admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-03T18:00:24.489755+00:00

Browse Source
This commit is contained in:
René Helmke 2023-05-03 20:00:27 +02:00
parent 8b715f2626
commit ece8887578
36 changed files with 3672 additions and 190 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
CVE-2012/CVE-2012-100xx/CVE-2012-10013.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2012-10013",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-24T18:15:08.783",
"lastModified": "2023-04-25T12:52:57.877",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-03T17:03:26.333",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,22 +93,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kau-boys:backend_localization:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.0",
"matchCriteriaId": "9AB1A388-C6BF-4259-B500-DB4DB09F7F87"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wp-plugins/kau-boys-backend-localization/commit/43dc96defd7944da12ff116476a6890acd7dd24b",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/wp-plugins/kau-boys-backend-localization/releases/tag/2.0",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://vuldb.com/?ctiid.227231",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.227231",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

64
CVE-2012/CVE-2012-100xx/CVE-2012-10014.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2012-10014",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-24T18:15:08.867",
"lastModified": "2023-04-25T12:52:57.877",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-03T17:00:58.130",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,22 +93,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kau-boys:backend_localization:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.0.1",
"matchCriteriaId": "FCCEF46F-09F8-40A1-8C19-1F4D1CB92DDC"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wp-plugins/kau-boys-backend-localization/commit/36f457ee16dd114e510fd91a3ea9fbb3c1f87184",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/wp-plugins/kau-boys-backend-localization/releases/tag/2.0.1",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://vuldb.com/?ctiid.227232",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.227232",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

9
CVE-2022/CVE-2022-242xx/CVE-2022-24249.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24249",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-02-04T19:15:08.100",
"lastModified": "2022-02-09T02:15:44.103",
"lastModified": "2023-05-03T16:48:21.923",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "56FF2AB9-517D-43A7-867E-9FB6B833194F"
"criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0",
"matchCriteriaId": "CCC969A1-3F88-40F5-B4A1-54DA05DF081E"
}
]
}
@ -98,6 +99,8 @@
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
}

7
CVE-2022/CVE-2022-271xx/CVE-2022-27145.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-27145",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-04-08T16:15:08.327",
"lastModified": "2022-04-14T19:35:19.553",
"lastModified": "2023-05-03T16:48:11.460",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:1.1.0-dev-rev1727-g8be34973d-master:*:*:*:*:*:*:*",
"matchCriteriaId": "C0BF5844-AE9D-4B56-86AB-B56713DAA015"
"criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0",
"matchCriteriaId": "CCC969A1-3F88-40F5-B4A1-54DA05DF081E"
}
]
}

70
CVE-2022/CVE-2022-296xx/CVE-2022-29609.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2022-29609",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-20T13:15:07.630",
"lastModified": "2023-04-20T13:15:13.917",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-03T17:55:53.000",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ONOS 2.5.1. An intent with the same source and destination shows the INSTALLING state, indicating that its flow rules are installing. Improper handling of such an intent is misleading to a network operator."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-670"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opennetworking:onos:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD1D050-BBF8-45B6-9B4E-93FC5D062414"
}
]
}
]
}
],
"references": [
{
"url": "https://wiki.onosproject.org/display/ONOS/Intent+Framework",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.usenix.org/system/files/sec23fall-prepub-285_kim-jiwon.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}

70
CVE-2022/CVE-2022-299xx/CVE-2022-29944.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2022-29944",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-20T13:15:07.677",
"lastModified": "2023-04-20T13:15:13.917",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-03T17:27:22.773",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of paths installed by intents. An existing intents does not redirect to a new path, even if a new intent that shares the path with higher priority is installed."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-697"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opennetworking:onos:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD1D050-BBF8-45B6-9B4E-93FC5D062414"
}
]
}
]
}
],
"references": [
{
"url": "https://wiki.onosproject.org/display/ONOS/Intent+Framework",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.usenix.org/system/files/sec23fall-prepub-285_kim-jiwon.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}

1489
CVE-2023/CVE-2023-229xx/CVE-2023-22918.json
View File

File diff suppressed because it is too large Load Diff

56
CVE-2023/CVE-2023-22xx/CVE-2023-2251.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2251",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-04-24T15:15:08.897",
"lastModified": "2023-04-28T15:15:10.790",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-03T17:26:16.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:yaml_project:yaml:*:*:*:*:*:go:*:*",
"versionEndExcluding": "2.0.0-4",
"matchCriteriaId": "33E17CA5-8A74-4BE7-ACC1-CD1DBE0695BD"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/eemeli/yaml/commit/984f5781ffd807e58cad3b5c8da1f940dab75fba",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/4b494e99-5a3e-40d9-8678-277f3060e96c",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-238xx/CVE-2023-23830.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-23830",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-03T16:15:09.717",
"lastModified": "2023-05-03T16:15:09.717",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ProfilePress Membership Team ProfilePress plugin <=\u00a04.5.4 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-user-avatar/wordpress-profilepress-plugin-4-5-4-cross-site-scripting-xss-vulnerability-2?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-238xx/CVE-2023-23875.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-23875",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-03T16:15:10.130",
"lastModified": "2023-05-03T16:15:10.130",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Himanshu Bing Site Verification plugin using Meta Tag plugin <=\u00a01.0 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/bing-site-verification-using-meta-tag/wordpress-bing-site-verification-plugin-using-meta-tag-plugin-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-238xx/CVE-2023-23881.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-23881",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-03T16:15:10.237",
"lastModified": "2023-05-03T16:15:10.237",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GreenTreeLabs Circles Gallery plugin <=\u00a01.0.10 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/circles-gallery/wordpress-circles-gallery-plugin-1-0-10-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

107
CVE-2023/CVE-2023-23xx/CVE-2023-2307.json Normal file
View File

@ -0,0 +1,107 @@
{
"id": "CVE-2023-2307",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-04-26T17:15:11.217",
"lastModified": "2023-05-03T16:41:14.190",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) in GitHub repository builderio/qwik prior to 0.104.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:builder:qwik:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.104.0",
"matchCriteriaId": "1853709E-692C-4325-BEBD-D56495DED1C2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/builderio/qwik/commit/09190b70027354baf7ad3d208df9c05a87f75f57",
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/204ea12e-9e5c-4166-bf0e-fd49c8836917",
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-23xx/CVE-2023-2345.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2345",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-27T15:15:13.187",
"lastModified": "2023-04-27T15:58:36.043",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-03T16:59:03.360",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,14 +93,41 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:service_provider_management_system_project:service_provider_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72A53E3F-CC8B-4570-9F4F-BA25E7F4F642"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.227588",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.227588",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

62
CVE-2023/CVE-2023-23xx/CVE-2023-2346.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2346",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-27T15:15:13.400",
"lastModified": "2023-04-27T15:58:36.043",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-03T16:58:35.860",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:service_provider_management_system_project:service_provider_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72A53E3F-CC8B-4570-9F4F-BA25E7F4F642"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/E1CHO/cve_hub/blob/main/Service%20Provider%20Management%20System/Service%20Provider%20Management%20System%20-%20vuln%201.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.227589",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.227589",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

62
CVE-2023/CVE-2023-23xx/CVE-2023-2347.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2347",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-27T15:15:13.617",
"lastModified": "2023-04-27T15:58:36.043",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-03T16:58:18.770",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:service_provider_management_system_project:service_provider_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72A53E3F-CC8B-4570-9F4F-BA25E7F4F642"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/E1CHO/cve_hub/blob/main/Service%20Provider%20Management%20System/Service%20Provider%20Management%20System%20-%20vuln%202.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.227590",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.227590",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

62
CVE-2023/CVE-2023-23xx/CVE-2023-2348.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2348",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-27T15:15:13.723",
"lastModified": "2023-04-27T15:58:36.043",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-03T16:57:42.023",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:service_provider_management_system_project:service_provider_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72A53E3F-CC8B-4570-9F4F-BA25E7F4F642"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/E1CHO/cve_hub/blob/main/Service%20Provider%20Management%20System/Service%20Provider%20Management%20System%20-%20vuln%203.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.227591",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.227591",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

69
CVE-2023/CVE-2023-248xx/CVE-2023-24819.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24819",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-24T15:15:07.907",
"lastModified": "2023-04-24T15:35:56.667",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-03T16:12:07.527",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -50,18 +80,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:riot-os:riot:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2022.10",
"matchCriteriaId": "2A1B64C3-901D-4D06-AD22-FA94E65D5024"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/RIOT-OS/RIOT/pull/18817/commits/73615161c01fcfbbc7216cf502cabb12c1598ee4",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/RIOT-OS/RIOT/pull/18820/commits/da63e45ee94c03a2e08625b04ea618653eab4a9f",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/RIOT-OS/RIOT/security/advisories/GHSA-fv97-2448-gcf6",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-248xx/CVE-2023-24820.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24820",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-24T15:15:07.987",
"lastModified": "2023-04-24T15:35:56.667",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-03T16:27:55.537",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -48,20 +68,61 @@
"value": "CWE-787"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-191"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:riot-os:riot:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2022.10",
"matchCriteriaId": "2A1B64C3-901D-4D06-AD22-FA94E65D5024"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/RIOT-OS/RIOT/pull/18817/commits/2709fbd827b688fe62df2c77c316914f4a3a6d4a",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/RIOT-OS/RIOT/pull/18820/commits/d052e2ee166e55bbdfe4c455e65dbd7e3479ebe3",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/RIOT-OS/RIOT/security/advisories/GHSA-vpx8-h94p-9vrj",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-259xx/CVE-2023-25967.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-25967",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-03T16:15:10.480",
"lastModified": "2023-05-03T16:15:10.480",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in PeepSo Community by PeepSo plugin <=\u00a06.0.2.0 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/peepso-core/wordpress-community-by-peepso-social-network-membership-registration-user-profiles-plugin-6-0-2-0-cross-site-request-forgery-csrf?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-260xx/CVE-2023-26017.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-26017",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-03T16:15:10.747",
"lastModified": "2023-05-03T16:15:10.747",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in BlueGlass Jobs for WordPress plugin <=\u00a02.5.10.2 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/job-postings/wordpress-jobs-for-wordpress-plugin-2-5-10-2-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

63
CVE-2023/CVE-2023-260xx/CVE-2023-26059.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26059",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-24T18:15:09.090",
"lastModified": "2023-04-25T12:52:57.877",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-03T16:06:54.337",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cve@mitre.org",
"type": "Secondary",
@ -34,14 +54,49 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nokia:netact:20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4884872D-10EF-48EB-94EA-FAFD6B52D37D"
}
]
}
]
}
],
"references": [
{
"url": "https://nokia.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2022-03/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

82
CVE-2023/CVE-2023-269xx/CVE-2023-26930.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2023-26930",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T19:15:08.783",
"lastModified": "2023-05-03T16:49:07.453",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xpdfreader:xpdf:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB8219E-FA52-45B5-A332-CE34400630BC"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/huanglei3/10e2a9bd07a109995b20ade306612a34",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/huanglei3/xpdf_aborted",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

82
CVE-2023/CVE-2023-269xx/CVE-2023-26931.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2023-26931",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T19:15:08.820",
"lastModified": "2023-05-03T16:48:11.660",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the TextOutputDev.cc function."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xpdfreader:xpdf:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB8219E-FA52-45B5-A332-CE34400630BC"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/huanglei3/10e2a9bd07a109995b20ade306612a34",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://note.youdao.com/s/7Nkhj01p",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

82
CVE-2023/CVE-2023-269xx/CVE-2023-26934.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2023-26934",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T19:15:08.857",
"lastModified": "2023-05-03T16:47:27.773",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue found in XPDF v.4.04 allows an attacker to cause a denial of service via a crafted pdf file in the object.cc parameter."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xpdfreader:xpdf:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB8219E-FA52-45B5-A332-CE34400630BC"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/huanglei3/10e2a9bd07a109995b20ade306612a34",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/huanglei3/xpdf_Stack-backtracking/blob/main/object_copy",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

82
CVE-2023/CVE-2023-269xx/CVE-2023-26935.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2023-26935",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T19:15:08.893",
"lastModified": "2023-05-03T16:46:40.757",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via SharedFile::readBlock at /xpdf/Stream.cc."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xpdfreader:xpdf:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB8219E-FA52-45B5-A332-CE34400630BC"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/huanglei3/10e2a9bd07a109995b20ade306612a34",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/huanglei3/xpdf_heapoverflow",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

82
CVE-2023/CVE-2023-269xx/CVE-2023-26936.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2023-26936",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T19:15:08.930",
"lastModified": "2023-05-03T16:46:25.367",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via gmalloc in gmem.cc"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xpdfreader:xpdf:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB8219E-FA52-45B5-A332-CE34400630BC"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/huanglei3/10e2a9bd07a109995b20ade306612a34",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/huanglei3/xpdf_Stack-backtracking/blob/main/gmem_copyString",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

82
CVE-2023/CVE-2023-269xx/CVE-2023-26937.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2023-26937",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T19:15:08.963",
"lastModified": "2023-05-03T16:45:53.083",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via GString::resize located in goo/GString.cc"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xpdfreader:xpdf:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB8219E-FA52-45B5-A332-CE34400630BC"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/huanglei3/10e2a9bd07a109995b20ade306612a34",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/huanglei3/xpdf_Stack-backtracking/blob/main/Stack_backtracking_gstring",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

82
CVE-2023/CVE-2023-269xx/CVE-2023-26938.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2023-26938",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T19:15:09.000",
"lastModified": "2023-05-03T16:45:10.690",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service viaSharedFile::readBlock located in goo/gfile.cc."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xpdfreader:xpdf:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB8219E-FA52-45B5-A332-CE34400630BC"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/huanglei3/10e2a9bd07a109995b20ade306612a34",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/huanglei3/xpdf_heapoverflow/edit/main/Stack_backtracking_readblock",
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
]
}
]
}

71
CVE-2023/CVE-2023-294xx/CVE-2023-29479.json
View File

@ -2,19 +2,82 @@
"id": "CVE-2023-29479",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-24T15:15:08.727",
"lastModified": "2023-04-24T15:35:56.667",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-03T16:56:35.370",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Ribose RNP before 0.16.3 may hang when the input is malformed."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ribose:rnp:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.16.3",
"matchCriteriaId": "9BD9667E-867D-432E-B296-8B0C2CD1BD49"
}
]
}
]
}
],
"references": [
{
"url": "https://cve.ribose.com/advisories/ra-2023-04-11/",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.rnpgp.org/blog/2023-04-13-rnp-release-0-16-3/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

64
CVE-2023/CVE-2023-294xx/CVE-2023-29480.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-29480",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-24T15:15:08.770",
"lastModified": "2023-04-24T15:35:56.667",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-03T17:11:10.983",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Ribose RNP before 0.16.3 sometimes lets secret keys remain unlocked after use."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-312"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ribose:rnp:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.16.3",
"matchCriteriaId": "9BD9667E-867D-432E-B296-8B0C2CD1BD49"
}
]
}
]
}
],
"references": [
{
"url": "https://www.rnpgp.org/blog/2023-04-13-rnp-release-0-16-3/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

76
CVE-2023/CVE-2023-302xx/CVE-2023-30210.json Normal file
View File

@ -0,0 +1,76 @@
{
"id": "CVE-2023-30210",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T16:15:10.023",
"lastModified": "2023-05-03T16:41:53.360",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "OURPHP <= 7.2.0 is vulnerable to Cross Site Scripting (XSS) via ourphp_tz.php."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ourphp:ourphp:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.2.0",
"matchCriteriaId": "D371179F-DCD6-406E-A2E2-F1D355D9EE5D"
}
]
}
]
}
],
"references": [
{
"url": "https://wanheiqiyihu.top/2023/03/27/OURPHP-v7-2-0-ourphp-tz-php-Reflection-xss/",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

76
CVE-2023/CVE-2023-302xx/CVE-2023-30211.json Normal file
View File

@ -0,0 +1,76 @@
{
"id": "CVE-2023-30211",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T16:15:10.067",
"lastModified": "2023-05-03T16:41:39.160",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "OURPHP <= 7.2.0 is vulnerable to SQL Injection."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ourphp:ourphp:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.2.0",
"matchCriteriaId": "D371179F-DCD6-406E-A2E2-F1D355D9EE5D"
}
]
}
]
}
],
"references": [
{
"url": "https://wanheiqiyihu.top/2023/03/27/OURPHP-v7-2-0-Background-SQL-injection/",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

76
CVE-2023/CVE-2023-302xx/CVE-2023-30212.json Normal file
View File

@ -0,0 +1,76 @@
{
"id": "CVE-2023-30212",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T17:15:11.297",
"lastModified": "2023-05-03T16:38:41.690",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "OURPHP <= 7.2.0 is vulnerale to Cross Site Scripting (XSS) via /client/manage/ourphp_out.php."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ourphp:ourphp:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.2.0",
"matchCriteriaId": "D371179F-DCD6-406E-A2E2-F1D355D9EE5D"
}
]
}
]
}
],
"references": [
{
"url": "https://wanheiqiyihu.top/2023/03/27/OURPHP-v7-2-0-ourphp-out-php-Reflection-xss/",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

66
CVE-2023/CVE-2023-303xx/CVE-2023-30338.json
View File

@ -2,19 +2,77 @@
"id": "CVE-2023-30338",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-27T15:15:13.787",
"lastModified": "2023-04-27T15:58:36.043",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-03T16:57:02.093",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Multiple stored cross-site scripting (XSS) vulnerabilities in Emlog Pro v2.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Article Title or Article Summary parameters."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:emlog:emlog:2.0.3:*:*:*:pro:*:*:*",
"matchCriteriaId": "5B872763-766F-478B-BA9C-97A85DC372F5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/emlog/emlog/issues/229",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-306xx/CVE-2023-30613.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30613",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-24T17:15:10.863",
"lastModified": "2023-04-24T17:43:16.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-03T17:24:05.977",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +66,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kiwitcms:kiwi_tcms:*:*:*:*:*:*:*:*",
"versionEndExcluding": "12.2",
"matchCriteriaId": "54963FF5-B772-4EC5-A2A1-3E98D68369C8"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/kiwitcms/Kiwi/security/advisories/GHSA-fwcf-753v-fgcj",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://huntr.dev/bounties/c30d3503-600d-4d00-9571-98826a51f12c",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://kiwitcms.org/blog/kiwi-tcms-team/2023/04/23/kiwi-tcms-122/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
}
]
}

143
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-03T16:00:24.647552+00:00
2023-05-03T18:00:24.489755+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-03T15:46:52.087000+00:00
2023-05-03T17:55:53+00:00
```
### Last Data Feed Release
@ -29,117 +29,54 @@ Download and Changelog: [Click](releases/latest)
### Total Number of included CVEs
```plain
213998
214003
```
### CVEs added in the last Commit
Recently added CVEs: `18`
Recently added CVEs: `5`
* [CVE-2022-46852](CVE-2022/CVE-2022-468xx/CVE-2022-46852.json) (`2023-05-03T15:15:11.190`)
* [CVE-2023-22372](CVE-2023/CVE-2023-223xx/CVE-2023-22372.json) (`2023-05-03T15:15:11.437`)
* [CVE-2023-22683](CVE-2023/CVE-2023-226xx/CVE-2023-22683.json) (`2023-05-03T14:15:30.667`)
* [CVE-2023-23785](CVE-2023/CVE-2023-237xx/CVE-2023-23785.json) (`2023-05-03T15:15:11.627`)
* [CVE-2023-23808](CVE-2023/CVE-2023-238xx/CVE-2023-23808.json) (`2023-05-03T15:15:11.770`)
* [CVE-2023-23809](CVE-2023/CVE-2023-238xx/CVE-2023-23809.json) (`2023-05-03T15:15:12.117`)
* [CVE-2023-23874](CVE-2023/CVE-2023-238xx/CVE-2023-23874.json) (`2023-05-03T14:15:31.987`)
* [CVE-2023-23876](CVE-2023/CVE-2023-238xx/CVE-2023-23876.json) (`2023-05-03T14:15:32.290`)
* [CVE-2023-24461](CVE-2023/CVE-2023-244xx/CVE-2023-24461.json) (`2023-05-03T15:15:12.310`)
* [CVE-2023-24594](CVE-2023/CVE-2023-245xx/CVE-2023-24594.json) (`2023-05-03T15:15:12.447`)
* [CVE-2023-25979](CVE-2023/CVE-2023-259xx/CVE-2023-25979.json) (`2023-05-03T14:15:32.667`)
* [CVE-2023-27378](CVE-2023/CVE-2023-273xx/CVE-2023-27378.json) (`2023-05-03T15:15:12.587`)
* [CVE-2023-28406](CVE-2023/CVE-2023-284xx/CVE-2023-28406.json) (`2023-05-03T15:15:12.720`)
* [CVE-2023-28656](CVE-2023/CVE-2023-286xx/CVE-2023-28656.json) (`2023-05-03T15:15:12.860`)
* [CVE-2023-28724](CVE-2023/CVE-2023-287xx/CVE-2023-28724.json) (`2023-05-03T15:15:13.020`)
* [CVE-2023-28742](CVE-2023/CVE-2023-287xx/CVE-2023-28742.json) (`2023-05-03T15:15:13.153`)
* [CVE-2023-29163](CVE-2023/CVE-2023-291xx/CVE-2023-29163.json) (`2023-05-03T15:15:13.287`)
* [CVE-2023-29240](CVE-2023/CVE-2023-292xx/CVE-2023-29240.json) (`2023-05-03T15:15:13.423`)
* [CVE-2023-23830](CVE-2023/CVE-2023-238xx/CVE-2023-23830.json) (`2023-05-03T16:15:09.717`)
* [CVE-2023-23875](CVE-2023/CVE-2023-238xx/CVE-2023-23875.json) (`2023-05-03T16:15:10.130`)
* [CVE-2023-23881](CVE-2023/CVE-2023-238xx/CVE-2023-23881.json) (`2023-05-03T16:15:10.237`)
* [CVE-2023-25967](CVE-2023/CVE-2023-259xx/CVE-2023-25967.json) (`2023-05-03T16:15:10.480`)
* [CVE-2023-26017](CVE-2023/CVE-2023-260xx/CVE-2023-26017.json) (`2023-05-03T16:15:10.747`)
### CVEs modified in the last Commit
Recently modified CVEs: `80`
Recently modified CVEs: `30`
* [CVE-2021-23166](CVE-2021/CVE-2021-231xx/CVE-2021-23166.json) (`2023-05-03T14:38:22.883`)
* [CVE-2021-23176](CVE-2021/CVE-2021-231xx/CVE-2021-23176.json) (`2023-05-03T14:28:25.537`)
* [CVE-2021-23178](CVE-2021/CVE-2021-231xx/CVE-2021-23178.json) (`2023-05-03T14:25:43.207`)
* [CVE-2021-44465](CVE-2021/CVE-2021-444xx/CVE-2021-44465.json) (`2023-05-03T14:12:22.630`)
* [CVE-2022-2873](CVE-2022/CVE-2022-28xx/CVE-2022-2873.json) (`2023-05-03T14:15:10.653`)
* [CVE-2022-30995](CVE-2022/CVE-2022-309xx/CVE-2022-30995.json) (`2023-05-03T14:41:11.100`)
* [CVE-2022-3405](CVE-2022/CVE-2022-34xx/CVE-2022-3405.json) (`2023-05-03T14:41:11.100`)
* [CVE-2022-3424](CVE-2022/CVE-2022-34xx/CVE-2022-3424.json) (`2023-05-03T14:15:12.830`)
* [CVE-2022-3545](CVE-2022/CVE-2022-35xx/CVE-2022-3545.json) (`2023-05-03T14:15:13.337`)
* [CVE-2022-36280](CVE-2022/CVE-2022-362xx/CVE-2022-36280.json) (`2023-05-03T14:15:12.327`)
* [CVE-2022-3707](CVE-2022/CVE-2022-37xx/CVE-2022-3707.json) (`2023-05-03T14:15:14.110`)
* [CVE-2022-40302](CVE-2022/CVE-2022-403xx/CVE-2022-40302.json) (`2023-05-03T14:41:00.093`)
* [CVE-2022-40318](CVE-2022/CVE-2022-403xx/CVE-2022-40318.json) (`2023-05-03T14:41:00.093`)
* [CVE-2022-41218](CVE-2022/CVE-2022-412xx/CVE-2022-41218.json) (`2023-05-03T14:15:14.560`)
* [CVE-2022-43681](CVE-2022/CVE-2022-436xx/CVE-2022-43681.json) (`2023-05-03T14:41:00.093`)
* [CVE-2022-45934](CVE-2022/CVE-2022-459xx/CVE-2022-45934.json) (`2023-05-03T14:15:14.953`)
* [CVE-2022-4744](CVE-2022/CVE-2022-47xx/CVE-2022-4744.json) (`2023-05-03T14:15:15.753`)
* [CVE-2022-47929](CVE-2022/CVE-2022-479xx/CVE-2022-47929.json) (`2023-05-03T14:15:15.467`)
* [CVE-2022-48150](CVE-2022/CVE-2022-481xx/CVE-2022-48150.json) (`2023-05-03T14:57:34.217`)
* [CVE-2023-0045](CVE-2023/CVE-2023-00xx/CVE-2023-0045.json) (`2023-05-03T14:15:16.303`)
* [CVE-2023-0266](CVE-2023/CVE-2023-02xx/CVE-2023-0266.json) (`2023-05-03T14:15:16.877`)
* [CVE-2023-0394](CVE-2023/CVE-2023-03xx/CVE-2023-0394.json) (`2023-05-03T14:15:17.673`)
* [CVE-2023-0458](CVE-2023/CVE-2023-04xx/CVE-2023-0458.json) (`2023-05-03T14:15:18.220`)
* [CVE-2023-0461](CVE-2023/CVE-2023-04xx/CVE-2023-0461.json) (`2023-05-03T14:15:18.783`)
* [CVE-2023-1073](CVE-2023/CVE-2023-10xx/CVE-2023-1073.json) (`2023-05-03T14:15:19.060`)
* [CVE-2023-1074](CVE-2023/CVE-2023-10xx/CVE-2023-1074.json) (`2023-05-03T14:15:19.413`)
* [CVE-2023-1078](CVE-2023/CVE-2023-10xx/CVE-2023-1078.json) (`2023-05-03T14:15:19.747`)
* [CVE-2023-1079](CVE-2023/CVE-2023-10xx/CVE-2023-1079.json) (`2023-05-03T14:15:21.417`)
* [CVE-2023-1118](CVE-2023/CVE-2023-11xx/CVE-2023-1118.json) (`2023-05-03T14:15:21.720`)
* [CVE-2023-1281](CVE-2023/CVE-2023-12xx/CVE-2023-1281.json) (`2023-05-03T14:15:23.817`)
* [CVE-2023-1383](CVE-2023/CVE-2023-13xx/CVE-2023-1383.json) (`2023-05-03T14:41:00.093`)
* [CVE-2023-1384](CVE-2023/CVE-2023-13xx/CVE-2023-1384.json) (`2023-05-03T14:41:00.093`)
* [CVE-2023-1385](CVE-2023/CVE-2023-13xx/CVE-2023-1385.json) (`2023-05-03T14:41:00.093`)
* [CVE-2023-1513](CVE-2023/CVE-2023-15xx/CVE-2023-1513.json) (`2023-05-03T14:15:24.243`)
* [CVE-2023-1670](CVE-2023/CVE-2023-16xx/CVE-2023-1670.json) (`2023-05-03T14:15:25.157`)
* [CVE-2023-1731](CVE-2023/CVE-2023-17xx/CVE-2023-1731.json) (`2023-05-03T14:21:49.653`)
* [CVE-2023-1829](CVE-2023/CVE-2023-18xx/CVE-2023-1829.json) (`2023-05-03T14:15:25.480`)
* [CVE-2023-1855](CVE-2023/CVE-2023-18xx/CVE-2023-1855.json) (`2023-05-03T14:15:25.843`)
* [CVE-2023-1989](CVE-2023/CVE-2023-19xx/CVE-2023-1989.json) (`2023-05-03T14:15:27.110`)
* [CVE-2023-1990](CVE-2023/CVE-2023-19xx/CVE-2023-1990.json) (`2023-05-03T14:15:28.543`)
* [CVE-2023-1998](CVE-2023/CVE-2023-19xx/CVE-2023-1998.json) (`2023-05-03T15:16:29.733`)
* [CVE-2023-2162](CVE-2023/CVE-2023-21xx/CVE-2023-2162.json) (`2023-05-03T14:15:33.847`)
* [CVE-2023-2194](CVE-2023/CVE-2023-21xx/CVE-2023-2194.json) (`2023-05-03T14:15:34.133`)
* [CVE-2023-2220](CVE-2023/CVE-2023-22xx/CVE-2023-2220.json) (`2023-05-03T15:26:07.897`)
* [CVE-2023-2226](CVE-2023/CVE-2023-22xx/CVE-2023-2226.json) (`2023-05-03T14:51:43.173`)
* [CVE-2023-2227](CVE-2023/CVE-2023-22xx/CVE-2023-2227.json) (`2023-05-03T14:53:27.287`)
* [CVE-2023-2228](CVE-2023/CVE-2023-22xx/CVE-2023-2228.json) (`2023-05-03T14:55:49.147`)
* [CVE-2023-2231](CVE-2023/CVE-2023-22xx/CVE-2023-2231.json) (`2023-05-03T15:22:57.563`)
* [CVE-2023-22713](CVE-2023/CVE-2023-227xx/CVE-2023-22713.json) (`2023-05-03T14:41:00.093`)
* [CVE-2023-23454](CVE-2023/CVE-2023-234xx/CVE-2023-23454.json) (`2023-05-03T14:15:31.060`)
* [CVE-2023-23455](CVE-2023/CVE-2023-234xx/CVE-2023-23455.json) (`2023-05-03T14:15:31.450`)
* [CVE-2023-23559](CVE-2023/CVE-2023-235xx/CVE-2023-23559.json) (`2023-05-03T14:15:31.700`)
* [CVE-2023-23708](CVE-2023/CVE-2023-237xx/CVE-2023-23708.json) (`2023-05-03T14:41:00.093`)
* [CVE-2023-23820](CVE-2023/CVE-2023-238xx/CVE-2023-23820.json) (`2023-05-03T14:41:00.093`)
* [CVE-2023-24818](CVE-2023/CVE-2023-248xx/CVE-2023-24818.json) (`2023-05-03T15:44:33.400`)
* [CVE-2023-25131](CVE-2023/CVE-2023-251xx/CVE-2023-25131.json) (`2023-05-03T15:29:22.673`)
* [CVE-2023-25783](CVE-2023/CVE-2023-257xx/CVE-2023-25783.json) (`2023-05-03T14:41:11.100`)
* [CVE-2023-25784](CVE-2023/CVE-2023-257xx/CVE-2023-25784.json) (`2023-05-03T14:41:11.100`)
* [CVE-2023-25786](CVE-2023/CVE-2023-257xx/CVE-2023-25786.json) (`2023-05-03T14:41:00.093`)
* [CVE-2023-25787](CVE-2023/CVE-2023-257xx/CVE-2023-25787.json) (`2023-05-03T14:41:00.093`)
* [CVE-2023-25789](CVE-2023/CVE-2023-257xx/CVE-2023-25789.json) (`2023-05-03T14:41:00.093`)
* [CVE-2023-25792](CVE-2023/CVE-2023-257xx/CVE-2023-25792.json) (`2023-05-03T14:41:00.093`)
* [CVE-2023-25796](CVE-2023/CVE-2023-257xx/CVE-2023-25796.json) (`2023-05-03T14:41:00.093`)
* [CVE-2023-25797](CVE-2023/CVE-2023-257xx/CVE-2023-25797.json) (`2023-05-03T14:41:00.093`)
* [CVE-2023-25798](CVE-2023/CVE-2023-257xx/CVE-2023-25798.json) (`2023-05-03T14:41:00.093`)
* [CVE-2023-26097](CVE-2023/CVE-2023-260xx/CVE-2023-26097.json) (`2023-05-03T15:44:39.657`)
* [CVE-2023-26099](CVE-2023/CVE-2023-260xx/CVE-2023-26099.json) (`2023-05-03T15:46:52.087`)
* [CVE-2023-26545](CVE-2023/CVE-2023-265xx/CVE-2023-26545.json) (`2023-05-03T14:15:32.977`)
* [CVE-2023-26865](CVE-2023/CVE-2023-268xx/CVE-2023-26865.json) (`2023-05-03T14:57:14.857`)
* [CVE-2023-27848](CVE-2023/CVE-2023-278xx/CVE-2023-27848.json) (`2023-05-03T15:29:21.517`)
* [CVE-2023-27990](CVE-2023/CVE-2023-279xx/CVE-2023-27990.json) (`2023-05-03T15:01:39.687`)
* [CVE-2023-27991](CVE-2023/CVE-2023-279xx/CVE-2023-27991.json) (`2023-05-03T15:04:37.820`)
* [CVE-2023-28328](CVE-2023/CVE-2023-283xx/CVE-2023-28328.json) (`2023-05-03T14:15:33.387`)
* [CVE-2023-29020](CVE-2023/CVE-2023-290xx/CVE-2023-29020.json) (`2023-05-03T14:42:00.337`)
* [CVE-2023-29579](CVE-2023/CVE-2023-295xx/CVE-2023-29579.json) (`2023-05-03T14:27:39.120`)
* [CVE-2023-29582](CVE-2023/CVE-2023-295xx/CVE-2023-29582.json) (`2023-05-03T14:29:09.613`)
* [CVE-2023-29905](CVE-2023/CVE-2023-299xx/CVE-2023-29905.json) (`2023-05-03T15:17:55.217`)
* [CVE-2023-29906](CVE-2023/CVE-2023-299xx/CVE-2023-29906.json) (`2023-05-03T15:18:18.183`)
* [CVE-2023-30456](CVE-2023/CVE-2023-304xx/CVE-2023-30456.json) (`2023-05-03T14:15:34.530`)
* [CVE-2023-30772](CVE-2023/CVE-2023-307xx/CVE-2023-30772.json) (`2023-05-03T14:15:34.807`)
* [CVE-2012-10013](CVE-2012/CVE-2012-100xx/CVE-2012-10013.json) (`2023-05-03T17:03:26.333`)
* [CVE-2012-10014](CVE-2012/CVE-2012-100xx/CVE-2012-10014.json) (`2023-05-03T17:00:58.130`)
* [CVE-2022-24249](CVE-2022/CVE-2022-242xx/CVE-2022-24249.json) (`2023-05-03T16:48:21.923`)
* [CVE-2022-27145](CVE-2022/CVE-2022-271xx/CVE-2022-27145.json) (`2023-05-03T16:48:11.460`)
* [CVE-2022-29609](CVE-2022/CVE-2022-296xx/CVE-2022-29609.json) (`2023-05-03T17:55:53.000`)
* [CVE-2022-29944](CVE-2022/CVE-2022-299xx/CVE-2022-29944.json) (`2023-05-03T17:27:22.773`)
* [CVE-2023-2251](CVE-2023/CVE-2023-22xx/CVE-2023-2251.json) (`2023-05-03T17:26:16.587`)
* [CVE-2023-22918](CVE-2023/CVE-2023-229xx/CVE-2023-22918.json) (`2023-05-03T16:58:15.893`)
* [CVE-2023-2307](CVE-2023/CVE-2023-23xx/CVE-2023-2307.json) (`2023-05-03T16:41:14.190`)
* [CVE-2023-2345](CVE-2023/CVE-2023-23xx/CVE-2023-2345.json) (`2023-05-03T16:59:03.360`)
* [CVE-2023-2346](CVE-2023/CVE-2023-23xx/CVE-2023-2346.json) (`2023-05-03T16:58:35.860`)
* [CVE-2023-2347](CVE-2023/CVE-2023-23xx/CVE-2023-2347.json) (`2023-05-03T16:58:18.770`)
* [CVE-2023-2348](CVE-2023/CVE-2023-23xx/CVE-2023-2348.json) (`2023-05-03T16:57:42.023`)
* [CVE-2023-24819](CVE-2023/CVE-2023-248xx/CVE-2023-24819.json) (`2023-05-03T16:12:07.527`)
* [CVE-2023-24820](CVE-2023/CVE-2023-248xx/CVE-2023-24820.json) (`2023-05-03T16:27:55.537`)
* [CVE-2023-26059](CVE-2023/CVE-2023-260xx/CVE-2023-26059.json) (`2023-05-03T16:06:54.337`)
* [CVE-2023-26930](CVE-2023/CVE-2023-269xx/CVE-2023-26930.json) (`2023-05-03T16:49:07.453`)
* [CVE-2023-26931](CVE-2023/CVE-2023-269xx/CVE-2023-26931.json) (`2023-05-03T16:48:11.660`)
* [CVE-2023-26934](CVE-2023/CVE-2023-269xx/CVE-2023-26934.json) (`2023-05-03T16:47:27.773`)
* [CVE-2023-26935](CVE-2023/CVE-2023-269xx/CVE-2023-26935.json) (`2023-05-03T16:46:40.757`)
* [CVE-2023-26936](CVE-2023/CVE-2023-269xx/CVE-2023-26936.json) (`2023-05-03T16:46:25.367`)
* [CVE-2023-26937](CVE-2023/CVE-2023-269xx/CVE-2023-26937.json) (`2023-05-03T16:45:53.083`)
* [CVE-2023-26938](CVE-2023/CVE-2023-269xx/CVE-2023-26938.json) (`2023-05-03T16:45:10.690`)
* [CVE-2023-29479](CVE-2023/CVE-2023-294xx/CVE-2023-29479.json) (`2023-05-03T16:56:35.370`)
* [CVE-2023-29480](CVE-2023/CVE-2023-294xx/CVE-2023-29480.json) (`2023-05-03T17:11:10.983`)
* [CVE-2023-30210](CVE-2023/CVE-2023-302xx/CVE-2023-30210.json) (`2023-05-03T16:41:53.360`)
* [CVE-2023-30211](CVE-2023/CVE-2023-302xx/CVE-2023-30211.json) (`2023-05-03T16:41:39.160`)
* [CVE-2023-30212](CVE-2023/CVE-2023-302xx/CVE-2023-30212.json) (`2023-05-03T16:38:41.690`)
* [CVE-2023-30338](CVE-2023/CVE-2023-303xx/CVE-2023-30338.json) (`2023-05-03T16:57:02.093`)
* [CVE-2023-30613](CVE-2023/CVE-2023-306xx/CVE-2023-30613.json) (`2023-05-03T17:24:05.977`)
## Download and Usage