admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-16T20:00:24.142795+00:00

Browse Source
This commit is contained in:
René Helmke 2023-05-16 22:00:27 +02:00
parent 7647f46925
commit e9ff6e3b59
59 changed files with 6642 additions and 220 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2771
CVE-2021/CVE-2021-263xx/CVE-2021-26356.json
View File

File diff suppressed because it is too large Load Diff

8
CVE-2021/CVE-2021-290xx/CVE-2021-29063.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-29063",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-06-21T20:15:09.477",
"lastModified": "2022-07-25T13:28:49.327",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-16T18:15:15.993",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -128,6 +128,10 @@
"Third Party Advisory"
]
},
{
"url": "https://github.com/mpmath/mpmath/releases/tag/1.3.0",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/npm/hosted-git-info/pull/76",
"source": "cve@mitre.org",

47
CVE-2022/CVE-2022-458xx/CVE-2022-45846.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-45846",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-10T12:15:09.943",
"lastModified": "2023-05-10T13:06:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T19:17:03.097",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpmart:interactive_svg_image_map_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "5.6.9",
"matchCriteriaId": "6102CF36-5706-4EDE-ACAC-01C52A3BE54D"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/image-map-pro-wordpress/wordpress-image-map-pro-premium-plugin-5-5-0-multiple-cross-site-request-forgery-csrf-vulnerabilities?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

83
CVE-2022/CVE-2022-467xx/CVE-2022-46720.json
View File

@ -2,23 +2,96 @@
"id": "CVE-2022-46720",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:15.787",
"lastModified": "2023-05-09T12:47:05.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T19:32:18.817",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An integer overflow was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. An app may be able to break out of its sandbox"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.2",
"matchCriteriaId": "89495791-675B-413C-A86D-ECBADF4EDC4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.2",
"matchCriteriaId": "6B1B6657-43F5-4F0E-BE5C-5D828DEE066F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.1",
"matchCriteriaId": "D7457023-5C4E-4935-826D-A411B0324092"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213530",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213532",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

47
CVE-2022/CVE-2022-474xx/CVE-2022-47441.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47441",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-10T11:15:10.597",
"lastModified": "2023-05-10T13:06:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T19:07:58.927",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpcharitable:charitable:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.7.0.10",
"matchCriteriaId": "0831637B-8ED4-4AD6-81C4-8899E9AD00F3"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/charitable/wordpress-donation-forms-by-charitable-plugin-1-7-0-10-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2022/CVE-2022-475xx/CVE-2022-47587.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47587",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-10T11:15:11.027",
"lastModified": "2023-05-10T13:06:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T19:06:11.433",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp_search_analytics_project:wp_search_analytics:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.4.5",
"matchCriteriaId": "242EE5B9-8ABC-4AA4-B6EA-45E9839B8C61"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/search-analytics/wordpress-wp-search-analytics-plugin-1-4-5-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2022/CVE-2022-475xx/CVE-2022-47590.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47590",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-10T11:15:11.337",
"lastModified": "2023-05-10T13:06:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T18:59:23.210",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fugu:maintenance_switch:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.5.2",
"matchCriteriaId": "A96045A6-2AC3-45D0-875A-0042C08C96A3"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/maintenance-switch/wordpress-maintenance-switch-plugin-1-5-2-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2022/CVE-2022-476xx/CVE-2022-47600.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47600",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-10T11:15:11.667",
"lastModified": "2023-05-10T13:06:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T18:59:53.153",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:i13websolution:mass_email_to_users:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.4",
"matchCriteriaId": "2C8D34B3-1F94-43C8-8371-D82CCAC3A02D"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/mass-email-to-users/wordpress-mass-email-to-users-plugin-1-1-4-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2022/CVE-2022-476xx/CVE-2022-47606.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47606",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-10T11:15:12.100",
"lastModified": "2023-05-10T13:06:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T19:06:39.777",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp-cors_project:wp-cors:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.2.1",
"matchCriteriaId": "2B376079-306E-4BBE-BF6A-3DF2591328E6"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-cors/wordpress-wp-cors-plugin-0-2-1-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

98
CVE-2023/CVE-2023-21xx/CVE-2023-2156.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-2156",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-09T22:15:10.133",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T18:04:22.737",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create a denial of service condition on the system."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-617"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -23,14 +56,69 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196292",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-547/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

55
CVE-2023/CVE-2023-21xx/CVE-2023-2195.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-2195",
"sourceIdentifier": "disclosure@synopsys.com",
"published": "2023-05-16T19:15:08.997",
"lastModified": "2023-05-16T19:15:08.997",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A cross-site request forgery (CSRF) vulnerability in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers to connect to an attacker-specified URL."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3118",
"source": "disclosure@synopsys.com"
}
]
}

55
CVE-2023/CVE-2023-21xx/CVE-2023-2196.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-2196",
"sourceIdentifier": "disclosure@synopsys.com",
"published": "2023-05-16T18:15:16.620",
"lastModified": "2023-05-16T18:15:16.620",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Item/Read permission to check for the existence of an attacker-specified file path on an agent file system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3145",
"source": "disclosure@synopsys.com"
}
]
}

55
CVE-2023/CVE-2023-22xx/CVE-2023-2269.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2269",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-04-25T21:15:10.627",
"lastModified": "2023-05-14T05:15:08.653",
"vulnStatus": "Modified",
"lastModified": "2023-05-16T19:01:02.070",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,19 +17,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
@ -71,20 +71,57 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63AJUCJTZCII2JMAF7MGZEM66KY7IALT/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FBLBKW2WM5YSTS6OGEU5SYHXSJ5EWSTV/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXHBLWYNSUBS77TYPOJTADPDXKBH2F4U/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lore.kernel.org/lkml/ZD1xyZxb3rHot8PV@redhat.com/t/",

96
CVE-2023/CVE-2023-235xx/CVE-2023-23540.json
View File

@ -2,27 +2,111 @@
"id": "CVE-2023-23540",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:16.797",
"lastModified": "2023-05-09T12:47:05.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T19:23:21.787",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.4, macOS Big Sur 11.7.5, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.4",
"matchCriteriaId": "EE68C5EC-5829-481D-BFF7-0A501018A3CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.4",
"matchCriteriaId": "F02C0CA5-8ABA-48C7-BCAE-5CF25435DF87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.7.5",
"matchCriteriaId": "4895F6FE-9045-4243-BECA-D63037F63516"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.6.4",
"matchCriteriaId": "3C93428C-C9B4-464F-8A4A-0CE8D7BB2BAA"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213675",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213676",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213677",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

91
CVE-2023/CVE-2023-235xx/CVE-2023-23541.json
View File

@ -2,23 +2,104 @@
"id": "CVE-2023-23541",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:16.860",
"lastModified": "2023-05-09T12:47:05.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T19:18:15.047",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to access information about a user\u2019s contacts"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.4",
"matchCriteriaId": "6342B4CB-4D7D-4FBD-8A5E-E3DABDC7770E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.4",
"matchCriteriaId": "79A85DA3-B374-444F-B9A2-7E4F334C26DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.4",
"matchCriteriaId": "C75E4307-6CF3-4835-8E5F-96BF060658C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.4",
"matchCriteriaId": "E33C3BC5-6CFC-4B58-8642-80A9FE00DB24"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213673",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213676",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

91
CVE-2023/CVE-2023-235xx/CVE-2023-23542.json
View File

@ -2,27 +2,106 @@
"id": "CVE-2023-23542",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:16.923",
"lastModified": "2023-05-09T12:47:05.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T18:48:59.537",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to access user-sensitive data"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.7.5",
"matchCriteriaId": "4895F6FE-9045-4243-BECA-D63037F63516"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.6.4",
"matchCriteriaId": "3C93428C-C9B4-464F-8A4A-0CE8D7BB2BAA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.3",
"matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213670",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213675",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213677",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

41
CVE-2023/CVE-2023-258xx/CVE-2023-25831.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25831",
"sourceIdentifier": "psirt@esri.com",
"published": "2023-05-09T21:15:11.513",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T18:46:39.717",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,14 +46,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:esri:portal_for_arcgis:10.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81C43246-F8AC-4A3D-8F43-8280E1AD3007"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:esri:portal_for_arcgis:10.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE382B5-E228-4803-A3FC-B803C7838777"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:esri:portal_for_arcgis:10.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1DCD5CA4-4423-4AC2-A9B8-3FCACC4E43ED"
}
]
}
]
}
],
"references": [
{
"url": "https://support.esri.com/en-us/patches-updates/2023/portal-for-arcgis-security-2023-update-1-patch-8095",
"source": "psirt@esri.com"
"source": "psirt@esri.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/portal-for-arcgis-security-2023-update-1-patch-is-now-available/",
"source": "psirt@esri.com"
"source": "psirt@esri.com",
"tags": [
"Vendor Advisory"
]
}
]
}

54
CVE-2023/CVE-2023-258xx/CVE-2023-25832.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25832",
"sourceIdentifier": "psirt@esri.com",
"published": "2023-05-09T21:15:11.590",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T18:46:25.287",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "psirt@esri.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
@ -46,14 +66,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:esri:portal_for_arcgis:*:*:*:*:*:*:*:*",
"versionEndIncluding": "11.0",
"matchCriteriaId": "6BE67D5A-F389-4819-BEF6-F17CE6114D54"
}
]
}
]
}
],
"references": [
{
"url": "https://support.esri.com/en-us/patches-updates/2023/portal-for-arcgis-security-2023-update-1-patch-8095",
"source": "psirt@esri.com"
"source": "psirt@esri.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/portal-for-arcgis-security-2023-update-1-patch-is-now-available/",
"source": "psirt@esri.com"
"source": "psirt@esri.com",
"tags": [
"Vendor Advisory"
]
}
]
}

66
CVE-2023/CVE-2023-261xx/CVE-2023-26126.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26126",
"sourceIdentifier": "report@snyk.io",
"published": "2023-05-10T05:15:08.860",
"lastModified": "2023-05-10T13:06:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T18:49:04.140",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "report@snyk.io",
"type": "Secondary",
@ -34,14 +54,52 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:m.static_project:m.static:*:*:*:*:*:node.js:*:*",
"versionEndIncluding": "2.2.0",
"matchCriteriaId": "5D885D96-1C32-4005-A381-21D2048D33B4"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/lirantal/dcb32c11ce87f5aafd2282b90b4dc998",
"source": "report@snyk.io"
"source": "report@snyk.io",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://security.snyk.io/vuln/SNYK-JS-MSTATIC-3244915",
"source": "report@snyk.io"
"source": "report@snyk.io",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-26xx/CVE-2023-2631.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-2631",
"sourceIdentifier": "disclosure@synopsys.com",
"published": "2023-05-16T19:15:09.090",
"lastModified": "2023-05-16T19:15:09.090",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3118",
"source": "disclosure@synopsys.com"
}
]
}

55
CVE-2023/CVE-2023-26xx/CVE-2023-2632.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-2632",
"sourceIdentifier": "disclosure@synopsys.com",
"published": "2023-05-16T18:15:17.303",
"lastModified": "2023-05-16T18:15:17.303",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Jenkins Code Dx Plugin 3.1.0 and earlier stores Code Dx server API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-256"
}
]
}
],
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3146",
"source": "disclosure@synopsys.com"
}
]
}

55
CVE-2023/CVE-2023-26xx/CVE-2023-2633.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-2633",
"sourceIdentifier": "disclosure@synopsys.com",
"published": "2023-05-16T18:15:17.453",
"lastModified": "2023-05-16T18:15:17.453",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Jenkins Code Dx Plugin 3.1.0 and earlier does not mask Code Dx server API keys displayed on the configuration form, increasing the potential for attackers to observe and capture them."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-256"
}
]
}
],
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3146",
"source": "disclosure@synopsys.com"
}
]
}

24
CVE-2023/CVE-2023-27xx/CVE-2023-2721.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-2721",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-16T19:15:09.160",
"lastModified": "2023-05-16T19:15:09.160",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_16.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1444360",
"source": "chrome-cve-admin@google.com"
}
]
}

24
CVE-2023/CVE-2023-27xx/CVE-2023-2722.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-2722",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-16T19:15:09.217",
"lastModified": "2023-05-16T19:15:09.217",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_16.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1400905",
"source": "chrome-cve-admin@google.com"
}
]
}

24
CVE-2023/CVE-2023-27xx/CVE-2023-2723.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-2723",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-16T19:15:09.277",
"lastModified": "2023-05-16T19:15:09.277",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_16.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1435166",
"source": "chrome-cve-admin@google.com"
}
]
}

24
CVE-2023/CVE-2023-27xx/CVE-2023-2724.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-2724",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-16T19:15:09.327",
"lastModified": "2023-05-16T19:15:09.327",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_16.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1433211",
"source": "chrome-cve-admin@google.com"
}
]
}

24
CVE-2023/CVE-2023-27xx/CVE-2023-2725.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-2725",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-16T19:15:09.383",
"lastModified": "2023-05-16T19:15:09.383",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Use after free in Guest View in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_16.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1442516",
"source": "chrome-cve-admin@google.com"
}
]
}

24
CVE-2023/CVE-2023-27xx/CVE-2023-2726.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-2726",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-16T19:15:09.433",
"lastModified": "2023-05-16T19:15:09.433",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious web app to bypass install dialog via a crafted HTML page. (Chromium security severity: Medium)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_16.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1442018",
"source": "chrome-cve-admin@google.com"
}
]
}

62
CVE-2023/CVE-2023-281xx/CVE-2023-28125.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-28125",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-05-09T22:15:09.720",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T18:41:44.150",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An improper authentication vulnerability exists in Avalanche Premise versions 6.3.x and below that could allow an attacker to gain access to the server by registering to receive messages from the server and perform an authentication bypass."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
},
{
"source": "support@hackerone.com",
"type": "Secondary",
@ -23,10 +56,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*",
"versionEndIncluding": "6.3.4.153",
"matchCriteriaId": "C3876E48-AE63-449B-AE68-14A238F2F867"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/ZDI-CAN-17729-CVE-2023-28125-Bug-958437-ZDI-CAN-17729-Ivanti-Avalanche-InfoRail-Authentication-Bypass-Vulnerability?language=en_US",
"source": "support@hackerone.com"
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-281xx/CVE-2023-28126.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-28126",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-05-09T22:15:09.813",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T18:24:30.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to gain access by exploiting the SetUser method or can exploit the Race Condition in the authentication message."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
},
{
"source": "support@hackerone.com",
"type": "Secondary",
@ -23,10 +56,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:premise:*:*:*",
"versionEndIncluding": "6.3.4.153",
"matchCriteriaId": "C3876E48-AE63-449B-AE68-14A238F2F867"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/ZDI-CAN-17750-Ivanti-Avalanche-EnterpriseServer-GetSettings-Exposed-Dangerous-Method-Authentication-Bypass-Vulnerability?language=en_US",
"source": "support@hackerone.com"
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-281xx/CVE-2023-28127.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-28127",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-05-09T22:15:09.870",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T18:05:38.973",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability exists in Avalanche version 6.3.x and below that when exploited could result in possible information disclosure."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "support@hackerone.com",
"type": "Secondary",
@ -23,10 +56,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.3.4.153",
"matchCriteriaId": "844EE7BB-8B96-486F-8F2B-0185216B1898"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/ZDI-CAN-17769-Ivanti-Avalanche-getLogFile-Directory-Traversal-Information-Disclosure?language=en_US",
"source": "support@hackerone.com"
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-281xx/CVE-2023-28128.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-28128",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-05-09T22:15:09.920",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T18:45:46.070",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
},
{
"source": "support@hackerone.com",
"type": "Secondary",
@ -23,10 +56,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.3.4.153",
"matchCriteriaId": "844EE7BB-8B96-486F-8F2B-0185216B1898"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/ZDI-CAN-17812-Ivanti-Avalanche-FileStoreConfig-Arbitrary-File-Upload-Remote-Code-Execution-Vulnerability?language=en_US",
"source": "support@hackerone.com"
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
]
}
]
}

75
CVE-2023/CVE-2023-293xx/CVE-2023-29336.json
View File

@ -2,8 +2,12 @@
"id": "CVE-2023-29336",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-05-09T18:15:13.840",
"lastModified": "2023-05-09T18:23:25.203",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T18:46:44.043",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-05-09",
"cisaActionDue": "2023-05-30",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Microsoft Win32K Privilege Escalation Vulnerability",
"descriptions": [
{
"lang": "en",
@ -34,10 +38,75 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.19926",
"matchCriteriaId": "0855C3A7-36C3-4398-9208-1FC8A02F40D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.5921",
"matchCriteriaId": "BAB00F09-4CCF-4AB6-85CE-07298A21C1D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29336",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

40
CVE-2023/CVE-2023-293xx/CVE-2023-29340.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29340",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-05-09T18:15:13.967",
"lastModified": "2023-05-09T18:23:25.203",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T18:43:33.117",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:av1_video_extension:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.51091.0",
"matchCriteriaId": "8A3E54F8-FA10-4B64-B5A0-79EE7EA403AA"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29340",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

40
CVE-2023/CVE-2023-293xx/CVE-2023-29341.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29341",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-05-09T18:15:14.027",
"lastModified": "2023-05-09T18:23:25.203",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T18:44:48.630",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:av1_video_extension:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.51091.0",
"matchCriteriaId": "8A3E54F8-FA10-4B64-B5A0-79EE7EA403AA"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29341",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-294xx/CVE-2023-29460.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29460",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-05-09T14:15:13.217",
"lastModified": "2023-05-09T14:30:54.950",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T18:30:41.293",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
@ -46,10 +76,36 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:arena_simulation:16.00.00:*:*:*:*:*:*:*",
"matchCriteriaId": "B42EE5A3-B6F0-4D21-B3F8-7EBBC5B8A53B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:arena_simulation:16.20.00:*:*:*:*:*:*:*",
"matchCriteriaId": "4FAF4B54-35C6-4D7F-B940-FC5C70B56BB8"
}
]
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139391",
"source": "PSIRT@rockwellautomation.com"
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-294xx/CVE-2023-29461.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29461",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-05-09T14:15:13.283",
"lastModified": "2023-05-09T14:30:54.950",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T18:30:02.453",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
@ -46,10 +76,36 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:arena_simulation:16.00.00:*:*:*:*:*:*:*",
"matchCriteriaId": "B42EE5A3-B6F0-4D21-B3F8-7EBBC5B8A53B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:arena_simulation:16.20.00:*:*:*:*:*:*:*",
"matchCriteriaId": "4FAF4B54-35C6-4D7F-B940-FC5C70B56BB8"
}
]
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139391",
"source": "PSIRT@rockwellautomation.com"
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-300xx/CVE-2023-30019.json
View File

@ -2,23 +2,84 @@
"id": "CVE-2023-30019",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-08T15:15:11.087",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T19:33:22.923",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "imgproxy <=3.14.0 is vulnerable to Server-Side Request Forgery (SSRF) due to a lack of sanitization of the imageURL parameter."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:evilmartians:imgproxy:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.14.0",
"matchCriteriaId": "992CD50A-D062-4E85-AE55-1D869B304B84"
}
]
}
]
}
],
"references": [
{
"url": "https://breakandpray.com/cve-2023-30019-ssrf-in-imgproxy/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/imgproxy/imgproxy",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

73
CVE-2023/CVE-2023-300xx/CVE-2023-30056.json
View File

@ -2,27 +2,82 @@
"id": "CVE-2023-30056",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T21:15:11.673",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T18:45:58.280",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A session takeover vulnerability exists in FICO Origination Manager Decision Module 4.8.1 due to insufficient protection of the JSESSIONID cookie."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-384"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fico:origination_manager_decision:4.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5DE79953-5581-4BF5-B6F9-F1691972F32E"
}
]
}
]
}
],
"references": [
{
"url": "http://fico.com",
"source": "cve@mitre.org"
},
{
"url": "http://origination.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://packetstormsecurity.com/files/172192/FICO-Origination-Manager-Decision-Module-4.8.1-XSS-Session-Hijacking.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

74
CVE-2023/CVE-2023-300xx/CVE-2023-30057.json
View File

@ -2,27 +2,89 @@
"id": "CVE-2023-30057",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T21:15:11.717",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T18:41:56.573",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Multiple stored cross-site scripting (XSS) vulnerabilities in FICO Origination Manager Decision Module 4.8.1 allow attackers to execute arbitrary web scripts or HTML via a crafted payload."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fico:origination_manager_decision:4.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5DE79953-5581-4BF5-B6F9-F1691972F32E"
}
]
}
]
}
],
"references": [
{
"url": "http://fico.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "http://origination.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://packetstormsecurity.com/files/172192/FICO-Origination-Manager-Decision-Module-4.8.1-XSS-Session-Hijacking.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

43
CVE-2023/CVE-2023-305xx/CVE-2023-30501.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-30501",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.493",
"lastModified": "2023-05-16T19:15:09.493",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Vulnerabilities exist in the Aruba EdgeConnect Enterprise\u00a0command line interface that allow remote authenticated users\u00a0to run arbitrary commands on the underlying host. Successful\u00a0exploitation of these vulnerabilities result in the ability\u00a0to execute arbitrary commands as root on the underlying\u00a0operating system leading to complete system compromise."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com"
}
]
}

43
CVE-2023/CVE-2023-305xx/CVE-2023-30502.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-30502",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.567",
"lastModified": "2023-05-16T19:15:09.567",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Vulnerabilities exist in the Aruba EdgeConnect Enterprise\u00a0command line interface that allow remote authenticated users\u00a0to run arbitrary commands on the underlying host. Successful\u00a0exploitation of these vulnerabilities result in the ability\u00a0to execute arbitrary commands as root on the underlying\u00a0operating system leading to complete system compromise."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com"
}
]
}

43
CVE-2023/CVE-2023-305xx/CVE-2023-30503.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-30503",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.630",
"lastModified": "2023-05-16T19:15:09.630",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Vulnerabilities exist in the Aruba EdgeConnect Enterprise\u00a0command line interface that allow remote authenticated users\u00a0to run arbitrary commands on the underlying host. Successful\u00a0exploitation of these vulnerabilities result in the ability\u00a0to execute arbitrary commands as root on the underlying\u00a0operating system leading to complete system compromise."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com"
}
]
}

43
CVE-2023/CVE-2023-305xx/CVE-2023-30504.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-30504",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.693",
"lastModified": "2023-05-16T19:15:09.693",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Vulnerabilities exist in the Aruba EdgeConnect Enterprise\u00a0command line interface that allow remote authenticated users\u00a0to run arbitrary commands on the underlying host. Successful\u00a0exploitation of these vulnerabilities result in the ability\u00a0to execute arbitrary commands as root on the underlying\u00a0operating system leading to complete system compromise."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com"
}
]
}

43
CVE-2023/CVE-2023-305xx/CVE-2023-30505.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-30505",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.757",
"lastModified": "2023-05-16T19:15:09.757",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Vulnerabilities exist in the Aruba EdgeConnect Enterprise\u00a0command line interface that allow remote authenticated users\u00a0to run arbitrary commands on the underlying host. Successful\u00a0exploitation of these vulnerabilities result in the ability\u00a0to execute arbitrary commands as root on the underlying\u00a0operating system leading to complete system compromise."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com"
}
]
}

43
CVE-2023/CVE-2023-305xx/CVE-2023-30506.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-30506",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.817",
"lastModified": "2023-05-16T19:15:09.817",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Vulnerabilities exist in the Aruba EdgeConnect Enterprise\u00a0command line interface that allow remote authenticated users\u00a0to run arbitrary commands on the underlying host. Successful\u00a0exploitation of these vulnerabilities result in the ability\u00a0to execute arbitrary commands as root on the underlying\u00a0operating system leading to complete system compromise."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com"
}
]
}

43
CVE-2023/CVE-2023-305xx/CVE-2023-30507.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-30507",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.893",
"lastModified": "2023-05-16T19:15:09.893",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface.\u00a0Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying\u00a0operating system, including sensitive system files."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com"
}
]
}

43
CVE-2023/CVE-2023-305xx/CVE-2023-30508.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-30508",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.980",
"lastModified": "2023-05-16T19:15:09.980",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface.\u00a0Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying\u00a0operating system, including sensitive system files."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com"
}
]
}

43
CVE-2023/CVE-2023-305xx/CVE-2023-30509.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-30509",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:10.067",
"lastModified": "2023-05-16T19:15:10.067",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface.\u00a0Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying\u00a0operating system, including sensitive system files."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com"
}
]
}

43
CVE-2023/CVE-2023-305xx/CVE-2023-30510.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-30510",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:10.140",
"lastModified": "2023-05-16T19:15:10.140",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability exists in the Aruba EdgeConnect Enterprise\u00a0web management interface that allows remote authenticated\u00a0users to issue arbitrary URL requests from the Aruba\u00a0EdgeConnect Enterprise instance. The impact of this\u00a0vulnerability is limited to a subset of URLs which can\u00a0result in the possible disclosure of data due to the network\u00a0position of the Aruba EdgeConnect Enterprise instance."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com"
}
]
}

70
CVE-2023/CVE-2023-311xx/CVE-2023-31126.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31126",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-09T13:15:18.427",
"lastModified": "2023-05-09T14:30:54.950",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T18:36:04.127",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,18 +76,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.6",
"versionEndExcluding": "14.10.4",
"matchCriteriaId": "5473BF57-ACC7-496C-802F-47FC874F5B28"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-commons/commit/0b8e9c45b7e7457043938f35265b2aa5adc76a68",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/xwiki/xwiki-commons/security/advisories/GHSA-pv7v-ph6g-3gxv",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XCOMMONS-2606",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

87
CVE-2023/CVE-2023-311xx/CVE-2023-31134.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31134",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-09T14:15:13.427",
"lastModified": "2023-05-09T14:30:54.950",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T18:28:01.590",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,30 +66,81 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tauri:tauri:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndExcluding": "1.0.9",
"matchCriteriaId": "F348097A-BE7D-47EA-A960-3E6C36FD5C8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tauri:tauri:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.1.0",
"versionEndExcluding": "1.1.4",
"matchCriteriaId": "EC2ED9AB-0085-42BD-A93F-6337A9E3751E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tauri:tauri:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.2.0",
"versionEndExcluding": "1.2.5",
"matchCriteriaId": "97C3A36F-D012-4847-AC21-359E0CC960E9"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/tauri-apps/tauri/releases/tag/tauri-v1.0.9",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/tauri-apps/tauri/releases/tag/tauri-v1.1.4",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/tauri-apps/tauri/releases/tag/tauri-v1.2.5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/tauri-apps/tauri/security/advisories/GHSA-4wm2-cwcf-wwvp",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.github.com/tauri-apps/tauri/commit/58ea0b45268dbd46cbac0ebb0887353d057ca767",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.github.com/tauri-apps/tauri/commit/fa90214b052b1a5d38d54fbf1ca422b4c37cfd1f",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
}
]
}

61
CVE-2023/CVE-2023-311xx/CVE-2023-31144.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31144",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-09T16:15:14.623",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T19:22:34.243",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +66,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:craftcms:craft_cms:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.0.0",
"versionEndIncluding": "3.8.3",
"matchCriteriaId": "E4752BFF-9CDD-4BAE-8964-8C4C9FC8B5DC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:craftcms:craft_cms:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndIncluding": "4.4.3",
"matchCriteriaId": "F7CCD007-12A2-492F-8A7E-FE903FF250D9"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/craftcms/cms/commit/52bd161614620edbab2d24d078ca9ebca2528442",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/craftcms/cms/security/advisories/GHSA-j4mx-98hw-6rv6",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

949
CVE-2023/CVE-2023-314xx/CVE-2023-31474.json
View File

@ -2,23 +2,962 @@
"id": "CVE-2023-31474",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T18:15:14.323",
"lastModified": "2023-05-09T18:23:25.203",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T19:17:58.097",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on GL.iNet devices before 3.216. Through the software installation feature, it is possible to inject arbitrary parameters in a request to cause opkg to obtain a list of files in a specific directory, by using the regex feature in a package name."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-s20_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "9B0A4356-5F36-40FB-918F-F46EBC31445C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-s20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C5203D-A4A1-42DA-81BA-6701024E86C1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-x3000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "F6F88699-FE89-4E7C-85D3-B55568116CC1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-x3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4521F491-9472-4511-9EA6-A6E2E429E306"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-mt3000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "AADA4620-98B7-4B68-9C0C-4C73685B0B3B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-mt3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D832083-488B-40F2-8D7A-66E917DF67F9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-mt2500_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "4BFC3E12-5AC4-4C3F-86E1-1F6522090F91"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-mt2500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88C600EF-AF68-45F0-B9C0-7ECA0D33179C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-mt2500a_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "3301C89D-C179-4DBE-91BA-9834D8AB1574"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-mt2500a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E7A9451-E593-4429-BF4C-0B03851C09B7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-axt1800_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "5B79F7E4-7A5A-48EA-8B4F-1FF42681C9B0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-axt1800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49448661-9D95-4218-B2FA-73610AA5523C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-a1300_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "C60CE3B3-2DEB-4707-A4E8-40262BE9CC22"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-a1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2365517B-F8AF-490D-9282-36679EB484D2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-ax1800_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "FF71926B-3442-465A-8009-4CC49AF84065"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-ax1800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "459CA3AD-7D9A-4E72-8847-9F989232CDCD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-sft1200_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "25F4A1AA-E898-4220-9C29-892AA199EB3C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-sft1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD353D31-AA76-4A03-AA33-B618A3E28E3A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-mt1300_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "69DB6A57-60F5-4811-9371-E4FE40F6E6A0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-mt1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65A8D1C9-9EAE-4EDF-A1D4-D45E9EE65585"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-e750_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "1435C66B-38C7-4ECC-993D-F4EDD2853898"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-e750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5C88C24-42C5-4512-83B5-F7DED1D70E86"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-mv1000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "9F3A14CF-4A49-4D82-B665-C56D8D98E6AE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-mv1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64F0FB60-564D-492A-BF60-AEE3FDD33CEA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-mv1000w_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "CA8C1CAE-1ABA-438E-AB60-0ECAD46DBFEA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-mv1000w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E736B698-B40F-490C-A994-E3F89EBD764F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-s10_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "3DF83156-A2BB-4081-A701-4AF613DBC2BB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-s10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B182C20-3D15-4753-9A96-BF9F7F778CE7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-s200_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "13CCF94F-675C-42C9-9849-C214A66EDDDB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-s200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54BAA0C6-0A44-4C67-9C9D-DC5D04434D04"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-s1300_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "8B689F84-726F-433B-8288-FC03B2018672"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-s1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6D5F40B-93A6-486F-8575-3DAAAC324B93"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-sf1200_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "01E0F8DB-0B4C-4EE9-AD20-1353D44C5163"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-sf1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E7DDA65-A3AE-4769-A6FF-3878ECA45DC1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-b1300_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "59A98C79-93E2-4E90-B5C0-C64E11F13952"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-b1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10D84ECB-35CB-42B0-B925-8B631C235CC2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-b2200_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "2BE77DD2-EC55-432F-AEB5-7080CAEB2E8D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-b2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83560162-69E2-4E4C-8220-72455FAB45C3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-ap1300_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "8F690433-A66B-4EF4-82A6-53DB7DAC28B1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-ap1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "555437D1-E216-4A0B-812A-29683D662D4C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-ap1300lte_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "84F959D3-DE3B-498B-920E-B3937E9722E9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-ap1300lte:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5FBDA79-D693-47C6-9A3A-12923B415722"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-x1200_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "9350E6E0-D5B0-4771-B3E9-2D32595B34E1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-x1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E50D1D1D-F363-4B77-BD4B-64B111D40603"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-x750_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "13E0A95F-C2ED-4013-A799-897882F2DF97"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-x750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17F0F848-0A3A-43CB-A766-71FD37CADF1B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-x300b_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "B361B182-C97B-4F68-A7DE-8DA7F2E809EC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-x300b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6C489C-C1DF-4D8B-9554-0F03E329AABB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-xe300_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "99E0D394-EF3E-4D41-A2AB-9288C4D9351F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-xe300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B11C2B97-A528-4BA9-9E46-293715A2BC21"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-ar750s_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "4F49F121-78E5-4256-AE49-1CABE9E09402"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-ar750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C939D70-5353-43B7-AEF9-8F1D784DD4EF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-ar750_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "C14588E5-B00D-4FAF-84DA-CE190E1A88AE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-ar750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FE176E8-8CB1-429B-9B3B-E1F58EC0C8F5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-mifi_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "ED6628FC-28A1-42C9-9B17-9FA5F8F0E670"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-mifi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B9DB815-57A6-45F4-A68D-3507C3EE383E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-mt300n-v2_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "7BDF9205-45B2-4AC3-9997-2666FD0231E7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-mt300n-v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4A042E-2C80-4EF9-93CA-D2756216BB0C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-ar300m_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "8D22AEE4-C757-42E8-AFA2-DB0F07883E55"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-ar300m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C965DA-2D49-4ED6-B028-3A23164EDC14"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-usb150_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "32540966-8B83-4D32-9B64-FA4F6C8C461F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-usb150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "322804A7-CE99-41E8-90DA-B60BE85F9449"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:microuter-n300_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "8FF61490-908B-41CD-9DB4-EDD7B937828C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:microuter-n300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13BEA3DD-0633-4F0B-97E0-C544C8232E3D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gl-inet/CVE-issues/blob/main/3.215/Directory_Listing.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://www.gl-inet.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

110
CVE-2023/CVE-2023-314xx/CVE-2023-31476.json
View File

@ -2,23 +2,123 @@
"id": "CVE-2023-31476",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:14.680",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T19:42:55.567",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on GL.iNet devices running firmware before 3.216. There is an arbitrary file write in which an empty file can be created almost anywhere on the filesystem, as long as the filename and path is no more than 6 characters (the working directory is /www)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-mv1000w_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.215",
"matchCriteriaId": "845DCF61-323A-4321-9B53-F302354BD686"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-mv1000w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E736B698-B40F-490C-A994-E3F89EBD764F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-mv1000_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.215",
"matchCriteriaId": "5D25F2C3-715B-4D4C-92DD-365808CCE2AA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-mv1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64F0FB60-564D-492A-BF60-AEE3FDD33CEA"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gl-inet/CVE-issues/blob/main/3.215/GL-MV1000_Arbitrary_File_Creation.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.gl-inet.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

66
CVE-2023/CVE-2023-314xx/CVE-2023-31489.json
View File

@ -2,19 +2,77 @@
"id": "CVE-2023-31489",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:14.717",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T19:54:41.370",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:frrouting:frrouting:8.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "19E4C79C-1D58-41EF-89B6-0E8192A4A5FB"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/FRRouting/frr/issues/13098",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-314xx/CVE-2023-31490.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31490",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:14.757",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-16T19:55:57.310",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_attr_psid_sub() function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:frrouting:frrouting:8.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "19E4C79C-1D58-41EF-89B6-0E8192A4A5FB"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/FRRouting/frr/issues/13099",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-329xx/CVE-2023-32999.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-32999",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-05-16T17:15:12.160",
"lastModified": "2023-05-16T17:15:12.160",
"lastModified": "2023-05-16T19:15:10.207",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A missing permission check in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password."
"value": "A missing permission check in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials."
}
],
"metrics": {},

120
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-16T18:00:25.654977+00:00
2023-05-16T20:00:24.142795+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-16T17:50:14.373000+00:00
2023-05-16T19:55:57.310000+00:00
```
### Last Data Feed Release
@ -29,71 +29,77 @@ Download and Changelog: [Click](releases/latest)
### Total Number of included CVEs
```plain
215395
215416
```
### CVEs added in the last Commit
Recently added CVEs: `35`
Recently added CVEs: `21`
* [CVE-2023-2739](CVE-2023/CVE-2023-27xx/CVE-2023-2739.json) (`2023-05-16T16:15:10.027`)
* [CVE-2023-2740](CVE-2023/CVE-2023-27xx/CVE-2023-2740.json) (`2023-05-16T17:15:11.433`)
* [CVE-2023-28076](CVE-2023/CVE-2023-280xx/CVE-2023-28076.json) (`2023-05-16T16:15:09.513`)
* [CVE-2023-31890](CVE-2023/CVE-2023-318xx/CVE-2023-31890.json) (`2023-05-16T16:15:10.343`)
* [CVE-2023-32977](CVE-2023/CVE-2023-329xx/CVE-2023-32977.json) (`2023-05-16T16:15:10.507`)
* [CVE-2023-32978](CVE-2023/CVE-2023-329xx/CVE-2023-32978.json) (`2023-05-16T16:15:10.610`)
* [CVE-2023-32979](CVE-2023/CVE-2023-329xx/CVE-2023-32979.json) (`2023-05-16T16:15:10.673`)
* [CVE-2023-32980](CVE-2023/CVE-2023-329xx/CVE-2023-32980.json) (`2023-05-16T16:15:10.753`)
* [CVE-2023-32981](CVE-2023/CVE-2023-329xx/CVE-2023-32981.json) (`2023-05-16T16:15:10.833`)
* [CVE-2023-32982](CVE-2023/CVE-2023-329xx/CVE-2023-32982.json) (`2023-05-16T16:15:10.920`)
* [CVE-2023-32983](CVE-2023/CVE-2023-329xx/CVE-2023-32983.json) (`2023-05-16T16:15:10.980`)
* [CVE-2023-32984](CVE-2023/CVE-2023-329xx/CVE-2023-32984.json) (`2023-05-16T16:15:11.033`)
* [CVE-2023-32985](CVE-2023/CVE-2023-329xx/CVE-2023-32985.json) (`2023-05-16T16:15:11.090`)
* [CVE-2023-32986](CVE-2023/CVE-2023-329xx/CVE-2023-32986.json) (`2023-05-16T16:15:11.147`)
* [CVE-2023-32987](CVE-2023/CVE-2023-329xx/CVE-2023-32987.json) (`2023-05-16T16:15:11.200`)
* [CVE-2023-32988](CVE-2023/CVE-2023-329xx/CVE-2023-32988.json) (`2023-05-16T16:15:11.257`)
* [CVE-2023-32989](CVE-2023/CVE-2023-329xx/CVE-2023-32989.json) (`2023-05-16T16:15:11.310`)
* [CVE-2023-32990](CVE-2023/CVE-2023-329xx/CVE-2023-32990.json) (`2023-05-16T17:15:11.753`)
* [CVE-2023-32991](CVE-2023/CVE-2023-329xx/CVE-2023-32991.json) (`2023-05-16T17:15:11.803`)
* [CVE-2023-32992](CVE-2023/CVE-2023-329xx/CVE-2023-32992.json) (`2023-05-16T17:15:11.850`)
* [CVE-2023-32993](CVE-2023/CVE-2023-329xx/CVE-2023-32993.json) (`2023-05-16T17:15:11.893`)
* [CVE-2023-32994](CVE-2023/CVE-2023-329xx/CVE-2023-32994.json) (`2023-05-16T17:15:11.937`)
* [CVE-2023-32995](CVE-2023/CVE-2023-329xx/CVE-2023-32995.json) (`2023-05-16T17:15:11.980`)
* [CVE-2023-32996](CVE-2023/CVE-2023-329xx/CVE-2023-32996.json) (`2023-05-16T17:15:12.027`)
* [CVE-2023-32997](CVE-2023/CVE-2023-329xx/CVE-2023-32997.json) (`2023-05-16T17:15:12.067`)
* [CVE-2023-32998](CVE-2023/CVE-2023-329xx/CVE-2023-32998.json) (`2023-05-16T17:15:12.110`)
* [CVE-2023-32999](CVE-2023/CVE-2023-329xx/CVE-2023-32999.json) (`2023-05-16T17:15:12.160`)
* [CVE-2023-33000](CVE-2023/CVE-2023-330xx/CVE-2023-33000.json) (`2023-05-16T17:15:12.207`)
* [CVE-2023-33001](CVE-2023/CVE-2023-330xx/CVE-2023-33001.json) (`2023-05-16T17:15:12.250`)
* [CVE-2023-33002](CVE-2023/CVE-2023-330xx/CVE-2023-33002.json) (`2023-05-16T17:15:12.293`)
* [CVE-2023-33003](CVE-2023/CVE-2023-330xx/CVE-2023-33003.json) (`2023-05-16T17:15:12.340`)
* [CVE-2023-33004](CVE-2023/CVE-2023-330xx/CVE-2023-33004.json) (`2023-05-16T17:15:12.377`)
* [CVE-2023-33005](CVE-2023/CVE-2023-330xx/CVE-2023-33005.json) (`2023-05-16T17:15:12.420`)
* [CVE-2023-33006](CVE-2023/CVE-2023-330xx/CVE-2023-33006.json) (`2023-05-16T17:15:12.467`)
* [CVE-2023-33007](CVE-2023/CVE-2023-330xx/CVE-2023-33007.json) (`2023-05-16T17:15:12.507`)
* [CVE-2023-2195](CVE-2023/CVE-2023-21xx/CVE-2023-2195.json) (`2023-05-16T19:15:08.997`)
* [CVE-2023-2196](CVE-2023/CVE-2023-21xx/CVE-2023-2196.json) (`2023-05-16T18:15:16.620`)
* [CVE-2023-2631](CVE-2023/CVE-2023-26xx/CVE-2023-2631.json) (`2023-05-16T19:15:09.090`)
* [CVE-2023-2632](CVE-2023/CVE-2023-26xx/CVE-2023-2632.json) (`2023-05-16T18:15:17.303`)
* [CVE-2023-2633](CVE-2023/CVE-2023-26xx/CVE-2023-2633.json) (`2023-05-16T18:15:17.453`)
* [CVE-2023-2721](CVE-2023/CVE-2023-27xx/CVE-2023-2721.json) (`2023-05-16T19:15:09.160`)
* [CVE-2023-2722](CVE-2023/CVE-2023-27xx/CVE-2023-2722.json) (`2023-05-16T19:15:09.217`)
* [CVE-2023-2723](CVE-2023/CVE-2023-27xx/CVE-2023-2723.json) (`2023-05-16T19:15:09.277`)
* [CVE-2023-2724](CVE-2023/CVE-2023-27xx/CVE-2023-2724.json) (`2023-05-16T19:15:09.327`)
* [CVE-2023-2725](CVE-2023/CVE-2023-27xx/CVE-2023-2725.json) (`2023-05-16T19:15:09.383`)
* [CVE-2023-2726](CVE-2023/CVE-2023-27xx/CVE-2023-2726.json) (`2023-05-16T19:15:09.433`)
* [CVE-2023-30501](CVE-2023/CVE-2023-305xx/CVE-2023-30501.json) (`2023-05-16T19:15:09.493`)
* [CVE-2023-30502](CVE-2023/CVE-2023-305xx/CVE-2023-30502.json) (`2023-05-16T19:15:09.567`)
* [CVE-2023-30503](CVE-2023/CVE-2023-305xx/CVE-2023-30503.json) (`2023-05-16T19:15:09.630`)
* [CVE-2023-30504](CVE-2023/CVE-2023-305xx/CVE-2023-30504.json) (`2023-05-16T19:15:09.693`)
* [CVE-2023-30505](CVE-2023/CVE-2023-305xx/CVE-2023-30505.json) (`2023-05-16T19:15:09.757`)
* [CVE-2023-30506](CVE-2023/CVE-2023-305xx/CVE-2023-30506.json) (`2023-05-16T19:15:09.817`)
* [CVE-2023-30507](CVE-2023/CVE-2023-305xx/CVE-2023-30507.json) (`2023-05-16T19:15:09.893`)
* [CVE-2023-30508](CVE-2023/CVE-2023-305xx/CVE-2023-30508.json) (`2023-05-16T19:15:09.980`)
* [CVE-2023-30509](CVE-2023/CVE-2023-305xx/CVE-2023-30509.json) (`2023-05-16T19:15:10.067`)
* [CVE-2023-30510](CVE-2023/CVE-2023-305xx/CVE-2023-30510.json) (`2023-05-16T19:15:10.140`)
### CVEs modified in the last Commit
Recently modified CVEs: `17`
Recently modified CVEs: `37`
* [CVE-2002-20001](CVE-2002/CVE-2002-200xx/CVE-2002-20001.json) (`2023-05-16T16:15:29.937`)
* [CVE-2020-23362](CVE-2020/CVE-2020-233xx/CVE-2020-23362.json) (`2023-05-16T17:17:58.727`)
* [CVE-2022-46819](CVE-2022/CVE-2022-468xx/CVE-2022-46819.json) (`2023-05-16T16:17:27.237`)
* [CVE-2022-46861](CVE-2022/CVE-2022-468xx/CVE-2022-46861.json) (`2023-05-16T16:17:13.987`)
* [CVE-2023-24953](CVE-2023/CVE-2023-249xx/CVE-2023-24953.json) (`2023-05-16T16:16:11.117`)
* [CVE-2023-24954](CVE-2023/CVE-2023-249xx/CVE-2023-24954.json) (`2023-05-16T16:10:02.777`)
* [CVE-2023-25833](CVE-2023/CVE-2023-258xx/CVE-2023-25833.json) (`2023-05-16T17:50:14.373`)
* [CVE-2023-25834](CVE-2023/CVE-2023-258xx/CVE-2023-25834.json) (`2023-05-16T17:26:50.917`)
* [CVE-2023-30086](CVE-2023/CVE-2023-300xx/CVE-2023-30086.json) (`2023-05-16T17:11:01.003`)
* [CVE-2023-30087](CVE-2023/CVE-2023-300xx/CVE-2023-30087.json) (`2023-05-16T17:06:52.870`)
* [CVE-2023-31136](CVE-2023/CVE-2023-311xx/CVE-2023-31136.json) (`2023-05-16T16:43:07.007`)
* [CVE-2023-31137](CVE-2023/CVE-2023-311xx/CVE-2023-31137.json) (`2023-05-16T16:47:46.977`)
* [CVE-2023-31139](CVE-2023/CVE-2023-311xx/CVE-2023-31139.json) (`2023-05-16T16:50:03.370`)
* [CVE-2023-31143](CVE-2023/CVE-2023-311xx/CVE-2023-31143.json) (`2023-05-16T16:56:16.440`)
* [CVE-2023-32060](CVE-2023/CVE-2023-320xx/CVE-2023-32060.json) (`2023-05-16T17:04:16.300`)
* [CVE-2023-32069](CVE-2023/CVE-2023-320xx/CVE-2023-32069.json) (`2023-05-16T17:34:32.947`)
* [CVE-2023-32071](CVE-2023/CVE-2023-320xx/CVE-2023-32071.json) (`2023-05-16T17:41:40.890`)
* [CVE-2021-26356](CVE-2021/CVE-2021-263xx/CVE-2021-26356.json) (`2023-05-16T19:01:36.007`)
* [CVE-2021-29063](CVE-2021/CVE-2021-290xx/CVE-2021-29063.json) (`2023-05-16T18:15:15.993`)
* [CVE-2022-45846](CVE-2022/CVE-2022-458xx/CVE-2022-45846.json) (`2023-05-16T19:17:03.097`)
* [CVE-2022-46720](CVE-2022/CVE-2022-467xx/CVE-2022-46720.json) (`2023-05-16T19:32:18.817`)
* [CVE-2022-47441](CVE-2022/CVE-2022-474xx/CVE-2022-47441.json) (`2023-05-16T19:07:58.927`)
* [CVE-2022-47587](CVE-2022/CVE-2022-475xx/CVE-2022-47587.json) (`2023-05-16T19:06:11.433`)
* [CVE-2022-47590](CVE-2022/CVE-2022-475xx/CVE-2022-47590.json) (`2023-05-16T18:59:23.210`)
* [CVE-2022-47600](CVE-2022/CVE-2022-476xx/CVE-2022-47600.json) (`2023-05-16T18:59:53.153`)
* [CVE-2022-47606](CVE-2022/CVE-2022-476xx/CVE-2022-47606.json) (`2023-05-16T19:06:39.777`)
* [CVE-2023-2156](CVE-2023/CVE-2023-21xx/CVE-2023-2156.json) (`2023-05-16T18:04:22.737`)
* [CVE-2023-2269](CVE-2023/CVE-2023-22xx/CVE-2023-2269.json) (`2023-05-16T19:01:02.070`)
* [CVE-2023-23540](CVE-2023/CVE-2023-235xx/CVE-2023-23540.json) (`2023-05-16T19:23:21.787`)
* [CVE-2023-23541](CVE-2023/CVE-2023-235xx/CVE-2023-23541.json) (`2023-05-16T19:18:15.047`)
* [CVE-2023-23542](CVE-2023/CVE-2023-235xx/CVE-2023-23542.json) (`2023-05-16T18:48:59.537`)
* [CVE-2023-25831](CVE-2023/CVE-2023-258xx/CVE-2023-25831.json) (`2023-05-16T18:46:39.717`)
* [CVE-2023-25832](CVE-2023/CVE-2023-258xx/CVE-2023-25832.json) (`2023-05-16T18:46:25.287`)
* [CVE-2023-26126](CVE-2023/CVE-2023-261xx/CVE-2023-26126.json) (`2023-05-16T18:49:04.140`)
* [CVE-2023-28125](CVE-2023/CVE-2023-281xx/CVE-2023-28125.json) (`2023-05-16T18:41:44.150`)
* [CVE-2023-28126](CVE-2023/CVE-2023-281xx/CVE-2023-28126.json) (`2023-05-16T18:24:30.067`)
* [CVE-2023-28127](CVE-2023/CVE-2023-281xx/CVE-2023-28127.json) (`2023-05-16T18:05:38.973`)
* [CVE-2023-28128](CVE-2023/CVE-2023-281xx/CVE-2023-28128.json) (`2023-05-16T18:45:46.070`)
* [CVE-2023-29336](CVE-2023/CVE-2023-293xx/CVE-2023-29336.json) (`2023-05-16T18:46:44.043`)
* [CVE-2023-29340](CVE-2023/CVE-2023-293xx/CVE-2023-29340.json) (`2023-05-16T18:43:33.117`)
* [CVE-2023-29341](CVE-2023/CVE-2023-293xx/CVE-2023-29341.json) (`2023-05-16T18:44:48.630`)
* [CVE-2023-29460](CVE-2023/CVE-2023-294xx/CVE-2023-29460.json) (`2023-05-16T18:30:41.293`)
* [CVE-2023-29461](CVE-2023/CVE-2023-294xx/CVE-2023-29461.json) (`2023-05-16T18:30:02.453`)
* [CVE-2023-30019](CVE-2023/CVE-2023-300xx/CVE-2023-30019.json) (`2023-05-16T19:33:22.923`)
* [CVE-2023-30056](CVE-2023/CVE-2023-300xx/CVE-2023-30056.json) (`2023-05-16T18:45:58.280`)
* [CVE-2023-30057](CVE-2023/CVE-2023-300xx/CVE-2023-30057.json) (`2023-05-16T18:41:56.573`)
* [CVE-2023-31126](CVE-2023/CVE-2023-311xx/CVE-2023-31126.json) (`2023-05-16T18:36:04.127`)
* [CVE-2023-31134](CVE-2023/CVE-2023-311xx/CVE-2023-31134.json) (`2023-05-16T18:28:01.590`)
* [CVE-2023-31144](CVE-2023/CVE-2023-311xx/CVE-2023-31144.json) (`2023-05-16T19:22:34.243`)
* [CVE-2023-31474](CVE-2023/CVE-2023-314xx/CVE-2023-31474.json) (`2023-05-16T19:17:58.097`)
* [CVE-2023-31476](CVE-2023/CVE-2023-314xx/CVE-2023-31476.json) (`2023-05-16T19:42:55.567`)
* [CVE-2023-31489](CVE-2023/CVE-2023-314xx/CVE-2023-31489.json) (`2023-05-16T19:54:41.370`)
* [CVE-2023-31490](CVE-2023/CVE-2023-314xx/CVE-2023-31490.json) (`2023-05-16T19:55:57.310`)
* [CVE-2023-32999](CVE-2023/CVE-2023-329xx/CVE-2023-32999.json) (`2023-05-16T19:15:10.207`)
## Download and Usage