admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-08-03T02:00:30.847736+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-08-03 02:00:34 +00:00
parent 82f670395a
commit ea22cf63fb
18 changed files with 413 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
CVE-2023/CVE-2023-333xx/CVE-2023-33368.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-33368",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-03T01:15:10.950",
"lastModified": "2023-08-03T01:15:10.950",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Some API routes exists in Control ID IDSecure 4.7.26.0 and prior, exfiltrating sensitive information and passwords to users accessing these API routes."
}
],
"metrics": {},
"references": [
{
"url": "https://claroty.com/team82/disclosure-dashboard/cve-2023-33368",
"source": "cve@mitre.org"
},
{
"url": "https://www.controlid.com.br/en/access-control/idsecure/",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-333xx/CVE-2023-33369.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-33369",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-03T01:15:11.123",
"lastModified": "2023-08-03T01:15:11.123",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing attackers to delete arbitrary files on IDSecure filesystem, causing a denial of service."
}
],
"metrics": {},
"references": [
{
"url": "https://claroty.com/team82/disclosure-dashboard/cve-2023-33369",
"source": "cve@mitre.org"
},
{
"url": "https://www.controlid.com.br/en/access-control/idsecure/",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-333xx/CVE-2023-33370.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-33370",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-03T01:15:11.187",
"lastModified": "2023-08-03T01:15:11.187",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An uncaught exception vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing attackers to cause the main web server of IDSecure to fault and crash, causing a denial of service."
}
],
"metrics": {},
"references": [
{
"url": "https://claroty.com/team82/disclosure-dashboard/cve-2023-33370",
"source": "cve@mitre.org"
},
{
"url": "https://www.controlid.com.br/en/access-control/idsecure/",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-333xx/CVE-2023-33371.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-33371",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-03T01:15:11.260",
"lastModified": "2023-08-03T01:15:11.260",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication."
}
],
"metrics": {},
"references": [
{
"url": "https://claroty.com/team82/disclosure-dashboard/cve-2023-33371",
"source": "cve@mitre.org"
},
{
"url": "https://www.controlid.com.br/en/access-control/idsecure/",
"source": "cve@mitre.org"
}
]
}

4
CVE-2023/CVE-2023-346xx/CVE-2023-34644.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-34644",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-31T14:15:10.323",
"lastModified": "2023-08-02T17:15:10.937",
"lastModified": "2023-08-03T01:15:11.347",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A command injection vulnerability exists in the EWEB management system of Ruijie Networks ReyeeOS. An unauthenticated attacker could gain supreme control of devices through this vulnerability. The affected products in Ruijie Networks including RG-EW series home routers and repeaters prior to EW_3.0(1)B11P219, RG-NBS and RG-S1930 series switches prior to SWITCH_3.0(1)B11P219, RG-EG series business VPN routers prior to EG_3.0(1)B11P219, EAP and RAP series wireless access points prior to AP_3.0(1)B11P219, and NBC series wireless controllers prior to AC_3.0(1)B11P219."
"value": "Remote code execution vulnerability in Ruijie Networks Product: RG-EW series home routers and repeaters EW_3.0(1)B11P204, RG-NBS and RG-S1930 series switches SWITCH_3.0(1)B11P218, RG-EG series business VPN routers EG_3.0(1)B11P216, EAP and RAP series wireless access points AP_3.0(1)B11P218, NBC series wireless controllers AC_3.0(1)B11P86 allows unauthorized remote attackers to gain the highest privileges via crafted POST request to /cgi-bin/luci/api/auth."
}
],
"metrics": {},

28
CVE-2023/CVE-2023-360xx/CVE-2023-36082.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-36082",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-03T01:15:11.437",
"lastModified": "2023-08-03T01:15:11.437",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An isssue in GatesAIr Flexiva FM Transmitter/Exiter Fax 150W allows a remote attacker to gain privileges via the LDAP and SMTP credentials."
}
],
"metrics": {},
"references": [
{
"url": "http://flexiva.com",
"source": "cve@mitre.org"
},
{
"url": "http://gatesair.com",
"source": "cve@mitre.org"
},
{
"url": "https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-36082",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-40xx/CVE-2023-4068.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-4068",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-03T01:15:11.513",
"lastModified": "2023-08-03T01:15:11.513",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1466183",
"source": "chrome-cve-admin@google.com"
}
]
}

24
CVE-2023/CVE-2023-40xx/CVE-2023-4069.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-4069",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-03T01:15:11.583",
"lastModified": "2023-08-03T01:15:11.583",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1465326",
"source": "chrome-cve-admin@google.com"
}
]
}

24
CVE-2023/CVE-2023-40xx/CVE-2023-4070.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-4070",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-03T01:15:11.647",
"lastModified": "2023-08-03T01:15:11.647",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1462951",
"source": "chrome-cve-admin@google.com"
}
]
}

24
CVE-2023/CVE-2023-40xx/CVE-2023-4071.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-4071",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-03T01:15:11.710",
"lastModified": "2023-08-03T01:15:11.710",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Heap buffer overflow in Visuals in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1458819",
"source": "chrome-cve-admin@google.com"
}
]
}

24
CVE-2023/CVE-2023-40xx/CVE-2023-4072.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-4072",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-03T01:15:11.773",
"lastModified": "2023-08-03T01:15:11.773",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Out of bounds read and write in WebGL in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1464038",
"source": "chrome-cve-admin@google.com"
}
]
}

24
CVE-2023/CVE-2023-40xx/CVE-2023-4073.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-4073",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-03T01:15:11.840",
"lastModified": "2023-08-03T01:15:11.840",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1456243",
"source": "chrome-cve-admin@google.com"
}
]
}

24
CVE-2023/CVE-2023-40xx/CVE-2023-4074.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-4074",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-03T01:15:11.903",
"lastModified": "2023-08-03T01:15:11.903",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Use after free in Blink Task Scheduling in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1464113",
"source": "chrome-cve-admin@google.com"
}
]
}

24
CVE-2023/CVE-2023-40xx/CVE-2023-4075.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-4075",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-03T01:15:11.973",
"lastModified": "2023-08-03T01:15:11.973",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Use after free in Cast in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1457757",
"source": "chrome-cve-admin@google.com"
}
]
}

24
CVE-2023/CVE-2023-40xx/CVE-2023-4076.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-4076",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-03T01:15:12.037",
"lastModified": "2023-08-03T01:15:12.037",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Use after free in WebRTC in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC session. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1459124",
"source": "chrome-cve-admin@google.com"
}
]
}

24
CVE-2023/CVE-2023-40xx/CVE-2023-4077.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-4077",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-03T01:15:12.100",
"lastModified": "2023-08-03T01:15:12.100",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Insufficient data validation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: Medium)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1451146",
"source": "chrome-cve-admin@google.com"
}
]
}

24
CVE-2023/CVE-2023-40xx/CVE-2023-4078.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-4078",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-03T01:15:12.167",
"lastModified": "2023-08-03T01:15:12.167",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Inappropriate implementation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: Medium)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1461895",
"source": "chrome-cve-admin@google.com"
}
]
}

49
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-08-02T23:55:26.309396+00:00
2023-08-03T02:00:30.847736+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-08-02T23:15:10.547000+00:00
2023-08-03T01:15:12.167000+00:00
```
### Last Data Feed Release
@ -23,45 +23,42 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain
2023-08-02T00:00:13.564856+00:00
2023-08-03T00:00:13.561418+00:00
```
### Total Number of included CVEs
```plain
221485
221501
```
### CVEs added in the last Commit
Recently added CVEs: `5`
Recently added CVEs: `16`
* [CVE-2023-1437](CVE-2023/CVE-2023-14xx/CVE-2023-1437.json) (`2023-08-02T23:15:10.153`)
* [CVE-2023-1935](CVE-2023/CVE-2023-19xx/CVE-2023-1935.json) (`2023-08-02T23:15:10.293`)
* [CVE-2023-39113](CVE-2023/CVE-2023-391xx/CVE-2023-39113.json) (`2023-08-02T23:15:10.413`)
* [CVE-2023-39114](CVE-2023/CVE-2023-391xx/CVE-2023-39114.json) (`2023-08-02T23:15:10.483`)
* [CVE-2023-3329](CVE-2023/CVE-2023-33xx/CVE-2023-3329.json) (`2023-08-02T23:15:10.547`)
* [CVE-2023-33368](CVE-2023/CVE-2023-333xx/CVE-2023-33368.json) (`2023-08-03T01:15:10.950`)
* [CVE-2023-33369](CVE-2023/CVE-2023-333xx/CVE-2023-33369.json) (`2023-08-03T01:15:11.123`)
* [CVE-2023-33370](CVE-2023/CVE-2023-333xx/CVE-2023-33370.json) (`2023-08-03T01:15:11.187`)
* [CVE-2023-33371](CVE-2023/CVE-2023-333xx/CVE-2023-33371.json) (`2023-08-03T01:15:11.260`)
* [CVE-2023-36082](CVE-2023/CVE-2023-360xx/CVE-2023-36082.json) (`2023-08-03T01:15:11.437`)
* [CVE-2023-4068](CVE-2023/CVE-2023-40xx/CVE-2023-4068.json) (`2023-08-03T01:15:11.513`)
* [CVE-2023-4069](CVE-2023/CVE-2023-40xx/CVE-2023-4069.json) (`2023-08-03T01:15:11.583`)
* [CVE-2023-4070](CVE-2023/CVE-2023-40xx/CVE-2023-4070.json) (`2023-08-03T01:15:11.647`)
* [CVE-2023-4071](CVE-2023/CVE-2023-40xx/CVE-2023-4071.json) (`2023-08-03T01:15:11.710`)
* [CVE-2023-4072](CVE-2023/CVE-2023-40xx/CVE-2023-4072.json) (`2023-08-03T01:15:11.773`)
* [CVE-2023-4073](CVE-2023/CVE-2023-40xx/CVE-2023-4073.json) (`2023-08-03T01:15:11.840`)
* [CVE-2023-4074](CVE-2023/CVE-2023-40xx/CVE-2023-4074.json) (`2023-08-03T01:15:11.903`)
* [CVE-2023-4075](CVE-2023/CVE-2023-40xx/CVE-2023-4075.json) (`2023-08-03T01:15:11.973`)
* [CVE-2023-4076](CVE-2023/CVE-2023-40xx/CVE-2023-4076.json) (`2023-08-03T01:15:12.037`)
* [CVE-2023-4077](CVE-2023/CVE-2023-40xx/CVE-2023-4077.json) (`2023-08-03T01:15:12.100`)
* [CVE-2023-4078](CVE-2023/CVE-2023-40xx/CVE-2023-4078.json) (`2023-08-03T01:15:12.167`)
### CVEs modified in the last Commit
Recently modified CVEs: `15`
Recently modified CVEs: `1`
* [CVE-2023-3957](CVE-2023/CVE-2023-39xx/CVE-2023-3957.json) (`2023-08-02T22:00:38.467`)
* [CVE-2023-3956](CVE-2023/CVE-2023-39xx/CVE-2023-3956.json) (`2023-08-02T22:01:03.057`)
* [CVE-2023-32450](CVE-2023/CVE-2023-324xx/CVE-2023-32450.json) (`2023-08-02T22:13:42.063`)
* [CVE-2023-38611](CVE-2023/CVE-2023-386xx/CVE-2023-38611.json) (`2023-08-02T22:14:39.553`)
* [CVE-2023-38608](CVE-2023/CVE-2023-386xx/CVE-2023-38608.json) (`2023-08-02T22:25:39.927`)
* [CVE-2023-38602](CVE-2023/CVE-2023-386xx/CVE-2023-38602.json) (`2023-08-02T22:26:42.387`)
* [CVE-2023-38603](CVE-2023/CVE-2023-386xx/CVE-2023-38603.json) (`2023-08-02T22:26:52.433`)
* [CVE-2023-38600](CVE-2023/CVE-2023-386xx/CVE-2023-38600.json) (`2023-08-02T22:30:00.703`)
* [CVE-2023-38595](CVE-2023/CVE-2023-385xx/CVE-2023-38595.json) (`2023-08-02T22:30:17.557`)
* [CVE-2023-38593](CVE-2023/CVE-2023-385xx/CVE-2023-38593.json) (`2023-08-02T22:30:34.427`)
* [CVE-2023-29407](CVE-2023/CVE-2023-294xx/CVE-2023-29407.json) (`2023-08-02T22:30:59.227`)
* [CVE-2023-29408](CVE-2023/CVE-2023-294xx/CVE-2023-29408.json) (`2023-08-02T22:30:59.227`)
* [CVE-2023-29409](CVE-2023/CVE-2023-294xx/CVE-2023-29409.json) (`2023-08-02T22:30:59.227`)
* [CVE-2023-36081](CVE-2023/CVE-2023-360xx/CVE-2023-36081.json) (`2023-08-02T22:30:59.227`)
* [CVE-2023-3978](CVE-2023/CVE-2023-39xx/CVE-2023-3978.json) (`2023-08-02T22:30:59.227`)
* [CVE-2023-34644](CVE-2023/CVE-2023-346xx/CVE-2023-34644.json) (`2023-08-03T01:15:11.347`)
## Download and Usage