admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-10-04T16:00:24.907832+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-10-04 16:00:28 +00:00
parent a04b1d9e5a
commit e8bdf3b294
59 changed files with 1354 additions and 181 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
CVE-2015/CVE-2015-101xx/CVE-2015-10124.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2015-10124",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-10-02T14:15:09.757",
"lastModified": "2023-10-02T14:17:10.307",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T15:47:50.010",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Most Popular Posts Widget Plugin up to 0.8 on WordPress. It has been classified as critical. Affected is the function add_views/show_views of the file functions.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. Upgrading to version 0.9 is able to address this issue. The patch is identified as a99667d11ac8d320006909387b100e9a8b5c12e1. It is recommended to upgrade the affected component. VDB-241026 is the identifier assigned to this vulnerability."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en el complemento Most Popular Posts Widget hasta la versi\u00f3n 0.8 en WordPress. Ha sido clasificada como cr\u00edtica. La funci\u00f3n add_views/show_views del archivo functions.php es afectada por la vulnerabilidad. La manipulaci\u00f3n conduce a la inyecci\u00f3n de SQL. Es posible lanzar el ataque de forma remota. La actualizaci\u00f3n a la versi\u00f3n 0.9 puede solucionar este problema. El parche se identifica como a99667d11ac8d320006909387b100e9a8b5c12e1. Se recomienda actualizar el componente afectado. VDB-241026 es el identificador asignado a esta vulnerabilidad."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +97,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:smartfan:most_popular_posts_widget:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.8",
"matchCriteriaId": "959F1F7A-8386-44B3-8B16-CB24E9380D81"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wp-plugins/most-popular-posts-widget-lite/commit/a99667d11ac8d320006909387b100e9a8b5c12e1",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Patch"
]
},
{
"url": "https://vuldb.com/?ctiid.241026",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.241026",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2022/CVE-2022-439xx/CVE-2022-43906.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2022-43906",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-10-04T14:15:10.280",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Guardium 11.5 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie. IBM X-Force ID: 240897."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/240897",
"source": "psirt@us.ibm.com"
},
{
"url": "https://https://www.ibm.com/support/pages/node/7038019",
"source": "psirt@us.ibm.com"
}
]
}

6
CVE-2023/CVE-2023-18xx/CVE-2023-1826.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1826",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-04T09:15:07.977",
"lastModified": "2023-04-10T20:15:08.477",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Modified",
"descriptions": [
{
@ -112,8 +112,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

47
CVE-2023/CVE-2023-18xx/CVE-2023-1832.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-1832",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-04T14:15:10.370",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An improper access control flaw was found in Candlepin. An attacker can create data scoped under another customer/tenant, which can result in loss of confidentiality and availability for the affected customer/tenant."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2
}
]
},
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-1832",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184364",
"source": "secalert@redhat.com"
}
]
}

6
CVE-2023/CVE-2023-18xx/CVE-2023-1857.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1857",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-05T08:15:07.750",
"lastModified": "2023-04-11T14:28:39.970",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

6
CVE-2023/CVE-2023-19xx/CVE-2023-1942.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1942",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-07T18:15:07.177",
"lastModified": "2023-04-14T14:34:18.347",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

6
CVE-2023/CVE-2023-19xx/CVE-2023-1951.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1951",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-08T08:15:07.357",
"lastModified": "2023-04-11T19:21:51.920",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -112,8 +112,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

6
CVE-2023/CVE-2023-19xx/CVE-2023-1952.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1952",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-08T09:15:07.623",
"lastModified": "2023-04-11T19:19:51.930",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

6
CVE-2023/CVE-2023-19xx/CVE-2023-1953.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1953",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-08T10:15:06.977",
"lastModified": "2023-04-11T18:59:02.557",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

6
CVE-2023/CVE-2023-19xx/CVE-2023-1954.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1954",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-08T10:15:07.033",
"lastModified": "2023-04-11T19:57:26.627",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

6
CVE-2023/CVE-2023-19xx/CVE-2023-1955.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1955",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-08T10:15:07.080",
"lastModified": "2023-04-11T20:01:46.490",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

6
CVE-2023/CVE-2023-19xx/CVE-2023-1956.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1956",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-08T10:15:07.127",
"lastModified": "2023-04-11T20:02:38.993",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

6
CVE-2023/CVE-2023-19xx/CVE-2023-1957.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1957",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-08T11:15:06.830",
"lastModified": "2023-04-11T20:09:25.593",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

6
CVE-2023/CVE-2023-19xx/CVE-2023-1958.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1958",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-08T11:15:06.890",
"lastModified": "2023-04-11T19:24:46.120",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

6
CVE-2023/CVE-2023-19xx/CVE-2023-1959.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1959",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-08T11:15:06.943",
"lastModified": "2023-04-11T19:33:17.943",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -112,8 +112,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

6
CVE-2023/CVE-2023-19xx/CVE-2023-1960.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1960",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-08T12:15:06.953",
"lastModified": "2023-04-11T19:33:49.173",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

6
CVE-2023/CVE-2023-19xx/CVE-2023-1961.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1961",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-08T12:15:07.010",
"lastModified": "2023-04-17T13:47:49.690",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

6
CVE-2023/CVE-2023-19xx/CVE-2023-1985.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1985",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-11T18:15:58.633",
"lastModified": "2023-04-13T21:03:11.407",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -112,8 +112,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

6
CVE-2023/CVE-2023-19xx/CVE-2023-1986.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1986",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-11T19:15:08.397",
"lastModified": "2023-04-13T21:02:54.177",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

6
CVE-2023/CVE-2023-19xx/CVE-2023-1987.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1987",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-11T19:15:08.497",
"lastModified": "2023-04-13T21:02:26.380",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

6
CVE-2023/CVE-2023-19xx/CVE-2023-1988.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1988",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-11T19:15:08.570",
"lastModified": "2023-04-13T21:02:08.543",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

10
CVE-2023/CVE-2023-205xx/CVE-2023-20588.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-20588",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-08-08T18:15:11.653",
"lastModified": "2023-10-04T03:15:10.310",
"lastModified": "2023-10-04T15:15:12.160",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "\nA division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.\u00a0\n\n\n\n\n\n\n\n"
},
{
"lang": "es",
"value": "Un error de divisi\u00f3n por cero en algunos procesadores AMD puede potencialmente devolver datos especulativos que resulten en una p\u00e9rdida de confidencialidad."
}
],
"metrics": {
@ -970,6 +974,10 @@
"url": "http://www.openwall.com/lists/oss-security/2023/10/04/1",
"source": "psirt@amd.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/04/2",
"source": "psirt@amd.com"
},
{
"url": "http://xenbits.xen.org/xsa/advisory-439.html",
"source": "psirt@amd.com"

51
CVE-2023/CVE-2023-225xx/CVE-2023-22515.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2023-22515",
"sourceIdentifier": "security@atlassian.com",
"published": "2023-10-04T14:15:10.440",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances.\n\nAtlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. \n\nFor more details, please review the linked advisory on this CVE."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@atlassian.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"references": [
{
"url": "https://confluence.atlassian.com/display/KB/FAQ+for+CVE-2023-22515",
"source": "security@atlassian.com"
},
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1295682276",
"source": "security@atlassian.com"
},
{
"url": "https://jira.atlassian.com/browse/CONFSERVER-92457",
"source": "security@atlassian.com"
}
]
}

6
CVE-2023/CVE-2023-22xx/CVE-2023-2242.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2242",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-22T16:15:42.157",
"lastModified": "2023-05-02T17:21:58.343",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

55
CVE-2023/CVE-2023-250xx/CVE-2023-25025.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-25025",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-04T14:15:10.507",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Chetan Gole WP-CopyProtect [Protect your blog posts] plugin <=\u00a03.1.0 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-copyprotect/wordpress-wp-copyprotect-protect-your-blog-posts-plugin-3-1-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

6
CVE-2023/CVE-2023-26xx/CVE-2023-2657.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2657",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-11T14:15:20.217",
"lastModified": "2023-05-17T12:59:22.743",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

6
CVE-2023/CVE-2023-26xx/CVE-2023-2658.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2658",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-11T14:15:20.653",
"lastModified": "2023-05-17T12:58:56.517",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

6
CVE-2023/CVE-2023-26xx/CVE-2023-2659.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2659",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-11T15:15:11.730",
"lastModified": "2023-05-17T12:57:38.140",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -112,8 +112,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

6
CVE-2023/CVE-2023-26xx/CVE-2023-2660.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2660",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-11T15:15:11.830",
"lastModified": "2023-05-17T12:57:04.227",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

6
CVE-2023/CVE-2023-26xx/CVE-2023-2661.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2661",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-11T15:15:11.917",
"lastModified": "2023-05-17T12:56:37.437",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

55
CVE-2023/CVE-2023-274xx/CVE-2023-27433.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-27433",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-04T14:15:10.587",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in YAS Global Team Make Paths Relative plugin <=\u00a01.3.0 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/make-paths-relative/wordpress-make-paths-relative-plugin-1-3-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

6
CVE-2023/CVE-2023-317xx/CVE-2023-31704.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31704",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-13T15:15:08.930",
"lastModified": "2023-07-21T13:56:55.870",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -55,8 +55,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

6
CVE-2023/CVE-2023-318xx/CVE-2023-31857.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31857",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-16T15:15:09.467",
"lastModified": "2023-05-22T17:39:44.597",
"lastModified": "2023-10-04T15:07:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -55,8 +55,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274"
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}

12
CVE-2023/CVE-2023-326xx/CVE-2023-32675.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32675",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-19T20:15:09.230",
"lastModified": "2023-08-02T16:22:18.663",
"vulnStatus": "Analyzed",
"lastModified": "2023-10-04T14:15:10.663",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -86,12 +86,8 @@
],
"references": [
{
"url": "https://github.com/vyperlang/vyper/commit/02339dfda0f3caabad142060d511d10bfe93c520.",
"source": "security-advisories@github.com",
"tags": [
"Broken Link",
"Patch"
]
"url": "https://github.com/vyperlang/vyper/commit/02339dfda0f3caabad142060d511d10bfe93c520",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-vxmm-cwh2-q762",

55
CVE-2023/CVE-2023-36xx/CVE-2023-3665.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-3665",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2023-10-04T15:15:12.360",
"lastModified": "2023-10-04T15:53:23.283",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nA code injection vulnerability in Trellix ENS 10.7.0 April 2023 release and earlier, allowed a local user to disable the ENS AMSI component via environment variables,\nleading to denial of service and or the execution of arbitrary code.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"references": [
{
"url": "https://kcm.trellix.com/corporate/index?page=content&id=SB10405",
"source": "trellixpsirt@trellix.com"
}
]
}

55
CVE-2023/CVE-2023-39xx/CVE-2023-3971.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-3971",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-04T15:15:12.430",
"lastModified": "2023-10-04T15:53:23.283",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An HTML injection flaw was found in Controller in the user interface settings. This flaw allows an attacker to capture credentials by creating a custom login page by injecting HTML, resulting in a complete compromise."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.2
}
]
},
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:4340",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:4590",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3971",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2226965",
"source": "secalert@redhat.com"
}
]
}

59
CVE-2023/CVE-2023-403xx/CVE-2023-40376.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-40376",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-10-04T14:15:10.793",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM UrbanCode Deploy (UCD) 7.1 - 7.1.2.12, 7.2 through 7.2.3.5, and 7.3 through 7.3.2.0 under certain configurations could allow an authenticated user to make changes to environment variables due to improper authentication controls. IBM X-Force ID: 263581."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/263581",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7037230",
"source": "psirt@us.ibm.com"
}
]
}

55
CVE-2023/CVE-2023-405xx/CVE-2023-40559.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-40559",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-04T15:15:12.497",
"lastModified": "2023-10-04T15:53:23.283",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Dynamic Pricing and Discount Rules for WooCommerce plugin <=\u00a02.4.0 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woo-conditional-discount-rules-for-checkout/wordpress-dynamic-pricing-and-discount-rules-for-woocommerce-plugin-2-4-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-405xx/CVE-2023-40561.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-40561",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-04T14:15:10.887",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Enhanced Ecommerce Google Analytics for WooCommerce plugin <=\u00a03.7.1 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woo-ecommerce-tracking-for-google-and-facebook/wordpress-enhanced-ecommerce-google-analytics-for-woocommerce-plugin-3-7-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

59
CVE-2023/CVE-2023-406xx/CVE-2023-40684.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-40684",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-10-04T14:15:10.957",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM Content Navigator 3.0.11, 3.0.13, and 3.0.14 with IBM Daeja ViewOne Virtual is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 264019."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/264019",
"source": "psirt@us.ibm.com"
},
{
"url": "https://https://www.ibm.com/support/pages/node/7046226",
"source": "psirt@us.ibm.com"
}
]
}

47
CVE-2023/CVE-2023-42xx/CVE-2023-4237.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-4237",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-04T15:15:12.643",
"lastModified": "2023-10-04T15:53:23.283",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Ansible Automation Platform. When creating a new keypair, the ec2_key module prints out the private key directly to the standard output. This flaw allows an attacker to fetch those keys from the log files, compromising the system's confidentiality, integrity, and availability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.6,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4237",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2229979",
"source": "secalert@redhat.com"
}
]
}

51
CVE-2023/CVE-2023-43xx/CVE-2023-4380.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2023-4380",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-04T15:15:12.703",
"lastModified": "2023-10-04T15:53:23.283",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A logic flaw exists in Ansible. Whenever a private project is created with incorrect credentials, they are logged in plaintext. This flaw allows an attacker to retrieve the credentials from the log, resulting in the loss of confidentiality, integrity, and availability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:4693",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4380",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232324",
"source": "secalert@redhat.com"
}
]
}

4
CVE-2023/CVE-2023-44xx/CVE-2023-4491.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4491",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T13:15:25.823",
"lastModified": "2023-10-04T13:15:25.823",
"vulnStatus": "Received",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-44xx/CVE-2023-4492.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4492",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T13:15:25.910",
"lastModified": "2023-10-04T13:15:25.910",
"vulnStatus": "Received",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-44xx/CVE-2023-4493.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4493",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T13:15:25.987",
"lastModified": "2023-10-04T13:15:25.987",
"vulnStatus": "Received",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-44xx/CVE-2023-4494.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4494",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T13:15:26.057",
"lastModified": "2023-10-04T13:15:26.057",
"vulnStatus": "Received",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-44xx/CVE-2023-4495.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4495",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T13:15:26.127",
"lastModified": "2023-10-04T13:15:26.127",
"vulnStatus": "Received",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-44xx/CVE-2023-4496.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4496",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T13:15:26.193",
"lastModified": "2023-10-04T13:15:26.193",
"vulnStatus": "Received",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-44xx/CVE-2023-4497.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4497",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T13:15:26.267",
"lastModified": "2023-10-04T13:15:26.267",
"vulnStatus": "Received",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

15
CVE-2023/CVE-2023-45xx/CVE-2023-4567.json Normal file
View File

@ -0,0 +1,15 @@
{
"id": "CVE-2023-4567",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-04T14:15:11.073",
"lastModified": "2023-10-04T14:15:11.073",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "** REJECT ** Issue has been found to be non-reproducible, therefore not a viable flaw."
}
],
"metrics": {},
"references": []
}

20
CVE-2023/CVE-2023-51xx/CVE-2023-5113.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-5113",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-10-04T15:15:12.760",
"lastModified": "2023-10-04T15:53:23.283",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI."
}
],
"metrics": {},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_9365285-9365309-16",
"source": "hp-security-alert@hp.com"
}
]
}

66
CVE-2023/CVE-2023-52xx/CVE-2023-5221.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5221",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-27T15:19:43.280",
"lastModified": "2023-09-27T15:41:51.143",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T15:50:02.617",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in ForU CMS. This affects an unknown part of the file /install/index.php. The manipulation of the argument db_name leads to code injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The associated identifier of this vulnerability is VDB-240363. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Una vulnerabilidad ha sido encontrada en ForU CMS y clasificada como cr\u00edtica. Esto afecta a una parte desconocida del archivo /install/index.php. La manipulaci\u00f3n del argumento db_name conduce a la inyecci\u00f3n de c\u00f3digo. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. Este producto no utiliza versiones. Esta es la raz\u00f3n por la que la informaci\u00f3n sobre las versiones afectadas y no afectadas no est\u00e1 disponible. El identificador asociado de esta vulnerabilidad es VDB-240363. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +97,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:foru_cms_project:foru_cms:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F77BC951-0137-4E12-B3BE-F50DF11226E3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Fovker8/cve/blob/main/rce.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.240363",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.240363",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

65
CVE-2023/CVE-2023-52xx/CVE-2023-5263.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5263",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-29T14:15:11.250",
"lastModified": "2023-09-29T15:52:15.247",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T15:45:00.667",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ZZZCMS 2.1.7 and classified as critical. Affected by this issue is the function restore of the file /admin/save.php of the component Database Backup File Handler. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240872."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en ZZZCMS 2.1.7 y clasificada como cr\u00edtica. La funci\u00f3n restaurar del archivo /admin/save.php del componente Database Backup File Handler es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce a problemas de permisos. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-240872."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +97,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zzzcms:zzzcms:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3DAE3E0F-3DBC-414B-854B-AD393573C740"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/yhy217/zzzcms-vul/issues/1",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.240872",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.240872",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-53xx/CVE-2023-5326.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5326",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-10-01T23:15:08.387",
"lastModified": "2023-10-02T00:44:36.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T14:26:14.127",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SATO CL4NX-J Plus 1.13.2-u455_r2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component WebConfig. The manipulation leads to improper authentication. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-241027."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en SATO CL4NX-J Plus 1.13.2-u455_r2. Ha sido declarada cr\u00edtica. Una funci\u00f3n desconocida del componente WebConfig es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce a una autenticaci\u00f3n incorrecta. El ataque debe realizarse dentro de la red local. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-241027."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +97,56 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sato:cl4nx-j_plus_firmware:1.13.2-u455_r2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED72F150-A5C4-462F-A956-4C8A2F5C9EC4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sato:cl4nx-j_plus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA0A7F04-ACCB-4BB4-BD6A-3C984F2C77ED"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/CV3TR4CK/CV3Cyb3R/blob/main/2023/SATO%20CL4NX-J%20Plus/README.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.241027",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.241027",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-53xx/CVE-2023-5327.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5327",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-10-01T23:15:08.487",
"lastModified": "2023-10-02T00:44:36.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T14:29:52.320",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SATO CL4NX-J Plus 1.13.2-u455_r2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /rest/dir/. The manipulation of the argument full leads to path traversal. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-241028."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en SATO CL4NX-J Plus 1.13.2-u455_r2. Ha sido calificada como problem\u00e1tica. Una funci\u00f3n desconocida del archivo /rest/dir/ es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento completo conduce al path traversal. El ataque debe iniciarse dentro de la red local. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-241028."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +97,56 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sato:cl4nx-j_plus_firmware:1.13.2-u455_r2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED72F150-A5C4-462F-A956-4C8A2F5C9EC4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sato:cl4nx-j_plus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA0A7F04-ACCB-4BB4-BD6A-3C984F2C77ED"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/CV3TR4CK/CV3Cyb3R/blob/main/2023/SATO%20CL4NX-J%20Plus%20dir/README.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.241028",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.241028",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-53xx/CVE-2023-5328.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5328",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-10-02T00:15:10.017",
"lastModified": "2023-10-02T00:44:36.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T14:31:25.733",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in SATO CL4NX-J Plus 1.13.2-u455_r2. This affects an unknown part of the component Cookie Handler. The manipulation with the input auth=user,level1,settings; web=true leads to improper authentication. Access to the local network is required for this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-241029 was assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad ha sido encontrada en SATO CL4NX-J Plus 1.13.2-u455_r2 y clasificada como cr\u00edtica. Una parte desconocida del componente Cookie Handler afecta a una parte desconocida. La manipulaci\u00f3n con la entrada auth=user,level1,settings; web=true conduce a una autenticaci\u00f3n incorrecta. Se requiere acceso a la red local para este ataque. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-241029."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +97,56 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sato:cl4nx-j_plus_firmware:1.13.2-u455_r2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED72F150-A5C4-462F-A956-4C8A2F5C9EC4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sato:cl4nx-j_plus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA0A7F04-ACCB-4BB4-BD6A-3C984F2C77ED"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/CV3TR4CK/CV3Cyb3R/blob/main/2023/SATO%20CL4NX-J%20Plus%20cookie/README.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.241029",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.241029",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-53xx/CVE-2023-5373.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5373",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-10-04T13:15:26.433",
"lastModified": "2023-10-04T13:15:26.433",
"vulnStatus": "Received",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

88
CVE-2023/CVE-2023-53xx/CVE-2023-5374.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-5374",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-10-04T14:15:11.123",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this vulnerability is an unknown functionality of the file products.php. The manipulation of the argument c leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-241255."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/llixixi/Engineers-Online-Portal-System/blob/main/Computer%20and%20Laptop%20Store%20System%20products.php%20has%20Sqlinjection.pdf",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.241255",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.241255",
"source": "cna@vuldb.com"
}
]
}

94
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-10-04T14:00:25.112883+00:00
2023-10-04T16:00:24.907832+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-10-04T13:53:02.330000+00:00
2023-10-04T15:53:23.283000+00:00
```
### Last Data Feed Release
@ -29,62 +29,60 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
226970
226986
```
### CVEs added in the last Commit
Recently added CVEs: `18`
Recently added CVEs: `16`
* [CVE-2022-4132](CVE-2022/CVE-2022-41xx/CVE-2022-4132.json) (`2023-10-04T12:15:10.230`)
* [CVE-2023-22618](CVE-2023/CVE-2023-226xx/CVE-2023-22618.json) (`2023-10-04T12:15:10.300`)
* [CVE-2023-3037](CVE-2023/CVE-2023-30xx/CVE-2023-3037.json) (`2023-10-04T12:15:10.373`)
* [CVE-2023-3038](CVE-2023/CVE-2023-30xx/CVE-2023-3038.json) (`2023-10-04T12:15:10.437`)
* [CVE-2023-3153](CVE-2023/CVE-2023-31xx/CVE-2023-3153.json) (`2023-10-04T12:15:10.503`)
* [CVE-2023-3361](CVE-2023/CVE-2023-33xx/CVE-2023-3361.json) (`2023-10-04T12:15:10.567`)
* [CVE-2023-43261](CVE-2023/CVE-2023-432xx/CVE-2023-43261.json) (`2023-10-04T12:15:10.627`)
* [CVE-2023-44208](CVE-2023/CVE-2023-442xx/CVE-2023-44208.json) (`2023-10-04T12:15:10.670`)
* [CVE-2023-4037](CVE-2023/CVE-2023-40xx/CVE-2023-4037.json) (`2023-10-04T12:15:10.733`)
* [CVE-2023-4090](CVE-2023/CVE-2023-40xx/CVE-2023-4090.json) (`2023-10-04T12:15:10.800`)
* [CVE-2023-4491](CVE-2023/CVE-2023-44xx/CVE-2023-4491.json) (`2023-10-04T13:15:25.823`)
* [CVE-2023-4492](CVE-2023/CVE-2023-44xx/CVE-2023-4492.json) (`2023-10-04T13:15:25.910`)
* [CVE-2023-4493](CVE-2023/CVE-2023-44xx/CVE-2023-4493.json) (`2023-10-04T13:15:25.987`)
* [CVE-2023-4494](CVE-2023/CVE-2023-44xx/CVE-2023-4494.json) (`2023-10-04T13:15:26.057`)
* [CVE-2023-4495](CVE-2023/CVE-2023-44xx/CVE-2023-4495.json) (`2023-10-04T13:15:26.127`)
* [CVE-2023-4496](CVE-2023/CVE-2023-44xx/CVE-2023-4496.json) (`2023-10-04T13:15:26.193`)
* [CVE-2023-4497](CVE-2023/CVE-2023-44xx/CVE-2023-4497.json) (`2023-10-04T13:15:26.267`)
* [CVE-2023-5373](CVE-2023/CVE-2023-53xx/CVE-2023-5373.json) (`2023-10-04T13:15:26.433`)
* [CVE-2022-43906](CVE-2022/CVE-2022-439xx/CVE-2022-43906.json) (`2023-10-04T14:15:10.280`)
* [CVE-2023-4567](CVE-2023/CVE-2023-45xx/CVE-2023-4567.json) (`2023-10-04T14:15:11.073`)
* [CVE-2023-1832](CVE-2023/CVE-2023-18xx/CVE-2023-1832.json) (`2023-10-04T14:15:10.370`)
* [CVE-2023-22515](CVE-2023/CVE-2023-225xx/CVE-2023-22515.json) (`2023-10-04T14:15:10.440`)
* [CVE-2023-25025](CVE-2023/CVE-2023-250xx/CVE-2023-25025.json) (`2023-10-04T14:15:10.507`)
* [CVE-2023-27433](CVE-2023/CVE-2023-274xx/CVE-2023-27433.json) (`2023-10-04T14:15:10.587`)
* [CVE-2023-40376](CVE-2023/CVE-2023-403xx/CVE-2023-40376.json) (`2023-10-04T14:15:10.793`)
* [CVE-2023-40561](CVE-2023/CVE-2023-405xx/CVE-2023-40561.json) (`2023-10-04T14:15:10.887`)
* [CVE-2023-40684](CVE-2023/CVE-2023-406xx/CVE-2023-40684.json) (`2023-10-04T14:15:10.957`)
* [CVE-2023-5374](CVE-2023/CVE-2023-53xx/CVE-2023-5374.json) (`2023-10-04T14:15:11.123`)
* [CVE-2023-3665](CVE-2023/CVE-2023-36xx/CVE-2023-3665.json) (`2023-10-04T15:15:12.360`)
* [CVE-2023-3971](CVE-2023/CVE-2023-39xx/CVE-2023-3971.json) (`2023-10-04T15:15:12.430`)
* [CVE-2023-40559](CVE-2023/CVE-2023-405xx/CVE-2023-40559.json) (`2023-10-04T15:15:12.497`)
* [CVE-2023-4237](CVE-2023/CVE-2023-42xx/CVE-2023-4237.json) (`2023-10-04T15:15:12.643`)
* [CVE-2023-4380](CVE-2023/CVE-2023-43xx/CVE-2023-4380.json) (`2023-10-04T15:15:12.703`)
* [CVE-2023-5113](CVE-2023/CVE-2023-51xx/CVE-2023-5113.json) (`2023-10-04T15:15:12.760`)
### CVEs modified in the last Commit
Recently modified CVEs: `50`
Recently modified CVEs: `42`
* [CVE-2023-30736](CVE-2023/CVE-2023-307xx/CVE-2023-30736.json) (`2023-10-04T12:56:06.920`)
* [CVE-2023-30737](CVE-2023/CVE-2023-307xx/CVE-2023-30737.json) (`2023-10-04T12:56:06.920`)
* [CVE-2023-30738](CVE-2023/CVE-2023-307xx/CVE-2023-30738.json) (`2023-10-04T12:56:06.920`)
* [CVE-2023-5368](CVE-2023/CVE-2023-53xx/CVE-2023-5368.json) (`2023-10-04T12:56:06.920`)
* [CVE-2023-5369](CVE-2023/CVE-2023-53xx/CVE-2023-5369.json) (`2023-10-04T12:56:06.920`)
* [CVE-2023-5370](CVE-2023/CVE-2023-53xx/CVE-2023-5370.json) (`2023-10-04T12:56:06.920`)
* [CVE-2023-44272](CVE-2023/CVE-2023-442xx/CVE-2023-44272.json) (`2023-10-04T12:56:06.920`)
* [CVE-2023-5375](CVE-2023/CVE-2023-53xx/CVE-2023-5375.json) (`2023-10-04T12:56:06.920`)
* [CVE-2023-5377](CVE-2023/CVE-2023-53xx/CVE-2023-5377.json) (`2023-10-04T12:56:06.920`)
* [CVE-2023-1584](CVE-2023/CVE-2023-15xx/CVE-2023-1584.json) (`2023-10-04T12:56:06.920`)
* [CVE-2023-35905](CVE-2023/CVE-2023-359xx/CVE-2023-35905.json) (`2023-10-04T12:56:10.477`)
* [CVE-2023-37404](CVE-2023/CVE-2023-374xx/CVE-2023-37404.json) (`2023-10-04T12:56:10.477`)
* [CVE-2023-3213](CVE-2023/CVE-2023-32xx/CVE-2023-3213.json) (`2023-10-04T12:56:10.477`)
* [CVE-2023-44488](CVE-2023/CVE-2023-444xx/CVE-2023-44488.json) (`2023-10-04T13:15:25.590`)
* [CVE-2023-5217](CVE-2023/CVE-2023-52xx/CVE-2023-5217.json) (`2023-10-04T13:15:26.337`)
* [CVE-2023-3769](CVE-2023/CVE-2023-37xx/CVE-2023-3769.json) (`2023-10-04T13:16:45.607`)
* [CVE-2023-41800](CVE-2023/CVE-2023-418xx/CVE-2023-41800.json) (`2023-10-04T13:24:01.053`)
* [CVE-2023-41847](CVE-2023/CVE-2023-418xx/CVE-2023-41847.json) (`2023-10-04T13:26:01.997`)
* [CVE-2023-41855](CVE-2023/CVE-2023-418xx/CVE-2023-41855.json) (`2023-10-04T13:30:41.403`)
* [CVE-2023-44262](CVE-2023/CVE-2023-442xx/CVE-2023-44262.json) (`2023-10-04T13:33:01.340`)
* [CVE-2023-44263](CVE-2023/CVE-2023-442xx/CVE-2023-44263.json) (`2023-10-04T13:33:58.363`)
* [CVE-2023-44228](CVE-2023/CVE-2023-442xx/CVE-2023-44228.json) (`2023-10-04T13:36:47.173`)
* [CVE-2023-44230](CVE-2023/CVE-2023-442xx/CVE-2023-44230.json) (`2023-10-04T13:37:30.187`)
* [CVE-2023-3744](CVE-2023/CVE-2023-37xx/CVE-2023-3744.json) (`2023-10-04T13:41:29.220`)
* [CVE-2023-5324](CVE-2023/CVE-2023-53xx/CVE-2023-5324.json) (`2023-10-04T13:53:02.330`)
* [CVE-2023-1952](CVE-2023/CVE-2023-19xx/CVE-2023-1952.json) (`2023-10-04T15:07:27.313`)
* [CVE-2023-1953](CVE-2023/CVE-2023-19xx/CVE-2023-1953.json) (`2023-10-04T15:07:27.313`)
* [CVE-2023-1954](CVE-2023/CVE-2023-19xx/CVE-2023-1954.json) (`2023-10-04T15:07:27.313`)
* [CVE-2023-1955](CVE-2023/CVE-2023-19xx/CVE-2023-1955.json) (`2023-10-04T15:07:27.313`)
* [CVE-2023-1956](CVE-2023/CVE-2023-19xx/CVE-2023-1956.json) (`2023-10-04T15:07:27.313`)
* [CVE-2023-1957](CVE-2023/CVE-2023-19xx/CVE-2023-1957.json) (`2023-10-04T15:07:27.313`)
* [CVE-2023-1958](CVE-2023/CVE-2023-19xx/CVE-2023-1958.json) (`2023-10-04T15:07:27.313`)
* [CVE-2023-1959](CVE-2023/CVE-2023-19xx/CVE-2023-1959.json) (`2023-10-04T15:07:27.313`)
* [CVE-2023-1960](CVE-2023/CVE-2023-19xx/CVE-2023-1960.json) (`2023-10-04T15:07:27.313`)
* [CVE-2023-1961](CVE-2023/CVE-2023-19xx/CVE-2023-1961.json) (`2023-10-04T15:07:27.313`)
* [CVE-2023-1985](CVE-2023/CVE-2023-19xx/CVE-2023-1985.json) (`2023-10-04T15:07:27.313`)
* [CVE-2023-1986](CVE-2023/CVE-2023-19xx/CVE-2023-1986.json) (`2023-10-04T15:07:27.313`)
* [CVE-2023-1987](CVE-2023/CVE-2023-19xx/CVE-2023-1987.json) (`2023-10-04T15:07:27.313`)
* [CVE-2023-1988](CVE-2023/CVE-2023-19xx/CVE-2023-1988.json) (`2023-10-04T15:07:27.313`)
* [CVE-2023-2242](CVE-2023/CVE-2023-22xx/CVE-2023-2242.json) (`2023-10-04T15:07:27.313`)
* [CVE-2023-2657](CVE-2023/CVE-2023-26xx/CVE-2023-2657.json) (`2023-10-04T15:07:27.313`)
* [CVE-2023-2658](CVE-2023/CVE-2023-26xx/CVE-2023-2658.json) (`2023-10-04T15:07:27.313`)
* [CVE-2023-2659](CVE-2023/CVE-2023-26xx/CVE-2023-2659.json) (`2023-10-04T15:07:27.313`)
* [CVE-2023-2660](CVE-2023/CVE-2023-26xx/CVE-2023-2660.json) (`2023-10-04T15:07:27.313`)
* [CVE-2023-2661](CVE-2023/CVE-2023-26xx/CVE-2023-2661.json) (`2023-10-04T15:07:27.313`)
* [CVE-2023-31857](CVE-2023/CVE-2023-318xx/CVE-2023-31857.json) (`2023-10-04T15:07:27.313`)
* [CVE-2023-31704](CVE-2023/CVE-2023-317xx/CVE-2023-31704.json) (`2023-10-04T15:07:27.313`)
* [CVE-2023-20588](CVE-2023/CVE-2023-205xx/CVE-2023-20588.json) (`2023-10-04T15:15:12.160`)
* [CVE-2023-5263](CVE-2023/CVE-2023-52xx/CVE-2023-5263.json) (`2023-10-04T15:45:00.667`)
* [CVE-2023-5221](CVE-2023/CVE-2023-52xx/CVE-2023-5221.json) (`2023-10-04T15:50:02.617`)
## Download and Usage