From ebd1aac28d279f7ab148cb313c335c2705140c5c Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 29 Aug 2023 22:00:28 +0000 Subject: [PATCH] Auto-Update: 2023-08-29T22:00:25.129210+00:00 --- CVE-2021/CVE-2021-293xx/CVE-2021-29390.json | 6 +- CVE-2021/CVE-2021-32xx/CVE-2021-3262.json | 28 ++++++++ CVE-2022/CVE-2022-287xx/CVE-2022-28796.json | 11 ++- CVE-2023/CVE-2023-208xx/CVE-2023-20890.json | 4 +- CVE-2023/CVE-2023-264xx/CVE-2023-26462.json | 12 ++-- CVE-2023/CVE-2023-322xx/CVE-2023-32241.json | 55 ++++++++++++++ CVE-2023/CVE-2023-327xx/CVE-2023-32756.json | 26 ++++++- CVE-2023/CVE-2023-327xx/CVE-2023-32757.json | 26 ++++++- CVE-2023/CVE-2023-32xx/CVE-2023-3251.json | 4 +- CVE-2023/CVE-2023-32xx/CVE-2023-3252.json | 4 +- CVE-2023/CVE-2023-32xx/CVE-2023-3253.json | 43 +++++++++++ CVE-2023/CVE-2023-340xx/CVE-2023-34039.json | 4 +- CVE-2023/CVE-2023-361xx/CVE-2023-36198.json | 65 +++++++++++++++-- CVE-2023/CVE-2023-361xx/CVE-2023-36199.json | 66 +++++++++++++++-- CVE-2023/CVE-2023-374xx/CVE-2023-37425.json | 79 ++++++++++++++++++++- CVE-2023/CVE-2023-374xx/CVE-2023-37427.json | 79 ++++++++++++++++++++- CVE-2023/CVE-2023-374xx/CVE-2023-37428.json | 79 ++++++++++++++++++++- CVE-2023/CVE-2023-374xx/CVE-2023-37429.json | 79 ++++++++++++++++++++- CVE-2023/CVE-2023-374xx/CVE-2023-37430.json | 79 ++++++++++++++++++++- CVE-2023/CVE-2023-374xx/CVE-2023-37431.json | 79 ++++++++++++++++++++- CVE-2023/CVE-2023-374xx/CVE-2023-37432.json | 79 ++++++++++++++++++++- CVE-2023/CVE-2023-374xx/CVE-2023-37433.json | 79 ++++++++++++++++++++- CVE-2023/CVE-2023-374xx/CVE-2023-37434.json | 79 ++++++++++++++++++++- CVE-2023/CVE-2023-392xx/CVE-2023-39266.json | 43 +++++++++++ CVE-2023/CVE-2023-392xx/CVE-2023-39267.json | 43 +++++++++++ CVE-2023/CVE-2023-392xx/CVE-2023-39268.json | 43 +++++++++++ CVE-2023/CVE-2023-392xx/CVE-2023-39291.json | 69 ++++++++++++++++-- CVE-2023/CVE-2023-395xx/CVE-2023-39522.json | 4 +- CVE-2023/CVE-2023-395xx/CVE-2023-39578.json | 65 +++++++++++++++-- CVE-2023/CVE-2023-396xx/CVE-2023-39600.json | 68 ++++++++++++++++-- CVE-2023/CVE-2023-396xx/CVE-2023-39663.json | 20 ++++++ CVE-2023/CVE-2023-396xx/CVE-2023-39678.json | 20 ++++++ CVE-2023/CVE-2023-397xx/CVE-2023-39707.json | 74 +++++++++++++++++-- CVE-2023/CVE-2023-408xx/CVE-2023-40846.json | 76 ++++++++++++++++++-- CVE-2023/CVE-2023-43xx/CVE-2023-4346.json | 55 ++++++++++++++ CVE-2023/CVE-2023-45xx/CVE-2023-4543.json | 62 ++++++++++++++-- CVE-2023/CVE-2023-45xx/CVE-2023-4545.json | 62 ++++++++++++++-- CVE-2023/CVE-2023-45xx/CVE-2023-4547.json | 75 +++++++++++++++++-- CVE-2023/CVE-2023-45xx/CVE-2023-4548.json | 63 ++++++++++++++-- CVE-2023/CVE-2023-45xx/CVE-2023-4572.json | 24 +++++++ README.md | 75 ++++++++++--------- 41 files changed, 1861 insertions(+), 145 deletions(-) create mode 100644 CVE-2021/CVE-2021-32xx/CVE-2021-3262.json create mode 100644 CVE-2023/CVE-2023-322xx/CVE-2023-32241.json create mode 100644 CVE-2023/CVE-2023-32xx/CVE-2023-3253.json create mode 100644 CVE-2023/CVE-2023-392xx/CVE-2023-39266.json create mode 100644 CVE-2023/CVE-2023-392xx/CVE-2023-39267.json create mode 100644 CVE-2023/CVE-2023-392xx/CVE-2023-39268.json create mode 100644 CVE-2023/CVE-2023-396xx/CVE-2023-39663.json create mode 100644 CVE-2023/CVE-2023-396xx/CVE-2023-39678.json create mode 100644 CVE-2023/CVE-2023-43xx/CVE-2023-4346.json create mode 100644 CVE-2023/CVE-2023-45xx/CVE-2023-4572.json diff --git a/CVE-2021/CVE-2021-293xx/CVE-2021-29390.json b/CVE-2021/CVE-2021-293xx/CVE-2021-29390.json index 392f48f832e..372dd97ca18 100644 --- a/CVE-2021/CVE-2021-293xx/CVE-2021-29390.json +++ b/CVE-2021/CVE-2021-293xx/CVE-2021-29390.json @@ -2,7 +2,7 @@ "id": "CVE-2021-29390", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-22T19:16:20.237", - "lastModified": "2023-08-29T19:15:26.667", + "lastModified": "2023-08-29T20:15:08.987", "vulnStatus": "Modified", "descriptions": [ { @@ -74,6 +74,10 @@ { "url": "https://github.com/libjpeg-turbo/libjpeg-turbo/blob/4e52b66f342a803d3b8099b79607e3158d3a241c/jdcoefct.c#L595", "source": "cve@mitre.org" + }, + { + "url": "https://github.com/libjpeg-turbo/libjpeg-turbo/commits/main/jdcoefct.c", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-32xx/CVE-2021-3262.json b/CVE-2021/CVE-2021-32xx/CVE-2021-3262.json new file mode 100644 index 00000000000..3133d859041 --- /dev/null +++ b/CVE-2021/CVE-2021-32xx/CVE-2021-3262.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2021-3262", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-29T20:15:09.487", + "lastModified": "2023-08-29T20:41:07.003", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "TripSpark VEO Transportation-2.2.x-XP_BB-20201123-184084 NovusEDU-2.2.x-XP_BB-20201123-184084 allows unsafe data inputs in POST body parameters from end users without sanitizing using server-side logic. It was possible to inject custom SQL commands into the \"Student Busing Information\" search queries." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://tripspark.com", + "source": "cve@mitre.org" + }, + { + "url": "http://veo.com", + "source": "cve@mitre.org" + }, + { + "url": "https://susos.co/blog/f/cve-disclosureuncovered-sql-injection-in-tripspark-veo-transport", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-287xx/CVE-2022-28796.json b/CVE-2022/CVE-2022-287xx/CVE-2022-28796.json index c027b39a0d1..10a63728eea 100644 --- a/CVE-2022/CVE-2022-287xx/CVE-2022-28796.json +++ b/CVE-2022/CVE-2022-287xx/CVE-2022-28796.json @@ -2,7 +2,7 @@ "id": "CVE-2022-28796", "sourceIdentifier": "cve@mitre.org", "published": "2022-04-08T05:15:07.067", - "lastModified": "2022-05-12T20:06:19.163", + "lastModified": "2023-08-29T21:02:02.483", "vulnStatus": "Analyzed", "descriptions": [ { @@ -70,14 +70,13 @@ "description": [ { "lang": "en", - "value": "CWE-416" + "value": "CWE-362" } ] } ], "configurations": [ { - "operator": "AND", "nodes": [ { "operator": "OR", @@ -86,15 +85,15 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.17", "versionEndExcluding": "5.17.1", - "matchCriteriaId": "C4C36454-2CDC-4F8D-A717-878F1C39CAD1" + "matchCriteriaId": "3004D9BF-0093-4C9C-8560-F3E91AFAE409" } ] } ] }, { - "operator": "AND", "nodes": [ { "operator": "OR", @@ -115,7 +114,6 @@ ] }, { - "operator": "AND", "nodes": [ { "operator": "OR", @@ -131,7 +129,6 @@ ] }, { - "operator": "AND", "nodes": [ { "operator": "OR", diff --git a/CVE-2023/CVE-2023-208xx/CVE-2023-20890.json b/CVE-2023/CVE-2023-208xx/CVE-2023-20890.json index 331dcb7622a..50f9193c0e0 100644 --- a/CVE-2023/CVE-2023-208xx/CVE-2023-20890.json +++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20890.json @@ -2,8 +2,8 @@ "id": "CVE-2023-20890", "sourceIdentifier": "security@vmware.com", "published": "2023-08-29T18:15:08.570", - "lastModified": "2023-08-29T18:15:08.570", - "vulnStatus": "Received", + "lastModified": "2023-08-29T20:41:07.003", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-264xx/CVE-2023-26462.json b/CVE-2023/CVE-2023-264xx/CVE-2023-26462.json index e892ae271ae..5e8436ba53d 100644 --- a/CVE-2023/CVE-2023-264xx/CVE-2023-26462.json +++ b/CVE-2023/CVE-2023-264xx/CVE-2023-26462.json @@ -2,7 +2,7 @@ "id": "CVE-2023-26462", "sourceIdentifier": "cve@mitre.org", "published": "2023-02-23T06:15:10.340", - "lastModified": "2023-03-03T02:29:16.507", + "lastModified": "2023-08-29T20:18:02.617", "vulnStatus": "Analyzed", "descriptions": [ { @@ -17,19 +17,19 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", - "attackComplexity": "LOW", + "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" + "baseScore": 8.1, + "baseSeverity": "HIGH" }, - "exploitabilityScore": 3.9, + "exploitabilityScore": 2.2, "impactScore": 5.9 } ] diff --git a/CVE-2023/CVE-2023-322xx/CVE-2023-32241.json b/CVE-2023/CVE-2023-322xx/CVE-2023-32241.json new file mode 100644 index 00000000000..231422b57e8 --- /dev/null +++ b/CVE-2023/CVE-2023-322xx/CVE-2023-32241.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32241", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-08-29T21:15:09.670", + "lastModified": "2023-08-29T21:15:09.670", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPDeveloper Essential Addons for Elementor Pro plugin <=\u00a05.4.8 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/essential-addons-elementor/wordpress-essential-addons-for-elementor-pro-plugin-5-4-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-327xx/CVE-2023-32756.json b/CVE-2023/CVE-2023-327xx/CVE-2023-32756.json index f8afe881426..b659511be23 100644 --- a/CVE-2023/CVE-2023-327xx/CVE-2023-32756.json +++ b/CVE-2023/CVE-2023-327xx/CVE-2023-32756.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32756", "sourceIdentifier": "twcert@cert.org.tw", "published": "2023-08-25T08:15:07.747", - "lastModified": "2023-08-25T12:47:00.750", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T20:22:34.167", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:edetw:u-office_force:20.0.7668d:*:*:*:*:*:*:*", + "matchCriteriaId": "E126F0A9-0B99-408C-84B9-9326613FF6FF" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.twcert.org.tw/tw/cp-132-7329-d8e4c-1.html", - "source": "twcert@cert.org.tw" + "source": "twcert@cert.org.tw", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-327xx/CVE-2023-32757.json b/CVE-2023/CVE-2023-327xx/CVE-2023-32757.json index ffbc50f2518..ae915619c24 100644 --- a/CVE-2023/CVE-2023-327xx/CVE-2023-32757.json +++ b/CVE-2023/CVE-2023-327xx/CVE-2023-32757.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32757", "sourceIdentifier": "twcert@cert.org.tw", "published": "2023-08-25T08:15:07.850", - "lastModified": "2023-08-25T12:47:00.750", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T20:22:23.300", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:edetw:u-office_force:20.0.7668d:*:*:*:*:*:*:*", + "matchCriteriaId": "E126F0A9-0B99-408C-84B9-9326613FF6FF" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.twcert.org.tw/tw/cp-132-7330-94442-1.html", - "source": "twcert@cert.org.tw" + "source": "twcert@cert.org.tw", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3251.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3251.json index dcd6e61a557..36627b92ed8 100644 --- a/CVE-2023/CVE-2023-32xx/CVE-2023-3251.json +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3251.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3251", "sourceIdentifier": "vulnreport@tenable.com", "published": "2023-08-29T19:15:27.023", - "lastModified": "2023-08-29T19:15:27.023", - "vulnStatus": "Received", + "lastModified": "2023-08-29T20:41:07.003", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3252.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3252.json index 80e54828e79..7149cebc549 100644 --- a/CVE-2023/CVE-2023-32xx/CVE-2023-3252.json +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3252.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3252", "sourceIdentifier": "vulnreport@tenable.com", "published": "2023-08-29T19:15:27.467", - "lastModified": "2023-08-29T19:15:27.467", - "vulnStatus": "Received", + "lastModified": "2023-08-29T20:41:07.003", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3253.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3253.json new file mode 100644 index 00000000000..c1ee9e93e98 --- /dev/null +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3253.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-3253", + "sourceIdentifier": "vulnreport@tenable.com", + "published": "2023-08-29T20:15:10.213", + "lastModified": "2023-08-29T20:41:07.003", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An improper authorization vulnerability exists where an authenticated, \nlow privileged remote attacker could view a list of all the users \navailable in the application.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "vulnreport@tenable.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://www.tenable.com/security/tns-2023-29", + "source": "vulnreport@tenable.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-340xx/CVE-2023-34039.json b/CVE-2023/CVE-2023-340xx/CVE-2023-34039.json index bb99ee1024c..2be41cee8f0 100644 --- a/CVE-2023/CVE-2023-340xx/CVE-2023-34039.json +++ b/CVE-2023/CVE-2023-340xx/CVE-2023-34039.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34039", "sourceIdentifier": "security@vmware.com", "published": "2023-08-29T18:15:08.680", - "lastModified": "2023-08-29T18:15:08.680", - "vulnStatus": "Received", + "lastModified": "2023-08-29T20:41:07.003", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-361xx/CVE-2023-36198.json b/CVE-2023/CVE-2023-361xx/CVE-2023-36198.json index 79ad6abb694..cc0c032547c 100644 --- a/CVE-2023/CVE-2023-361xx/CVE-2023-36198.json +++ b/CVE-2023/CVE-2023-361xx/CVE-2023-36198.json @@ -2,19 +2,76 @@ "id": "CVE-2023-36198", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-25T20:15:08.193", - "lastModified": "2023-08-26T04:05:04.350", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-08-29T20:53:49.233", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Buffer Overflow vulnerability in skalenetwork sgxwallet v.1.9.0 allows an attacker to cause a denial of service via the trustedBlsSignMessage function." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:skale:sgxwallet:1.9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "AE703687-AEA5-4907-A024-416EFA865D05" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/skalenetwork/sgxwallet/issues/419", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-361xx/CVE-2023-36199.json b/CVE-2023/CVE-2023-361xx/CVE-2023-36199.json index bb68f229795..816ab318c88 100644 --- a/CVE-2023/CVE-2023-361xx/CVE-2023-36199.json +++ b/CVE-2023/CVE-2023-361xx/CVE-2023-36199.json @@ -2,19 +2,77 @@ "id": "CVE-2023-36199", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-25T20:15:08.253", - "lastModified": "2023-08-26T04:05:04.350", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-08-29T20:53:23.417", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue in skalenetwork sgxwallet v.1.9.0 and below allows an attacker to cause a denial of service via the trustedGenerateEcdsaKey component." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:skale:sgxwallet:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.9.0", + "matchCriteriaId": "C937A19D-E630-4FEB-B7ED-C8C75C44290B" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/skalenetwork/sgxwallet/issues/419", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37425.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37425.json index 915d899e3ad..d6d89dca86f 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37425.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37425.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37425", "sourceIdentifier": "security-alert@hpe.com", "published": "2023-08-22T19:16:37.097", - "lastModified": "2023-08-22T20:10:36.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T20:18:00.600", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "security-alert@hpe.com", "type": "Secondary", @@ -34,10 +54,63 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.0.0", + "versionEndIncluding": "9.0.5", + "matchCriteriaId": "5E893AD7-C02C-4608-AF2E-01FDF300DFF0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.1.0", + "versionEndIncluding": "9.1.7", + "matchCriteriaId": "A49FCAD2-9EAA-4A38-9416-96C130C6E3CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.2.0", + "versionEndIncluding": "9.2.5", + "matchCriteriaId": "7B72D752-0E1E-4D9F-8DE7-848EA8161402" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "141D0310-AE35-48FA-953A-1F2019370717" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", - "source": "security-alert@hpe.com" + "source": "security-alert@hpe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37427.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37427.json index e39ce061010..7c216b739df 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37427.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37427.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37427", "sourceIdentifier": "security-alert@hpe.com", "published": "2023-08-22T19:16:37.310", - "lastModified": "2023-08-22T20:10:36.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T20:32:01.987", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + }, { "source": "security-alert@hpe.com", "type": "Secondary", @@ -34,10 +54,63 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.0.0", + "versionEndIncluding": "9.0.5", + "matchCriteriaId": "5E893AD7-C02C-4608-AF2E-01FDF300DFF0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.1.0", + "versionEndIncluding": "9.1.7", + "matchCriteriaId": "A49FCAD2-9EAA-4A38-9416-96C130C6E3CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.2.0", + "versionEndIncluding": "9.2.5", + "matchCriteriaId": "7B72D752-0E1E-4D9F-8DE7-848EA8161402" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "141D0310-AE35-48FA-953A-1F2019370717" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", - "source": "security-alert@hpe.com" + "source": "security-alert@hpe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37428.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37428.json index f5b24d2f4ac..88377d2f07f 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37428.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37428.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37428", "sourceIdentifier": "security-alert@hpe.com", "published": "2023-08-22T19:16:37.423", - "lastModified": "2023-08-22T20:10:36.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T20:36:16.033", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + }, { "source": "security-alert@hpe.com", "type": "Secondary", @@ -34,10 +54,63 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.0.0", + "versionEndIncluding": "9.0.5", + "matchCriteriaId": "5E893AD7-C02C-4608-AF2E-01FDF300DFF0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.1.0", + "versionEndIncluding": "9.1.7", + "matchCriteriaId": "A49FCAD2-9EAA-4A38-9416-96C130C6E3CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.2.0", + "versionEndIncluding": "9.2.5", + "matchCriteriaId": "7B72D752-0E1E-4D9F-8DE7-848EA8161402" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "141D0310-AE35-48FA-953A-1F2019370717" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", - "source": "security-alert@hpe.com" + "source": "security-alert@hpe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37429.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37429.json index 3b5fd46cbef..c39aab7e6a0 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37429.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37429.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37429", "sourceIdentifier": "security-alert@hpe.com", "published": "2023-08-22T19:16:37.580", - "lastModified": "2023-08-22T20:10:36.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T20:23:33.733", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + }, { "source": "security-alert@hpe.com", "type": "Secondary", @@ -34,10 +54,63 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.0.0", + "versionEndIncluding": "9.0.5", + "matchCriteriaId": "5E893AD7-C02C-4608-AF2E-01FDF300DFF0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.1.0", + "versionEndIncluding": "9.1.7", + "matchCriteriaId": "A49FCAD2-9EAA-4A38-9416-96C130C6E3CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.2.0", + "versionEndIncluding": "9.2.5", + "matchCriteriaId": "7B72D752-0E1E-4D9F-8DE7-848EA8161402" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "141D0310-AE35-48FA-953A-1F2019370717" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", - "source": "security-alert@hpe.com" + "source": "security-alert@hpe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37430.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37430.json index 9a785d5c3de..2a3191ab6f0 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37430.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37430.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37430", "sourceIdentifier": "security-alert@hpe.com", "published": "2023-08-22T19:16:37.737", - "lastModified": "2023-08-22T20:10:36.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T20:23:56.680", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + }, { "source": "security-alert@hpe.com", "type": "Secondary", @@ -34,10 +54,63 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.0.0", + "versionEndIncluding": "9.0.5", + "matchCriteriaId": "5E893AD7-C02C-4608-AF2E-01FDF300DFF0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.1.0", + "versionEndIncluding": "9.1.7", + "matchCriteriaId": "A49FCAD2-9EAA-4A38-9416-96C130C6E3CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.2.0", + "versionEndIncluding": "9.2.5", + "matchCriteriaId": "7B72D752-0E1E-4D9F-8DE7-848EA8161402" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "141D0310-AE35-48FA-953A-1F2019370717" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", - "source": "security-alert@hpe.com" + "source": "security-alert@hpe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37431.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37431.json index b3490af73ad..1a4a036ac23 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37431.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37431.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37431", "sourceIdentifier": "security-alert@hpe.com", "published": "2023-08-22T19:16:37.833", - "lastModified": "2023-08-22T20:10:36.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T20:26:39.703", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + }, { "source": "security-alert@hpe.com", "type": "Secondary", @@ -34,10 +54,63 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.0.0", + "versionEndIncluding": "9.0.5", + "matchCriteriaId": "5E893AD7-C02C-4608-AF2E-01FDF300DFF0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.1.0", + "versionEndIncluding": "9.1.7", + "matchCriteriaId": "A49FCAD2-9EAA-4A38-9416-96C130C6E3CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.2.0", + "versionEndIncluding": "9.2.5", + "matchCriteriaId": "7B72D752-0E1E-4D9F-8DE7-848EA8161402" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "141D0310-AE35-48FA-953A-1F2019370717" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", - "source": "security-alert@hpe.com" + "source": "security-alert@hpe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37432.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37432.json index 70f64e4ab2c..e58f20763be 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37432.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37432.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37432", "sourceIdentifier": "security-alert@hpe.com", "published": "2023-08-22T19:16:38.070", - "lastModified": "2023-08-22T20:10:36.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T20:26:53.907", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + }, { "source": "security-alert@hpe.com", "type": "Secondary", @@ -34,10 +54,63 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.0.0", + "versionEndIncluding": "9.0.5", + "matchCriteriaId": "5E893AD7-C02C-4608-AF2E-01FDF300DFF0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.1.0", + "versionEndIncluding": "9.1.7", + "matchCriteriaId": "A49FCAD2-9EAA-4A38-9416-96C130C6E3CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.2.0", + "versionEndIncluding": "9.2.5", + "matchCriteriaId": "7B72D752-0E1E-4D9F-8DE7-848EA8161402" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "141D0310-AE35-48FA-953A-1F2019370717" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", - "source": "security-alert@hpe.com" + "source": "security-alert@hpe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37433.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37433.json index d0e954160ba..6247763e01e 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37433.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37433.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37433", "sourceIdentifier": "security-alert@hpe.com", "published": "2023-08-22T19:16:38.253", - "lastModified": "2023-08-22T20:10:36.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T20:27:05.560", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + }, { "source": "security-alert@hpe.com", "type": "Secondary", @@ -34,10 +54,63 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.0.0", + "versionEndIncluding": "9.0.5", + "matchCriteriaId": "5E893AD7-C02C-4608-AF2E-01FDF300DFF0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.1.0", + "versionEndIncluding": "9.1.7", + "matchCriteriaId": "A49FCAD2-9EAA-4A38-9416-96C130C6E3CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.2.0", + "versionEndIncluding": "9.2.5", + "matchCriteriaId": "7B72D752-0E1E-4D9F-8DE7-848EA8161402" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "141D0310-AE35-48FA-953A-1F2019370717" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", - "source": "security-alert@hpe.com" + "source": "security-alert@hpe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37434.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37434.json index 1e128631c89..05961d6ea51 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37434.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37434.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37434", "sourceIdentifier": "security-alert@hpe.com", "published": "2023-08-22T19:16:38.360", - "lastModified": "2023-08-22T20:10:36.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T20:27:13.843", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + }, { "source": "security-alert@hpe.com", "type": "Secondary", @@ -34,10 +54,63 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.0.0", + "versionEndIncluding": "9.0.5", + "matchCriteriaId": "5E893AD7-C02C-4608-AF2E-01FDF300DFF0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.1.0", + "versionEndIncluding": "9.1.7", + "matchCriteriaId": "A49FCAD2-9EAA-4A38-9416-96C130C6E3CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.2.0", + "versionEndIncluding": "9.2.5", + "matchCriteriaId": "7B72D752-0E1E-4D9F-8DE7-848EA8161402" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "141D0310-AE35-48FA-953A-1F2019370717" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", - "source": "security-alert@hpe.com" + "source": "security-alert@hpe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-392xx/CVE-2023-39266.json b/CVE-2023/CVE-2023-392xx/CVE-2023-39266.json new file mode 100644 index 00000000000..02d15c49dbd --- /dev/null +++ b/CVE-2023/CVE-2023-392xx/CVE-2023-39266.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-39266", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-29T20:15:09.637", + "lastModified": "2023-08-29T20:41:07.003", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the ArubaOS-Switch web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface provided certain configuration options are present. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 6.0 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-013.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-392xx/CVE-2023-39267.json b/CVE-2023/CVE-2023-392xx/CVE-2023-39267.json new file mode 100644 index 00000000000..da10398b479 --- /dev/null +++ b/CVE-2023/CVE-2023-392xx/CVE-2023-39267.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-39267", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-29T20:15:09.743", + "lastModified": "2023-08-29T20:41:07.003", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An authenticated remote code execution vulnerability exists in the command line interface in ArubaOS-Switch. Successful exploitation results in a Denial-of-Service (DoS) condition in the switch.\n\n\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:L", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 6.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.3, + "impactScore": 4.7 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-013.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-392xx/CVE-2023-39268.json b/CVE-2023/CVE-2023-392xx/CVE-2023-39268.json new file mode 100644 index 00000000000..54d5f3686ef --- /dev/null +++ b/CVE-2023/CVE-2023-392xx/CVE-2023-39268.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-39268", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-29T20:15:09.830", + "lastModified": "2023-08-29T20:41:07.003", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A memory corruption vulnerability in ArubaOS-Switch could lead to unauthenticated remote code execution by receiving specially crafted packets. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-013.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-392xx/CVE-2023-39291.json b/CVE-2023/CVE-2023-392xx/CVE-2023-39291.json index c1c0fb36475..0002ea00ad9 100644 --- a/CVE-2023/CVE-2023-392xx/CVE-2023-39291.json +++ b/CVE-2023/CVE-2023-392xx/CVE-2023-39291.json @@ -2,23 +2,82 @@ "id": "CVE-2023-39291", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-25T22:15:11.193", - "lastModified": "2023-08-26T04:05:04.350", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T20:49:42.797", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability in the Connect Mobility Router component of MiVoice Connect through 9.6.2304.102 could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to view system information." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mitel:mivoice_connect:*:*:*:*:*:*:*:*", + "versionEndIncluding": "9.6.2304.102", + "matchCriteriaId": "6474C127-C923-4AC2-B9E1-BF3FCA0C2677" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.mitel.com/support/security-advisories", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0013", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-395xx/CVE-2023-39522.json b/CVE-2023/CVE-2023-395xx/CVE-2023-39522.json index 2a0dab27492..02021b72f4b 100644 --- a/CVE-2023/CVE-2023-395xx/CVE-2023-39522.json +++ b/CVE-2023/CVE-2023-395xx/CVE-2023-39522.json @@ -2,8 +2,8 @@ "id": "CVE-2023-39522", "sourceIdentifier": "security-advisories@github.com", "published": "2023-08-29T18:15:08.753", - "lastModified": "2023-08-29T18:15:08.753", - "vulnStatus": "Received", + "lastModified": "2023-08-29T20:41:07.003", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-395xx/CVE-2023-39578.json b/CVE-2023/CVE-2023-395xx/CVE-2023-39578.json index a63784d25b7..589bf7c2e21 100644 --- a/CVE-2023/CVE-2023-395xx/CVE-2023-39578.json +++ b/CVE-2023/CVE-2023-395xx/CVE-2023-39578.json @@ -2,19 +2,76 @@ "id": "CVE-2023-39578", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-28T20:15:08.207", - "lastModified": "2023-08-29T05:18:54.617", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T20:28:14.970", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A stored cross-site scripting (XSS) vulnerability in the Create function of Zenario CMS v9.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Menu navigation text field." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tribalsystems:zenario:9.4:*:*:*:*:*:*:*", + "matchCriteriaId": "D286E7B5-A87E-4B50-8BCD-DDD571CBD8C1" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/anh91/Zenario-xss/issues/1", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-396xx/CVE-2023-39600.json b/CVE-2023/CVE-2023-396xx/CVE-2023-39600.json index 28989700286..d6bb892e436 100644 --- a/CVE-2023/CVE-2023-396xx/CVE-2023-39600.json +++ b/CVE-2023/CVE-2023-396xx/CVE-2023-39600.json @@ -2,23 +2,81 @@ "id": "CVE-2023-39600", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-25T20:15:08.380", - "lastModified": "2023-08-26T04:05:04.350", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-08-29T20:51:52.543", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "IceWarp 11.4.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the color parameter." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:icewarp:icewarp:11.4.6.0:*:*:*:*:*:*:*", + "matchCriteriaId": "AA47D262-3C30-4F45-8C16-D940AA3F30D8" + } + ] + } + ] + } + ], "references": [ { "url": "http://icewrap.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://medium.com/@katikitala.sushmitha078/cross-site-scripting-reflected-xss-in-icewarp-server-cve-2023-39600-310a7e1c8817", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-396xx/CVE-2023-39663.json b/CVE-2023/CVE-2023-396xx/CVE-2023-39663.json new file mode 100644 index 00000000000..76e40952e1e --- /dev/null +++ b/CVE-2023/CVE-2023-396xx/CVE-2023-39663.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-39663", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-29T20:15:09.990", + "lastModified": "2023-08-29T20:41:07.003", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Mathjax up to v2.7.9 was discovered to contain two Regular expression Denial of Service (ReDoS) vulnerabilities in MathJax.js via the components pattern and markdownPattern." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/mathjax/MathJax/issues/3074", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-396xx/CVE-2023-39678.json b/CVE-2023/CVE-2023-396xx/CVE-2023-39678.json new file mode 100644 index 00000000000..ac0c8db22cb --- /dev/null +++ b/CVE-2023/CVE-2023-396xx/CVE-2023-39678.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-39678", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-29T20:15:10.133", + "lastModified": "2023-08-29T20:41:07.003", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A cross-site scripting (XSS) vulnerability in the device web interface (Log Query page) of BDCOM OLT P3310D-2AC 10.1.0F Build 69083 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://telegra.ph/XSS-in-BDCOM-OLT-P3310D-2AC-07-29", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-397xx/CVE-2023-39707.json b/CVE-2023/CVE-2023-397xx/CVE-2023-39707.json index 6ac7a8a2a4b..48527136636 100644 --- a/CVE-2023/CVE-2023-397xx/CVE-2023-39707.json +++ b/CVE-2023/CVE-2023-397xx/CVE-2023-39707.json @@ -2,27 +2,89 @@ "id": "CVE-2023-39707", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-25T20:15:08.443", - "lastModified": "2023-08-26T04:05:04.350", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-08-29T20:50:37.223", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add Expense parameter under the Expense section." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:free_and_open_source_inventory_management_system_project:free_and_open_source_inventory_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "ED4E30A0-0847-427A-9B08-FB699FCC7958" + } + ] + } + ] + } + ], "references": [ { "url": "https://gist.github.com/Arajawat007/b94d7ce74fcf16014e282a9b525f4555#file-cve-2023-39707", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://www.sourcecodester.com/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Not Applicable" + ] }, { "url": "https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-408xx/CVE-2023-40846.json b/CVE-2023/CVE-2023-408xx/CVE-2023-40846.json index 95a53943955..c9d2a3e19c5 100644 --- a/CVE-2023/CVE-2023-408xx/CVE-2023-40846.json +++ b/CVE-2023/CVE-2023-408xx/CVE-2023-40846.json @@ -2,19 +2,87 @@ "id": "CVE-2023-40846", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-28T14:15:09.197", - "lastModified": "2023-08-28T19:28:54.367", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T20:22:01.600", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function sub_90998." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:ac6_firmware:15.03.05.16:*:*:*:*:*:*:*", + "matchCriteriaId": "6F60AFD7-74AF-4CA2-8232-2858D5AD023A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:ac6:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "B622BF6D-85E6-475A-B7FB-11BA1A641191" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/XYIYM/Digging/blob/main/Tenda/AC6/bof/9/9.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-43xx/CVE-2023-4346.json b/CVE-2023/CVE-2023-43xx/CVE-2023-4346.json new file mode 100644 index 00000000000..fa35d6b57da --- /dev/null +++ b/CVE-2023/CVE-2023-43xx/CVE-2023-4346.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-4346", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2023-08-29T20:15:10.300", + "lastModified": "2023-08-29T20:41:07.003", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nKNX devices that use KNX Connection Authorization and support Option 1 are, depending on the implementation, vulnerable to being locked and users being unable to reset them to gain access to the device. The BCU key feature on the devices can be used to create a password for the device, but this password can often not be reset without entering the current password. If the device is configured to interface with a network, an attacker with access to that network could interface with the KNX installation, purge all devices without additional security options enabled, and set a BCU key, locking the device. Even if a device is not connected to a network, an attacker with physical access to the device could also exploit this vulnerability in the same way. \n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-645" + } + ] + } + ], + "references": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-236-01", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4543.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4543.json index 52ef6da663b..3f4da93da18 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4543.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4543.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4543", "sourceIdentifier": "cna@vuldb.com", "published": "2023-08-25T22:15:11.610", - "lastModified": "2023-08-26T04:05:04.350", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T20:48:48.177", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,48 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibos:ibos:4.5.5:*:*:*:*:*:*:*", + "matchCriteriaId": "1F678D76-48AA-4940-833F-5567D196DB7D" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/spcck/cve/blob/main/sql.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.238048", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.238048", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4545.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4545.json index 0fc1ad26ab2..01d378975f6 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4545.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4545.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4545", "sourceIdentifier": "cna@vuldb.com", "published": "2023-08-26T07:15:10.067", - "lastModified": "2023-08-28T05:16:07.333", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T20:48:10.567", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,48 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibos:ibos:4.5.5:*:*:*:*:*:*:*", + "matchCriteriaId": "1F678D76-48AA-4940-833F-5567D196DB7D" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/siyu15/cve/blob/main/sql.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.238056", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.238056", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4547.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4547.json index fa386316e1a..f3bb3bd5025 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4547.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4547.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4547", "sourceIdentifier": "cna@vuldb.com", "published": "2023-08-26T09:15:09.057", - "lastModified": "2023-08-28T18:15:09.063", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T20:47:26.337", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -61,7 +83,7 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -69,20 +91,61 @@ "value": "CWE-79" } ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:spa-cart:ecommerce_cms:1.9.0.3:*:*:*:*:*:*:*", + "matchCriteriaId": "93B7AD74-6F1F-4634-A073-725D49E7B93F" + } + ] + } + ] } ], "references": [ { "url": "http://packetstormsecurity.com/files/174343/SPA-Cart-eCommerce-CMS-1.9.0.3-Cross-Site-Scripting.html", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?ctiid.238058", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.238058", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4548.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4548.json index 36b6a17d201..374c2d46462 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4548.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4548.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4548", "sourceIdentifier": "cna@vuldb.com", "published": "2023-08-26T10:15:11.277", - "lastModified": "2023-08-28T18:15:09.227", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T20:42:49.530", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,49 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:spa-cart:ecommerce_cms:1.9.0.3:*:*:*:*:*:*:*", + "matchCriteriaId": "93B7AD74-6F1F-4634-A073-725D49E7B93F" + } + ] + } + ] + } + ], "references": [ { "url": "http://packetstormsecurity.com/files/174344/SPA-Cart-eCommerce-CMS-1.9.0.3-SQL-Injection.html", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?ctiid.238059", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.238059", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4572.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4572.json new file mode 100644 index 00000000000..79305880e0e --- /dev/null +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4572.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-4572", + "sourceIdentifier": "chrome-cve-admin@google.com", + "published": "2023-08-29T20:15:10.480", + "lastModified": "2023-08-29T20:41:07.003", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Use after free in MediaStream in Google Chrome prior to 116.0.5845.140 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_29.html", + "source": "chrome-cve-admin@google.com" + }, + { + "url": "https://crbug.com/1472492", + "source": "chrome-cve-admin@google.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 8fb22821891..c0fe8563c2c 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-08-29T20:00:24.895475+00:00 +2023-08-29T22:00:25.129210+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-08-29T19:55:51.197000+00:00 +2023-08-29T21:15:09.670000+00:00 ``` ### Last Data Feed Release @@ -29,49 +29,54 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -223622 +223632 ``` ### CVEs added in the last Commit -Recently added CVEs: `5` +Recently added CVEs: `10` -* [CVE-2023-20890](CVE-2023/CVE-2023-208xx/CVE-2023-20890.json) (`2023-08-29T18:15:08.570`) -* [CVE-2023-34039](CVE-2023/CVE-2023-340xx/CVE-2023-34039.json) (`2023-08-29T18:15:08.680`) -* [CVE-2023-39522](CVE-2023/CVE-2023-395xx/CVE-2023-39522.json) (`2023-08-29T18:15:08.753`) -* [CVE-2023-3251](CVE-2023/CVE-2023-32xx/CVE-2023-3251.json) (`2023-08-29T19:15:27.023`) -* [CVE-2023-3252](CVE-2023/CVE-2023-32xx/CVE-2023-3252.json) (`2023-08-29T19:15:27.467`) +* [CVE-2021-3262](CVE-2021/CVE-2021-32xx/CVE-2021-3262.json) (`2023-08-29T20:15:09.487`) +* [CVE-2023-39266](CVE-2023/CVE-2023-392xx/CVE-2023-39266.json) (`2023-08-29T20:15:09.637`) +* [CVE-2023-39267](CVE-2023/CVE-2023-392xx/CVE-2023-39267.json) (`2023-08-29T20:15:09.743`) +* [CVE-2023-39268](CVE-2023/CVE-2023-392xx/CVE-2023-39268.json) (`2023-08-29T20:15:09.830`) +* [CVE-2023-39663](CVE-2023/CVE-2023-396xx/CVE-2023-39663.json) (`2023-08-29T20:15:09.990`) +* [CVE-2023-39678](CVE-2023/CVE-2023-396xx/CVE-2023-39678.json) (`2023-08-29T20:15:10.133`) +* [CVE-2023-3253](CVE-2023/CVE-2023-32xx/CVE-2023-3253.json) (`2023-08-29T20:15:10.213`) +* [CVE-2023-4346](CVE-2023/CVE-2023-43xx/CVE-2023-4346.json) (`2023-08-29T20:15:10.300`) +* [CVE-2023-4572](CVE-2023/CVE-2023-45xx/CVE-2023-4572.json) (`2023-08-29T20:15:10.480`) +* [CVE-2023-32241](CVE-2023/CVE-2023-322xx/CVE-2023-32241.json) (`2023-08-29T21:15:09.670`) ### CVEs modified in the last Commit -Recently modified CVEs: `37` +Recently modified CVEs: `30` -* [CVE-2023-24548](CVE-2023/CVE-2023-245xx/CVE-2023-24548.json) (`2023-08-29T18:14:25.027`) -* [CVE-2023-39615](CVE-2023/CVE-2023-396xx/CVE-2023-39615.json) (`2023-08-29T18:14:25.027`) -* [CVE-2023-39616](CVE-2023/CVE-2023-396xx/CVE-2023-39616.json) (`2023-08-29T18:14:25.027`) -* [CVE-2023-3646](CVE-2023/CVE-2023-36xx/CVE-2023-3646.json) (`2023-08-29T18:14:25.027`) -* [CVE-2023-40889](CVE-2023/CVE-2023-408xx/CVE-2023-40889.json) (`2023-08-29T18:14:25.027`) -* [CVE-2023-40890](CVE-2023/CVE-2023-408xx/CVE-2023-40890.json) (`2023-08-29T18:14:25.027`) -* [CVE-2023-41037](CVE-2023/CVE-2023-410xx/CVE-2023-41037.json) (`2023-08-29T18:14:25.027`) -* [CVE-2023-4559](CVE-2023/CVE-2023-45xx/CVE-2023-4559.json) (`2023-08-29T18:16:34.183`) -* [CVE-2023-40892](CVE-2023/CVE-2023-408xx/CVE-2023-40892.json) (`2023-08-29T18:17:47.427`) -* [CVE-2023-40893](CVE-2023/CVE-2023-408xx/CVE-2023-40893.json) (`2023-08-29T18:22:17.173`) -* [CVE-2023-40305](CVE-2023/CVE-2023-403xx/CVE-2023-40305.json) (`2023-08-29T18:28:13.013`) -* [CVE-2023-40894](CVE-2023/CVE-2023-408xx/CVE-2023-40894.json) (`2023-08-29T18:36:37.477`) -* [CVE-2023-40895](CVE-2023/CVE-2023-408xx/CVE-2023-40895.json) (`2023-08-29T18:39:04.257`) -* [CVE-2023-40896](CVE-2023/CVE-2023-408xx/CVE-2023-40896.json) (`2023-08-29T18:39:43.853`) -* [CVE-2023-40897](CVE-2023/CVE-2023-408xx/CVE-2023-40897.json) (`2023-08-29T18:56:12.353`) -* [CVE-2023-34540](CVE-2023/CVE-2023-345xx/CVE-2023-34540.json) (`2023-08-29T18:57:58.473`) -* [CVE-2023-34541](CVE-2023/CVE-2023-345xx/CVE-2023-34541.json) (`2023-08-29T18:58:03.620`) -* [CVE-2023-35991](CVE-2023/CVE-2023-359xx/CVE-2023-35991.json) (`2023-08-29T18:58:15.803`) -* [CVE-2023-40898](CVE-2023/CVE-2023-408xx/CVE-2023-40898.json) (`2023-08-29T18:58:58.077`) -* [CVE-2023-40899](CVE-2023/CVE-2023-408xx/CVE-2023-40899.json) (`2023-08-29T19:14:34.473`) -* [CVE-2023-40900](CVE-2023/CVE-2023-409xx/CVE-2023-40900.json) (`2023-08-29T19:15:29.877`) -* [CVE-2023-40901](CVE-2023/CVE-2023-409xx/CVE-2023-40901.json) (`2023-08-29T19:19:51.567`) -* [CVE-2023-37422](CVE-2023/CVE-2023-374xx/CVE-2023-37422.json) (`2023-08-29T19:28:27.770`) -* [CVE-2023-37423](CVE-2023/CVE-2023-374xx/CVE-2023-37423.json) (`2023-08-29T19:44:45.850`) -* [CVE-2023-37424](CVE-2023/CVE-2023-374xx/CVE-2023-37424.json) (`2023-08-29T19:55:51.197`) +* [CVE-2023-32757](CVE-2023/CVE-2023-327xx/CVE-2023-32757.json) (`2023-08-29T20:22:23.300`) +* [CVE-2023-32756](CVE-2023/CVE-2023-327xx/CVE-2023-32756.json) (`2023-08-29T20:22:34.167`) +* [CVE-2023-37429](CVE-2023/CVE-2023-374xx/CVE-2023-37429.json) (`2023-08-29T20:23:33.733`) +* [CVE-2023-37430](CVE-2023/CVE-2023-374xx/CVE-2023-37430.json) (`2023-08-29T20:23:56.680`) +* [CVE-2023-37431](CVE-2023/CVE-2023-374xx/CVE-2023-37431.json) (`2023-08-29T20:26:39.703`) +* [CVE-2023-37432](CVE-2023/CVE-2023-374xx/CVE-2023-37432.json) (`2023-08-29T20:26:53.907`) +* [CVE-2023-37433](CVE-2023/CVE-2023-374xx/CVE-2023-37433.json) (`2023-08-29T20:27:05.560`) +* [CVE-2023-37434](CVE-2023/CVE-2023-374xx/CVE-2023-37434.json) (`2023-08-29T20:27:13.843`) +* [CVE-2023-39578](CVE-2023/CVE-2023-395xx/CVE-2023-39578.json) (`2023-08-29T20:28:14.970`) +* [CVE-2023-37427](CVE-2023/CVE-2023-374xx/CVE-2023-37427.json) (`2023-08-29T20:32:01.987`) +* [CVE-2023-37428](CVE-2023/CVE-2023-374xx/CVE-2023-37428.json) (`2023-08-29T20:36:16.033`) +* [CVE-2023-20890](CVE-2023/CVE-2023-208xx/CVE-2023-20890.json) (`2023-08-29T20:41:07.003`) +* [CVE-2023-34039](CVE-2023/CVE-2023-340xx/CVE-2023-34039.json) (`2023-08-29T20:41:07.003`) +* [CVE-2023-39522](CVE-2023/CVE-2023-395xx/CVE-2023-39522.json) (`2023-08-29T20:41:07.003`) +* [CVE-2023-3251](CVE-2023/CVE-2023-32xx/CVE-2023-3251.json) (`2023-08-29T20:41:07.003`) +* [CVE-2023-3252](CVE-2023/CVE-2023-32xx/CVE-2023-3252.json) (`2023-08-29T20:41:07.003`) +* [CVE-2023-4548](CVE-2023/CVE-2023-45xx/CVE-2023-4548.json) (`2023-08-29T20:42:49.530`) +* [CVE-2023-4547](CVE-2023/CVE-2023-45xx/CVE-2023-4547.json) (`2023-08-29T20:47:26.337`) +* [CVE-2023-4545](CVE-2023/CVE-2023-45xx/CVE-2023-4545.json) (`2023-08-29T20:48:10.567`) +* [CVE-2023-4543](CVE-2023/CVE-2023-45xx/CVE-2023-4543.json) (`2023-08-29T20:48:48.177`) +* [CVE-2023-39291](CVE-2023/CVE-2023-392xx/CVE-2023-39291.json) (`2023-08-29T20:49:42.797`) +* [CVE-2023-39707](CVE-2023/CVE-2023-397xx/CVE-2023-39707.json) (`2023-08-29T20:50:37.223`) +* [CVE-2023-39600](CVE-2023/CVE-2023-396xx/CVE-2023-39600.json) (`2023-08-29T20:51:52.543`) +* [CVE-2023-36199](CVE-2023/CVE-2023-361xx/CVE-2023-36199.json) (`2023-08-29T20:53:23.417`) +* [CVE-2023-36198](CVE-2023/CVE-2023-361xx/CVE-2023-36198.json) (`2023-08-29T20:53:49.233`) ## Download and Usage