admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-12-29T13:00:25.164457+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-12-29 13:00:28 +00:00
parent 88dabe56ad
commit eadd4fdb7a
40 changed files with 1791 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
CVE-2023/CVE-2023-418xx/CVE-2023-41813.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-41813",
"sourceIdentifier": "security@pandorafms.com",
"published": "2023-12-29T12:15:43.250",
"lastModified": "2023-12-29T12:15:43.250",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS).\u00a0Allows you to edit the Web Console user notification options.\u00a0This issue affects Pandora FMS: from 700 through 774."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@pandorafms.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.0,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.3,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@pandorafms.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/",
"source": "security@pandorafms.com"
}
]
}

55
CVE-2023/CVE-2023-418xx/CVE-2023-41814.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-41814",
"sourceIdentifier": "security@pandorafms.com",
"published": "2023-12-29T12:15:43.487",
"lastModified": "2023-12-29T12:15:43.487",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). Through an HTML payload (iframe tag) it is possible to carry out XSS attacks when the user receiving the messages opens their notifications.\u00a0This issue affects Pandora FMS: from 700 through 774."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@pandorafms.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@pandorafms.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/",
"source": "security@pandorafms.com"
}
]
}

55
CVE-2023/CVE-2023-418xx/CVE-2023-41815.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-41815",
"sourceIdentifier": "security@pandorafms.com",
"published": "2023-12-29T12:15:43.690",
"lastModified": "2023-12-29T12:15:43.690",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS).\u00a0Malicious code could be executed in the File Manager section.\u00a0This issue affects Pandora FMS: from 700 through 774."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@pandorafms.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security@pandorafms.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/",
"source": "security@pandorafms.com"
}
]
}

55
CVE-2023/CVE-2023-440xx/CVE-2023-44088.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-44088",
"sourceIdentifier": "security@pandorafms.com",
"published": "2023-12-29T12:15:43.883",
"lastModified": "2023-12-29T12:15:43.883",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pandora FMS on all allows SQL Injection.\u00a0Arbitrary SQL queries were allowed to be executed using any account with low privileges.\u00a0This issue affects Pandora FMS: from 700 through 774."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@pandorafms.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "security@pandorafms.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/",
"source": "security@pandorafms.com"
}
]
}

55
CVE-2023/CVE-2023-440xx/CVE-2023-44089.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-44089",
"sourceIdentifier": "security@pandorafms.com",
"published": "2023-12-29T12:15:44.083",
"lastModified": "2023-12-29T12:15:44.083",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS).\u00a0It was possible to execute malicious JS code on Visual Consoles.\u00a0This issue affects Pandora FMS: from 700 through 774."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@pandorafms.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.6,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "security@pandorafms.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/",
"source": "security@pandorafms.com"
}
]
}

55
CVE-2023/CVE-2023-508xx/CVE-2023-50837.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-50837",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T12:15:44.290",
"lastModified": "2023-12-29T12:15:44.290",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WebFactory Ltd Login Lockdown \u2013 Protect Login Form.This issue affects Login Lockdown \u2013 Protect Login Form: from n/a through 2.06.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.3,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/login-lockdown/wordpress-login-lockdown-protect-login-form-plugin-2-06-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-508xx/CVE-2023-50879.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-50879",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T12:15:44.503",
"lastModified": "2023-12-29T12:15:44.503",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic WordPress.Com Editing Toolkit allows Stored XSS.This issue affects WordPress.Com Editing Toolkit: from n/a through 3.78784.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/full-site-editing/wordpress-wordpress-com-editing-toolkit-plugin-3-78784-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-508xx/CVE-2023-50880.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-50880",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T12:15:44.717",
"lastModified": "2023-12-29T12:15:44.717",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The BuddyPress Community BuddyPress allows Stored XSS.This issue affects BuddyPress: from n/a through 11.3.1.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/buddypress/wordpress-buddypress-plugin-11-3-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-508xx/CVE-2023-50881.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-50881",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T12:15:44.927",
"lastModified": "2023-12-29T12:15:44.927",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AAM Advanced Access Manager \u2013 Restricted Content, Users & Roles, Enhanced Security and More allows Stored XSS.This issue affects Advanced Access Manager \u2013 Restricted Content, Users & Roles, Enhanced Security and More: from n/a through 6.9.15.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/advanced-access-manager/wordpress-advanced-access-manager-plugin-6-9-15-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-508xx/CVE-2023-50889.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-50889",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T12:15:45.170",
"lastModified": "2023-12-29T12:15:45.170",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder \u2013 WordPress Page Builder allows Stored XSS.This issue affects Beaver Builder \u2013 WordPress Page Builder: from n/a through 2.7.2.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/beaver-builder-lite-version/wordpress-beaver-builder-plugin-2-7-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-508xx/CVE-2023-50891.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-50891",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T12:15:45.400",
"lastModified": "2023-12-29T12:15:45.400",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zoho Forms Form plugin for WordPress \u2013 Zoho Forms allows Stored XSS.This issue affects Form plugin for WordPress \u2013 Zoho Forms: from n/a through 3.0.1.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/zoho-forms/wordpress-zoho-forms-plugin-3-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-508xx/CVE-2023-50892.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-50892",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T12:15:45.620",
"lastModified": "2023-12-29T12:15:45.620",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem - Creative Multi-Purpose & WooCommerce WordPress Theme allows Reflected XSS.This issue affects TheGem - Creative Multi-Purpose & WooCommerce WordPress Theme: from n/a through 5.9.1.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/thegem/wordpress-thegem-theme-5-9-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-508xx/CVE-2023-50893.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-50893",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T12:15:45.837",
"lastModified": "2023-12-29T12:15:45.837",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UpSolution Impreza \u2013 WordPress Website and WooCommerce Builder allows Reflected XSS.This issue affects Impreza \u2013 WordPress Website and WooCommerce Builder: from n/a through 8.17.4.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/us-core/wordpress-upsolution-core-plugin-8-17-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

59
CVE-2023/CVE-2023-508xx/CVE-2023-50896.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-50896",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T11:15:08.363",
"lastModified": "2023-12-29T11:15:08.363",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weForms weForms \u2013 Easy Drag & Drop Contact Form Builder For WordPress allows Stored XSS.This issue affects weForms \u2013 Easy Drag & Drop Contact Form Builder For WordPress: from n/a through 1.6.17.\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en weForms weForms \u2013 Easy Drag & Drop Contact Form Builder for WordPress permite XSS almacenado. Este problema afecta a weForms \u2013 Easy Drag & Drop Contact Form Builder For WordPress: de n/a hasta el 1.6.17."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/weforms/wordpress-weforms-plugin-1-6-17-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

59
CVE-2023/CVE-2023-509xx/CVE-2023-50901.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-50901",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T11:15:08.860",
"lastModified": "2023-12-29T11:15:08.860",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes HT Mega \u2013 Absolute Addons For Elementor allows Reflected XSS.This issue affects HT Mega \u2013 Absolute Addons For Elementor: from n/a through 2.3.8.\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Scripting entre sitios') en HasThemes HT Mega \u2013 Absolute Addons For Elementor permite XSS reflejado. Este problema afecta a HT Mega \u2013 Absolute Addons For Elementor: desde n/a hasta 2.3.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ht-mega-for-elementor/wordpress-ht-mega-absolute-addons-for-elementor-plugin-2-3-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

59
CVE-2023/CVE-2023-513xx/CVE-2023-51361.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-51361",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T11:15:09.117",
"lastModified": "2023-12-29T11:15:09.117",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ginger Plugins Sticky Chat Widget: Click to chat, SMS, Email, Messages, Call Button, Live Chat and Live Support Button allows Stored XSS.This issue affects Sticky Chat Widget: Click to chat, SMS, Email, Messages, Call Button, Live Chat and Live Support Button: from n/a through 1.1.8.\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Scripting entre sitios') en Ginger Plugins Sticky Chat Widget: Click to chat, SMS, Email, Messages, Call Button, Live Chat and Live Support Button permite XSS almacenado. Este problema afecta a Sticky Chat Widget: Click to chat, SMS, Email, Messages, Call Button, Live Chat and Live Support Button: desde n/a hasta 1.1.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/sticky-chat-widget/wordpress-sticky-chat-widget-plugin-1-1-8-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

59
CVE-2023/CVE-2023-513xx/CVE-2023-51371.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-51371",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T11:15:09.383",
"lastModified": "2023-12-29T11:15:09.383",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bit Assist Chat Widget: WhatsApp Chat, Facebook Messenger Chat, Telegram Chat Bubble, Line Messenger, Live Chat Support Chat Button, WeChat, SMS, Call Button, Customer Support Button with floating Chat Widget allows Stored XSS.This issue affects Chat Widget: WhatsApp Chat, Facebook Messenger Chat, Telegram Chat Bubble, Line Messenger, Live Chat Support Chat Button, WeChat, SMS, Call Button, Customer Support Button with floating Chat Widget: from n/a through 1.1.9.\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en el widget de chat Bit Assist Chat Widget: WhatsApp Chat, Facebook Messenger Chat, Telegram Chat Bubble, Line Messenger, Live Chat Support Chat Button, WeChat, SMS, Call Button, Customer Support Button with floating Chat Widget permite XSS almacenado. Este problema afecta a Chat Widget: WhatsApp Chat, Facebook Messenger Chat, Telegram Chat Bubble, Line Messenger, Live Chat Support Chat Button, WeChat, SMS, Call Button, Customer Support Button with floating Chat Widget: desde n/a hasta 1.1.9."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/bit-assist/wordpress-chat-button-plugin-1-1-9-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

59
CVE-2023/CVE-2023-513xx/CVE-2023-51372.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-51372",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T11:15:09.607",
"lastModified": "2023-12-29T11:15:09.607",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes HashBar \u2013 WordPress Notification Bar allows Stored XSS.This issue affects HashBar \u2013 WordPress Notification Bar: from n/a through 1.4.1.\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante de generaci\u00f3n de p\u00e1ginas web ('Scripting entre sitios') en HasThemes HashBar \u2013 WordPress Notification Bar permite XSS almacenado. Este problema afecta a HashBar \u2013 WordPress Notification Bar: desde n/a hasta 1.4.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/hashbar-wp-notification-bar/wordpress-hashbar-wordpress-notification-bar-plugin-1-4-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

59
CVE-2023/CVE-2023-513xx/CVE-2023-51373.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-51373",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T11:15:09.860",
"lastModified": "2023-12-29T11:15:09.860",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ian Kennerley Google Photos Gallery with Shortcodes allows Reflected XSS.This issue affects Google Photos Gallery with Shortcodes: from n/a through 4.0.2.\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Ian Kennerley Google Photos Gallery with Shortcodes permite XSS reflejado. Este problema afecta a Google Photos Gallery with Shortcodes: desde n/a hasta 4.0.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/google-picasa-albums-viewer/wordpress-google-photos-gallery-with-shortcodes-plugin-4-0-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

59
CVE-2023/CVE-2023-513xx/CVE-2023-51374.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-51374",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T11:15:10.093",
"lastModified": "2023-12-29T11:15:10.093",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZeroBounce ZeroBounce Email Verification & Validation allows Stored XSS.This issue affects ZeroBounce Email Verification & Validation: from n/a through 1.0.11.\n\n"
},
{
"lang": "es",
"value": "La neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en ZeroBounce ZeroBounce Email Verification & Validation permite XSS almacenado. Este problema afecta a ZeroBounce Email Verification & Validation: desde n/a hasta 1.0.11."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/zerobounce/wordpress-zerobounce-email-verification-validation-plugin-1-0-11-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

59
CVE-2023/CVE-2023-513xx/CVE-2023-51396.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-51396",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T11:15:10.357",
"lastModified": "2023-12-29T11:15:10.357",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brizy.Io Brizy \u2013 Page Builder allows Stored XSS.This issue affects Brizy \u2013 Page Builder: from n/a through 2.4.29.\n\n"
},
{
"lang": "es",
"value": "La neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Brizy.Io Brizy \u2013 Page Builder permite XSS almacenado. Este problema afecta a Brizy \u2013 Page Builder: desde n/a hasta 2.4.29."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/brizy/wordpress-brizy-page-builder-plugin-2-4-29-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

59
CVE-2023/CVE-2023-513xx/CVE-2023-51397.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-51397",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T11:15:10.600",
"lastModified": "2023-12-29T11:15:10.600",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force WP Remote Site Search allows Stored XSS.This issue affects WP Remote Site Search: from n/a through 1.0.4.\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Brainstorm Force WP Remote Site Search permite XSS almacenado. Este problema afecta a WP Remote Site Search: desde n/a hasta 1.0.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-remote-site-search/wordpress-wp-remote-site-search-plugin-1-0-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

59
CVE-2023/CVE-2023-513xx/CVE-2023-51399.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-51399",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T11:15:10.830",
"lastModified": "2023-12-29T11:15:10.830",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Back Button Widget allows Stored XSS.This issue affects Back Button Widget: from n/a through 1.6.3.\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Scripting entre sitios') en WPFactory Back Button Widget permite XSS almacenado. Este problema afecta a Back Button Widget: desde n/a hasta 1.6.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/back-button-widget/wordpress-back-button-widget-plugin-1-6-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-514xx/CVE-2023-51402.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-51402",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T12:15:46.043",
"lastModified": "2023-12-29T12:15:46.043",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Brain Storm Force Ultimate Addons for WPBakery Page Builder.This issue affects Ultimate Addons for WPBakery Page Builder: from n/a through 3.19.17.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ultimate_vc_addons/wordpress-ultimate-addons-for-wpbakery-page-builder-plugin-3-19-17-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

59
CVE-2023/CVE-2023-515xx/CVE-2023-51541.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-51541",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T11:15:11.090",
"lastModified": "2023-12-29T11:15:11.090",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aleksandar Uro\u0161evi\u0107 Stock Ticker allows Stored XSS.This issue affects Stock Ticker: from n/a through 3.23.4.\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Aleksandar Uro\u0161evi? Stock Ticker permite almacenar XSS. Este problema afecta a Stock Ticker: desde n/a hasta 3.23.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/stock-ticker/wordpress-stock-ticker-plugin-3-23-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

59
CVE-2023/CVE-2023-521xx/CVE-2023-52135.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-52135",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T11:15:11.337",
"lastModified": "2023-12-29T11:15:11.337",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WS Form WS Form LITE \u2013 Drag & Drop Contact Form Builder for WordPress.This issue affects WS Form LITE \u2013 Drag & Drop Contact Form Builder for WordPress: from n/a through 1.9.170.\n\n"
},
{
"lang": "es",
"value": "Neutralizaci\u00f3n incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL ('Inyecci\u00f3n SQL') en WS Form WS Form LITE \u2013 Drag & Drop Contact Form Builder for WordPress. Este problema afecta a WS Form LITE \u2013 Drag & Drop Contact Form Builder for WordPress: de n/a hasta 1.9.170."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.3,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ws-form/wordpress-ws-form-lite-drag-drop-contact-form-builder-for-wordpress-plugin-1-9-170-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

12
CVE-2023/CVE-2023-68xx/CVE-2023-6857.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6857",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-12-19T14:15:07.377",
"lastModified": "2023-12-22T11:09:51.217",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T12:15:46.270",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -131,6 +131,14 @@
"Permissions Required"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html",
"source": "security@mozilla.org"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html",
"source": "security@mozilla.org"
},
{
"url": "https://www.debian.org/security/2023/dsa-5581",
"source": "security@mozilla.org",

8
CVE-2023/CVE-2023-68xx/CVE-2023-6858.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6858",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-12-19T14:15:07.420",
"lastModified": "2023-12-22T11:09:35.557",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T12:15:46.440",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -109,6 +109,10 @@
"Permissions Required"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html",
"source": "security@mozilla.org"
},
{
"url": "https://www.debian.org/security/2023/dsa-5581",
"source": "security@mozilla.org",

12
CVE-2023/CVE-2023-68xx/CVE-2023-6859.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6859",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-12-19T14:15:07.467",
"lastModified": "2023-12-22T11:08:51.047",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T12:15:46.510",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -109,6 +109,14 @@
"Permissions Required"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html",
"source": "security@mozilla.org"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html",
"source": "security@mozilla.org"
},
{
"url": "https://www.debian.org/security/2023/dsa-5581",
"source": "security@mozilla.org",

12
CVE-2023/CVE-2023-68xx/CVE-2023-6860.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6860",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-12-19T14:15:07.510",
"lastModified": "2023-12-22T11:07:50.290",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T12:15:46.590",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -109,6 +109,14 @@
"Permissions Required"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html",
"source": "security@mozilla.org"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html",
"source": "security@mozilla.org"
},
{
"url": "https://www.debian.org/security/2023/dsa-5581",
"source": "security@mozilla.org",

12
CVE-2023/CVE-2023-68xx/CVE-2023-6861.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6861",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-12-19T14:15:07.560",
"lastModified": "2023-12-22T11:07:37.827",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T12:15:46.757",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -109,6 +109,14 @@
"Permissions Required"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html",
"source": "security@mozilla.org"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html",
"source": "security@mozilla.org"
},
{
"url": "https://www.debian.org/security/2023/dsa-5581",
"source": "security@mozilla.org",

12
CVE-2023/CVE-2023-68xx/CVE-2023-6862.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6862",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-12-19T14:15:07.603",
"lastModified": "2023-12-22T11:04:17.070",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T12:15:46.900",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -103,6 +103,14 @@
"Permissions Required"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html",
"source": "security@mozilla.org"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html",
"source": "security@mozilla.org"
},
{
"url": "https://www.debian.org/security/2023/dsa-5581",
"source": "security@mozilla.org",

8
CVE-2023/CVE-2023-68xx/CVE-2023-6863.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6863",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-12-19T14:15:07.650",
"lastModified": "2023-12-22T11:03:59.953",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T12:15:46.990",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -108,6 +108,10 @@
"Issue Tracking"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html",
"source": "security@mozilla.org"
},
{
"url": "https://www.debian.org/security/2023/dsa-5581",
"source": "security@mozilla.org",

8
CVE-2023/CVE-2023-68xx/CVE-2023-6864.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6864",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-12-19T14:15:07.707",
"lastModified": "2023-12-22T10:59:57.740",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T12:15:47.177",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -108,6 +108,10 @@
"Broken Link"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html",
"source": "security@mozilla.org"
},
{
"url": "https://www.debian.org/security/2023/dsa-5581",
"source": "security@mozilla.org",

8
CVE-2023/CVE-2023-68xx/CVE-2023-6865.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6865",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-12-19T14:15:07.777",
"lastModified": "2023-12-22T10:59:40.403",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T12:15:47.270",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -103,6 +103,10 @@
"Permissions Required"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html",
"source": "security@mozilla.org"
},
{
"url": "https://www.debian.org/security/2023/dsa-5581",
"source": "security@mozilla.org",

8
CVE-2023/CVE-2023-68xx/CVE-2023-6867.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6867",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-12-19T14:15:07.933",
"lastModified": "2023-12-22T10:53:35.230",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-29T12:15:47.417",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -103,6 +103,10 @@
"Permissions Required"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html",
"source": "security@mozilla.org"
},
{
"url": "https://www.debian.org/security/2023/dsa-5581",
"source": "security@mozilla.org",

59
CVE-2023/CVE-2023-70xx/CVE-2023-7078.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-7078",
"sourceIdentifier": "cna@cloudflare.com",
"published": "2023-12-29T12:15:47.537",
"lastModified": "2023-12-29T12:15:47.537",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Sending specially crafted HTTP requests to Miniflare's server could result in arbitrary HTTP and WebSocket requests being sent from the server. If Miniflare was configured to listen on external network interfaces (as was the default in wrangler\u00a0until 3.19.0), an attacker on the local network could access other local servers.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@cloudflare.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "cna@cloudflare.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://github.com/cloudflare/workers-sdk/pull/4532",
"source": "cna@cloudflare.com"
},
{
"url": "https://github.com/cloudflare/workers-sdk/security/advisories/GHSA-fwvg-2739-22v7",
"source": "cna@cloudflare.com"
}
]
}

63
CVE-2023/CVE-2023-70xx/CVE-2023-7079.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-7079",
"sourceIdentifier": "cna@cloudflare.com",
"published": "2023-12-29T12:15:47.763",
"lastModified": "2023-12-29T12:15:47.763",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Sending specially crafted HTTP requests and inspector messages to Wrangler's dev server could result in any file on the user's computer being accessible over the local network. An attacker that could trick any user on the local network into opening a malicious website could also read any file.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@cloudflare.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "cna@cloudflare.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://github.com/cloudflare/workers-sdk/pull/4532",
"source": "cna@cloudflare.com"
},
{
"url": "https://github.com/cloudflare/workers-sdk/pull/4535",
"source": "cna@cloudflare.com"
},
{
"url": "https://github.com/cloudflare/workers-sdk/security/advisories/GHSA-cfph-4qqh-w828",
"source": "cna@cloudflare.com"
}
]
}

71
CVE-2023/CVE-2023-70xx/CVE-2023-7080.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2023-7080",
"sourceIdentifier": "cna@cloudflare.com",
"published": "2023-12-29T12:15:47.970",
"lastModified": "2023-12-29T12:15:47.970",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The V8 inspector intentionally allows arbitrary code execution within the Workers sandbox for debugging. wrangler dev would previously start an inspector server listening on all network interfaces. This would allow an attacker on the local network to connect to the inspector and run arbitrary code. Additionally, the inspector server did not validate Origin/Host headers, granting an attacker that can trick any user on the local network into opening a malicious website the ability to run code. If wrangler dev --remote was being used, an attacker could access production resources if they were bound to the worker.\n\nThis issue was fixed in wrangler@3.19.0 and wrangler@2.20.2. Whilst wrangler dev's inspector server listens on local interfaces by default as of wrangler@3.16.0, an SSRF vulnerability in miniflare https://github.com/cloudflare/workers-sdk/security/advisories/GHSA-fwvg-2739-22v7 \u00a0(CVE-2023-7078) allowed access from the local network until wrangler@3.18.0. wrangler@3.19.0 and wrangler@2.20.2 introduced validation for the Origin/Host headers.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@cloudflare.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "cna@cloudflare.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://github.com/cloudflare/workers-sdk/issues/4430",
"source": "cna@cloudflare.com"
},
{
"url": "https://github.com/cloudflare/workers-sdk/pull/4437",
"source": "cna@cloudflare.com"
},
{
"url": "https://github.com/cloudflare/workers-sdk/pull/4535",
"source": "cna@cloudflare.com"
},
{
"url": "https://github.com/cloudflare/workers-sdk/pull/4550",
"source": "cna@cloudflare.com"
},
{
"url": "https://github.com/cloudflare/workers-sdk/security/advisories/GHSA-f8mp-x433-5wpf",
"source": "cna@cloudflare.com"
}
]
}

71
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-12-29T11:00:25.168811+00:00
2023-12-29T13:00:25.164457+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-12-29T10:15:13.890000+00:00
2023-12-29T12:15:47.970000+00:00
```
### Last Data Feed Release
@ -29,45 +29,54 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
234465
234494
```
### CVEs added in the last Commit
Recently added CVEs: `26`
Recently added CVEs: `29`
* [CVE-2023-22676](CVE-2023/CVE-2023-226xx/CVE-2023-22676.json) (`2023-12-29T09:15:08.057`)
* [CVE-2023-22677](CVE-2023/CVE-2023-226xx/CVE-2023-22677.json) (`2023-12-29T09:15:08.300`)
* [CVE-2023-25054](CVE-2023/CVE-2023-250xx/CVE-2023-25054.json) (`2023-12-29T09:15:08.523`)
* [CVE-2023-32095](CVE-2023/CVE-2023-320xx/CVE-2023-32095.json) (`2023-12-29T09:15:08.750`)
* [CVE-2023-40606](CVE-2023/CVE-2023-406xx/CVE-2023-40606.json) (`2023-12-29T09:15:08.977`)
* [CVE-2023-45751](CVE-2023/CVE-2023-457xx/CVE-2023-45751.json) (`2023-12-29T09:15:09.197`)
* [CVE-2023-46623](CVE-2023/CVE-2023-466xx/CVE-2023-46623.json) (`2023-12-29T09:15:09.410`)
* [CVE-2023-47840](CVE-2023/CVE-2023-478xx/CVE-2023-47840.json) (`2023-12-29T09:15:09.637`)
* [CVE-2023-7166](CVE-2023/CVE-2023-71xx/CVE-2023-7166.json) (`2023-12-29T09:15:09.973`)
* [CVE-2023-28786](CVE-2023/CVE-2023-287xx/CVE-2023-28786.json) (`2023-12-29T10:15:08.973`)
* [CVE-2023-31095](CVE-2023/CVE-2023-310xx/CVE-2023-31095.json) (`2023-12-29T10:15:09.260`)
* [CVE-2023-31229](CVE-2023/CVE-2023-312xx/CVE-2023-31229.json) (`2023-12-29T10:15:09.490`)
* [CVE-2023-31237](CVE-2023/CVE-2023-312xx/CVE-2023-31237.json) (`2023-12-29T10:15:09.813`)
* [CVE-2023-32101](CVE-2023/CVE-2023-321xx/CVE-2023-32101.json) (`2023-12-29T10:15:10.080`)
* [CVE-2023-32517](CVE-2023/CVE-2023-325xx/CVE-2023-32517.json) (`2023-12-29T10:15:10.390`)
* [CVE-2023-49830](CVE-2023/CVE-2023-498xx/CVE-2023-49830.json) (`2023-12-29T10:15:10.783`)
* [CVE-2023-4462](CVE-2023/CVE-2023-44xx/CVE-2023-4462.json) (`2023-12-29T10:15:11.100`)
* [CVE-2023-4463](CVE-2023/CVE-2023-44xx/CVE-2023-4463.json) (`2023-12-29T10:15:11.413`)
* [CVE-2023-4464](CVE-2023/CVE-2023-44xx/CVE-2023-4464.json) (`2023-12-29T10:15:11.750`)
* [CVE-2023-4465](CVE-2023/CVE-2023-44xx/CVE-2023-4465.json) (`2023-12-29T10:15:12.133`)
* [CVE-2023-4466](CVE-2023/CVE-2023-44xx/CVE-2023-4466.json) (`2023-12-29T10:15:12.470`)
* [CVE-2023-4467](CVE-2023/CVE-2023-44xx/CVE-2023-4467.json) (`2023-12-29T10:15:12.783`)
* [CVE-2023-4468](CVE-2023/CVE-2023-44xx/CVE-2023-4468.json) (`2023-12-29T10:15:13.140`)
* [CVE-2023-51420](CVE-2023/CVE-2023-514xx/CVE-2023-51420.json) (`2023-12-29T10:15:13.527`)
* [CVE-2023-7104](CVE-2023/CVE-2023-71xx/CVE-2023-7104.json) (`2023-12-29T10:15:13.890`)
* [CVE-2023-51372](CVE-2023/CVE-2023-513xx/CVE-2023-51372.json) (`2023-12-29T11:15:09.607`)
* [CVE-2023-51373](CVE-2023/CVE-2023-513xx/CVE-2023-51373.json) (`2023-12-29T11:15:09.860`)
* [CVE-2023-51374](CVE-2023/CVE-2023-513xx/CVE-2023-51374.json) (`2023-12-29T11:15:10.093`)
* [CVE-2023-51396](CVE-2023/CVE-2023-513xx/CVE-2023-51396.json) (`2023-12-29T11:15:10.357`)
* [CVE-2023-51397](CVE-2023/CVE-2023-513xx/CVE-2023-51397.json) (`2023-12-29T11:15:10.600`)
* [CVE-2023-51399](CVE-2023/CVE-2023-513xx/CVE-2023-51399.json) (`2023-12-29T11:15:10.830`)
* [CVE-2023-51541](CVE-2023/CVE-2023-515xx/CVE-2023-51541.json) (`2023-12-29T11:15:11.090`)
* [CVE-2023-52135](CVE-2023/CVE-2023-521xx/CVE-2023-52135.json) (`2023-12-29T11:15:11.337`)
* [CVE-2023-41813](CVE-2023/CVE-2023-418xx/CVE-2023-41813.json) (`2023-12-29T12:15:43.250`)
* [CVE-2023-41814](CVE-2023/CVE-2023-418xx/CVE-2023-41814.json) (`2023-12-29T12:15:43.487`)
* [CVE-2023-41815](CVE-2023/CVE-2023-418xx/CVE-2023-41815.json) (`2023-12-29T12:15:43.690`)
* [CVE-2023-44088](CVE-2023/CVE-2023-440xx/CVE-2023-44088.json) (`2023-12-29T12:15:43.883`)
* [CVE-2023-44089](CVE-2023/CVE-2023-440xx/CVE-2023-44089.json) (`2023-12-29T12:15:44.083`)
* [CVE-2023-50837](CVE-2023/CVE-2023-508xx/CVE-2023-50837.json) (`2023-12-29T12:15:44.290`)
* [CVE-2023-50879](CVE-2023/CVE-2023-508xx/CVE-2023-50879.json) (`2023-12-29T12:15:44.503`)
* [CVE-2023-50880](CVE-2023/CVE-2023-508xx/CVE-2023-50880.json) (`2023-12-29T12:15:44.717`)
* [CVE-2023-50881](CVE-2023/CVE-2023-508xx/CVE-2023-50881.json) (`2023-12-29T12:15:44.927`)
* [CVE-2023-50889](CVE-2023/CVE-2023-508xx/CVE-2023-50889.json) (`2023-12-29T12:15:45.170`)
* [CVE-2023-50891](CVE-2023/CVE-2023-508xx/CVE-2023-50891.json) (`2023-12-29T12:15:45.400`)
* [CVE-2023-50892](CVE-2023/CVE-2023-508xx/CVE-2023-50892.json) (`2023-12-29T12:15:45.620`)
* [CVE-2023-50893](CVE-2023/CVE-2023-508xx/CVE-2023-50893.json) (`2023-12-29T12:15:45.837`)
* [CVE-2023-51402](CVE-2023/CVE-2023-514xx/CVE-2023-51402.json) (`2023-12-29T12:15:46.043`)
* [CVE-2023-7078](CVE-2023/CVE-2023-70xx/CVE-2023-7078.json) (`2023-12-29T12:15:47.537`)
* [CVE-2023-7079](CVE-2023/CVE-2023-70xx/CVE-2023-7079.json) (`2023-12-29T12:15:47.763`)
* [CVE-2023-7080](CVE-2023/CVE-2023-70xx/CVE-2023-7080.json) (`2023-12-29T12:15:47.970`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `10`
* [CVE-2023-7152](CVE-2023/CVE-2023-71xx/CVE-2023-7152.json) (`2023-12-29T09:15:09.873`)
* [CVE-2023-6857](CVE-2023/CVE-2023-68xx/CVE-2023-6857.json) (`2023-12-29T12:15:46.270`)
* [CVE-2023-6858](CVE-2023/CVE-2023-68xx/CVE-2023-6858.json) (`2023-12-29T12:15:46.440`)
* [CVE-2023-6859](CVE-2023/CVE-2023-68xx/CVE-2023-6859.json) (`2023-12-29T12:15:46.510`)
* [CVE-2023-6860](CVE-2023/CVE-2023-68xx/CVE-2023-6860.json) (`2023-12-29T12:15:46.590`)
* [CVE-2023-6861](CVE-2023/CVE-2023-68xx/CVE-2023-6861.json) (`2023-12-29T12:15:46.757`)
* [CVE-2023-6862](CVE-2023/CVE-2023-68xx/CVE-2023-6862.json) (`2023-12-29T12:15:46.900`)
* [CVE-2023-6863](CVE-2023/CVE-2023-68xx/CVE-2023-6863.json) (`2023-12-29T12:15:46.990`)
* [CVE-2023-6864](CVE-2023/CVE-2023-68xx/CVE-2023-6864.json) (`2023-12-29T12:15:47.177`)
* [CVE-2023-6865](CVE-2023/CVE-2023-68xx/CVE-2023-6865.json) (`2023-12-29T12:15:47.270`)
* [CVE-2023-6867](CVE-2023/CVE-2023-68xx/CVE-2023-6867.json) (`2023-12-29T12:15:47.417`)
## Download and Usage