87E-3014A1D2018B"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2556328%40multiple-roles&new=2556328%40multiple-roles&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/862fa0c3-c16f-493e-9bf6-92debc0e30f6?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2021/CVE-2021-44xx/CVE-2021-4403.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2021-4403",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-01T06:15:10.210",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T00:16:20.603",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Remove Schema plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the validate() function. This makes it possible for unauthenticated attackers to modify the plugins settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El plugin Remove Schema para WordPress es vulnerable a ataques de tipo Cross-Site Request Forgery (CSRF) en versiones hasta la 1.5 inclusive. Esto es debido a la falta o incorrecta validaci\u00f3n nonce en la funci\u00f3n \"validate()\". Esto hace posible que atacantes no autenticados modifiquen la configuraci\u00f3n del plugin a trav\u00e9s de una solicitud manipulada concedida y puedan enga\u00f1ar a un administrador del sitio para realizar una acci\u00f3n como hacer clic en un enlace. "
}
],
"metrics": {
@ -46,42 +50,87 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:websitescanner:remove_schema:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.5",
"matchCriteriaId": "7E90D771-1066-4961-8778-E0EBD3C5B40C"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2548575%40remove-schema&new=2548575%40remove-schema&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/89635463-966d-4f7d-995d-ad83a502d95b?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2021/CVE-2021-44xx/CVE-2021-4404.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2021-4404",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-01T06:15:10.297",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T00:21:21.363",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Event Espresso 4 Decaf plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.10.11. This is due to missing or incorrect nonce validation on the ajaxHandler() function. This makes it possible for unauthenticated attackers to op into notifications via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El plugin Event Espresso 4 Decaf para WordPress es vulnerable a ataques de tipo Cross-Site Request Forgery (CSRF) en versiones hasta la 4.10.11 inclusive. Esto es debido a la falta o incorrecta validaci\u00f3n nonce en la funci\u00f3n \"ajaxHandler()\". Esto hace posible que los atacantes no autenticados puedan entrar en las notificaciones a trav\u00e9s de una solicitud manipulada concedida y puedan enga\u00f1ar a un administrador del sitio para realizar una acci\u00f3n como hacer clic en un enlace. "
}
],
"metrics": {
@ -46,42 +50,87 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eventespresso:event_espresso_4_decaf:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.10.11",
"matchCriteriaId": "653CCF07-0971-4E8C-A798-72A31DBE8C08"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2554360/event-espresso-decaf/trunk/core/domain/services/pue/Stats.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/89d3a9da-2496-4f75-ad8f-65629f198fe5?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2021/CVE-2021-44xx/CVE-2021-4405.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2021-4405",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-01T06:15:10.380",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T01:13:48.213",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The ElasticPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.5.3. This is due to missing or incorrect nonce validation on the epio_send_autosuggest_allowed() function. This makes it possible for unauthenticated attackers to send allowed parameters for autosuggest to elasticpress[.]io via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El plugin ElasticPress para WordPress es vulnerable a ataques de tipo Cross-Site Request Forgery (CSRF) en versiones hasta la 3.5.3 inclusive. Esto es debido a la falta o incorrecta validaci\u00f3n nonce en la funci\u00f3n \"epio_send_autosuggest_allowed()\". Esto hace posible que los atacantes no autenticados env\u00eden par\u00e1metros permitidos para \"autosuggest\" a \"elasticpress.io\" a trav\u00e9s de una solicitud manipulada concedida y puedan enga\u00f1ar a un administrador del sitio para realizar un acci\u00f3n como hacer clic en un enlace. "
}
],
"metrics": {
@ -46,42 +50,87 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:10up:elasticpress:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.5.3",
"matchCriteriaId": "6E580BE4-08AD-408C-A058-8C7C7BD8AFAC"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2473455/elasticpress/trunk/includes/classes/Feature/Autosuggest/Autosuggest.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8ab8eb9d-1427-4e99-8986-179147e0862e?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

81
CVE-2022/CVE-2022-447xx/CVE-2022-44720.json
View File

@ -2,23 +2,94 @@
"id": "CVE-2022-44720",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T20:15:09.780",
"lastModified": "2023-06-29T23:57:54.363",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T00:27:37.807",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Weblib Ucopia before 6.0.13. OS Command Injection injection can occur, related to chroot."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ucopia:wireless_appliance_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.13",
"matchCriteriaId": "D6FDED24-0681-4295-A07A-011AF6B726E7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ucopia:wireless_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB1C8FCD-6DE1-4356-B646-8A790A4B6DB2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.synacktiv.com/sites/default/files/2023-06/synacktiv-ucopia-multiple-vulnerabilities-2022.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://www.ucopia.com/en/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

93
CVE-2023/CVE-2023-201xx/CVE-2023-20116.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20116",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-06-28T15:15:09.640",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T01:20:00.437",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "ykramarz@cisco.com",
@ -35,6 +57,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -46,10 +78,65 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.10000.6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "21BFC3A9-B6B1-49EE-A93A-6432BFE33E84"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.10000.6\\):*:*:*:session_management:*:*:*",
"matchCriteriaId": "D08CC27A-6320-45C4-82AA-66AC316D6C3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.0\\(1.10000.10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1BA185BB-D78F-4F4E-B248-9AF550F0C4E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.0\\(1.10000.10\\):*:*:*:session_management:*:*:*",
"matchCriteriaId": "13A5DB3B-B62D-4E66-9D56-A1E54B1A9AEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1.10000.22\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BEEEA592-F8A1-41F2-B152-87F0A9B6087E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1.10000.22\\):*:*:*:session_management:*:*:*",
"matchCriteriaId": "4F504F7A-FA4C-4CA1-8CAE-417ABD900C85"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:14.0\\(1.10000.20\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C4B25936-F690-4A75-9704-39AE7A285B86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:14.0\\(1.10000.20\\):*:*:*:session_management:*:*:*",
"matchCriteriaId": "60DA9958-C2A8-4F9D-98B1-617C87A09DF1"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-dos-4Ag3yWbD",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-201xx/CVE-2023-20136.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20136",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-06-28T15:15:09.820",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T00:38:51.887",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "ykramarz@cisco.com",
@ -35,6 +57,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -46,10 +78,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:secure_workload:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.7.1.40",
"matchCriteriaId": "307B42DF-41FC-43B7-B811-14A6B008906E"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-auth-openapi-kTndjdNX",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

125
CVE-2023/CVE-2023-206xx/CVE-2023-20690.json
View File

@ -2,19 +2,136 @@
"id": "CVE-2023-20690",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:09.620",
"lastModified": "2023-07-05T13:00:42.097",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T23:57:12.433",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664735; Issue ID: ALPS07664735."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220"
}
]
}
]
}
],
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023",
"source": "security@mediatek.com"
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
]
}
]
}

350
CVE-2023/CVE-2023-207xx/CVE-2023-20754.json
View File

@ -2,19 +2,361 @@
"id": "CVE-2023-20754",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:09.893",
"lastModified": "2023-07-05T13:00:42.097",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T23:56:37.327",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07563028; Issue ID: ALPS07588343."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6731:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF784DB-3560-4045-BB32-F12DCF4C43B1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8E91CA4-CA5B-40D1-9A96-2B875104BCF4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE14B46-C1CA-465F-8578-059FA2ED30EB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "533284E5-C3AF-48D3-A287-993099DB2E41"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB05B1D-77C9-4E42-91AD-9F087413DC20"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45"
}
]
}
]
}
],
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/July-2023",
"source": "security@mediatek.com"
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
]
}
]
}

78
CVE-2023/CVE-2023-261xx/CVE-2023-26136.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26136",
"sourceIdentifier": "report@snyk.io",
"published": "2023-07-01T05:15:16.103",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-08T00:02:00.740",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "report@snyk.io",
"type": "Secondary",
@ -34,22 +54,68 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:salesforce:tough-cookie:*:*:*:*:*:node.js:*:*",
"versionEndExcluding": "4.1.3",
"matchCriteriaId": "805B31A6-800B-42D8-80A1-91E31F7D69CA"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e",
"source": "report@snyk.io"
"source": "report@snyk.io",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/salesforce/tough-cookie/issues/282",
"source": "report@snyk.io"
"source": "report@snyk.io",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3",
"source": "report@snyk.io"
"source": "report@snyk.io",
"tags": [
"Release Notes"
]
},
{
"url": "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873",
"source": "report@snyk.io"
"source": "report@snyk.io",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-274xx/CVE-2023-27469.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-27469",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-30T20:15:09.360",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T23:55:51.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Malwarebytes Anti-Exploit 4.4.0.220 is vulnerable to arbitrary file deletion and denial of service via an ALPC message in which FullFileNamePath lacks a '\\0' character."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:malwarebytes:anti-exploit:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.4.0.220",
"matchCriteriaId": "77A9EE7A-DB3E-4AE3-B8BC-939047422B37"
}
]
}
]
}
],
"references": [
{
"url": "https://malwarebytes.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.malwarebytes.com/secure/cves/cve-2023-27469",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

46
CVE-2023/CVE-2023-305xx/CVE-2023-30549.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-30549",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-25T21:15:10.767",
"lastModified": "2023-05-26T21:15:19.493",
"lastModified": "2023-07-08T00:15:09.500",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Apptainer is an open source container platform for Linux. There is an ext4 use-after-free flaw that is exploitable through versions of Apptainer < 1.1.0, installations that include apptainer-suid < 1.1.8, and all versions of Singularity in their default configurations on older operating systems where that CVE has not been patched. That includes Red Hat Enterprise Linux 7, Debian 10 buster (unless the linux-5.10 package is installed), Ubuntu 18.04 bionic and Ubuntu 20.04 focal. Use-after-free flaws in the kernel can be used to attack the kernel for denial of service and potentially for privilege escalation. Apptainer 1.1.8 includes a patch that by default disables mounting of extfs filesystem types in setuid-root mode, while continuing to allow mounting of extfs filesystems in non-setuid \"rootless\" mode using fuse2fs. Some workarounds are possible. Either do not install apptainer-suid (for versions 1.1.0 through 1.1.7) or set `allow setuid = no` in apptainer.conf (or singularity.conf for singularity versions). This requires having unprivileged user namespaces enabled and except for apptainer 1.1.x versions will disallow mounting of sif files, extfs files, and squashfs files in addition to other, less significant impacts. (Encrypted sif files are also not supported unprivileged in apptainer 1.1.x.). Alternatively, use the `limit containers` options in apptainer.conf/singularity.conf to limit sif files to trusted users, groups, and/or paths, and set `allow container extfs = no` to disallow mounting of extfs overlay files. The latter option by itself does not disallow mounting of extfs overlay partitions inside SIF files, so that's why the former options are also needed."
"value": "Apptainer is an open source container platform for Linux. There is an ext4 use-after-free flaw that is exploitable through versions of Apptainer < 1.1.0 and installations that include apptainer-suid < 1.1.8 on older operating systems where that CVE has not been patched. That includes Red Hat Enterprise Linux 7, Debian 10 buster (unless the linux-5.10 package is installed), Ubuntu 18.04 bionic and Ubuntu 20.04 focal. Use-after-free flaws in the kernel can be used to attack the kernel for denial of service and potentially for privilege escalation.\n\nApptainer 1.1.8 includes a patch that by default disables mounting of extfs filesystem types in setuid-root mode, while continuing to allow mounting of extfs filesystems in non-setuid \"rootless\" mode using fuse2fs.\n\nSome workarounds are possible. Either do not install apptainer-suid (for versions 1.1.0 through 1.1.7) or set `allow setuid = no` in apptainer.conf. This requires having unprivileged user namespaces enabled and except for apptainer 1.1.x versions will disallow mounting of sif files, extfs files, and squashfs files in addition to other, less significant impacts. (Encrypted sif files are also not supported unprivileged in apptainer 1.1.x.). Alternatively, use the `limit containers` options in apptainer.conf/singularity.conf to limit sif files to trusted users, groups, and/or paths, and set `allow container extfs = no` to disallow mounting of extfs overlay files. The latter option by itself does not disallow mounting of extfs overlay partitions inside SIF files, so that's why the former options are also needed."
}
],
"metrics": {
@ -37,26 +37,26 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
"exploitabilityScore": 2.5,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -66,7 +66,7 @@
]
},
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
@ -154,6 +154,22 @@
"Vendor Advisory"
]
},
{
"url": "https://github.com/torvalds/linux/commit/2220eaf90992c11d888fe771055d4de3303",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/torvalds/linux/commit/4f04351888a83e595571de672e0a4a8b74f",
"source": "security-advisories@github.com"
},
{
"url": "https://lwn.net/Articles/932136/",
"source": "security-advisories@github.com"
},
{
"url": "https://lwn.net/Articles/932137/",
"source": "security-advisories@github.com"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2022-1184",
"source": "security-advisories@github.com",
@ -161,6 +177,10 @@
"Not Applicable"
]
},
{
"url": "https://sylabs.io/2023/04/response-to-cve-2023-30549/",
"source": "security-advisories@github.com"
},
{
"url": "https://ubuntu.com/security/CVE-2022-1184",
"source": "security-advisories@github.com",

20
CVE-2023/CVE-2023-320xx/CVE-2023-32000.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-32000",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-07-08T00:15:09.653",
"lastModified": "2023-07-08T00:15:09.653",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Scripting (XSS) vulnerability found in UniFi Network (Version 7.3.83 and earlier) allows a malicious actor with Site Administrator credentials to escalate privileges by persuading an Administrator to visit a malicious web page."
}
],
"metrics": {},
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-034-034/53cfcb84-b42b-4f8f-afbf-07c0ca7cabe2",
"source": "support@hackerone.com"
}
]
}

6
CVE-2023/CVE-2023-324xx/CVE-2023-32439.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32439",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.813",
"lastModified": "2023-07-07T20:15:10.247",
"lastModified": "2023-07-08T00:15:09.713",
"vulnStatus": "Modified",
"cisaExploitAdd": "2023-06-23",
"cisaActionDue": "2023-07-14",
@ -164,6 +164,10 @@
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5449",
"source": "product-security@apple.com"
}
]
}

70
CVE-2023/CVE-2023-359xx/CVE-2023-35946.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35946",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-30T21:15:09.070",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T23:58:40.233",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,22 +66,60 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gradle:gradle:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.6.2",
"matchCriteriaId": "625A3013-4C8A-46A0-9559-A01BDB4C23CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gradle:gradle:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0",
"versionEndExcluding": "8.2",
"matchCriteriaId": "AFC239C5-E6F3-4AF6-A7CE-ACCCA46F5080"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.gradle.org/current/userguide/dependency_verification.html",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/gradle/gradle/commit/859eae2b2acf751ae7db3c9ffefe275aa5da0d5d",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/gradle/gradle/commit/b07e528feb3a5ffa66bdcc358549edd73e4c8a12",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/gradle/gradle/security/advisories/GHSA-2h6c-rv6q-494v",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-372xx/CVE-2023-37201.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-37201",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-07-05T09:15:09.510",
"lastModified": "2023-07-05T13:00:26.547",
"lastModified": "2023-07-08T00:15:09.807",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -16,6 +16,10 @@
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1826002",
"source": "security@mozilla.org"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-22/",
"source": "security@mozilla.org"

6
CVE-2023/CVE-2023-372xx/CVE-2023-37202.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-37202",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-07-05T09:15:09.897",
"lastModified": "2023-07-05T13:00:26.547",
"lastModified": "2023-07-08T00:15:09.890",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -16,6 +16,10 @@
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1834711",
"source": "security@mozilla.org"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-22/",
"source": "security@mozilla.org"

6
CVE-2023/CVE-2023-372xx/CVE-2023-37207.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-37207",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-07-05T09:15:09.963",
"lastModified": "2023-07-05T13:00:26.547",
"lastModified": "2023-07-08T00:15:09.960",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -16,6 +16,10 @@
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1816287",
"source": "security@mozilla.org"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-22/",
"source": "security@mozilla.org"

6
CVE-2023/CVE-2023-372xx/CVE-2023-37208.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-37208",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-07-05T09:15:10.023",
"lastModified": "2023-07-05T13:00:26.547",
"lastModified": "2023-07-08T00:15:10.017",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -16,6 +16,10 @@
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1837675",
"source": "security@mozilla.org"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-22/",
"source": "security@mozilla.org"

6
CVE-2023/CVE-2023-372xx/CVE-2023-37211.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-37211",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-07-05T10:15:10.043",
"lastModified": "2023-07-05T13:00:26.547",
"lastModified": "2023-07-08T00:15:10.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -16,6 +16,10 @@
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1832306%2C1834862%2C1835886%2C1836550%2C1837450",
"source": "security@mozilla.org"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-22/",
"source": "security@mozilla.org"

52
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-07-07T23:55:25.804603+00:00
2023-07-08T02:00:30.806970+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-07-07T23:54:46.117000+00:00
2023-07-08T01:20:00.437000+00:00
```
### Last Data Feed Release
@ -23,39 +23,51 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain
2023-07-07T00:00:13.528944+00:00
2023-07-08T00:00:13.594222+00:00
```
### Total Number of included CVEs
```plain
219492
219493
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `1`
* [CVE-2023-37269](CVE-2023/CVE-2023-372xx/CVE-2023-37269.json) (`2023-07-07T22:15:09.483`)
* [CVE-2023-37270](CVE-2023/CVE-2023-372xx/CVE-2023-37270.json) (`2023-07-07T22:15:09.570`)
* [CVE-2023-32000](CVE-2023/CVE-2023-320xx/CVE-2023-32000.json) (`2023-07-08T00:15:09.653`)
### CVEs modified in the last Commit
Recently modified CVEs: `12`
Recently modified CVEs: `34`
* [CVE-2020-36735](CVE-2020/CVE-2020-367xx/CVE-2020-36735.json) (`2023-07-07T23:12:13.780`)
* [CVE-2020-36736](CVE-2020/CVE-2020-367xx/CVE-2020-36736.json) (`2023-07-07T23:14:40.660`)
* [CVE-2023-33298](CVE-2023/CVE-2023-332xx/CVE-2023-33298.json) (`2023-07-07T22:56:39.550`)
* [CVE-2023-22816](CVE-2023/CVE-2023-228xx/CVE-2023-22816.json) (`2023-07-07T23:01:46.437`)
* [CVE-2023-22815](CVE-2023/CVE-2023-228xx/CVE-2023-22815.json) (`2023-07-07T23:05:38.877`)
* [CVE-2023-23841](CVE-2023/CVE-2023-238xx/CVE-2023-23841.json) (`2023-07-07T23:15:09.253`)
* [CVE-2023-37360](CVE-2023/CVE-2023-373xx/CVE-2023-37360.json) (`2023-07-07T23:32:21.890`)
* [CVE-2023-3485](CVE-2023/CVE-2023-34xx/CVE-2023-3485.json) (`2023-07-07T23:35:45.077`)
* [CVE-2023-20691](CVE-2023/CVE-2023-206xx/CVE-2023-20691.json) (`2023-07-07T23:52:41.747`)
* [CVE-2023-20692](CVE-2023/CVE-2023-206xx/CVE-2023-20692.json) (`2023-07-07T23:53:27.697`)
* [CVE-2023-20693](CVE-2023/CVE-2023-206xx/CVE-2023-20693.json) (`2023-07-07T23:54:13.850`)
* [CVE-2023-20748](CVE-2023/CVE-2023-207xx/CVE-2023-20748.json) (`2023-07-07T23:54:46.117`)
* [CVE-2021-4391](CVE-2021/CVE-2021-43xx/CVE-2021-4391.json) (`2023-07-08T00:02:31.327`)
* [CVE-2021-4390](CVE-2021/CVE-2021-43xx/CVE-2021-4390.json) (`2023-07-08T00:02:37.307`)
* [CVE-2021-4399](CVE-2021/CVE-2021-43xx/CVE-2021-4399.json) (`2023-07-08T00:03:28.733`)
* [CVE-2021-4402](CVE-2021/CVE-2021-44xx/CVE-2021-4402.json) (`2023-07-08T00:05:14.903`)
* [CVE-2021-4401](CVE-2021/CVE-2021-44xx/CVE-2021-4401.json) (`2023-07-08T00:07:04.170`)
* [CVE-2021-4400](CVE-2021/CVE-2021-44xx/CVE-2021-4400.json) (`2023-07-08T00:13:31.993`)
* [CVE-2021-4403](CVE-2021/CVE-2021-44xx/CVE-2021-4403.json) (`2023-07-08T00:16:20.603`)
* [CVE-2021-4404](CVE-2021/CVE-2021-44xx/CVE-2021-4404.json) (`2023-07-08T00:21:21.363`)
* [CVE-2021-4389](CVE-2021/CVE-2021-43xx/CVE-2021-4389.json) (`2023-07-08T00:34:23.380`)
* [CVE-2021-4405](CVE-2021/CVE-2021-44xx/CVE-2021-4405.json) (`2023-07-08T01:13:48.213`)
* [CVE-2022-44720](CVE-2022/CVE-2022-447xx/CVE-2022-44720.json) (`2023-07-08T00:27:37.807`)
* [CVE-2023-27469](CVE-2023/CVE-2023-274xx/CVE-2023-27469.json) (`2023-07-07T23:55:51.067`)
* [CVE-2023-20754](CVE-2023/CVE-2023-207xx/CVE-2023-20754.json) (`2023-07-07T23:56:37.327`)
* [CVE-2023-20690](CVE-2023/CVE-2023-206xx/CVE-2023-20690.json) (`2023-07-07T23:57:12.433`)
* [CVE-2023-35946](CVE-2023/CVE-2023-359xx/CVE-2023-35946.json) (`2023-07-07T23:58:40.233`)
* [CVE-2023-26136](CVE-2023/CVE-2023-261xx/CVE-2023-26136.json) (`2023-07-08T00:02:00.740`)
* [CVE-2023-30549](CVE-2023/CVE-2023-305xx/CVE-2023-30549.json) (`2023-07-08T00:15:09.500`)
* [CVE-2023-32439](CVE-2023/CVE-2023-324xx/CVE-2023-32439.json) (`2023-07-08T00:15:09.713`)
* [CVE-2023-37201](CVE-2023/CVE-2023-372xx/CVE-2023-37201.json) (`2023-07-08T00:15:09.807`)
* [CVE-2023-37202](CVE-2023/CVE-2023-372xx/CVE-2023-37202.json) (`2023-07-08T00:15:09.890`)
* [CVE-2023-37207](CVE-2023/CVE-2023-372xx/CVE-2023-37207.json) (`2023-07-08T00:15:09.960`)
* [CVE-2023-37208](CVE-2023/CVE-2023-372xx/CVE-2023-37208.json) (`2023-07-08T00:15:10.017`)
* [CVE-2023-37211](CVE-2023/CVE-2023-372xx/CVE-2023-37211.json) (`2023-07-08T00:15:10.097`)
* [CVE-2023-20136](CVE-2023/CVE-2023-201xx/CVE-2023-20136.json) (`2023-07-08T00:38:51.887`)
* [CVE-2023-20116](CVE-2023/CVE-2023-201xx/CVE-2023-20116.json) (`2023-07-08T01:20:00.437`)
## Download and Usage