admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-04-28T21:55:23.725316+00:00

Browse Source
This commit is contained in:
René Helmke 2023-04-28 23:55:26 +02:00
parent e559bd51d5
commit e97b9b45a3
24 changed files with 1083 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
CVE-2020/CVE-2020-216xx/CVE-2020-21643.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2020-21643",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T20:15:13.267",
"lastModified": "2023-04-28T20:15:13.267",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in HongCMS 3.0 allows attackers to run arbitrary code via the callback parameter to /ajax/myshop."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Neeke/HongCMS/issues/15",
"source": "cve@mitre.org"
}
]
}

20
CVE-2020/CVE-2020-236xx/CVE-2020-23647.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2020-23647",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T20:15:13.320",
"lastModified": "2023-04-28T20:15:13.320",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in BoxBilling 4.19, 4.19.1, 4.20, and 4.21 allows remote attackers to run arbitrary code via the message field on the submit new ticket form."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/boxbilling/boxbilling/issues/596",
"source": "cve@mitre.org"
}
]
}

14
CVE-2022/CVE-2022-276xx/CVE-2022-27645.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-27645",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2023-03-29T19:15:08.637",
"lastModified": "2023-04-06T17:55:14.650",
"vulnStatus": "Analyzed",
"lastModified": "2023-04-28T21:15:08.350",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within readycloud_control.cgi. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15762."
"value": "This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within readycloud_control.cgi. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15762."
}
],
"metrics": {
@ -58,22 +58,22 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-697"
"value": "CWE-306"
}
]
},
{
"source": "zdi-disclosures@trendmicro.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
"value": "CWE-697"
}
]
}

12
CVE-2022/CVE-2022-369xx/CVE-2022-36983.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-36983",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2023-03-29T19:15:12.757",
"lastModified": "2023-04-06T14:27:47.467",
"vulnStatus": "Analyzed",
"lastModified": "2023-04-28T21:15:08.497",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.3.101. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetSettings class. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-15919."
"value": "This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetSettings class. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-15919."
}
],
"metrics": {
@ -58,7 +58,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary",
"description": [
{
@ -68,12 +68,12 @@
]
},
{
"source": "zdi-disclosures@trendmicro.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-749"
"value": "CWE-306"
}
]
}

12
CVE-2022/CVE-2022-373xx/CVE-2022-37381.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-37381",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2023-03-29T19:15:15.960",
"lastModified": "2023-04-06T16:27:46.180",
"lastModified": "2023-04-28T21:15:08.580",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AFSpecial_KeystrokeEx method. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17110."
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AFSpecial_KeystrokeEx method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17110."
}
],
"metrics": {
@ -58,22 +58,22 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
"value": "CWE-416"
}
]
},
{
"source": "zdi-disclosures@trendmicro.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
"value": "CWE-787"
}
]
}

88
CVE-2023/CVE-2023-23xx/CVE-2023-2388.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2388",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-28T20:15:14.020",
"lastModified": "2023-04-28T20:15:14.020",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in Netgear SRX5308 up to 4.3.5-3. Affected by this issue is some unknown functionality of the file scgi-bin/platform.cgi?page=firewall_logs_email.htm of the component Web Management Interface. The manipulation of the argument smtpServer.fromAddr leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-227666 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 3.3
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/8",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.227666",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.227666",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-23xx/CVE-2023-2389.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2389",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-28T20:15:14.090",
"lastModified": "2023-04-28T20:15:14.090",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in Netgear SRX5308 up to 4.3.5-3. This affects an unknown part of the file scgi-bin/platform.cgi?page=firewall_logs_email.htm of the component Web Management Interface. The manipulation of the argument smtpServer.emailServer leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-227667. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 3.3
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/9",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.227667",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.227667",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-23xx/CVE-2023-2390.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2390",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-28T20:15:14.167",
"lastModified": "2023-04-28T20:15:14.167",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Netgear SRX5308 up to 4.3.5-3 and classified as problematic. This vulnerability affects unknown code of the file scgi-bin/platform.cgi?page=time_zone.htm of the component Web Management Interface. The manipulation of the argument ntp.server1 leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-227668. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 3.3
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/10",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.227668",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.227668",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-23xx/CVE-2023-2391.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2391",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-28T21:15:08.827",
"lastModified": "2023-04-28T21:15:08.827",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Netgear SRX5308 up to 4.3.5-3 and classified as problematic. This issue affects some unknown processing of the file scgi-bin/platform.cgi?page=time_zone.htm of the component Web Management Interface. The manipulation of the argument ntp.server2 leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-227669 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 3.3
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/11",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.227669",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.227669",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-23xx/CVE-2023-2392.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2392",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-28T21:15:08.900",
"lastModified": "2023-04-28T21:15:08.900",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has been classified as problematic. Affected is an unknown function of the file scgi-bin/platform.cgi?page=time_zone.htm of the component Web Management Interface. The manipulation of the argument ManualDate.minutes leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-227670 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 3.3
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/12",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.227670",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.227670",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-23xx/CVE-2023-2393.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2393",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-28T21:15:08.963",
"lastModified": "2023-04-28T21:15:08.963",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file scgi-bin/platform.cgi?page=dmz_setup.htm of the component Web Management Interface. The manipulation of the argument ConfigPort.LogicalIfName leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-227671. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 3.3
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/13",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.227671",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.227671",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-23xx/CVE-2023-2394.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2394",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-28T21:15:09.020",
"lastModified": "2023-04-28T21:15:09.020",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Web Management Interface. The manipulation of the argument wanName leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-227672. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 3.3
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/14",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.227672",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.227672",
"source": "cna@vuldb.com"
}
]
}

20
CVE-2023/CVE-2023-267xx/CVE-2023-26781.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-26781",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T20:15:13.827",
"lastModified": "2023-04-28T20:15:13.827",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in mccms 2.6 allows remote attackers to run arbitrary SQL commands via Author Center ->Reader Comments ->Search."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/chshcms/mccms/issues/1",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-267xx/CVE-2023-26782.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-26782",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T20:15:13.883",
"lastModified": "2023-04-28T20:15:13.883",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue discovered in mccms 2.6.1 allows remote attackers to cause a denial of service via Backend management interface ->System Configuration->Cache Configuration->Cache security characters."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/chshcms/mccms/issues/2",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-268xx/CVE-2023-26812.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-26812",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T20:15:13.930",
"lastModified": "2023-04-28T20:15:13.930",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Command execution vulnerability in the ActionEnter Class ins jfinal CMS version 5.1.0 allows attackers to execute arbitrary code via a created json file to the ueditor route."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/jflyfox/jfinal_cms/issues/54",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-268xx/CVE-2023-26813.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-26813",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T20:15:13.970",
"lastModified": "2023-04-28T20:15:13.970",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in com.xnx3.wangmarket.plugin.dataDictionary.controller.DataDictionaryPluginController.java in wangmarket CMS 4.10 allows remote attackers to run arbitrary SQL commands via the TableName parameter to /plugin/dataDictionary/tableView.do."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/xnx3/wangmarket/issues/7",
"source": "cve@mitre.org"
}
]
}

55
CVE-2023/CVE-2023-290xx/CVE-2023-29057.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-29057",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2023-04-28T21:15:08.673",
"lastModified": "2023-04-28T21:15:08.673",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A valid XCC user's local account permissions overrides their active directory permissions under specific configurations. This could lead to a privilege escalation. To be vulnerable, LDAP must be configured for authentication/authorization and logins configured as \u201cLocal First, then LDAP\u201d."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@lenovo.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "psirt@lenovo.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-118321",
"source": "psirt@lenovo.com"
}
]
}

55
CVE-2023/CVE-2023-290xx/CVE-2023-29058.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-29058",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2023-04-28T21:15:08.750",
"lastModified": "2023-04-28T21:15:08.750",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A valid, authenticated XCC user with read-only permissions can modify custom user roles on other user accounts and the user trespass message through the XCC CLI. There is no exposure if SSH is disabled or if there are no users assigned optional read-only permissions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@lenovo.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "psirt@lenovo.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-118321",
"source": "psirt@lenovo.com"
}
]
}

20
CVE-2023/CVE-2023-304xx/CVE-2023-30405.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-30405",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T21:15:09.083",
"lastModified": "2023-04-28T21:15:09.083",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in Aigital Wireless-N Repeater Mini_Router v0.131229 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the wl_ssid parameter at /boafrm/formHomeWlanSetup."
}
],
"metrics": {},
"references": [
{
"url": "https://packetstormsecurity.com/files/172057/Aigital-Wireless-N-Repeater-Mini_Router.0.131229-Cross-Site-Scripting.html",
"source": "cve@mitre.org"
}
]
}

59
CVE-2023/CVE-2023-308xx/CVE-2023-30857.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-30857",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-28T21:15:09.127",
"lastModified": "2023-04-28T21:15:09.127",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "@aedart/support is the support package for Ion, a monorepo for JavaScript/TypeScript packages. Prior to version `0.6.1`, there is a possible prototype pollution issue for the `MetadataRecord`, when merged with a base class' metadata object, in `meta` decorator from the `@aedart/support` package. The likelihood of exploitation is questionable, given that a class's metadata can only be set or altered when the class is decorated via `meta()`. Furthermore, object(s) of sensitive nature would have to be stored as metadata, before this can lead to a security impact. The issue has been patched in version `0.6.1`.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
]
}
],
"references": [
{
"url": "https://github.com/aedart/ion/commit/c3e2ee08710d4164d796ecb66ed291335dae9291",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/aedart/ion/security/advisories/GHSA-wwxh-74fx-33c6",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-308xx/CVE-2023-30858.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-30858",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-28T21:15:09.187",
"lastModified": "2023-04-28T21:15:09.187",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Denosaurs emoji package provides emojis for dinosaurs. Starting in version 0.1.0 and prior to version 0.3.0, the reTrimSpace regex has 2nd degree polynomial inefficiency, leading to a delayed response given a big payload. The issue has been patched in 0.3.0. As a workaround, avoid using the `replace`, `unemojify`, or `strip` functions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
}
],
"references": [
{
"url": "https://github.com/denosaurs/emoji/pull/11",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/denosaurs/emoji/security/advisories/GHSA-w2xx-hjhp-gx5v",
"source": "security-advisories@github.com"
},
{
"url": "https://huntr.dev/bounties/444f2255-5085-466f-ba0e-5549fa8846a3/",
"source": "security-advisories@github.com"
}
]
}

24
CVE-2023/CVE-2023-314xx/CVE-2023-31444.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-31444",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T21:15:09.257",
"lastModified": "2023-04-28T21:15:09.257",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In Talend Studio before 7.3.1-R2022-10 and 8.x before 8.0.1-R2022-09, microservices allow unauthenticated access to the Jolokia endpoint of the microservice. This allows for remote access to the JVM via the Jolokia JMX-HTTP bridge."
}
],
"metrics": {},
"references": [
{
"url": "https://talend.com",
"source": "cve@mitre.org"
},
{
"url": "https://www.talend.com/security/incident-response/#CVE-2023-31444",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-314xx/CVE-2023-31470.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-31470",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T21:15:09.307",
"lastModified": "2023-04-28T21:15:09.307",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "SmartDNS through 41 before 56d0332 allows an out-of-bounds write because of a stack-based buffer overflow in the _dns_encode_domain function in the dns.c file, via a crafted DNS request."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/pymumu/smartdns/commit/56d0332bf91104cfc877635f6c82e9348587df04",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/pymumu/smartdns/issues/1378",
"source": "cve@mitre.org"
}
]
}

89
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-04-28T20:00:24.982048+00:00
2023-04-28T21:55:23.725316+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-04-28T19:27:00.353000+00:00
2023-04-28T21:15:09.307000+00:00
```
### Last Data Feed Release
@ -29,75 +29,42 @@ Download and Changelog: [Click](releases/latest)
### Total Number of included CVEs
```plain
213785
213805
```
### CVEs added in the last Commit
Recently added CVEs: `15`
Recently added CVEs: `20`
* [CVE-2023-1966](CVE-2023/CVE-2023-19xx/CVE-2023-1966.json) (`2023-04-28T19:15:16.573`)
* [CVE-2023-1968](CVE-2023/CVE-2023-19xx/CVE-2023-1968.json) (`2023-04-28T19:15:16.647`)
* [CVE-2023-2383](CVE-2023/CVE-2023-23xx/CVE-2023-2383.json) (`2023-04-28T18:15:26.457`)
* [CVE-2023-2384](CVE-2023/CVE-2023-23xx/CVE-2023-2384.json) (`2023-04-28T18:15:26.530`)
* [CVE-2023-2385](CVE-2023/CVE-2023-23xx/CVE-2023-2385.json) (`2023-04-28T18:15:26.607`)
* [CVE-2023-2386](CVE-2023/CVE-2023-23xx/CVE-2023-2386.json) (`2023-04-28T19:15:16.863`)
* [CVE-2023-2387](CVE-2023/CVE-2023-23xx/CVE-2023-2387.json) (`2023-04-28T19:15:16.923`)
* [CVE-2023-25930](CVE-2023/CVE-2023-259xx/CVE-2023-25930.json) (`2023-04-28T18:15:26.163`)
* [CVE-2023-26021](CVE-2023/CVE-2023-260xx/CVE-2023-26021.json) (`2023-04-28T19:15:16.713`)
* [CVE-2023-26022](CVE-2023/CVE-2023-260xx/CVE-2023-26022.json) (`2023-04-28T19:15:16.787`)
* [CVE-2023-27555](CVE-2023/CVE-2023-275xx/CVE-2023-27555.json) (`2023-04-28T18:15:26.250`)
* [CVE-2023-27864](CVE-2023/CVE-2023-278xx/CVE-2023-27864.json) (`2023-04-28T18:15:26.323`)
* [CVE-2023-29334](CVE-2023/CVE-2023-293xx/CVE-2023-29334.json) (`2023-04-28T18:15:26.390`)
* [CVE-2023-30454](CVE-2023/CVE-2023-304xx/CVE-2023-30454.json) (`2023-04-28T19:15:16.993`)
* [CVE-2023-30455](CVE-2023/CVE-2023-304xx/CVE-2023-30455.json) (`2023-04-28T18:15:26.680`)
* [CVE-2020-21643](CVE-2020/CVE-2020-216xx/CVE-2020-21643.json) (`2023-04-28T20:15:13.267`)
* [CVE-2020-23647](CVE-2020/CVE-2020-236xx/CVE-2020-23647.json) (`2023-04-28T20:15:13.320`)
* [CVE-2023-2388](CVE-2023/CVE-2023-23xx/CVE-2023-2388.json) (`2023-04-28T20:15:14.020`)
* [CVE-2023-2389](CVE-2023/CVE-2023-23xx/CVE-2023-2389.json) (`2023-04-28T20:15:14.090`)
* [CVE-2023-2390](CVE-2023/CVE-2023-23xx/CVE-2023-2390.json) (`2023-04-28T20:15:14.167`)
* [CVE-2023-2391](CVE-2023/CVE-2023-23xx/CVE-2023-2391.json) (`2023-04-28T21:15:08.827`)
* [CVE-2023-2392](CVE-2023/CVE-2023-23xx/CVE-2023-2392.json) (`2023-04-28T21:15:08.900`)
* [CVE-2023-2393](CVE-2023/CVE-2023-23xx/CVE-2023-2393.json) (`2023-04-28T21:15:08.963`)
* [CVE-2023-2394](CVE-2023/CVE-2023-23xx/CVE-2023-2394.json) (`2023-04-28T21:15:09.020`)
* [CVE-2023-26781](CVE-2023/CVE-2023-267xx/CVE-2023-26781.json) (`2023-04-28T20:15:13.827`)
* [CVE-2023-26782](CVE-2023/CVE-2023-267xx/CVE-2023-26782.json) (`2023-04-28T20:15:13.883`)
* [CVE-2023-26812](CVE-2023/CVE-2023-268xx/CVE-2023-26812.json) (`2023-04-28T20:15:13.930`)
* [CVE-2023-26813](CVE-2023/CVE-2023-268xx/CVE-2023-26813.json) (`2023-04-28T20:15:13.970`)
* [CVE-2023-29057](CVE-2023/CVE-2023-290xx/CVE-2023-29057.json) (`2023-04-28T21:15:08.673`)
* [CVE-2023-29058](CVE-2023/CVE-2023-290xx/CVE-2023-29058.json) (`2023-04-28T21:15:08.750`)
* [CVE-2023-30405](CVE-2023/CVE-2023-304xx/CVE-2023-30405.json) (`2023-04-28T21:15:09.083`)
* [CVE-2023-30857](CVE-2023/CVE-2023-308xx/CVE-2023-30857.json) (`2023-04-28T21:15:09.127`)
* [CVE-2023-30858](CVE-2023/CVE-2023-308xx/CVE-2023-30858.json) (`2023-04-28T21:15:09.187`)
* [CVE-2023-31444](CVE-2023/CVE-2023-314xx/CVE-2023-31444.json) (`2023-04-28T21:15:09.257`)
* [CVE-2023-31470](CVE-2023/CVE-2023-314xx/CVE-2023-31470.json) (`2023-04-28T21:15:09.307`)
### CVEs modified in the last Commit
Recently modified CVEs: `41`
Recently modified CVEs: `3`
* [CVE-2015-3276](CVE-2015/CVE-2015-32xx/CVE-2015-3276.json) (`2023-04-28T18:28:40.450`)
* [CVE-2021-40690](CVE-2021/CVE-2021-406xx/CVE-2021-40690.json) (`2023-04-28T18:27:19.780`)
* [CVE-2022-27438](CVE-2022/CVE-2022-274xx/CVE-2022-27438.json) (`2023-04-28T19:03:25.130`)
* [CVE-2022-37704](CVE-2022/CVE-2022-377xx/CVE-2022-37704.json) (`2023-04-28T18:24:52.577`)
* [CVE-2022-37705](CVE-2022/CVE-2022-377xx/CVE-2022-37705.json) (`2023-04-28T18:24:43.403`)
* [CVE-2022-45837](CVE-2022/CVE-2022-458xx/CVE-2022-45837.json) (`2023-04-28T19:22:49.167`)
* [CVE-2022-47608](CVE-2022/CVE-2022-476xx/CVE-2022-47608.json) (`2023-04-28T19:23:29.193`)
* [CVE-2022-48468](CVE-2022/CVE-2022-484xx/CVE-2022-48468.json) (`2023-04-28T18:25:12.260`)
* [CVE-2023-22579](CVE-2023/CVE-2023-225xx/CVE-2023-22579.json) (`2023-04-28T18:50:21.000`)
* [CVE-2023-22580](CVE-2023/CVE-2023-225xx/CVE-2023-22580.json) (`2023-04-28T18:52:21.847`)
* [CVE-2023-23710](CVE-2023/CVE-2023-237xx/CVE-2023-23710.json) (`2023-04-28T19:26:16.090`)
* [CVE-2023-23866](CVE-2023/CVE-2023-238xx/CVE-2023-23866.json) (`2023-04-28T19:25:59.487`)
* [CVE-2023-23889](CVE-2023/CVE-2023-238xx/CVE-2023-23889.json) (`2023-04-28T19:26:35.597`)
* [CVE-2023-23995](CVE-2023/CVE-2023-239xx/CVE-2023-23995.json) (`2023-04-28T19:26:25.567`)
* [CVE-2023-24005](CVE-2023/CVE-2023-240xx/CVE-2023-24005.json) (`2023-04-28T19:26:46.547`)
* [CVE-2023-24935](CVE-2023/CVE-2023-249xx/CVE-2023-24935.json) (`2023-04-28T18:15:26.083`)
* [CVE-2023-25358](CVE-2023/CVE-2023-253xx/CVE-2023-25358.json) (`2023-04-28T18:29:24.737`)
* [CVE-2023-25360](CVE-2023/CVE-2023-253xx/CVE-2023-25360.json) (`2023-04-28T18:29:52.003`)
* [CVE-2023-25361](CVE-2023/CVE-2023-253xx/CVE-2023-25361.json) (`2023-04-28T18:29:18.017`)
* [CVE-2023-25362](CVE-2023/CVE-2023-253xx/CVE-2023-25362.json) (`2023-04-28T18:29:11.283`)
* [CVE-2023-25363](CVE-2023/CVE-2023-253xx/CVE-2023-25363.json) (`2023-04-28T18:29:03.527`)
* [CVE-2023-25461](CVE-2023/CVE-2023-254xx/CVE-2023-25461.json) (`2023-04-28T19:27:00.353`)
* [CVE-2023-25484](CVE-2023/CVE-2023-254xx/CVE-2023-25484.json) (`2023-04-28T19:25:19.253`)
* [CVE-2023-25485](CVE-2023/CVE-2023-254xx/CVE-2023-25485.json) (`2023-04-28T19:25:26.307`)
* [CVE-2023-25759](CVE-2023/CVE-2023-257xx/CVE-2023-25759.json) (`2023-04-28T19:20:15.107`)
* [CVE-2023-25760](CVE-2023/CVE-2023-257xx/CVE-2023-25760.json) (`2023-04-28T18:20:32.270`)
* [CVE-2023-25793](CVE-2023/CVE-2023-257xx/CVE-2023-25793.json) (`2023-04-28T19:25:46.937`)
* [CVE-2023-26048](CVE-2023/CVE-2023-260xx/CVE-2023-26048.json) (`2023-04-28T18:55:38.150`)
* [CVE-2023-26049](CVE-2023/CVE-2023-260xx/CVE-2023-26049.json) (`2023-04-28T19:20:03.367`)
* [CVE-2023-26599](CVE-2023/CVE-2023-265xx/CVE-2023-26599.json) (`2023-04-28T19:14:36.293`)
* [CVE-2023-26843](CVE-2023/CVE-2023-268xx/CVE-2023-26843.json) (`2023-04-28T19:23:17.580`)
* [CVE-2023-27777](CVE-2023/CVE-2023-277xx/CVE-2023-27777.json) (`2023-04-28T18:13:51.523`)
* [CVE-2023-29510](CVE-2023/CVE-2023-295xx/CVE-2023-29510.json) (`2023-04-28T19:20:22.820`)
* [CVE-2023-29512](CVE-2023/CVE-2023-295xx/CVE-2023-29512.json) (`2023-04-28T19:20:14.293`)
* [CVE-2023-29513](CVE-2023/CVE-2023-295xx/CVE-2023-29513.json) (`2023-04-28T19:23:08.807`)
* [CVE-2023-29514](CVE-2023/CVE-2023-295xx/CVE-2023-29514.json) (`2023-04-28T19:22:58.367`)
* [CVE-2023-29520](CVE-2023/CVE-2023-295xx/CVE-2023-29520.json) (`2023-04-28T18:09:31.620`)
* [CVE-2023-29521](CVE-2023/CVE-2023-295xx/CVE-2023-29521.json) (`2023-04-28T18:09:46.150`)
* [CVE-2023-29522](CVE-2023/CVE-2023-295xx/CVE-2023-29522.json) (`2023-04-28T18:55:01.767`)
* [CVE-2023-29922](CVE-2023/CVE-2023-299xx/CVE-2023-29922.json) (`2023-04-28T18:23:17.443`)
* [CVE-2023-30463](CVE-2023/CVE-2023-304xx/CVE-2023-30463.json) (`2023-04-28T18:49:31.000`)
* [CVE-2022-27645](CVE-2022/CVE-2022-276xx/CVE-2022-27645.json) (`2023-04-28T21:15:08.350`)
* [CVE-2022-36983](CVE-2022/CVE-2022-369xx/CVE-2022-36983.json) (`2023-04-28T21:15:08.497`)
* [CVE-2022-37381](CVE-2022/CVE-2022-373xx/CVE-2022-37381.json) (`2023-04-28T21:15:08.580`)
## Download and Usage