diff --git a/CVE-2021/CVE-2021-250xx/CVE-2021-25020.json b/CVE-2021/CVE-2021-250xx/CVE-2021-25020.json
index 5bb96f06cb7..55bea50bf6a 100644
--- a/CVE-2021/CVE-2021-250xx/CVE-2021-25020.json
+++ b/CVE-2021/CVE-2021-250xx/CVE-2021-25020.json
@@ -2,7 +2,7 @@
"id": "CVE-2021-25020",
"sourceIdentifier": "contact@wpscan.com",
"published": "2022-01-03T13:15:08.957",
- "lastModified": "2022-01-11T13:27:46.867",
+ "lastModified": "2024-01-18T14:44:33.163",
"vulnStatus": "Analyzed",
"descriptions": [
{
@@ -94,9 +94,9 @@
"cpeMatch": [
{
"vulnerable": true,
- "criteria": "cpe:2.3:a:ffw:complete_analytics_optimization_suite:*:*:*:*:*:wordpress:*:*",
+ "criteria": "cpe:2.3:a:daan:complete_analytics_optimization_suite:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.1.9",
- "matchCriteriaId": "7739F2A7-8C8E-4B43-A062-4E493456C556"
+ "matchCriteriaId": "0950655A-F550-4056-AF69-CA28ADBC57CE"
}
]
}
diff --git a/CVE-2021/CVE-2021-44xx/CVE-2021-4433.json b/CVE-2021/CVE-2021-44xx/CVE-2021-4433.json
index 743df8f12e8..31409a5b1a2 100644
--- a/CVE-2021/CVE-2021-44xx/CVE-2021-4433.json
+++ b/CVE-2021/CVE-2021-44xx/CVE-2021-4433.json
@@ -2,12 +2,16 @@
"id": "CVE-2021-4433",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-18T01:15:43.460",
- "lastModified": "2024-01-18T01:15:43.460",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:01.673",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Karjasoft Sami HTTP Server 2.0. It has been classified as problematic. Affected is an unknown function of the component HTTP HEAD Rrequest Handler. The manipulation leads to denial of service. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250836."
+ },
+ {
+ "lang": "es",
+ "value": "Se encontr\u00f3 una vulnerabilidad en Karjasoft Sami HTTP Server 2.0. Ha sido clasificada como problem\u00e1tica. Una funci\u00f3n desconocida del componente HTTP HEAD Rrequest Handler es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce a la denegaci\u00f3n del servicio. Es posible lanzar el ataque de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-250836."
}
],
"metrics": {
diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28197.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28197.json
index f7b3c2e182a..1c08004afd5 100644
--- a/CVE-2023/CVE-2023-281xx/CVE-2023-28197.json
+++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28197.json
@@ -2,8 +2,8 @@
"id": "CVE-2023-28197",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-01-10T22:15:47.853",
- "lastModified": "2024-01-11T13:57:35.163",
- "vulnStatus": "Awaiting Analysis",
+ "lastModified": "2024-01-18T14:49:49.540",
+ "vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@@ -14,19 +14,98 @@
"value": "Se solucion\u00f3 un problema de acceso con restricciones adicionales de sandbox. Este problema se solucion\u00f3 en macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario."
}
],
- "metrics": {},
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
+ "attackVector": "LOCAL",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "REQUIRED",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "LOW",
+ "integrityImpact": "NONE",
+ "availabilityImpact": "NONE",
+ "baseScore": 3.3,
+ "baseSeverity": "LOW"
+ },
+ "exploitabilityScore": 1.8,
+ "impactScore": 1.4
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "NVD-CWE-Other"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "11.7.5",
+ "matchCriteriaId": "4895F6FE-9045-4243-BECA-D63037F63516"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
+ "versionStartIncluding": "12.0.0",
+ "versionEndExcluding": "12.6.4",
+ "matchCriteriaId": "AE2C29D7-C8CC-4AA3-A2E4-1FE17737A98B"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
+ "versionStartIncluding": "13.0",
+ "versionEndExcluding": "13.3",
+ "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96"
+ }
+ ]
+ }
+ ]
+ }
+ ],
"references": [
{
"url": "https://support.apple.com/en-us/HT213670",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213675",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213677",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
}
]
}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32366.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32366.json
index dc5b6877888..1c9a2b1ab90 100644
--- a/CVE-2023/CVE-2023-323xx/CVE-2023-32366.json
+++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32366.json
@@ -2,8 +2,8 @@
"id": "CVE-2023-32366",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-01-10T22:15:47.897",
- "lastModified": "2024-01-11T13:57:35.163",
- "vulnStatus": "Awaiting Analysis",
+ "lastModified": "2024-01-18T14:48:05.697",
+ "vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@@ -14,27 +14,140 @@
"value": "Se solucion\u00f3 un problema de escritura fuera de los l\u00edmites con una validaci\u00f3n de entrada mejorada. Este problema se solucion\u00f3 en macOS Big Sur 11.7.5, macOS Ventura 13.3, iOS 16.4 y iPadOS 16.4, iOS 15.7.4 y iPadOS 15.7.4, macOS Monterey 12.6.4. El procesamiento de un archivo de fuente puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
- "metrics": {},
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+ "attackVector": "LOCAL",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "REQUIRED",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "HIGH",
+ "availabilityImpact": "HIGH",
+ "baseScore": 7.8,
+ "baseSeverity": "HIGH"
+ },
+ "exploitabilityScore": 1.8,
+ "impactScore": 5.9
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-787"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "15.7.4",
+ "matchCriteriaId": "6342B4CB-4D7D-4FBD-8A5E-E3DABDC7770E"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
+ "versionStartIncluding": "16.0",
+ "versionEndExcluding": "16.4",
+ "matchCriteriaId": "79A85DA3-B374-444F-B9A2-7E4F334C26DA"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "15.7.4",
+ "matchCriteriaId": "C75E4307-6CF3-4835-8E5F-96BF060658C8"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
+ "versionStartIncluding": "16.0",
+ "versionEndExcluding": "16.4",
+ "matchCriteriaId": "E33C3BC5-6CFC-4B58-8642-80A9FE00DB24"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "11.7.5",
+ "matchCriteriaId": "4895F6FE-9045-4243-BECA-D63037F63516"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
+ "versionStartIncluding": "12.0.0",
+ "versionEndExcluding": "12.6.4",
+ "matchCriteriaId": "AE2C29D7-C8CC-4AA3-A2E4-1FE17737A98B"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
+ "versionStartIncluding": "13.0",
+ "versionEndExcluding": "13.3",
+ "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96"
+ }
+ ]
+ }
+ ]
+ }
+ ],
"references": [
{
"url": "https://support.apple.com/en-us/HT213670",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213673",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213675",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213676",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213677",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
}
]
}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32378.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32378.json
index 7332ad40d51..23cae638055 100644
--- a/CVE-2023/CVE-2023-323xx/CVE-2023-32378.json
+++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32378.json
@@ -2,8 +2,8 @@
"id": "CVE-2023-32378",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-01-10T22:15:47.943",
- "lastModified": "2024-01-11T13:57:35.163",
- "vulnStatus": "Awaiting Analysis",
+ "lastModified": "2024-01-18T14:47:06.280",
+ "vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@@ -14,19 +14,98 @@
"value": "Se solucion\u00f3 un problema de use after free con una gesti\u00f3n de memoria mejorada. Este problema se solucion\u00f3 en macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4. Una aplicaci\u00f3n puede ejecutar c\u00f3digo arbitrario con privilegios del kernel."
}
],
- "metrics": {},
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+ "attackVector": "LOCAL",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "REQUIRED",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "HIGH",
+ "availabilityImpact": "HIGH",
+ "baseScore": 7.8,
+ "baseSeverity": "HIGH"
+ },
+ "exploitabilityScore": 1.8,
+ "impactScore": 5.9
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-416"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "11.7.5",
+ "matchCriteriaId": "4895F6FE-9045-4243-BECA-D63037F63516"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
+ "versionStartIncluding": "12.0.0",
+ "versionEndExcluding": "12.6.4",
+ "matchCriteriaId": "AE2C29D7-C8CC-4AA3-A2E4-1FE17737A98B"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
+ "versionStartIncluding": "13.0",
+ "versionEndExcluding": "13.3",
+ "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96"
+ }
+ ]
+ }
+ ]
+ }
+ ],
"references": [
{
"url": "https://support.apple.com/en-us/HT213670",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213675",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213677",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
}
]
}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32383.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32383.json
index d4f4ba6b4da..a71ce8b3b62 100644
--- a/CVE-2023/CVE-2023-323xx/CVE-2023-32383.json
+++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32383.json
@@ -2,8 +2,8 @@
"id": "CVE-2023-32383",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-01-10T22:15:47.987",
- "lastModified": "2024-01-11T13:57:35.163",
- "vulnStatus": "Awaiting Analysis",
+ "lastModified": "2024-01-18T14:46:30.137",
+ "vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@@ -14,19 +14,98 @@
"value": "Este problema se solucion\u00f3 forzando un runtime reforzado en los archivos binarios afectados a nivel del sistema. Este problema se solucion\u00f3 en macOS Monterey 12.6.6, macOS Big Sur 11.7.7, macOS Ventura 13.4. Es posible que una aplicaci\u00f3n pueda inyectar c\u00f3digo en archivos binarios confidenciales incluidos con Xcode."
}
],
- "metrics": {},
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+ "attackVector": "LOCAL",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "REQUIRED",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "HIGH",
+ "availabilityImpact": "HIGH",
+ "baseScore": 7.8,
+ "baseSeverity": "HIGH"
+ },
+ "exploitabilityScore": 1.8,
+ "impactScore": 5.9
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "NVD-CWE-noinfo"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "11.7.7",
+ "matchCriteriaId": "BA5AB1A2-FCA0-4081-804C-687928811E50"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
+ "versionStartIncluding": "12.0.0",
+ "versionEndExcluding": "12.6.6",
+ "matchCriteriaId": "057C3BDA-4822-4256-A016-4B32A05DD3B7"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
+ "versionStartIncluding": "13.0",
+ "versionEndExcluding": "13.4",
+ "matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
+ }
+ ]
+ }
+ ]
+ }
+ ],
"references": [
{
"url": "https://support.apple.com/en-us/HT213758",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213759",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213760",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
}
]
}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32401.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32401.json
index af054de135f..b9c6774d444 100644
--- a/CVE-2023/CVE-2023-324xx/CVE-2023-32401.json
+++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32401.json
@@ -2,8 +2,8 @@
"id": "CVE-2023-32401",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-01-10T22:15:48.040",
- "lastModified": "2024-01-11T13:57:35.163",
- "vulnStatus": "Awaiting Analysis",
+ "lastModified": "2024-01-18T14:45:33.753",
+ "vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@@ -14,19 +14,98 @@
"value": "Se solucion\u00f3 un desbordamiento de b\u00fafer mejorando la verificaci\u00f3n de l\u00edmites. Este problema se solucion\u00f3 en macOS Monterey 12.6.6, macOS Big Sur 11.7.7, macOS Ventura 13.4. El an\u00e1lisis de un documento de Office puede provocar la finalizaci\u00f3n inesperada de una aplicaci\u00f3n o la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
- "metrics": {},
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+ "attackVector": "LOCAL",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "REQUIRED",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "HIGH",
+ "availabilityImpact": "HIGH",
+ "baseScore": 7.8,
+ "baseSeverity": "HIGH"
+ },
+ "exploitabilityScore": 1.8,
+ "impactScore": 5.9
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-120"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "11.7.7",
+ "matchCriteriaId": "BA5AB1A2-FCA0-4081-804C-687928811E50"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
+ "versionStartIncluding": "12.0.0",
+ "versionEndExcluding": "12.6.6",
+ "matchCriteriaId": "057C3BDA-4822-4256-A016-4B32A05DD3B7"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
+ "versionStartIncluding": "13.0",
+ "versionEndExcluding": "13.4",
+ "matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
+ }
+ ]
+ }
+ ]
+ }
+ ],
"references": [
{
"url": "https://support.apple.com/en-us/HT213758",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213759",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213760",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
}
]
}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32424.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32424.json
index 40bfe93829a..5d54a7304b7 100644
--- a/CVE-2023/CVE-2023-324xx/CVE-2023-32424.json
+++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32424.json
@@ -2,8 +2,8 @@
"id": "CVE-2023-32424",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-01-10T22:15:48.087",
- "lastModified": "2024-01-11T13:57:35.163",
- "vulnStatus": "Awaiting Analysis",
+ "lastModified": "2024-01-18T14:44:50.053",
+ "vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@@ -14,15 +14,88 @@
"value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en iOS 16.4 y iPadOS 16.4, watchOS 9.4. Un atacante que ya haya logrado la ejecuci\u00f3n del c\u00f3digo del kernel puede omitir las mitigaciones de memoria del kernel."
}
],
- "metrics": {},
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
+ "attackVector": "LOCAL",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "REQUIRED",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "HIGH",
+ "availabilityImpact": "NONE",
+ "baseScore": 5.5,
+ "baseSeverity": "MEDIUM"
+ },
+ "exploitabilityScore": 1.8,
+ "impactScore": 3.6
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "NVD-CWE-noinfo"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "16.4",
+ "matchCriteriaId": "EE68C5EC-5829-481D-BFF7-0A501018A3CE"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "16.4",
+ "matchCriteriaId": "F02C0CA5-8ABA-48C7-BCAE-5CF25435DF87"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "9.4",
+ "matchCriteriaId": "B5DA93B3-CA76-4932-84EE-40445A6505EA"
+ }
+ ]
+ }
+ ]
+ }
+ ],
"references": [
{
"url": "https://support.apple.com/en-us/HT213676",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213678",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
}
]
}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32436.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32436.json
index 7aeb8b187f8..fe36c5d8e80 100644
--- a/CVE-2023/CVE-2023-324xx/CVE-2023-32436.json
+++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32436.json
@@ -2,8 +2,8 @@
"id": "CVE-2023-32436",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-01-10T22:15:48.140",
- "lastModified": "2024-01-11T13:57:35.163",
- "vulnStatus": "Awaiting Analysis",
+ "lastModified": "2024-01-18T14:35:09.270",
+ "vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@@ -14,11 +14,68 @@
"value": "El problema se solucion\u00f3 con comprobaciones de l\u00edmites mejoradas. Este problema se solucion\u00f3 en macOS Ventura 13.3. Una aplicaci\u00f3n puede provocar la finalizaci\u00f3n inesperada del sistema o escribir en la memoria del kernel."
}
],
- "metrics": {},
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
+ "attackVector": "LOCAL",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "REQUIRED",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "HIGH",
+ "availabilityImpact": "HIGH",
+ "baseScore": 7.1,
+ "baseSeverity": "HIGH"
+ },
+ "exploitabilityScore": 1.8,
+ "impactScore": 5.2
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "NVD-CWE-noinfo"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "13.3",
+ "matchCriteriaId": "F58DAF22-8807-445A-AD05-8510829526CB"
+ }
+ ]
+ }
+ ]
+ }
+ ],
"references": [
{
"url": "https://support.apple.com/en-us/HT213670",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
}
]
}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-379xx/CVE-2023-37934.json b/CVE-2023/CVE-2023-379xx/CVE-2023-37934.json
index b5b1c19634f..738c92c6222 100644
--- a/CVE-2023/CVE-2023-379xx/CVE-2023-37934.json
+++ b/CVE-2023/CVE-2023-379xx/CVE-2023-37934.json
@@ -2,8 +2,8 @@
"id": "CVE-2023-37934",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2024-01-10T18:15:45.823",
- "lastModified": "2024-01-11T13:57:35.163",
- "vulnStatus": "Awaiting Analysis",
+ "lastModified": "2024-01-18T13:55:37.760",
+ "vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
+ "attackVector": "NETWORK",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "LOW",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "NONE",
+ "availabilityImpact": "HIGH",
+ "baseScore": 6.5,
+ "baseSeverity": "MEDIUM"
+ },
+ "exploitabilityScore": 2.8,
+ "impactScore": 3.6
+ },
{
"source": "psirt@fortinet.com",
"type": "Secondary",
@@ -50,10 +70,32 @@
]
}
],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*",
+ "versionStartIncluding": "1.0.0",
+ "versionEndExcluding": "1.1.0",
+ "matchCriteriaId": "5296F4A1-F228-451A-9B42-A418B7DCFFBA"
+ }
+ ]
+ }
+ ]
+ }
+ ],
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-23-226",
- "source": "psirt@fortinet.com"
+ "source": "psirt@fortinet.com",
+ "tags": [
+ "Vendor Advisory"
+ ]
}
]
}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-386xx/CVE-2023-38610.json b/CVE-2023/CVE-2023-386xx/CVE-2023-38610.json
index 9238f44decb..93b12a5fa5a 100644
--- a/CVE-2023/CVE-2023-386xx/CVE-2023-38610.json
+++ b/CVE-2023/CVE-2023-386xx/CVE-2023-38610.json
@@ -2,8 +2,8 @@
"id": "CVE-2023-38610",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-01-10T22:15:48.357",
- "lastModified": "2024-01-11T13:57:35.163",
- "vulnStatus": "Awaiting Analysis",
+ "lastModified": "2024-01-18T14:34:34.800",
+ "vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@@ -14,15 +14,88 @@
"value": "Se solucion\u00f3 un problema de corrupci\u00f3n de memoria eliminando el c\u00f3digo vulnerable. Este problema se solucion\u00f3 en macOS Sonoma 14, iOS 17 y iPadOS 17. Una aplicaci\u00f3n puede provocar la finalizaci\u00f3n inesperada del sistema o escribir en la memoria del kernel."
}
],
- "metrics": {},
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
+ "attackVector": "LOCAL",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "REQUIRED",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "HIGH",
+ "availabilityImpact": "HIGH",
+ "baseScore": 7.1,
+ "baseSeverity": "HIGH"
+ },
+ "exploitabilityScore": 1.8,
+ "impactScore": 5.2
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-787"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "17.0",
+ "matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "17.0",
+ "matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "14.0",
+ "matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605"
+ }
+ ]
+ }
+ ]
+ }
+ ],
"references": [
{
"url": "https://support.apple.com/en-us/HT213938",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213940",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
}
]
}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-386xx/CVE-2023-38612.json b/CVE-2023/CVE-2023-386xx/CVE-2023-38612.json
index 6771e7e1a5e..d67a7506722 100644
--- a/CVE-2023/CVE-2023-386xx/CVE-2023-38612.json
+++ b/CVE-2023/CVE-2023-386xx/CVE-2023-38612.json
@@ -2,8 +2,8 @@
"id": "CVE-2023-38612",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-01-10T22:15:48.403",
- "lastModified": "2024-01-11T13:57:35.163",
- "vulnStatus": "Awaiting Analysis",
+ "lastModified": "2024-01-18T14:34:06.457",
+ "vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@@ -14,27 +14,119 @@
"value": "El problema se solucion\u00f3 con controles mejorados. Este problema se solucion\u00f3 en macOS Monterey 12.7, iOS 16.7 y iPadOS 16.7, iOS 17 y iPadOS 17, macOS Sonoma 14, macOS Ventura 13.6. Es posible que una aplicaci\u00f3n pueda acceder a datos de usuario protegidos."
}
],
- "metrics": {},
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
+ "attackVector": "LOCAL",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "REQUIRED",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "LOW",
+ "integrityImpact": "NONE",
+ "availabilityImpact": "NONE",
+ "baseScore": 3.3,
+ "baseSeverity": "LOW"
+ },
+ "exploitabilityScore": 1.8,
+ "impactScore": 1.4
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "NVD-CWE-noinfo"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "16.7",
+ "matchCriteriaId": "1CEB5BA1-7092-4ADE-B19F-FD34CB53CCC3"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "16.7",
+ "matchCriteriaId": "3FC8EB94-1D4F-4CE8-83D0-9086D1EBBC8F"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "12.7",
+ "matchCriteriaId": "EC267D31-3DA5-4716-9160-2F997F6700A3"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
+ "versionStartIncluding": "13.0",
+ "versionEndExcluding": "13.6",
+ "matchCriteriaId": "7A78DA60-AE3B-4B3C-B338-97DAFABEBB1F"
+ }
+ ]
+ }
+ ]
+ }
+ ],
"references": [
{
"url": "https://support.apple.com/en-us/HT213927",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213931",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213932",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213938",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213940",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
}
]
}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40383.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40383.json
index 45fe070f3fb..bbf06a4a9c2 100644
--- a/CVE-2023/CVE-2023-403xx/CVE-2023-40383.json
+++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40383.json
@@ -2,8 +2,8 @@
"id": "CVE-2023-40383",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-01-10T22:15:48.460",
- "lastModified": "2024-01-11T13:57:35.163",
- "vulnStatus": "Awaiting Analysis",
+ "lastModified": "2024-01-18T14:33:07.667",
+ "vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@@ -14,11 +14,68 @@
"value": "Se solucion\u00f3 un problema de path handling con una validaci\u00f3n mejorada. Este problema se solucion\u00f3 en macOS Ventura 13.3. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario."
}
],
- "metrics": {},
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
+ "attackVector": "LOCAL",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "REQUIRED",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "LOW",
+ "integrityImpact": "NONE",
+ "availabilityImpact": "NONE",
+ "baseScore": 3.3,
+ "baseSeverity": "LOW"
+ },
+ "exploitabilityScore": 1.8,
+ "impactScore": 1.4
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "NVD-CWE-noinfo"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "13.3",
+ "matchCriteriaId": "F58DAF22-8807-445A-AD05-8510829526CB"
+ }
+ ]
+ }
+ ]
+ }
+ ],
"references": [
{
"url": "https://support.apple.com/en-us/HT213670",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
}
]
}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40385.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40385.json
index fdf89d4e8e5..4d6be16542c 100644
--- a/CVE-2023/CVE-2023-403xx/CVE-2023-40385.json
+++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40385.json
@@ -2,8 +2,8 @@
"id": "CVE-2023-40385",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-01-10T22:15:48.503",
- "lastModified": "2024-01-11T13:57:35.163",
- "vulnStatus": "Awaiting Analysis",
+ "lastModified": "2024-01-18T14:32:30.730",
+ "vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@@ -14,19 +14,102 @@
"value": "Este problema se solucion\u00f3 eliminando el c\u00f3digo vulnerable. Este problema se solucion\u00f3 en macOS Sonoma 14, Safari 17, iOS 17 y iPadOS 17. Un atacante remoto puede ver consultas de DNS filtradas con Private Relay activado."
}
],
- "metrics": {},
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
+ "attackVector": "NETWORK",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "REQUIRED",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "NONE",
+ "availabilityImpact": "NONE",
+ "baseScore": 6.5,
+ "baseSeverity": "MEDIUM"
+ },
+ "exploitabilityScore": 2.8,
+ "impactScore": 3.6
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "NVD-CWE-noinfo"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "17.0",
+ "matchCriteriaId": "93FB6D0F-A668-47CF-A63D-755CA3BA259A"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "17.0",
+ "matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "17.0",
+ "matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "14.0",
+ "matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605"
+ }
+ ]
+ }
+ ]
+ }
+ ],
"references": [
{
"url": "https://support.apple.com/en-us/HT213938",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213940",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213941",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
}
]
}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40394.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40394.json
index 108403adb8c..c84f76c2509 100644
--- a/CVE-2023/CVE-2023-403xx/CVE-2023-40394.json
+++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40394.json
@@ -2,8 +2,8 @@
"id": "CVE-2023-40394",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-01-10T22:15:48.593",
- "lastModified": "2024-01-11T13:57:35.163",
- "vulnStatus": "Awaiting Analysis",
+ "lastModified": "2024-01-18T14:31:24.653",
+ "vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@@ -14,11 +14,74 @@
"value": "El problema se abord\u00f3 con una validaci\u00f3n mejorada de las variables ambientales. Este problema se solucion\u00f3 en iOS 16.6 y iPadOS 16.6. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario."
}
],
- "metrics": {},
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
+ "attackVector": "LOCAL",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "REQUIRED",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "LOW",
+ "integrityImpact": "NONE",
+ "availabilityImpact": "NONE",
+ "baseScore": 3.3,
+ "baseSeverity": "LOW"
+ },
+ "exploitabilityScore": 1.8,
+ "impactScore": 1.4
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "NVD-CWE-noinfo"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "16.6",
+ "matchCriteriaId": "F362BEC4-90C7-4305-BFF9-645FE6C52DFE"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "16.6",
+ "matchCriteriaId": "DB63BAC2-C756-428C-8BAC-BAD39FBE5EF4"
+ }
+ ]
+ }
+ ]
+ }
+ ],
"references": [
{
"url": "https://support.apple.com/en-us/HT213841",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
}
]
}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-404xx/CVE-2023-40414.json b/CVE-2023/CVE-2023-404xx/CVE-2023-40414.json
index 75c26555a04..0373c0429e0 100644
--- a/CVE-2023/CVE-2023-404xx/CVE-2023-40414.json
+++ b/CVE-2023/CVE-2023-404xx/CVE-2023-40414.json
@@ -2,8 +2,8 @@
"id": "CVE-2023-40414",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-01-10T22:15:48.687",
- "lastModified": "2024-01-11T13:57:35.163",
- "vulnStatus": "Awaiting Analysis",
+ "lastModified": "2024-01-18T14:30:39.767",
+ "vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@@ -14,27 +14,130 @@
"value": "Se solucion\u00f3 un problema de use after free con una gesti\u00f3n de memoria mejorada. Este problema se solucion\u00f3 en watchOS 10, iOS 17 y iPadOS 17, tvOS 17, macOS Sonoma 14, Safari 17. El procesamiento de contenido web puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
- "metrics": {},
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+ "attackVector": "NETWORK",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "HIGH",
+ "availabilityImpact": "HIGH",
+ "baseScore": 9.8,
+ "baseSeverity": "CRITICAL"
+ },
+ "exploitabilityScore": 3.9,
+ "impactScore": 5.9
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-416"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "17.0",
+ "matchCriteriaId": "93FB6D0F-A668-47CF-A63D-755CA3BA259A"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "17.0",
+ "matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "17.0",
+ "matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "14.0",
+ "matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "17.0",
+ "matchCriteriaId": "93620AD0-115A-4F86-B533-76A190AF41A0"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "10.0",
+ "matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
+ }
+ ]
+ }
+ ]
+ }
+ ],
"references": [
{
"url": "https://support.apple.com/en-us/HT213936",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213937",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213938",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213940",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://support.apple.com/en-us/HT213941",
- "source": "product-security@apple.com"
+ "source": "product-security@apple.com",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
}
]
}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-440xx/CVE-2023-44077.json b/CVE-2023/CVE-2023-440xx/CVE-2023-44077.json
index b8f827675cd..bf3011991ec 100644
--- a/CVE-2023/CVE-2023-440xx/CVE-2023-44077.json
+++ b/CVE-2023/CVE-2023-440xx/CVE-2023-44077.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-44077",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-17T20:15:50.517",
- "lastModified": "2024-01-17T20:15:50.517",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:11.613",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Studio Network Solutions ShareBrowser before 7.0 on macOS mishandles signature verification, aka PMP-2636."
+ },
+ {
+ "lang": "es",
+ "value": "Studio Network Solutions ShareBrowser anterior a 7.0 en macOS maneja mal la verificaci\u00f3n de firmas, tambi\u00e9n conocido como PMP-2636."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-442xx/CVE-2023-44250.json b/CVE-2023/CVE-2023-442xx/CVE-2023-44250.json
index 567654e02f2..b23d3584402 100644
--- a/CVE-2023/CVE-2023-442xx/CVE-2023-44250.json
+++ b/CVE-2023/CVE-2023-442xx/CVE-2023-44250.json
@@ -2,8 +2,8 @@
"id": "CVE-2023-44250",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2024-01-10T18:15:46.030",
- "lastModified": "2024-01-11T13:57:35.163",
- "vulnStatus": "Awaiting Analysis",
+ "lastModified": "2024-01-18T13:54:40.410",
+ "vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+ "attackVector": "NETWORK",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "LOW",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "HIGH",
+ "availabilityImpact": "HIGH",
+ "baseScore": 8.8,
+ "baseSeverity": "HIGH"
+ },
+ "exploitabilityScore": 2.8,
+ "impactScore": 5.9
+ },
{
"source": "psirt@fortinet.com",
"type": "Secondary",
@@ -50,10 +70,50 @@
]
}
],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*",
+ "matchCriteriaId": "9010968B-B839-4B7C-BFB5-6BD9CBCEC166"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:fortinet:fortiproxy:7.4.1:*:*:*:*:*:*:*",
+ "matchCriteriaId": "1491795D-14BA-4D82-9CB0-6FA7D35EB64E"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*",
+ "matchCriteriaId": "06FF7838-98E3-4022-95D3-D7B540D98D73"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
+ "matchCriteriaId": "61540F5B-080A-4D44-8BE0-75D7A0DCCB53"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
+ "matchCriteriaId": "17FE168A-0EA4-467C-91D2-87EB6D83917A"
+ }
+ ]
+ }
+ ]
+ }
+ ],
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-23-315",
- "source": "psirt@fortinet.com"
+ "source": "psirt@fortinet.com",
+ "tags": [
+ "Vendor Advisory"
+ ]
}
]
}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-483xx/CVE-2023-48339.json b/CVE-2023/CVE-2023-483xx/CVE-2023-48339.json
index 37d2480fde1..2f880b23006 100644
--- a/CVE-2023/CVE-2023-483xx/CVE-2023-48339.json
+++ b/CVE-2023/CVE-2023-483xx/CVE-2023-48339.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-48339",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:57.210",
- "lastModified": "2024-01-18T03:15:57.210",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:01.673",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In jpg driver, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed"
+ },
+ {
+ "lang": "es",
+ "value": "En jpg driver, es posible que falte una verificaci\u00f3n de permiso. Esto podr\u00eda conducir a la divulgaci\u00f3n de informaci\u00f3n local con privilegios de ejecuci\u00f3n del Sistema necesarios."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-483xx/CVE-2023-48340.json b/CVE-2023/CVE-2023-483xx/CVE-2023-48340.json
index ad9d667a2c4..6ef38d3296f 100644
--- a/CVE-2023/CVE-2023-483xx/CVE-2023-48340.json
+++ b/CVE-2023/CVE-2023-483xx/CVE-2023-48340.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-48340",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:57.287",
- "lastModified": "2024-01-18T03:15:57.287",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:01.673",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed"
+ },
+ {
+ "lang": "es",
+ "value": "En video decoder, existe una posible escritura fuera de los l\u00edmites debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local sin necesidad de privilegios de ejecuci\u00f3n adicionales."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-483xx/CVE-2023-48341.json b/CVE-2023/CVE-2023-483xx/CVE-2023-48341.json
index f93227774da..c8cce33412e 100644
--- a/CVE-2023/CVE-2023-483xx/CVE-2023-48341.json
+++ b/CVE-2023/CVE-2023-483xx/CVE-2023-48341.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-48341",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:57.333",
- "lastModified": "2024-01-18T03:15:57.333",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:01.673",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed"
+ },
+ {
+ "lang": "es",
+ "value": "En video decoder, existe una posible lectura fuera de los l\u00edmites debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local sin necesidad de privilegios de ejecuci\u00f3n adicionales."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-483xx/CVE-2023-48342.json b/CVE-2023/CVE-2023-483xx/CVE-2023-48342.json
index fa1cb077e6e..05044498221 100644
--- a/CVE-2023/CVE-2023-483xx/CVE-2023-48342.json
+++ b/CVE-2023/CVE-2023-483xx/CVE-2023-48342.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-48342",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:57.380",
- "lastModified": "2024-01-18T03:15:57.380",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:01.673",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In media service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
+ },
+ {
+ "lang": "es",
+ "value": "En media service, existe una posible escritura fuera de los l\u00edmites debido a una comprobaci\u00f3n de l\u00edmites faltantes. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local con privilegios de ejecuci\u00f3n del Sistema necesarios."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-483xx/CVE-2023-48343.json b/CVE-2023/CVE-2023-483xx/CVE-2023-48343.json
index 08da8890409..2cfee665e75 100644
--- a/CVE-2023/CVE-2023-483xx/CVE-2023-48343.json
+++ b/CVE-2023/CVE-2023-483xx/CVE-2023-48343.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-48343",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:57.430",
- "lastModified": "2024-01-18T03:15:57.430",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:01.673",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed"
+ },
+ {
+ "lang": "es",
+ "value": "En video decoder, existe una posible escritura fuera de los l\u00edmites debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local sin necesidad de privilegios de ejecuci\u00f3n adicionales."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-483xx/CVE-2023-48344.json b/CVE-2023/CVE-2023-483xx/CVE-2023-48344.json
index 865ce85a8d7..feb9e4771c6 100644
--- a/CVE-2023/CVE-2023-483xx/CVE-2023-48344.json
+++ b/CVE-2023/CVE-2023-483xx/CVE-2023-48344.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-48344",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:57.470",
- "lastModified": "2024-01-18T03:15:57.470",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:01.673",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed"
+ },
+ {
+ "lang": "es",
+ "value": "En video decoder, existe una posible lectura fuera de los l\u00edmites debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local sin necesidad de privilegios de ejecuci\u00f3n adicionales."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-483xx/CVE-2023-48345.json b/CVE-2023/CVE-2023-483xx/CVE-2023-48345.json
index d75ed997858..e184af9c53a 100644
--- a/CVE-2023/CVE-2023-483xx/CVE-2023-48345.json
+++ b/CVE-2023/CVE-2023-483xx/CVE-2023-48345.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-48345",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:57.520",
- "lastModified": "2024-01-18T03:15:57.520",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:01.673",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed"
+ },
+ {
+ "lang": "es",
+ "value": "En video decoder, existe una posible lectura fuera de los l\u00edmites debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local sin necesidad de privilegios de ejecuci\u00f3n adicionales."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-483xx/CVE-2023-48346.json b/CVE-2023/CVE-2023-483xx/CVE-2023-48346.json
index beab7b6798e..420a2398af0 100644
--- a/CVE-2023/CVE-2023-483xx/CVE-2023-48346.json
+++ b/CVE-2023/CVE-2023-483xx/CVE-2023-48346.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-48346",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:57.560",
- "lastModified": "2024-01-18T03:15:57.560",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:01.673",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible improper input validation. This could lead to local denial of service with no additional execution privileges needed"
+ },
+ {
+ "lang": "es",
+ "value": "En video decoder, existe una posible validaci\u00f3n de entrada incorrecta. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local sin necesidad de privilegios de ejecuci\u00f3n adicionales."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-483xx/CVE-2023-48347.json b/CVE-2023/CVE-2023-483xx/CVE-2023-48347.json
index 5338355204d..6a66b4352ce 100644
--- a/CVE-2023/CVE-2023-483xx/CVE-2023-48347.json
+++ b/CVE-2023/CVE-2023-483xx/CVE-2023-48347.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-48347",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:57.607",
- "lastModified": "2024-01-18T03:15:57.607",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:01.673",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed"
+ },
+ {
+ "lang": "es",
+ "value": "En video decoder, existe una posible lectura fuera de los l\u00edmites debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local sin necesidad de privilegios de ejecuci\u00f3n adicionales."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-483xx/CVE-2023-48348.json b/CVE-2023/CVE-2023-483xx/CVE-2023-48348.json
index 93447a7a5b1..aa37f43b500 100644
--- a/CVE-2023/CVE-2023-483xx/CVE-2023-48348.json
+++ b/CVE-2023/CVE-2023-483xx/CVE-2023-48348.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-48348",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:57.650",
- "lastModified": "2024-01-18T03:15:57.650",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:01.673",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed"
+ },
+ {
+ "lang": "es",
+ "value": "En video decoder, existe una posible escritura fuera de los l\u00edmites debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local sin necesidad de privilegios de ejecuci\u00f3n adicionales."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-483xx/CVE-2023-48349.json b/CVE-2023/CVE-2023-483xx/CVE-2023-48349.json
index e60e211a747..f38e7da2057 100644
--- a/CVE-2023/CVE-2023-483xx/CVE-2023-48349.json
+++ b/CVE-2023/CVE-2023-483xx/CVE-2023-48349.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-48349",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:57.693",
- "lastModified": "2024-01-18T03:15:57.693",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:01.673",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
+ },
+ {
+ "lang": "es",
+ "value": "En video decoder, existe una posible escritura fuera de los l\u00edmites debido a una comprobaci\u00f3n de l\u00edmites faltantes. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local sin necesidad de privilegios de ejecuci\u00f3n adicionales."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-483xx/CVE-2023-48350.json b/CVE-2023/CVE-2023-483xx/CVE-2023-48350.json
index 718f50d35cb..057b23b908d 100644
--- a/CVE-2023/CVE-2023-483xx/CVE-2023-48350.json
+++ b/CVE-2023/CVE-2023-483xx/CVE-2023-48350.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-48350",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:57.737",
- "lastModified": "2024-01-18T03:15:57.737",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:41:52.450",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
+ },
+ {
+ "lang": "es",
+ "value": "En video decoder, existe una posible escritura fuera de los l\u00edmites debido a una comprobaci\u00f3n de l\u00edmites faltantes. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local sin necesidad de privilegios de ejecuci\u00f3n adicionales."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-483xx/CVE-2023-48351.json b/CVE-2023/CVE-2023-483xx/CVE-2023-48351.json
index f65a8456496..a42ba8c5d9a 100644
--- a/CVE-2023/CVE-2023-483xx/CVE-2023-48351.json
+++ b/CVE-2023/CVE-2023-483xx/CVE-2023-48351.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-48351",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:57.850",
- "lastModified": "2024-01-18T03:15:57.850",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:41:52.450",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
+ },
+ {
+ "lang": "es",
+ "value": "En video decoder, existe una posible escritura fuera de los l\u00edmites debido a una comprobaci\u00f3n de l\u00edmites faltantes. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local sin necesidad de privilegios de ejecuci\u00f3n adicionales."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-483xx/CVE-2023-48352.json b/CVE-2023/CVE-2023-483xx/CVE-2023-48352.json
index 78ba02bd368..8d4be42d66c 100644
--- a/CVE-2023/CVE-2023-483xx/CVE-2023-48352.json
+++ b/CVE-2023/CVE-2023-483xx/CVE-2023-48352.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-48352",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:57.917",
- "lastModified": "2024-01-18T03:15:57.917",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:41:52.450",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In phasecheckserver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
+ },
+ {
+ "lang": "es",
+ "value": "En Phasecheckserver, existe una posible escritura fuera de los l\u00edmites debido a una comprobaci\u00f3n de l\u00edmites faltante. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local sin necesidad de privilegios de ejecuci\u00f3n adicionales."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-483xx/CVE-2023-48353.json b/CVE-2023/CVE-2023-483xx/CVE-2023-48353.json
index 1300dab5ca1..f4650cce3ac 100644
--- a/CVE-2023/CVE-2023-483xx/CVE-2023-48353.json
+++ b/CVE-2023/CVE-2023-483xx/CVE-2023-48353.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-48353",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:57.960",
- "lastModified": "2024-01-18T03:15:57.960",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:41:52.450",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In vsp driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed"
+ },
+ {
+ "lang": "es",
+ "value": "En vsp driver, existe un posible use after free debido a un error l\u00f3gico. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local con privilegios de ejecuci\u00f3n del Sistema necesarios."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-483xx/CVE-2023-48354.json b/CVE-2023/CVE-2023-483xx/CVE-2023-48354.json
index 004f3338511..5e65c147167 100644
--- a/CVE-2023/CVE-2023-483xx/CVE-2023-48354.json
+++ b/CVE-2023/CVE-2023-483xx/CVE-2023-48354.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-48354",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:58.013",
- "lastModified": "2024-01-18T03:15:58.013",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:41:52.450",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In telephone service, there is a possible improper input validation. This could lead to local information disclosure with no additional execution privileges needed"
+ },
+ {
+ "lang": "es",
+ "value": "En telephone service existe una posible validaci\u00f3n de entrada incorrecta. Esto podr\u00eda conducir a la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-483xx/CVE-2023-48355.json b/CVE-2023/CVE-2023-483xx/CVE-2023-48355.json
index dd2adf90ca0..1c0714c9578 100644
--- a/CVE-2023/CVE-2023-483xx/CVE-2023-48355.json
+++ b/CVE-2023/CVE-2023-483xx/CVE-2023-48355.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-48355",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:58.063",
- "lastModified": "2024-01-18T03:15:58.063",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:41:52.450",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
+ },
+ {
+ "lang": "es",
+ "value": "En jpg driver, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de l\u00edmites faltantes. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local con privilegios de ejecuci\u00f3n del sistema necesarios."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-483xx/CVE-2023-48356.json b/CVE-2023/CVE-2023-483xx/CVE-2023-48356.json
index a24a47d739f..dbeb21c81b3 100644
--- a/CVE-2023/CVE-2023-483xx/CVE-2023-48356.json
+++ b/CVE-2023/CVE-2023-483xx/CVE-2023-48356.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-48356",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:58.107",
- "lastModified": "2024-01-18T03:15:58.107",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:41:52.450",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
+ },
+ {
+ "lang": "es",
+ "value": "En jpg driver, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de l\u00edmites faltantes. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local con privilegios de ejecuci\u00f3n del sistema necesarios."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-483xx/CVE-2023-48357.json b/CVE-2023/CVE-2023-483xx/CVE-2023-48357.json
index f830cdc905b..460bda329bf 100644
--- a/CVE-2023/CVE-2023-483xx/CVE-2023-48357.json
+++ b/CVE-2023/CVE-2023-483xx/CVE-2023-48357.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-48357",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:58.150",
- "lastModified": "2024-01-18T03:15:58.150",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:41:52.450",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In vsp driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
+ },
+ {
+ "lang": "es",
+ "value": "En vsp driver, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de l\u00edmites faltante. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local con privilegios de ejecuci\u00f3n del sistema necesarios."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-483xx/CVE-2023-48358.json b/CVE-2023/CVE-2023-483xx/CVE-2023-48358.json
index 557520224b9..ca20efda5c0 100644
--- a/CVE-2023/CVE-2023-483xx/CVE-2023-48358.json
+++ b/CVE-2023/CVE-2023-483xx/CVE-2023-48358.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-48358",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:58.193",
- "lastModified": "2024-01-18T03:15:58.193",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:41:52.450",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In drm driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
+ },
+ {
+ "lang": "es",
+ "value": "En drm driver, existe una posible escritura fuera de los l\u00edmites debido a una comprobaci\u00f3n de l\u00edmites faltante. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local con privilegios de ejecuci\u00f3n del sistema necesarios."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-483xx/CVE-2023-48359.json b/CVE-2023/CVE-2023-483xx/CVE-2023-48359.json
index 66d59391452..4d4f3fc7df2 100644
--- a/CVE-2023/CVE-2023-483xx/CVE-2023-48359.json
+++ b/CVE-2023/CVE-2023-483xx/CVE-2023-48359.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-48359",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:58.237",
- "lastModified": "2024-01-18T03:15:58.237",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:41:52.450",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In autotest driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges needed"
+ },
+ {
+ "lang": "es",
+ "value": "En autotest driver, existe una posible escritura fuera de los l\u00edmites debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local con privilegios de ejecuci\u00f3n del sistema necesarios."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-488xx/CVE-2023-48858.json b/CVE-2023/CVE-2023-488xx/CVE-2023-48858.json
index 13a61962e0e..d1595a01543 100644
--- a/CVE-2023/CVE-2023-488xx/CVE-2023-48858.json
+++ b/CVE-2023/CVE-2023-488xx/CVE-2023-48858.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-48858",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-17T20:15:50.573",
- "lastModified": "2024-01-17T20:15:50.573",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:11.613",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A Cross-site scripting (XSS) vulnerability in login page php code in Armex ABO.CMS 5.9 allows remote attackers to inject arbitrary web script or HTML via the login.php? URL part."
+ },
+ {
+ "lang": "es",
+ "value": "Una vulnerabilidad de Cross-site scripting (XSS) en el c\u00f3digo PHP de la p\u00e1gina de inicio de sesi\u00f3n en Armex ABO.CMS 5.9 permite a atacantes remotos inyectar scripts web o HTML de su elecci\u00f3n a trav\u00e9s de la parte de URL login.php?."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-501xx/CVE-2023-50172.json b/CVE-2023/CVE-2023-501xx/CVE-2023-50172.json
index c0f0605d9ed..a9144015677 100644
--- a/CVE-2023/CVE-2023-501xx/CVE-2023-50172.json
+++ b/CVE-2023/CVE-2023-501xx/CVE-2023-50172.json
@@ -2,8 +2,8 @@
"id": "CVE-2023-50172",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2024-01-10T16:15:49.583",
- "lastModified": "2024-01-12T18:15:46.587",
- "vulnStatus": "Awaiting Analysis",
+ "lastModified": "2024-01-18T14:28:59.977",
+ "vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@@ -50,10 +50,31 @@
]
}
],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:wwbn:avideo:15fed957fb:*:*:*:*:*:*:*",
+ "matchCriteriaId": "4199C617-A976-4F18-ADD2-C26A5B046CC3"
+ }
+ ]
+ }
+ ]
+ }
+ ],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1897",
- "source": "talos-cna@cisco.com"
+ "source": "talos-cna@cisco.com",
+ "tags": [
+ "Exploit",
+ "Third Party Advisory"
+ ]
}
]
}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-514xx/CVE-2023-51463.json b/CVE-2023/CVE-2023-514xx/CVE-2023-51463.json
index d20778115c6..87bf20a5b2e 100644
--- a/CVE-2023/CVE-2023-514xx/CVE-2023-51463.json
+++ b/CVE-2023/CVE-2023-514xx/CVE-2023-51463.json
@@ -2,8 +2,8 @@
"id": "CVE-2023-51463",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-01-18T11:15:08.173",
- "lastModified": "2024-01-18T11:15:08.173",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:41:52.450",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
diff --git a/CVE-2023/CVE-2023-514xx/CVE-2023-51464.json b/CVE-2023/CVE-2023-514xx/CVE-2023-51464.json
index ac43d99ed23..d647d50896c 100644
--- a/CVE-2023/CVE-2023-514xx/CVE-2023-51464.json
+++ b/CVE-2023/CVE-2023-514xx/CVE-2023-51464.json
@@ -2,8 +2,8 @@
"id": "CVE-2023-51464",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-01-18T11:15:08.827",
- "lastModified": "2024-01-18T11:15:08.827",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:41:52.450",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
diff --git a/CVE-2023/CVE-2023-58xx/CVE-2023-5806.json b/CVE-2023/CVE-2023-58xx/CVE-2023-5806.json
new file mode 100644
index 00000000000..d144b3a189d
--- /dev/null
+++ b/CVE-2023/CVE-2023-58xx/CVE-2023-5806.json
@@ -0,0 +1,59 @@
+{
+ "id": "CVE-2023-5806",
+ "sourceIdentifier": "iletisim@usom.gov.tr",
+ "published": "2024-01-18T13:15:08.770",
+ "lastModified": "2024-01-18T13:41:52.450",
+ "vulnStatus": "Awaiting Analysis",
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mergen Software Quality Management System allows SQL Injection.This issue affects Quality Management System: before v1.2.\n\n"
+ },
+ {
+ "lang": "es",
+ "value": "La neutralizaci\u00f3n incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL (\"inyecci\u00f3n SQL\") en Mergen Software Quality Management System permite la inyecci\u00f3n SQL. Este problema afecta a Quality Management System: anterior a v1.2."
+ }
+ ],
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "iletisim@usom.gov.tr",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+ "attackVector": "NETWORK",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "HIGH",
+ "availabilityImpact": "HIGH",
+ "baseScore": 9.8,
+ "baseSeverity": "CRITICAL"
+ },
+ "exploitabilityScore": 3.9,
+ "impactScore": 5.9
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "iletisim@usom.gov.tr",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-89"
+ }
+ ]
+ }
+ ],
+ "references": [
+ {
+ "url": "https://www.usom.gov.tr/bildirim/tr-24-0040",
+ "source": "iletisim@usom.gov.tr"
+ }
+ ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-59xx/CVE-2023-5914.json b/CVE-2023/CVE-2023-59xx/CVE-2023-5914.json
index 88d73c5ba24..4b76b01c069 100644
--- a/CVE-2023/CVE-2023-59xx/CVE-2023-5914.json
+++ b/CVE-2023/CVE-2023-59xx/CVE-2023-5914.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-5914",
"sourceIdentifier": "secure@citrix.com",
"published": "2024-01-17T21:15:11.413",
- "lastModified": "2024-01-17T21:15:11.413",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:11.613",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\u00a0 Cross-site scripting (XSS)"
+ },
+ {
+ "lang": "es",
+ "value": "Cross-site scripting (XSS)"
}
],
"metrics": {
diff --git a/CVE-2023/CVE-2023-61xx/CVE-2023-6184.json b/CVE-2023/CVE-2023-61xx/CVE-2023-6184.json
index 6b4446fc5bd..b90a41c8e17 100644
--- a/CVE-2023/CVE-2023-61xx/CVE-2023-6184.json
+++ b/CVE-2023/CVE-2023-61xx/CVE-2023-6184.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-6184",
"sourceIdentifier": "secure@citrix.com",
"published": "2024-01-18T01:15:43.723",
- "lastModified": "2024-01-18T01:15:43.723",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:01.673",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross SiteScripting vulnerability in Citrix Session Recording allows attacker to perform Cross Site Scripting"
+ },
+ {
+ "lang": "es",
+ "value": "Una vulnerabilidad de Cross Site Scripting en Citrix Session Recording permite al atacante realizar Cross Site Scripting"
}
],
"metrics": {
diff --git a/CVE-2023/CVE-2023-63xx/CVE-2023-6340.json b/CVE-2023/CVE-2023-63xx/CVE-2023-6340.json
index 5b8f382ac57..98403128957 100644
--- a/CVE-2023/CVE-2023-63xx/CVE-2023-6340.json
+++ b/CVE-2023/CVE-2023-63xx/CVE-2023-6340.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-6340",
"sourceIdentifier": "PSIRT@sonicwall.com",
"published": "2024-01-18T00:15:38.080",
- "lastModified": "2024-01-18T00:15:38.080",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:01.673",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "SonicWall Capture Client version 3.7.10,\u00a0NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service (DoS) caused by Stack-based Buffer Overflow vulnerability."
+ },
+ {
+ "lang": "es",
+ "value": "SonicWall Capture Client versi\u00f3n 3.7.10, NetExtender client versi\u00f3n 10.2.337 y versiones anteriores se instalan con el controlador sfpmonitor.sys. Se ha descubierto que el controlador es vulnerable a la denegaci\u00f3n de servicio (DoS) causada por una vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria."
}
],
"metrics": {},
diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6548.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6548.json
index b814b0c0007..72bcca9cd5d 100644
--- a/CVE-2023/CVE-2023-65xx/CVE-2023-6548.json
+++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6548.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-6548",
"sourceIdentifier": "secure@citrix.com",
"published": "2024-01-17T20:15:50.627",
- "lastModified": "2024-01-18T03:15:59.157",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:11.613",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway\u00a0allows an attacker with\u00a0access\u00a0to NSIP, CLIP or SNIP with management interface to perform\u00a0Authenticated (low privileged) remote code execution on Management Interface."
+ },
+ {
+ "lang": "es",
+ "value": "El control inadecuado de la generaci\u00f3n de c\u00f3digo (\"inyecci\u00f3n de c\u00f3digo\") en NetScaler ADC y NetScaler Gateway permite a un atacante con acceso a NSIP, CLIP o SNIP con interfaz de administraci\u00f3n realizar una ejecuci\u00f3n remota de c\u00f3digo autenticado (con privilegios bajos) en Management Interface."
}
],
"metrics": {
diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6549.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6549.json
index 6669f861153..a189597a1b5 100644
--- a/CVE-2023/CVE-2023-65xx/CVE-2023-6549.json
+++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6549.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-6549",
"sourceIdentifier": "secure@citrix.com",
"published": "2024-01-17T21:15:11.690",
- "lastModified": "2024-01-18T03:15:59.360",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:11.613",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service \n"
+ },
+ {
+ "lang": "es",
+ "value": "La restricci\u00f3n inadecuada de las operaciones dentro de los l\u00edmites de un b\u00fafer de memoria en NetScaler ADC y NetScaler Gateway permite una denegaci\u00f3n de servicio no autenticada"
}
],
"metrics": {
diff --git a/CVE-2023/CVE-2023-68xx/CVE-2023-6816.json b/CVE-2023/CVE-2023-68xx/CVE-2023-6816.json
index dd3cf5678f7..434f7c37369 100644
--- a/CVE-2023/CVE-2023-68xx/CVE-2023-6816.json
+++ b/CVE-2023/CVE-2023-68xx/CVE-2023-6816.json
@@ -2,8 +2,8 @@
"id": "CVE-2023-6816",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-18T05:15:08.607",
- "lastModified": "2024-01-18T12:15:07.947",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:41:52.450",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6958.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6958.json
index 07c5193d138..734260025b9 100644
--- a/CVE-2023/CVE-2023-69xx/CVE-2023-6958.json
+++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6958.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-6958",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-18T08:15:39.493",
- "lastModified": "2024-01-18T08:15:39.493",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:41:52.450",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 9.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+ },
+ {
+ "lang": "es",
+ "value": "El complemento WP Recipe Maker para WordPress es vulnerable a las Cross-Site Scripting Almacenado a trav\u00e9s de los c\u00f3digos cortos del complemento en todas las versiones hasta la 9.1.0 incluida debido a una sanitizaci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {
diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6970.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6970.json
index a6961e70da9..f1ec77c98da 100644
--- a/CVE-2023/CVE-2023-69xx/CVE-2023-6970.json
+++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6970.json
@@ -2,12 +2,16 @@
"id": "CVE-2023-6970",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-18T08:15:39.780",
- "lastModified": "2024-01-18T08:15:39.780",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:41:52.450",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The WP Recipe Maker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018Referer' header in all versions up to, and including, 9.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
+ },
+ {
+ "lang": "es",
+ "value": "El complemento WP Recipe Maker para WordPress es vulnerable a Cross-Site Scripting Reflejado a trav\u00e9s del encabezado 'Referer' en todas las versiones hasta la 9.1.0 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes no autenticados inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace."
}
],
"metrics": {
diff --git a/CVE-2024/CVE-2024-03xx/CVE-2024-0381.json b/CVE-2024/CVE-2024-03xx/CVE-2024-0381.json
index e401a303c26..e9358410985 100644
--- a/CVE-2024/CVE-2024-03xx/CVE-2024-0381.json
+++ b/CVE-2024/CVE-2024-03xx/CVE-2024-0381.json
@@ -2,12 +2,16 @@
"id": "CVE-2024-0381",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-18T08:15:40.000",
- "lastModified": "2024-01-18T08:15:40.000",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:41:52.450",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the use of the 'tag' attribute in the wprm-recipe-name, wprm-recipe-date, and wprm-recipe-counter shortcodes in all versions up to, and including, 9.1.0. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+ },
+ {
+ "lang": "es",
+ "value": "El complemento WP Recipe Maker para WordPress es vulnerable a Cross-Site Scripting almacenado mediante el uso del atributo 'tag' en los c\u00f3digos cortos wprm-recipe-name, wprm-recipe-date y wprm-recipe-counter en todas las versiones hasta 9.1.0, incluido. Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {
diff --git a/CVE-2024/CVE-2024-05xx/CVE-2024-0565.json b/CVE-2024/CVE-2024-05xx/CVE-2024-0565.json
index 9b19f776d7e..9504b160ace 100644
--- a/CVE-2024/CVE-2024-05xx/CVE-2024-0565.json
+++ b/CVE-2024/CVE-2024-05xx/CVE-2024-0565.json
@@ -2,7 +2,7 @@
"id": "CVE-2024-0565",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-15T20:15:43.630",
- "lastModified": "2024-01-16T13:56:05.467",
+ "lastModified": "2024-01-18T13:15:09.000",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@@ -21,8 +21,8 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
- "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
- "attackVector": "NETWORK",
+ "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
+ "attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
@@ -30,10 +30,10 @@
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
- "baseScore": 7.1,
- "baseSeverity": "HIGH"
+ "baseScore": 6.8,
+ "baseSeverity": "MEDIUM"
},
- "exploitabilityScore": 1.2,
+ "exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
diff --git a/CVE-2024/CVE-2024-05xx/CVE-2024-0580.json b/CVE-2024/CVE-2024-05xx/CVE-2024-0580.json
index 5dcc0a43ced..3d5d7aa6ea1 100644
--- a/CVE-2024/CVE-2024-05xx/CVE-2024-0580.json
+++ b/CVE-2024/CVE-2024-05xx/CVE-2024-0580.json
@@ -2,8 +2,8 @@
"id": "CVE-2024-0580",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-01-18T09:15:07.960",
- "lastModified": "2024-01-18T09:15:07.960",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:41:52.450",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0648.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0648.json
index c7c1fd02b04..1c3537e52f5 100644
--- a/CVE-2024/CVE-2024-06xx/CVE-2024-0648.json
+++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0648.json
@@ -2,12 +2,16 @@
"id": "CVE-2024-0648",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-17T23:15:08.197",
- "lastModified": "2024-01-17T23:15:08.197",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:11.613",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Yunyou CMS up to 2.2.6 and classified as critical. This vulnerability affects unknown code of the file /app/index/controller/Common.php. The manipulation of the argument templateFile leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-251374 is the identifier assigned to this vulnerability."
+ },
+ {
+ "lang": "es",
+ "value": "Una vulnerabilidad ha sido encontrada en Yunyou CMS hasta 2.2.6 y clasificada como cr\u00edtica. Esta vulnerabilidad afecta a un c\u00f3digo desconocido del archivo /app/index/controller/Common.php. La manipulaci\u00f3n del argumento templateFile conduce a una carga sin restricciones. El ataque se puede iniciar de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. VDB-251374 es el identificador asignado a esta vulnerabilidad."
}
],
"metrics": {
diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0649.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0649.json
index 13d58d830c4..7d451388098 100644
--- a/CVE-2024/CVE-2024-06xx/CVE-2024-0649.json
+++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0649.json
@@ -2,12 +2,16 @@
"id": "CVE-2024-0649",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-17T23:15:08.660",
- "lastModified": "2024-01-17T23:15:08.660",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:11.613",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ZhiHuiYun up to 4.4.13 and classified as critical. This issue affects the function download_network_image of the file /app/Http/Controllers/ImageController.php of the component Search. The manipulation of the argument url leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251375."
+ },
+ {
+ "lang": "es",
+ "value": "Una vulnerabilidad fue encontrada en ZhiHuiYun hasta 4.4.13 y clasificada como cr\u00edtica. Este problema afecta la funci\u00f3n download_network_image del archivo /app/Http/Controllers/ImageController.php del componente Search. La manipulaci\u00f3n del argumento URL conduce a server-side request forgery.. El ataque puede iniciarse de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-251375."
}
],
"metrics": {
diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0650.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0650.json
index 905bbe6afad..fb4651483a1 100644
--- a/CVE-2024/CVE-2024-06xx/CVE-2024-0650.json
+++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0650.json
@@ -2,12 +2,16 @@
"id": "CVE-2024-0650",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-18T00:15:38.183",
- "lastModified": "2024-01-18T00:15:38.183",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:01.673",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Project Worlds Visitor Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file dataset.php of the component URL Handler. The manipulation of the argument name with the input \"> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251376."
+ },
+ {
+ "lang": "es",
+ "value": "Se encontr\u00f3 una vulnerabilidad en Project Worlds Visitor Management System 1.0. Ha sido clasificada como problem\u00e1tica. Una funci\u00f3n desconocida del archivo dataset.php del componente URL Handler es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento name con la entrada \"> conduce a cross site scripting. Es posible lanzar el ataque de forma remota. La explotaci\u00f3n se ha divulgado al p\u00fablico y puede ser utilizada. El identificador de esta vulnerabilidad es VDB-251376."
}
],
"metrics": {
diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0651.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0651.json
index 9ef746c71a7..7b78ef1a3d7 100644
--- a/CVE-2024/CVE-2024-06xx/CVE-2024-0651.json
+++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0651.json
@@ -2,12 +2,16 @@
"id": "CVE-2024-0651",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-18T01:15:43.890",
- "lastModified": "2024-01-18T01:15:43.890",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:01.673",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PHPGurukul Company Visitor Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file search-visitor.php. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251377 was assigned to this vulnerability."
+ },
+ {
+ "lang": "es",
+ "value": "Se encontr\u00f3 una vulnerabilidad en PHPGurukul Company Visitor Management System 1.0. Ha sido declarada cr\u00edtica. Una funci\u00f3n desconocida del archivo search-visitor.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce a la inyecci\u00f3n de SQL. El ataque se puede lanzar de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-251377."
}
],
"metrics": {
diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0652.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0652.json
index d916e7a88d4..3ea539926ac 100644
--- a/CVE-2024/CVE-2024-06xx/CVE-2024-0652.json
+++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0652.json
@@ -2,12 +2,16 @@
"id": "CVE-2024-0652",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-18T01:15:44.133",
- "lastModified": "2024-01-18T01:15:44.133",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:01.673",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PHPGurukul Company Visitor Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file search-visitor.php. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-251378 is the identifier assigned to this vulnerability."
+ },
+ {
+ "lang": "es",
+ "value": "Se encontr\u00f3 una vulnerabilidad en PHPGurukul Company Visitor Management System 1.0. Ha sido calificada como problem\u00e1tica. Una funci\u00f3n desconocida del archivo search-visitor.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce a cross site scripting. El ataque puede lanzarse de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. VDB-251378 es el identificador asignado a esta vulnerabilidad."
}
],
"metrics": {
diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0654.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0654.json
index be6824a2fce..39d5da8f83f 100644
--- a/CVE-2024/CVE-2024-06xx/CVE-2024-0654.json
+++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0654.json
@@ -2,12 +2,16 @@
"id": "CVE-2024-0654",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-18T01:15:44.347",
- "lastModified": "2024-01-18T01:15:44.347",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:01.673",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in DeepFaceLab pretrained DF.wf.288res.384.92.72.22. Affected is an unknown function of the file mainscripts/Util.py. The manipulation leads to deserialization. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. VDB-251382 is the identifier assigned to this vulnerability."
+ },
+ {
+ "lang": "es",
+ "value": "Una vulnerabilidad fue encontrada en DeepFaceLab preentrenado DF.wf.288res.384.92.72.22 y clasificada como problem\u00e1tica. Una funci\u00f3n desconocida del archivo mainscripts/Util.py es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce a la deserializaci\u00f3n. Se requiere acceso local para abordar este ataque. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. VDB-251382 es el identificador asignado a esta vulnerabilidad."
}
],
"metrics": {
diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0655.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0655.json
index febb4508776..6f6c7aacc48 100644
--- a/CVE-2024/CVE-2024-06xx/CVE-2024-0655.json
+++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0655.json
@@ -2,12 +2,16 @@
"id": "CVE-2024-0655",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-18T03:15:59.433",
- "lastModified": "2024-01-18T03:15:59.433",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:41:52.450",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Novel-Plus 4.3.0-RC1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /novel/bookSetting/list. The manipulation of the argument sort leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251383."
+ },
+ {
+ "lang": "es",
+ "value": "Una vulnerabilidad ha sido encontrada en Novel-Plus 4.3.0-RC1 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo /novel/bookSetting/list es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento sort conduce a la inyecci\u00f3n de SQL. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-251383."
}
],
"metrics": {
diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0669.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0669.json
new file mode 100644
index 00000000000..d59bc3f4fa3
--- /dev/null
+++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0669.json
@@ -0,0 +1,59 @@
+{
+ "id": "CVE-2024-0669",
+ "sourceIdentifier": "cve-coordination@incibe.es",
+ "published": "2024-01-18T13:15:09.177",
+ "lastModified": "2024-01-18T13:41:52.450",
+ "vulnStatus": "Awaiting Analysis",
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "A Cross-Frame Scripting vulnerability has been found on Plone CMS affecting verssion below 6.0.5. An attacker could store a malicious URL to be opened by an administrator and execute a malicios iframe element."
+ },
+ {
+ "lang": "es",
+ "value": "Se ha encontrado una vulnerabilidad de Cross-Frame Scripting en Plone CMS que afecta a la versi\u00f3n inferior a 6.0.5. Un atacante podr\u00eda almacenar una URL maliciosa para que la abra un administrador y ejecutar un elemento iframe malicioso."
+ }
+ ],
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "cve-coordination@incibe.es",
+ "type": "Secondary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+ "attackVector": "NETWORK",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "LOW",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "LOW",
+ "integrityImpact": "LOW",
+ "availabilityImpact": "LOW",
+ "baseScore": 6.3,
+ "baseSeverity": "MEDIUM"
+ },
+ "exploitabilityScore": 2.8,
+ "impactScore": 3.4
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "cve-coordination@incibe.es",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-1021"
+ }
+ ]
+ }
+ ],
+ "references": [
+ {
+ "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/cross-frame-scripting-xfs-plone-cms",
+ "source": "cve-coordination@incibe.es"
+ }
+ ]
+}
\ No newline at end of file
diff --git a/CVE-2024/CVE-2024-216xx/CVE-2024-21666.json b/CVE-2024/CVE-2024-216xx/CVE-2024-21666.json
index 5a0e10f4128..98bc8afc84a 100644
--- a/CVE-2024/CVE-2024-216xx/CVE-2024-21666.json
+++ b/CVE-2024/CVE-2024-216xx/CVE-2024-21666.json
@@ -2,8 +2,8 @@
"id": "CVE-2024-21666",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-11T01:15:45.623",
- "lastModified": "2024-01-11T13:57:26.160",
- "vulnStatus": "Awaiting Analysis",
+ "lastModified": "2024-01-18T13:20:45.647",
+ "vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
+ "attackVector": "NETWORK",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "LOW",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "NONE",
+ "availabilityImpact": "NONE",
+ "baseScore": 6.5,
+ "baseSeverity": "MEDIUM"
+ },
+ "exploitabilityScore": 2.8,
+ "impactScore": 3.6
+ },
{
"source": "security-advisories@github.com",
"type": "Secondary",
@@ -50,18 +70,47 @@
]
}
],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:pimcore:customer_management_framework:*:*:*:*:*:pimcore:*:*",
+ "versionEndExcluding": "4.0.6",
+ "matchCriteriaId": "09473711-86C6-485C-B865-015EEF9172BE"
+ }
+ ]
+ }
+ ]
+ }
+ ],
"references": [
{
"url": "https://github.com/pimcore/customer-data-framework/blob/b4af625ef327c58d05ef7cdf145fa749d2d4195e/src/Controller/Admin/DuplicatesController.php#L43",
- "source": "security-advisories@github.com"
+ "source": "security-advisories@github.com",
+ "tags": [
+ "Issue Tracking"
+ ]
},
{
"url": "https://github.com/pimcore/customer-data-framework/commit/c33c0048390ef0cf98b801d46a81d0762243baa6",
- "source": "security-advisories@github.com"
+ "source": "security-advisories@github.com",
+ "tags": [
+ "Patch"
+ ]
},
{
"url": "https://github.com/pimcore/customer-data-framework/security/advisories/GHSA-c38c-c8mh-vq68",
- "source": "security-advisories@github.com"
+ "source": "security-advisories@github.com",
+ "tags": [
+ "Exploit",
+ "Patch",
+ "Vendor Advisory"
+ ]
}
]
}
\ No newline at end of file
diff --git a/CVE-2024/CVE-2024-216xx/CVE-2024-21667.json b/CVE-2024/CVE-2024-216xx/CVE-2024-21667.json
index fc77a06f663..0748d216e2f 100644
--- a/CVE-2024/CVE-2024-216xx/CVE-2024-21667.json
+++ b/CVE-2024/CVE-2024-216xx/CVE-2024-21667.json
@@ -2,8 +2,8 @@
"id": "CVE-2024-21667",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-11T01:15:45.810",
- "lastModified": "2024-01-11T13:57:26.160",
- "vulnStatus": "Awaiting Analysis",
+ "lastModified": "2024-01-18T13:12:45.593",
+ "vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
+ "attackVector": "NETWORK",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "LOW",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "NONE",
+ "availabilityImpact": "NONE",
+ "baseScore": 6.5,
+ "baseSeverity": "MEDIUM"
+ },
+ "exploitabilityScore": 2.8,
+ "impactScore": 3.6
+ },
{
"source": "security-advisories@github.com",
"type": "Secondary",
@@ -50,18 +70,46 @@
]
}
],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:pimcore:customer_management_framework:*:*:*:*:*:pimcore:*:*",
+ "versionEndExcluding": "4.0.6",
+ "matchCriteriaId": "09473711-86C6-485C-B865-015EEF9172BE"
+ }
+ ]
+ }
+ ]
+ }
+ ],
"references": [
{
"url": "https://github.com/pimcore/customer-data-framework/blob/b4af625ef327c58d05ef7cdf145fa749d2d4195e/src/Controller/Admin/GDPRDataController.php#L38",
- "source": "security-advisories@github.com"
+ "source": "security-advisories@github.com",
+ "tags": [
+ "Issue Tracking"
+ ]
},
{
"url": "https://github.com/pimcore/customer-data-framework/commit/6c34515be2ba39dceee7da07a1abf246309ccd77",
- "source": "security-advisories@github.com"
+ "source": "security-advisories@github.com",
+ "tags": [
+ "Patch"
+ ]
},
{
"url": "https://github.com/pimcore/customer-data-framework/security/advisories/GHSA-g273-wppx-82w4",
- "source": "security-advisories@github.com"
+ "source": "security-advisories@github.com",
+ "tags": [
+ "Exploit",
+ "Vendor Advisory"
+ ]
}
]
}
\ No newline at end of file
diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22190.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22190.json
index ff22945195a..d9c7ae19a0a 100644
--- a/CVE-2024/CVE-2024-221xx/CVE-2024-22190.json
+++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22190.json
@@ -2,8 +2,8 @@
"id": "CVE-2024-22190",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-11T02:15:48.250",
- "lastModified": "2024-01-11T13:57:26.160",
- "vulnStatus": "Awaiting Analysis",
+ "lastModified": "2024-01-18T13:48:07.553",
+ "vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+ "attackVector": "LOCAL",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "REQUIRED",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "HIGH",
+ "availabilityImpact": "HIGH",
+ "baseScore": 7.8,
+ "baseSeverity": "HIGH"
+ },
+ "exploitabilityScore": 1.8,
+ "impactScore": 5.9
+ },
{
"source": "security-advisories@github.com",
"type": "Secondary",
@@ -50,18 +70,46 @@
]
}
],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:gitpython_project:gitpython:*:*:*:*:*:python:*:*",
+ "versionEndExcluding": "3.1.41",
+ "matchCriteriaId": "3EFC0264-B10D-4EAA-B78B-FDDEE26A4B8A"
+ }
+ ]
+ }
+ ]
+ }
+ ],
"references": [
{
"url": "https://github.com/gitpython-developers/GitPython/commit/ef3192cc414f2fd9978908454f6fd95243784c7f",
- "source": "security-advisories@github.com"
+ "source": "security-advisories@github.com",
+ "tags": [
+ "Patch"
+ ]
},
{
"url": "https://github.com/gitpython-developers/GitPython/pull/1792",
- "source": "security-advisories@github.com"
+ "source": "security-advisories@github.com",
+ "tags": [
+ "Patch",
+ "Vendor Advisory"
+ ]
},
{
"url": "https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-2mqj-m65w-jghx",
- "source": "security-advisories@github.com"
+ "source": "security-advisories@github.com",
+ "tags": [
+ "Vendor Advisory"
+ ]
}
]
}
\ No newline at end of file
diff --git a/CVE-2024/CVE-2024-223xx/CVE-2024-22317.json b/CVE-2024/CVE-2024-223xx/CVE-2024-22317.json
new file mode 100644
index 00000000000..9d4d493ce66
--- /dev/null
+++ b/CVE-2024/CVE-2024-223xx/CVE-2024-22317.json
@@ -0,0 +1,59 @@
+{
+ "id": "CVE-2024-22317",
+ "sourceIdentifier": "psirt@us.ibm.com",
+ "published": "2024-01-18T14:15:07.970",
+ "lastModified": "2024-01-18T14:15:07.970",
+ "vulnStatus": "Received",
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "IBM App Connect Enterprise 11.0.0.1 through 11.0.0.24 and 12.0.1.0 through 12.0.11.0 could allow a remote attacker to obtain sensitive information or cause a denial of service due to improper restriction of excessive authentication attempts. IBM X-Force ID: 279143."
+ }
+ ],
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "psirt@us.ibm.com",
+ "type": "Secondary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
+ "attackVector": "NETWORK",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "NONE",
+ "availabilityImpact": "HIGH",
+ "baseScore": 9.1,
+ "baseSeverity": "CRITICAL"
+ },
+ "exploitabilityScore": 3.9,
+ "impactScore": 5.2
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "psirt@us.ibm.com",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-307"
+ }
+ ]
+ }
+ ],
+ "references": [
+ {
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/279143",
+ "source": "psirt@us.ibm.com"
+ },
+ {
+ "url": "https://www.ibm.com/support/pages/node/7108661",
+ "source": "psirt@us.ibm.com"
+ }
+ ]
+}
\ No newline at end of file
diff --git a/CVE-2024/CVE-2024-224xx/CVE-2024-22410.json b/CVE-2024/CVE-2024-224xx/CVE-2024-22410.json
index e09b7567970..693764c4e43 100644
--- a/CVE-2024/CVE-2024-224xx/CVE-2024-22410.json
+++ b/CVE-2024/CVE-2024-224xx/CVE-2024-22410.json
@@ -2,12 +2,16 @@
"id": "CVE-2024-22410",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-17T21:15:11.887",
- "lastModified": "2024-01-17T21:15:11.887",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:11.613",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Creditcoin is a network that enables cross-blockchain credit transactions. The Windows binary of the Creditcoin node loads a suite of DLLs provided by Microsoft at startup. If a malicious user has access to overwrite the program files directory it is possible to replace these DLLs and execute arbitrary code. It is the view of the blockchain development team that the threat posed by a hypothetical binary planting attack is minimal and represents a low-security risk. The vulnerable DLL files are from the Windows networking subsystem, the Visual C++ runtime, and low-level cryptographic primitives. Collectively these dependencies are required for a large ecosystem of applications, ranging from enterprise-level security applications to game engines, and don\u2019t represent a fundamental lack of security or oversight in the design and implementation of Creditcoin. The blockchain team takes the stance that running Creditcoin on Windows is officially unsupported and at best should be thought of as experimental."
+ },
+ {
+ "lang": "es",
+ "value": "Creditcoin es una red que permite transacciones de cr\u00e9dito entre blockchain. El binario de Windows del nodo Creditcoin carga un conjunto de archivos DLL proporcionados por Microsoft al inicio. Si un usuario malintencionado tiene acceso para sobrescribir el directorio de archivos del programa, es posible reemplazar estas DLL y ejecutar c\u00f3digo arbitrario. La opini\u00f3n del equipo de desarrollo de blockchain es que la amenaza que plantea un hipot\u00e9tico ataque de plantaci\u00f3n binaria es m\u00ednima y representa un riesgo de baja seguridad. Los archivos DLL vulnerables provienen del subsistema de red de Windows, el runtime de Visual C++ y primitivas criptogr\u00e1ficas de bajo nivel. En conjunto, estas dependencias son necesarias para un gran ecosistema de aplicaciones, que van desde aplicaciones de seguridad de nivel empresarial hasta motores de juegos, y no representan una falta fundamental de seguridad o supervisi\u00f3n en el dise\u00f1o e implementaci\u00f3n de Creditcoin. El equipo de blockchain adopta la postura de que ejecutar Creditcoin en Windows no es oficialmente compatible y, en el mejor de los casos, deber\u00eda considerarse experimental."
}
],
"metrics": {
diff --git a/CVE-2024/CVE-2024-224xx/CVE-2024-22414.json b/CVE-2024/CVE-2024-224xx/CVE-2024-22414.json
index 2ff713edb72..f80bb9017a5 100644
--- a/CVE-2024/CVE-2024-224xx/CVE-2024-22414.json
+++ b/CVE-2024/CVE-2024-224xx/CVE-2024-22414.json
@@ -2,12 +2,16 @@
"id": "CVE-2024-22414",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-17T21:15:12.100",
- "lastModified": "2024-01-17T21:15:12.100",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:11.613",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "flaskBlog is a simple blog app built with Flask. Improper storage and rendering of the `/user/` page allows a user's comments to execute arbitrary javascript code. The html template `user.html` contains the following code snippet to render comments made by a user: `{{comment[2]|safe}}
`. Use of the \"safe\" tag causes flask to _not_ escape the rendered content. To remediate this, simply remove the `|safe` tag from the HTML above. No fix is is available and users are advised to manually edit their installation."
+ },
+ {
+ "lang": "es",
+ "value": "flaskBlog es una aplicaci\u00f3n de blog sencilla creada con Flask. El almacenamiento y la representaci\u00f3n inadecuados de la p\u00e1gina `/user/` permiten que los comentarios de un usuario ejecuten c\u00f3digo javascript arbitrario. La plantilla html `user.html` contiene el siguiente fragmento de c\u00f3digo para representar los comentarios realizados por un usuario: `{{comment[2]|safe}}` . El uso de la etiqueta \"safe\" hace que flask _not_ escape del contenido renderizado. Para remediar esto, simplemente elimine la etiqueta `|safe` del HTML anterior. No hay ninguna soluci\u00f3n disponible y se recomienda a los usuarios que editen manualmente su instalaci\u00f3n."
}
],
"metrics": {
diff --git a/CVE-2024/CVE-2024-224xx/CVE-2024-22416.json b/CVE-2024/CVE-2024-224xx/CVE-2024-22416.json
index d9520e6ea9b..525dc5712de 100644
--- a/CVE-2024/CVE-2024-224xx/CVE-2024-22416.json
+++ b/CVE-2024/CVE-2024-224xx/CVE-2024-22416.json
@@ -2,12 +2,16 @@
"id": "CVE-2024-22416",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-18T00:15:38.397",
- "lastModified": "2024-01-18T00:15:38.397",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:01.673",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "pyLoad is a free and open-source Download Manager written in pure Python. The `pyload` API allows any API call to be made using GET requests. Since the session cookie is not set to `SameSite: strict`, this opens the library up to severe attack possibilities via a Cross-Site Request Forgery (CSRF) attack. As a result any API call can be made via a CSRF attack by an unauthenticated user. This issue has been addressed in release `0.5.0b3.dev78`. All users are advised to upgrade."
+ },
+ {
+ "lang": "es",
+ "value": "pyLoad es un administrador de descargas gratuito y de c\u00f3digo abierto escrito en Python puro. La API `pyload` permite realizar cualquier llamada a la API mediante solicitudes GET. Dado que la cookie de sesi\u00f3n no est\u00e1 configurada en \"SameSite: strict\", esto abre la librer\u00eda a graves posibilidades de ataque a trav\u00e9s de un ataque de Cross-Site Request Forgery (CSRF). Como resultado, cualquier llamada a la API puede realizarse mediante un ataque CSRF por parte de un usuario no autenticado. Este problema se solucion\u00f3 en la versi\u00f3n `0.5.0b3.dev78`. Se recomienda a todos los usuarios que actualicen."
}
],
"metrics": {
diff --git a/CVE-2024/CVE-2024-235xx/CVE-2024-23525.json b/CVE-2024/CVE-2024-235xx/CVE-2024-23525.json
index b0542fdc555..5ec9973747c 100644
--- a/CVE-2024/CVE-2024-235xx/CVE-2024-23525.json
+++ b/CVE-2024/CVE-2024-235xx/CVE-2024-23525.json
@@ -2,8 +2,8 @@
"id": "CVE-2024-23525",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-18T00:15:38.590",
- "lastModified": "2024-01-18T12:15:08.110",
- "vulnStatus": "Received",
+ "lastModified": "2024-01-18T13:42:01.673",
+ "vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
diff --git a/README.md b/README.md
index 3a27bd14227..d55757757a6 100644
--- a/README.md
+++ b/README.md
@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
-2024-01-18T13:00:24.492725+00:00
+2024-01-18T15:00:25.190108+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
-2024-01-18T12:15:08.110000+00:00
+2024-01-18T14:49:49.540000+00:00
```
### Last Data Feed Release
@@ -29,23 +29,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
-236288
+236291
```
### CVEs added in the last Commit
-Recently added CVEs: `2`
+Recently added CVEs: `3`
-* [CVE-2023-51463](CVE-2023/CVE-2023-514xx/CVE-2023-51463.json) (`2024-01-18T11:15:08.173`)
-* [CVE-2023-51464](CVE-2023/CVE-2023-514xx/CVE-2023-51464.json) (`2024-01-18T11:15:08.827`)
+* [CVE-2023-5806](CVE-2023/CVE-2023-58xx/CVE-2023-5806.json) (`2024-01-18T13:15:08.770`)
+* [CVE-2024-0669](CVE-2024/CVE-2024-06xx/CVE-2024-0669.json) (`2024-01-18T13:15:09.177`)
+* [CVE-2024-22317](CVE-2024/CVE-2024-223xx/CVE-2024-22317.json) (`2024-01-18T14:15:07.970`)
### CVEs modified in the last Commit
-Recently modified CVEs: `2`
+Recently modified CVEs: `68`
-* [CVE-2023-6816](CVE-2023/CVE-2023-68xx/CVE-2023-6816.json) (`2024-01-18T12:15:07.947`)
-* [CVE-2024-23525](CVE-2024/CVE-2024-235xx/CVE-2024-23525.json) (`2024-01-18T12:15:08.110`)
+* [CVE-2023-38610](CVE-2023/CVE-2023-386xx/CVE-2023-38610.json) (`2024-01-18T14:34:34.800`)
+* [CVE-2023-32436](CVE-2023/CVE-2023-324xx/CVE-2023-32436.json) (`2024-01-18T14:35:09.270`)
+* [CVE-2023-32424](CVE-2023/CVE-2023-324xx/CVE-2023-32424.json) (`2024-01-18T14:44:50.053`)
+* [CVE-2023-32401](CVE-2023/CVE-2023-324xx/CVE-2023-32401.json) (`2024-01-18T14:45:33.753`)
+* [CVE-2023-32383](CVE-2023/CVE-2023-323xx/CVE-2023-32383.json) (`2024-01-18T14:46:30.137`)
+* [CVE-2023-32378](CVE-2023/CVE-2023-323xx/CVE-2023-32378.json) (`2024-01-18T14:47:06.280`)
+* [CVE-2023-32366](CVE-2023/CVE-2023-323xx/CVE-2023-32366.json) (`2024-01-18T14:48:05.697`)
+* [CVE-2023-28197](CVE-2023/CVE-2023-281xx/CVE-2023-28197.json) (`2024-01-18T14:49:49.540`)
+* [CVE-2024-21667](CVE-2024/CVE-2024-216xx/CVE-2024-21667.json) (`2024-01-18T13:12:45.593`)
+* [CVE-2024-0565](CVE-2024/CVE-2024-05xx/CVE-2024-0565.json) (`2024-01-18T13:15:09.000`)
+* [CVE-2024-21666](CVE-2024/CVE-2024-216xx/CVE-2024-21666.json) (`2024-01-18T13:20:45.647`)
+* [CVE-2024-0655](CVE-2024/CVE-2024-06xx/CVE-2024-0655.json) (`2024-01-18T13:41:52.450`)
+* [CVE-2024-0381](CVE-2024/CVE-2024-03xx/CVE-2024-0381.json) (`2024-01-18T13:41:52.450`)
+* [CVE-2024-0580](CVE-2024/CVE-2024-05xx/CVE-2024-0580.json) (`2024-01-18T13:41:52.450`)
+* [CVE-2024-0650](CVE-2024/CVE-2024-06xx/CVE-2024-0650.json) (`2024-01-18T13:42:01.673`)
+* [CVE-2024-22416](CVE-2024/CVE-2024-224xx/CVE-2024-22416.json) (`2024-01-18T13:42:01.673`)
+* [CVE-2024-23525](CVE-2024/CVE-2024-235xx/CVE-2024-23525.json) (`2024-01-18T13:42:01.673`)
+* [CVE-2024-0651](CVE-2024/CVE-2024-06xx/CVE-2024-0651.json) (`2024-01-18T13:42:01.673`)
+* [CVE-2024-0652](CVE-2024/CVE-2024-06xx/CVE-2024-0652.json) (`2024-01-18T13:42:01.673`)
+* [CVE-2024-0654](CVE-2024/CVE-2024-06xx/CVE-2024-0654.json) (`2024-01-18T13:42:01.673`)
+* [CVE-2024-22410](CVE-2024/CVE-2024-224xx/CVE-2024-22410.json) (`2024-01-18T13:42:11.613`)
+* [CVE-2024-22414](CVE-2024/CVE-2024-224xx/CVE-2024-22414.json) (`2024-01-18T13:42:11.613`)
+* [CVE-2024-0648](CVE-2024/CVE-2024-06xx/CVE-2024-0648.json) (`2024-01-18T13:42:11.613`)
+* [CVE-2024-0649](CVE-2024/CVE-2024-06xx/CVE-2024-0649.json) (`2024-01-18T13:42:11.613`)
+* [CVE-2024-22190](CVE-2024/CVE-2024-221xx/CVE-2024-22190.json) (`2024-01-18T13:48:07.553`)
## Download and Usage