admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-11 16:13:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-06-27T02:00:25.836564+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-06-27 02:00:29 +00:00
parent d385cfd8fe
commit eb2dc639aa
8 changed files with 811 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
CVE-2023/CVE-2023-228xx/CVE-2023-22834.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-22834",
"sourceIdentifier": "cve-coordination@palantir.com",
"published": "2023-06-27T00:15:09.437",
"lastModified": "2023-06-27T01:40:40.277",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Contour Service was not checking that users had permission to create an analysis for a given dataset. This could allow an attacker to clutter up Compass folders with extraneous analyses, that the attacker would otherwise not have permission to create."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@palantir.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 2.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://palantir.safebase.us/?tcuUid=14874400-e9c9-4ac4-a8a6-9f4c48a56ff8",
"source": "cve-coordination@palantir.com"
}
]
}

357
CVE-2023/CVE-2023-240xx/CVE-2023-24030.json
View File

@ -2,23 +2,370 @@
"id": "CVE-2023-24030",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-15T21:15:09.510",
"lastModified": "2023-06-16T03:19:08.410",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-27T01:28:16.913",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An open redirect vulnerability exists in the /preauth Servlet in Zimbra Collaboration Suite through 9.0 and 8.8.15. To exploit the vulnerability, an attacker would need to have obtained a valid zimbra auth token or a valid preauth token. Once the token is obtained, an attacker could redirect a user to any URL if url sanitisation is bypassed in incoming requests. NOTE: this is similar, but not identical, to CVE-2021-34807."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de redirecci\u00f3n abierta en el Servlet \"/preauth\" en Zimbra Collaboration Suite a trav\u00e9s de las versiones 9.0 y 8.8.15. Para explotar la vulnerabilidad, un atacante necesitar\u00eda haber obtenido un token \"auth\" v\u00e1lido de Zimbra o un token \"preauth\" v\u00e1lido. Una vez obtenido el token, un atacante podr\u00eda redirigir a un usuario a cualquier URL si se salta la limpieza de urls en las peticiones entrantes. NOTA: esto es similar, pero no id\u00e9ntico, a CVE-2021-34807. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:-:*:*:*:*:*:*",
"matchCriteriaId": "1B17C1A7-0F0A-4E7C-8C0C-0BBB0BF66C82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p1:*:*:*:*:*:*",
"matchCriteriaId": "BA48C450-201C-4398-AB65-EF6F95FB0380"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p10:*:*:*:*:*:*",
"matchCriteriaId": "5F759114-CF2D-48BF-8D09-EBE8D1ED1949"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p11:*:*:*:*:*:*",
"matchCriteriaId": "AE8BD950-24A2-4AFF-B7EE-6EE115BD75D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p12:*:*:*:*:*:*",
"matchCriteriaId": "C43634F5-2946-44D2-8A50-B717374A8126"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p13:*:*:*:*:*:*",
"matchCriteriaId": "20315895-5410-4B88-B2D9-E9C5D79A64DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p14:*:*:*:*:*:*",
"matchCriteriaId": "BF405091-A832-4945-87EC-AA525F37DF91"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p15:*:*:*:*:*:*",
"matchCriteriaId": "C9B6FFA8-CFD2-47C6-9475-79210CB9AA84"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p16:*:*:*:*:*:*",
"matchCriteriaId": "964CA714-937C-4FC0-A1E9-07F846C786BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p17:*:*:*:*:*:*",
"matchCriteriaId": "DAF8F155-1406-46ED-A81F-BCC4CE525F43"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p18:*:*:*:*:*:*",
"matchCriteriaId": "56A8F56B-3457-4C19-B213-3B04FEE8D7A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p19:*:*:*:*:*:*",
"matchCriteriaId": "B4F8D255-3F91-45FF-9133-4023BA688F9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p2:*:*:*:*:*:*",
"matchCriteriaId": "37BC4DF5-D111-4295-94FC-AA8929CDF2A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p20:*:*:*:*:*:*",
"matchCriteriaId": "A9D50108-0404-4791-8057-DB1786D311C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p21:*:*:*:*:*:*",
"matchCriteriaId": "F2A7E53F-8EAC-4DA9-8EAE-117759EFABEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p22:*:*:*:*:*:*",
"matchCriteriaId": "858727DB-AE6F-435D-B8FD-6C94C3400E40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p23:*:*:*:*:*:*",
"matchCriteriaId": "3FA6AC95-288C-4ABA-B2A7-47E4134EDC31"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p24:*:*:*:*:*:*",
"matchCriteriaId": "4AA82728-5901-482A-83CF-F883D4B6A8E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p25:*:*:*:*:*:*",
"matchCriteriaId": "7E762792-542E-43D0-A95A-E7F48F328A28"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p26:*:*:*:*:*:*",
"matchCriteriaId": "6DD4641A-EC23-4B1A-8729-9AECD70390AF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p27:*:*:*:*:*:*",
"matchCriteriaId": "E0E3E825-1D1E-4ECD-B306-DD8BDCDD0547"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p28:*:*:*:*:*:*",
"matchCriteriaId": "840F98DC-57F1-4054-A6C1-6E7F0340AC2C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p29:*:*:*:*:*:*",
"matchCriteriaId": "EE2A1305-68B7-4CB7-837F-4EDE2EBED507"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p3:*:*:*:*:*:*",
"matchCriteriaId": "21768A61-7578-4EEC-A23B-FEC10CAA9EDF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p30:*:*:*:*:*:*",
"matchCriteriaId": "CA758408-4302-43BC-BDC9-1B70EC5D2FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p31:*:*:*:*:*:*",
"matchCriteriaId": "822CDEBC-0650-4970-B46F-06F505993086"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p32:*:*:*:*:*:*",
"matchCriteriaId": "971B5005-4676-4D93-A7DD-6AFDC8D0BEEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p33:*:*:*:*:*:*",
"matchCriteriaId": "81BC6A7F-D014-44B3-9361-20DB256D3C8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p34:*:*:*:*:*:*",
"matchCriteriaId": "6A3DC694-4CCC-4E9F-B6E9-891B1DF115C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p4:*:*:*:*:*:*",
"matchCriteriaId": "661403E7-1D65-4710-8413-47D74FF65BE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p5:*:*:*:*:*:*",
"matchCriteriaId": "0695D2E0-45B3-493C-BA6D-471B90C0ACC5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p6:*:*:*:*:*:*",
"matchCriteriaId": "714FAFE6-68AE-4304-B040-48BC46F85A2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p7:*:*:*:*:*:*",
"matchCriteriaId": "73FC2D2D-8BBD-4259-8B35-0D9BFA40567B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p8:*:*:*:*:*:*",
"matchCriteriaId": "AB97E9E6-CC4A-458D-B731-6D51130B942C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:p9:*:*:*:*:*:*",
"matchCriteriaId": "BA688C43-846A-4C4A-AEDB-113D967D3D73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "685D9652-2934-4C13-8B36-40582C79BFC1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p0:*:*:*:*:*:*",
"matchCriteriaId": "5E4DF01A-1AA9-47E8-82FD-65A02ECA1376"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "BDE59185-B917-4A81-8DE4-C65A079F52FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p10:*:*:*:*:*:*",
"matchCriteriaId": "BA3ED95F-95F2-4676-8EAF-B4B9EB64B260"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p11:*:*:*:*:*:*",
"matchCriteriaId": "4BB93336-CC3C-4B7F-B194-7DED036ABBAF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p12:*:*:*:*:*:*",
"matchCriteriaId": "876F1675-F65C-4E86-ADBD-36EB8D8A997D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p13:*:*:*:*:*:*",
"matchCriteriaId": "2306F526-9C56-4A57-AA9B-02F2D6058C97"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p14:*:*:*:*:*:*",
"matchCriteriaId": "F9EA2A61-67AA-4B7E-BC6E-80EB1363EF85"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p15:*:*:*:*:*:*",
"matchCriteriaId": "C77A35B7-96F6-43A7-A747-C6AEEDE961E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p19:*:*:*:*:*:*",
"matchCriteriaId": "B7A47276-F241-4A68-9458-E1481EBDC5E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "12D0D469-6C9B-4B66-9581-DC319773238A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p23:*:*:*:*:*:*",
"matchCriteriaId": "B4CE2D12-AD31-4FED-AD0F-ADF64E92E1B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p25:*:*:*:*:*:*",
"matchCriteriaId": "BC19F11D-23D9-429D-A957-D67F23A40A01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p26:*:*:*:*:*:*",
"matchCriteriaId": "AAFA2EE7-C965-4F27-8CAE-E607A9F202AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p27:*:*:*:*:*:*",
"matchCriteriaId": "1D09DCF6-1C8F-4CA1-B7D4-AFDD4EB35771"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "C52705E6-2C6B-47BC-A0CD-F6AAE0BFC302"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "33F50D8C-7027-4A8D-8E95-98C224283772"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p5:*:*:*:*:*:*",
"matchCriteriaId": "82000BA4-1781-4312-A7BD-92EC94D137AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p6:*:*:*:*:*:*",
"matchCriteriaId": "4B52D301-2559-457A-8FFB-F0915299355A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p7:*:*:*:*:*:*",
"matchCriteriaId": "7215AE2C-8A33-4AB9-88D5-7C8CD11E806C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p7.1:*:*:*:*:*:*",
"matchCriteriaId": "8D859F77-8E39-4D46-BC90-C5C1D805A666"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p8:*:*:*:*:*:*",
"matchCriteriaId": "CDC810C7-45DA-4BDF-9138-2D3B2750243E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p9:*:*:*:*:*:*",
"matchCriteriaId": "E09D95A4-764D-4E0B-8605-1D94FD548AB2"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://wiki.zimbra.com/wiki/Security_Center",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

182
CVE-2023/CVE-2023-240xx/CVE-2023-24031.json
View File

@ -2,23 +2,195 @@
"id": "CVE-2023-24031",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-15T21:15:09.550",
"lastModified": "2023-06-16T03:19:08.410",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-27T01:23:52.320",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 8.8.15. XSS can occur, via one of attributes of the webmail /h/ endpoint, to execute arbitrary JavaScript code, leading to information disclosure."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Zimbra Collaboration (ZCS) v9.0 y v8.8.15. Cross-Site Scripting (XSS) puede ocurrir, a trav\u00e9s de uno de los atributos del endpoint /h/ del webmail, para ejecutar c\u00f3digo JavaScript arbitrario, lo que lleva a la divulgaci\u00f3n de informaci\u00f3n. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "685D9652-2934-4C13-8B36-40582C79BFC1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p0:*:*:*:*:*:*",
"matchCriteriaId": "5E4DF01A-1AA9-47E8-82FD-65A02ECA1376"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "BDE59185-B917-4A81-8DE4-C65A079F52FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p10:*:*:*:*:*:*",
"matchCriteriaId": "BA3ED95F-95F2-4676-8EAF-B4B9EB64B260"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p11:*:*:*:*:*:*",
"matchCriteriaId": "4BB93336-CC3C-4B7F-B194-7DED036ABBAF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p12:*:*:*:*:*:*",
"matchCriteriaId": "876F1675-F65C-4E86-ADBD-36EB8D8A997D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p13:*:*:*:*:*:*",
"matchCriteriaId": "2306F526-9C56-4A57-AA9B-02F2D6058C97"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p14:*:*:*:*:*:*",
"matchCriteriaId": "F9EA2A61-67AA-4B7E-BC6E-80EB1363EF85"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p15:*:*:*:*:*:*",
"matchCriteriaId": "C77A35B7-96F6-43A7-A747-C6AEEDE961E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p19:*:*:*:*:*:*",
"matchCriteriaId": "B7A47276-F241-4A68-9458-E1481EBDC5E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "12D0D469-6C9B-4B66-9581-DC319773238A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p23:*:*:*:*:*:*",
"matchCriteriaId": "B4CE2D12-AD31-4FED-AD0F-ADF64E92E1B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p25:*:*:*:*:*:*",
"matchCriteriaId": "BC19F11D-23D9-429D-A957-D67F23A40A01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p26:*:*:*:*:*:*",
"matchCriteriaId": "AAFA2EE7-C965-4F27-8CAE-E607A9F202AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p27:*:*:*:*:*:*",
"matchCriteriaId": "1D09DCF6-1C8F-4CA1-B7D4-AFDD4EB35771"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "C52705E6-2C6B-47BC-A0CD-F6AAE0BFC302"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "33F50D8C-7027-4A8D-8E95-98C224283772"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p5:*:*:*:*:*:*",
"matchCriteriaId": "82000BA4-1781-4312-A7BD-92EC94D137AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p6:*:*:*:*:*:*",
"matchCriteriaId": "4B52D301-2559-457A-8FFB-F0915299355A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p7:*:*:*:*:*:*",
"matchCriteriaId": "7215AE2C-8A33-4AB9-88D5-7C8CD11E806C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p7.1:*:*:*:*:*:*",
"matchCriteriaId": "8D859F77-8E39-4D46-BC90-C5C1D805A666"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p8:*:*:*:*:*:*",
"matchCriteriaId": "CDC810C7-45DA-4BDF-9138-2D3B2750243E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:p9:*:*:*:*:*:*",
"matchCriteriaId": "E09D95A4-764D-4E0B-8605-1D94FD548AB2"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://wiki.zimbra.com/wiki/Security_Center",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-242xx/CVE-2023-24243.json
View File

@ -2,31 +2,96 @@
"id": "CVE-2023-24243",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-16T17:15:11.763",
"lastModified": "2023-06-16T18:24:22.883",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-27T01:41:08.693",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "CData RSB Connect v22.0.8336 was discovered to contain a Server-Side Request Forgery (SSRF)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cdata:arc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "22.0.8473",
"matchCriteriaId": "2D265371-BE14-4D36-AC35-0F1788883436"
}
]
}
]
}
],
"references": [
{
"url": "https://arc.cdata.com/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://arc.cdata.com/trial/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://gist.github.com/d3vc0r3/6460a5f006e32a2ebffe739e411ab1b8",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://www.cdata.com/kb/entries/netembeddedserver-notice.rst",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-309xx/CVE-2023-30945.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30945",
"sourceIdentifier": "cve-coordination@palantir.com",
"published": "2023-06-26T23:15:09.193",
"lastModified": "2023-06-26T23:15:09.193",
"vulnStatus": "Received",
"lastModified": "2023-06-27T01:40:40.277",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

78
CVE-2023/CVE-2023-347xx/CVE-2023-34795.json
View File

@ -2,27 +2,93 @@
"id": "CVE-2023-34795",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-16T16:15:09.357",
"lastModified": "2023-06-16T16:41:02.630",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-27T01:54:04.317",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "xlsxio v0.1.2 to v0.2.34 was discovered to contain a free of uninitialized pointer in the xlsxioread_sheetlist_close() function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted XLSX file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xlsxio_project:xlsxio:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.1.2",
"versionEndIncluding": "0.2.34",
"matchCriteriaId": "50C87490-7803-4A95-BAC2-918336FB88C6"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/brechtsanders/xlsxio/commit/d653f1604b54532f11b45dca1fa164b4a1f15e2d",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/brechtsanders/xlsxio/issues/121",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://github.com/xf1les/cve-advisories/blob/main/2023/CVE-2023-34795.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

85
CVE-2023/CVE-2023-348xx/CVE-2023-34800.json
View File

@ -2,23 +2,98 @@
"id": "CVE-2023-34800",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-15T21:15:09.677",
"lastModified": "2023-06-16T03:19:08.410",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-27T01:33:57.503",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at genacgi_main."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que D-Link Go-RT-AC750 revA_v101b03 contiene una vulnerabilidad de inyecci\u00f3n de comandos a trav\u00e9s del par\u00e1metro service en genacgi_main."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:go-rt-ac750_firmware:reva_1.01b03:*:*:*:*:*:*:*",
"matchCriteriaId": "1B975BD2-5567-4B7A-BC8D-633B5D446556"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:go-rt-ac750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE067003-B0B5-4419-8BB3-A31C015276D0"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Tyaoo/IoT-Vuls/blob/main/dlink/Go-RT-AC750/vul.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.dlink.com/en/security-bulletin/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

69
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-06-26T23:55:25.310449+00:00
2023-06-27T02:00:25.836564+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-06-26T23:15:09.193000+00:00
2023-06-27T01:54:04.317000+00:00
```
### Last Data Feed Release
@ -23,75 +23,32 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain
2023-06-26T00:00:13.579454+00:00
2023-06-27T00:00:13.554507+00:00
```
### Total Number of included CVEs
```plain
218617
218618
```
### CVEs added in the last Commit
Recently added CVEs: `35`
Recently added CVEs: `1`
* [CVE-2023-32557](CVE-2023/CVE-2023-325xx/CVE-2023-32557.json) (`2023-06-26T22:15:10.977`)
* [CVE-2023-32604](CVE-2023/CVE-2023-326xx/CVE-2023-32604.json) (`2023-06-26T22:15:11.020`)
* [CVE-2023-32605](CVE-2023/CVE-2023-326xx/CVE-2023-32605.json) (`2023-06-26T22:15:11.063`)
* [CVE-2023-34144](CVE-2023/CVE-2023-341xx/CVE-2023-34144.json) (`2023-06-26T22:15:11.107`)
* [CVE-2023-34145](CVE-2023/CVE-2023-341xx/CVE-2023-34145.json) (`2023-06-26T22:15:11.147`)
* [CVE-2023-34146](CVE-2023/CVE-2023-341xx/CVE-2023-34146.json) (`2023-06-26T22:15:11.187`)
* [CVE-2023-34147](CVE-2023/CVE-2023-341xx/CVE-2023-34147.json) (`2023-06-26T22:15:11.230`)
* [CVE-2023-34148](CVE-2023/CVE-2023-341xx/CVE-2023-34148.json) (`2023-06-26T22:15:11.270`)
* [CVE-2023-35164](CVE-2023/CVE-2023-351xx/CVE-2023-35164.json) (`2023-06-26T22:15:11.317`)
* [CVE-2023-35695](CVE-2023/CVE-2023-356xx/CVE-2023-35695.json) (`2023-06-26T22:15:11.387`)
* [CVE-2023-28929](CVE-2023/CVE-2023-289xx/CVE-2023-28929.json) (`2023-06-26T22:15:09.733`)
* [CVE-2023-30902](CVE-2023/CVE-2023-309xx/CVE-2023-30902.json) (`2023-06-26T22:15:09.793`)
* [CVE-2023-32521](CVE-2023/CVE-2023-325xx/CVE-2023-32521.json) (`2023-06-26T22:15:10.017`)
* [CVE-2023-32522](CVE-2023/CVE-2023-325xx/CVE-2023-32522.json) (`2023-06-26T22:15:10.057`)
* [CVE-2023-32523](CVE-2023/CVE-2023-325xx/CVE-2023-32523.json) (`2023-06-26T22:15:10.097`)
* [CVE-2023-32524](CVE-2023/CVE-2023-325xx/CVE-2023-32524.json) (`2023-06-26T22:15:10.140`)
* [CVE-2023-32525](CVE-2023/CVE-2023-325xx/CVE-2023-32525.json) (`2023-06-26T22:15:10.183`)
* [CVE-2023-32526](CVE-2023/CVE-2023-325xx/CVE-2023-32526.json) (`2023-06-26T22:15:10.227`)
* [CVE-2023-32527](CVE-2023/CVE-2023-325xx/CVE-2023-32527.json) (`2023-06-26T22:15:10.273`)
* [CVE-2023-32528](CVE-2023/CVE-2023-325xx/CVE-2023-32528.json) (`2023-06-26T22:15:10.317`)
* [CVE-2023-32529](CVE-2023/CVE-2023-325xx/CVE-2023-32529.json) (`2023-06-26T22:15:10.360`)
* [CVE-2023-32530](CVE-2023/CVE-2023-325xx/CVE-2023-32530.json) (`2023-06-26T22:15:10.407`)
* [CVE-2023-32531](CVE-2023/CVE-2023-325xx/CVE-2023-32531.json) (`2023-06-26T22:15:10.450`)
* [CVE-2023-32532](CVE-2023/CVE-2023-325xx/CVE-2023-32532.json) (`2023-06-26T22:15:10.497`)
* [CVE-2023-30945](CVE-2023/CVE-2023-309xx/CVE-2023-30945.json) (`2023-06-26T23:15:09.193`)
* [CVE-2023-22834](CVE-2023/CVE-2023-228xx/CVE-2023-22834.json) (`2023-06-27T00:15:09.437`)
### CVEs modified in the last Commit
Recently modified CVEs: `38`
Recently modified CVEs: `6`
* [CVE-2023-2993](CVE-2023/CVE-2023-29xx/CVE-2023-2993.json) (`2023-06-26T22:13:24.933`)
* [CVE-2023-33176](CVE-2023/CVE-2023-331xx/CVE-2023-33176.json) (`2023-06-26T22:13:24.933`)
* [CVE-2023-33404](CVE-2023/CVE-2023-334xx/CVE-2023-33404.json) (`2023-06-26T22:13:24.933`)
* [CVE-2023-34418](CVE-2023/CVE-2023-344xx/CVE-2023-34418.json) (`2023-06-26T22:13:24.933`)
* [CVE-2023-34420](CVE-2023/CVE-2023-344xx/CVE-2023-34420.json) (`2023-06-26T22:13:24.933`)
* [CVE-2023-34421](CVE-2023/CVE-2023-344xx/CVE-2023-34421.json) (`2023-06-26T22:13:24.933`)
* [CVE-2023-34422](CVE-2023/CVE-2023-344xx/CVE-2023-34422.json) (`2023-06-26T22:13:24.933`)
* [CVE-2023-35170](CVE-2023/CVE-2023-351xx/CVE-2023-35170.json) (`2023-06-26T22:13:24.933`)
* [CVE-2023-35930](CVE-2023/CVE-2023-359xx/CVE-2023-35930.json) (`2023-06-26T22:13:24.933`)
* [CVE-2023-35933](CVE-2023/CVE-2023-359xx/CVE-2023-35933.json) (`2023-06-26T22:13:24.933`)
* [CVE-2023-3113](CVE-2023/CVE-2023-31xx/CVE-2023-3113.json) (`2023-06-26T22:13:24.933`)
* [CVE-2023-34463](CVE-2023/CVE-2023-344xx/CVE-2023-34463.json) (`2023-06-26T22:13:24.933`)
* [CVE-2023-34924](CVE-2023/CVE-2023-349xx/CVE-2023-34924.json) (`2023-06-26T22:13:24.933`)
* [CVE-2023-35168](CVE-2023/CVE-2023-351xx/CVE-2023-35168.json) (`2023-06-26T22:13:24.933`)
* [CVE-2023-3420](CVE-2023/CVE-2023-34xx/CVE-2023-3420.json) (`2023-06-26T22:13:24.933`)
* [CVE-2023-3421](CVE-2023/CVE-2023-34xx/CVE-2023-3421.json) (`2023-06-26T22:13:24.933`)
* [CVE-2023-3422](CVE-2023/CVE-2023-34xx/CVE-2023-3422.json) (`2023-06-26T22:13:24.933`)
* [CVE-2023-2005](CVE-2023/CVE-2023-20xx/CVE-2023-2005.json) (`2023-06-26T22:13:28.460`)
* [CVE-2023-36252](CVE-2023/CVE-2023-362xx/CVE-2023-36252.json) (`2023-06-26T22:13:28.460`)
* [CVE-2023-35789](CVE-2023/CVE-2023-357xx/CVE-2023-35789.json) (`2023-06-26T22:14:37.633`)
* [CVE-2023-31130](CVE-2023/CVE-2023-311xx/CVE-2023-31130.json) (`2023-06-26T22:15:09.840`)
* [CVE-2023-32067](CVE-2023/CVE-2023-320xx/CVE-2023-32067.json) (`2023-06-26T22:15:09.937`)
* [CVE-2023-35784](CVE-2023/CVE-2023-357xx/CVE-2023-35784.json) (`2023-06-26T22:16:35.380`)
* [CVE-2023-25645](CVE-2023/CVE-2023-256xx/CVE-2023-25645.json) (`2023-06-26T22:19:11.390`)
* [CVE-2023-34733](CVE-2023/CVE-2023-347xx/CVE-2023-34733.json) (`2023-06-26T22:21:25.547`)
* [CVE-2023-24031](CVE-2023/CVE-2023-240xx/CVE-2023-24031.json) (`2023-06-27T01:23:52.320`)
* [CVE-2023-24030](CVE-2023/CVE-2023-240xx/CVE-2023-24030.json) (`2023-06-27T01:28:16.913`)
* [CVE-2023-34800](CVE-2023/CVE-2023-348xx/CVE-2023-34800.json) (`2023-06-27T01:33:57.503`)
* [CVE-2023-30945](CVE-2023/CVE-2023-309xx/CVE-2023-30945.json) (`2023-06-27T01:40:40.277`)
* [CVE-2023-24243](CVE-2023/CVE-2023-242xx/CVE-2023-24243.json) (`2023-06-27T01:41:08.693`)
* [CVE-2023-34795](CVE-2023/CVE-2023-347xx/CVE-2023-34795.json) (`2023-06-27T01:54:04.317`)
## Download and Usage