admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 11:07:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-11T20:00:24.538776+00:00

Browse Source
This commit is contained in:
René Helmke 2023-05-11 22:00:27 +02:00
parent 77d435e0d9
commit f38ab1667b
69 changed files with 2699 additions and 199 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
CVE-2022/CVE-2022-223xx/CVE-2022-22313.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-22313",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-06T02:15:12.490",
"lastModified": "2023-05-08T02:37:45.160",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:24:20.833",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,14 +66,41 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_data_synchronization:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0",
"versionEndExcluding": "3.1.0",
"matchCriteriaId": "B69B16DF-3430-48D2-84AE-DD14CBD77F3D"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/217370",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6980797",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

8
CVE-2022/CVE-2022-346xx/CVE-2022-34670.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-34670",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2022-12-30T23:15:09.337",
"lastModified": "2023-01-11T20:14:51.713",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T18:15:09.800",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -326,6 +326,10 @@
}
],
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html",
"source": "psirt@nvidia.com"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5415",
"source": "psirt@nvidia.com",

8
CVE-2022/CVE-2022-346xx/CVE-2022-34674.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-34674",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2022-12-30T23:15:09.710",
"lastModified": "2023-01-05T22:32:42.947",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T18:15:09.957",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -326,6 +326,10 @@
}
],
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html",
"source": "psirt@nvidia.com"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5415",
"source": "psirt@nvidia.com",

8
CVE-2022/CVE-2022-346xx/CVE-2022-34675.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-34675",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2022-12-30T23:15:09.807",
"lastModified": "2023-01-05T22:31:29.063",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T18:15:10.070",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -241,6 +241,10 @@
}
],
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html",
"source": "psirt@nvidia.com"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5415",
"source": "psirt@nvidia.com",

8
CVE-2022/CVE-2022-346xx/CVE-2022-34677.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-34677",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2022-12-30T23:15:09.983",
"lastModified": "2023-01-05T22:30:40.483",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T18:15:10.167",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -326,6 +326,10 @@
}
],
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html",
"source": "psirt@nvidia.com"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5415",
"source": "psirt@nvidia.com",

8
CVE-2022/CVE-2022-346xx/CVE-2022-34680.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-34680",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2022-12-30T23:15:10.247",
"lastModified": "2023-01-05T22:25:58.753",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T18:15:10.287",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -326,6 +326,10 @@
}
],
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html",
"source": "psirt@nvidia.com"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5415",
"source": "psirt@nvidia.com",

53
CVE-2022/CVE-2022-41xx/CVE-2022-4118.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2022-4118",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-08T14:15:10.883",
"lastModified": "2023-05-08T14:17:28.107",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:20:40.990",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Bitcoin / AltCoin Payment Gateway for WooCommerce & Multivendor store / shop WordPress plugin through 1.7.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by authenticated users"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:coinmarketstats:bitcoin_\\/_altcoin_payment_gateway_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.7.1",
"matchCriteriaId": "961244C9-EADC-4577-8096-14B2E4714CAF"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/2839ff82-7d37-4392-8fa3-d490680d42c4",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

8
CVE-2022/CVE-2022-422xx/CVE-2022-42257.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-42257",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2022-12-30T23:15:10.897",
"lastModified": "2023-01-05T22:37:30.250",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T18:15:10.413",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -326,6 +326,10 @@
}
],
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html",
"source": "psirt@nvidia.com"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5415",
"source": "psirt@nvidia.com",

8
CVE-2022/CVE-2022-422xx/CVE-2022-42258.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-42258",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2022-12-30T23:15:10.963",
"lastModified": "2023-01-05T22:36:57.440",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T18:15:10.540",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -326,6 +326,10 @@
}
],
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html",
"source": "psirt@nvidia.com"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5415",
"source": "psirt@nvidia.com",

8
CVE-2022/CVE-2022-422xx/CVE-2022-42259.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-42259",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2022-12-30T23:15:11.030",
"lastModified": "2023-01-05T22:35:45.173",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T18:15:10.693",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -326,6 +326,10 @@
}
],
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00010.html",
"source": "psirt@nvidia.com"
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5415",
"source": "psirt@nvidia.com",

10
CVE-2022/CVE-2022-437xx/CVE-2022-43769.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-43769",
"sourceIdentifier": "security.vulnerabilities@hitachivantara.com",
"published": "2023-04-03T18:15:07.703",
"lastModified": "2023-04-12T18:51:51.000",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T18:15:10.847",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream."
"value": "\nHitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream.\u00a0\n\n"
}
],
"metrics": {
@ -101,6 +101,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/172296/Pentaho-Business-Server-Authentication-Bypass-SSTI-Code-Execution.html",
"source": "security.vulnerabilities@hitachivantara.com"
},
{
"url": "https://support.pentaho.com/hc/en-us/articles/14455561548301--Resolved-Pentaho-BA-Server-Failure-to-Sanitize-Special-Elements-into-a-Different-Plane-Special-Element-Injection-Versions-before-9-4-0-1-and-9-3-0-2-including-8-3-x-Impacted-CVE-2022-43769-",
"source": "security.vulnerabilities@hitachivantara.com",

95
CVE-2022/CVE-2022-438xx/CVE-2022-43877.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-43877",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-06T03:15:08.950",
"lastModified": "2023-05-08T02:37:45.160",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:22:32.347",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -34,14 +54,81 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-922"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0.0",
"versionEndExcluding": "6.2.7.20",
"matchCriteriaId": "6AECF25C-0B07-44ED-A22A-C236A3162D3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0.0",
"versionEndExcluding": "7.0.5.15",
"matchCriteriaId": "9C6A8986-EA96-4CC1-8996-492694ABB13B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.1.0.0",
"versionEndExcluding": "7.1.2.11",
"matchCriteriaId": "7400899E-E98C-4C32-BD86-2AF5422AE3C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0.0",
"versionEndExcluding": "7.2.3.4",
"matchCriteriaId": "DC269C51-7E17-44BF-A6DF-0BD283C54818"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.3.0.0",
"versionEndExcluding": "7.3.1.0",
"matchCriteriaId": "8635D735-B251-4DB6-AD25-1309EA0C4A74"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/240148",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6967351",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

10
CVE-2022/CVE-2022-439xx/CVE-2022-43939.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-43939",
"sourceIdentifier": "security.vulnerabilities@hitachivantara.com",
"published": "2023-04-03T19:15:07.047",
"lastModified": "2023-04-10T17:56:36.890",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T18:15:11.000",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented."
"value": "\nHitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented.\u00a0\n\n"
}
],
"metrics": {
@ -100,6 +100,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/172296/Pentaho-Business-Server-Authentication-Bypass-SSTI-Code-Execution.html",
"source": "security.vulnerabilities@hitachivantara.com"
},
{
"url": "https://support.pentaho.com/hc/en-us/articles/14455394120333--Resolved-Pentaho-BA-Server-Use-of-Non-Canonical-URL-Paths-for-Authorization-Decisions-Versions-before-9-4-0-1-and-9-3-0-2-including-8-3-x-Impacted-CVE-2022-43939-",
"source": "security.vulnerabilities@hitachivantara.com",

47
CVE-2022/CVE-2022-450xx/CVE-2022-45065.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-45065",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-08T15:15:09.580",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:29:25.107",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:squirrly:seo_plugin:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "12.1.20",
"matchCriteriaId": "5A7AD543-276B-416C-B2F9-A8147196976E"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/squirrly-seo/wordpress-squirrly-seo-peaks-plugin-12-1-20-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

6
CVE-2022/CVE-2022-460xx/CVE-2022-46081.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-46081",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-04T04:15:09.837",
"lastModified": "2023-01-11T14:19:44.487",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T19:15:09.200",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "In Garmin Connect 4.61, terminating a LiveTrack session wouldn't prevent the LiveTrack API from continued exposure of private personal information."
"value": "** DISPUTED ** In Garmin Connect 4.61, terminating a LiveTrack session wouldn't prevent the LiveTrack API from continued exposure of private personal information. NOTE: this is disputed by the vendor because the LiveTrack API service is not a customer-controlled product."
}
],
"metrics": {

47
CVE-2022/CVE-2022-474xx/CVE-2022-47437.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47437",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-08T15:15:09.650",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:29:03.820",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wsb_brands_project:wsb_brands:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.8",
"matchCriteriaId": "E6D52E16-D6E4-423E-9FAB-59C2E6B6F2F6"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wsb-brands/wordpress-wsb-brands-plugin-1-1-8-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2022/CVE-2022-474xx/CVE-2022-47439.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47439",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-08T15:15:09.723",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:28:50.673",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rocketapps:open_graphite:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.6.0",
"matchCriteriaId": "6270C630-5607-4626-9925-0F27955889C1"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/open-graphite/wordpress-open-graphite-plugin-1-5-1-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

150
CVE-2022/CVE-2022-482xx/CVE-2022-48237.json
View File

@ -2,19 +2,161 @@
"id": "CVE-2022-48237",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-05-09T02:15:10.403",
"lastModified": "2023-05-09T12:46:35.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T19:20:28.837",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In Image filter, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
}
]
}
]
}
],
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761",
"source": "security@unisoc.com"
"source": "security@unisoc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-00xx/CVE-2023-0008.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-0008",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2023-05-10T17:15:09.040",
"lastModified": "2023-05-11T13:36:34.880",
"lastModified": "2023-05-11T18:15:11.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator with access to the web interface to export local files from the firewall through a race condition.\n\n"
"value": "A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition.\n\n"
}
],
"metrics": {

53
CVE-2023/CVE-2023-02xx/CVE-2023-0267.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-0267",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-08T14:15:10.967",
"lastModified": "2023-05-08T14:17:28.107",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:15:16.573",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Ultimate Carousel For WPBakery Page Builder WordPress plugin through 2.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:topdigitaltrends:ultimate_carousel_for_wpbakery_page_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.6",
"matchCriteriaId": "4F0CB2D9-A579-4BEC-B8C7-0EE8B932715F"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/7ba7849d-e07b-465a-bfb7-10c8186be140",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-02xx/CVE-2023-0268.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-0268",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-08T14:15:11.057",
"lastModified": "2023-05-08T14:17:28.107",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:12:06.047",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Mega Addons For WPBakery Page Builder WordPress plugin before 4.3.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:topdigitaltrends:mega_addons_for_wpbakery_page_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.3.0",
"matchCriteriaId": "6A568F16-1F34-40F8-B153-F62DAEEAB1C9"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/99389641-ad1e-45c1-a42f-2a010ee22d76",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-16xx/CVE-2023-1649.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-1649",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-08T14:15:12.670",
"lastModified": "2023-05-08T14:17:23.197",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:53:04.560",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The AI ChatBot WordPress plugin before 4.5.1 does not sanitise and escape numerous of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:quantumcloud:ai_chatbot:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.5.1",
"matchCriteriaId": "A9D4263D-6763-40F1-BD02-5BAEE0C8C015"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/ea806115-14ab-4bc4-a272-2141cb14454a",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit"
]
}
]
}

52
CVE-2023/CVE-2023-16xx/CVE-2023-1651.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-1651",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-08T14:15:12.867",
"lastModified": "2023-05-08T14:17:23.197",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:52:54.370",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The AI ChatBot WordPress plugin before 4.4.9 does not have authorisation and CSRF in the AJAX action responsible to update the OpenAI settings, allowing any authenticated users, such as subscriber to update them. Furthermore, due to the lack of escaping of the settings, this could also lead to Stored XSS"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -27,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:quantumcloud:ai_chatbot:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.4.9",
"matchCriteriaId": "F05D79C5-42D1-4A5E-A56A-13083B32C35D"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/c88b22ba-4fc2-49ad-a457-224157521bad",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit"
]
}
]
}

52
CVE-2023/CVE-2023-16xx/CVE-2023-1660.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-1660",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-08T14:15:13.173",
"lastModified": "2023-05-08T14:17:23.197",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:50:04.077",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The AI ChatBot WordPress plugin before 4.4.9 does not have authorisation and CSRF in a function hooked to init, allowing unauthenticated users to update some settings, leading to Stored XSS due to the lack of escaping when outputting them in the admin dashboard"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -27,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:quantumcloud:ai_chatbot:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.4.9",
"matchCriteriaId": "F05D79C5-42D1-4A5E-A56A-13083B32C35D"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/1a5cbcfc-fa55-433a-a76b-3881b6c4bea2",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit"
]
}
]
}

52
CVE-2023/CVE-2023-18xx/CVE-2023-1806.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-1806",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-08T14:15:13.310",
"lastModified": "2023-05-08T14:17:23.197",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:56:50.760",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The WP Inventory Manager WordPress plugin before 2.1.0.12 does not sanitise and escape the message parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as administrators."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpinventory:wp_inventory_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1.0.12",
"matchCriteriaId": "7B645308-BEDC-4A8B-8D97-52903B3077F5"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/38d99c7d-2d10-4910-b95a-1cb545b813c4",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit"
]
}
]
}

55
CVE-2023/CVE-2023-18xx/CVE-2023-1834.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-1834",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-05-11T19:15:09.283",
"lastModified": "2023-05-11T19:15:09.283",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nRockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and January 2023, and are running v7.13 may have the telnet and FTP ports open by default.\u00a0 This could potentially allow attackers unauthorized\u00a0access to the device through the open ports."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.4,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139441",
"source": "PSIRT@rockwellautomation.com"
}
]
}

6
CVE-2023/CVE-2023-217xx/CVE-2023-21776.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-21776",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-01-10T22:15:19.677",
"lastModified": "2023-04-27T19:15:16.797",
"lastModified": "2023-05-11T18:15:12.250",
"vulnStatus": "Modified",
"descriptions": [
{
@ -159,6 +159,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/172300/Windows-Kernel-CmpDoReDoCreateKey-CmpDoReOpenTransKey-Out-Of-Bounds-Read.html",
"source": "secure@microsoft.com"
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21776",
"source": "secure@microsoft.com"

59
CVE-2023/CVE-2023-227xx/CVE-2023-22710.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22710",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-08T23:15:09.820",
"lastModified": "2023-05-09T12:46:35.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T19:06:29.917",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +64,43 @@
"value": "CWE-79"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:return_and_warranty_management_system_for_woocommerce_project:return_and_warranty_management_system_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.3",
"matchCriteriaId": "94C18F6D-EB77-4D3B-89F0-5A0717BF6007"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wc-return-warrranty/wordpress-return-and-warranty-management-system-for-woocommerce-plugin-1-2-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-238xx/CVE-2023-23894.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23894",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-08T22:15:09.163",
"lastModified": "2023-05-09T12:47:05.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T19:08:44.543",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:surbma:gdpr_proof_cookie_consent_\\&_notice_bar:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "17.6.0",
"matchCriteriaId": "4CD614EE-3663-4B91-9377-AF2D1371B298"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/surbma-gdpr-proof-google-analytics/wordpress-surbma-gdpr-proof-cookie-consent-notice-bar-plugin-17-5-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-243xx/CVE-2023-24376.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24376",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-08T22:15:09.240",
"lastModified": "2023-05-09T12:47:05.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T19:08:28.000",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp_simple_events_project:wp_simple_events:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0",
"matchCriteriaId": "6DD6D660-9B59-4FB3-956F-B5E116C7AB0B"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-simple-events/wordpress-wp-simple-events-plugin-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-244xx/CVE-2023-24408.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24408",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-08T15:15:10.730",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T19:01:08.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightspeedhq:ecwid_ecommerce_shopping_cart:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.11.5",
"matchCriteriaId": "BFBF7414-EE79-4C64-9ACA-B1D3820D5D80"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ecwid-shopping-cart/wordpress-ecwid-ecommerce-shopping-cart-plugin-6-11-5-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

43
CVE-2023/CVE-2023-24xx/CVE-2023-2443.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-2443",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-05-11T19:15:09.377",
"lastModified": "2023-05-11T19:15:09.377",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nRockwell Automation ThinManager product allows the use of medium strength ciphers. \u00a0If the client requests an insecure cipher, a malicious actor could potentially decrypt traffic sent between the client and server API.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139442",
"source": "PSIRT@rockwellautomation.com"
}
]
}

43
CVE-2023/CVE-2023-24xx/CVE-2023-2444.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-2444",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-05-11T19:15:09.437",
"lastModified": "2023-05-11T19:15:09.437",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA cross site request forgery vulnerability exists in Rockwell Automation's FactoryTalk Vantagepoint. This vulnerability can be exploited in two ways. If an attacker sends a malicious link to a computer that is on the same domain as the FactoryTalk Vantagepoint server and a user clicks the link, the attacker could impersonate the legitimate user and send requests to the affected product.\u00a0\u00a0Additionally, if an attacker sends an untrusted link to a computer that is not on the same domain as the server and a user opens the FactoryTalk Vantagepoint website, enters credentials for the FactoryTalk Vantagepoint server, and clicks on the malicious link a cross site request forgery attack would be successful as well.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.5
}
]
},
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139443",
"source": "PSIRT@rockwellautomation.com"
}
]
}

28
CVE-2023/CVE-2023-253xx/CVE-2023-25309.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-25309",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-11T18:15:12.360",
"lastModified": "2023-05-11T18:15:12.360",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) Vulnerability in Fetlife rollout-ui version 0.5, allows attackers to execute arbitrary code via a crafted url to the delete a feature functionality."
}
],
"metrics": {},
"references": [
{
"url": "http://fetlife.com",
"source": "cve@mitre.org"
},
{
"url": "http://rollout-ui.com",
"source": "cve@mitre.org"
},
{
"url": "https://packetstormsecurity.com/files/172185/Rollout-UI-0.5-Cross-Site-Scripting.html",
"source": "cve@mitre.org"
}
]
}

59
CVE-2023/CVE-2023-25xx/CVE-2023-2560.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2560",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-06T11:15:08.853",
"lastModified": "2023-05-08T02:37:45.160",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:27:40.423",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:newbinggogo_project:newbinggogo:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2023.5.5.2",
"matchCriteriaId": "304C9789-73F8-4AD6-BD94-9C3A9E626537"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/jja8/NewBingGoGo/issues/I6WH2E",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.228167",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.228167",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-282xx/CVE-2023-28248.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28248",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-04-11T21:15:24.803",
"lastModified": "2023-04-19T13:37:31.250",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T18:15:12.443",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -116,6 +116,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/172283/Windows-Kernel-CmpCleanupLightWeightPrepare-Use-After-Free.html",
"source": "secure@microsoft.com"
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28248",
"source": "secure@microsoft.com",

8
CVE-2023/CVE-2023-282xx/CVE-2023-28271.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28271",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-04-11T21:15:26.120",
"lastModified": "2023-04-13T01:09:39.853",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T18:15:12.650",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -142,6 +142,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/172298/Windows-Kernel-Uninitialized-Memory-Pointer-Disclosure.html",
"source": "secure@microsoft.com"
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28271",
"source": "secure@microsoft.com",

8
CVE-2023/CVE-2023-282xx/CVE-2023-28293.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28293",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-04-11T21:15:27.317",
"lastModified": "2023-04-19T20:53:46.347",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T18:15:12.817",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -136,6 +136,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/172300/Windows-Kernel-CmpDoReDoCreateKey-CmpDoReOpenTransKey-Out-Of-Bounds-Read.html",
"source": "secure@microsoft.com"
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28293",
"source": "secure@microsoft.com",

47
CVE-2023/CVE-2023-284xx/CVE-2023-28493.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28493",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-08T15:15:10.910",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:59:41.717",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:machothemes:newsmag:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.4.4",
"matchCriteriaId": "10AF610D-03B0-4F0D-8BAE-FB5C840922D0"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/newsmag/wordpress-newsmag-theme-2-4-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-290xx/CVE-2023-29022.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-29022",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-05-11T18:15:13.023",
"lastModified": "2023-05-11T18:15:13.023",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nthat could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139438",
"source": "PSIRT@rockwellautomation.com"
}
]
}

55
CVE-2023/CVE-2023-290xx/CVE-2023-29023.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-29023",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-05-11T18:15:13.163",
"lastModified": "2023-05-11T18:15:13.163",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139438",
"source": "PSIRT@rockwellautomation.com"
}
]
}

55
CVE-2023/CVE-2023-290xx/CVE-2023-29024.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-29024",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-05-11T18:15:13.240",
"lastModified": "2023-05-11T18:15:13.240",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nA cross site scripting vulnerability was discovered that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139438",
"source": "PSIRT@rockwellautomation.com"
}
]
}

55
CVE-2023/CVE-2023-290xx/CVE-2023-29025.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-29025",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-05-11T18:15:13.323",
"lastModified": "2023-05-11T18:15:13.323",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nthat could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139438",
"source": "PSIRT@rockwellautomation.com"
}
]
}

55
CVE-2023/CVE-2023-290xx/CVE-2023-29026.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-29026",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-05-11T18:15:13.420",
"lastModified": "2023-05-11T18:15:13.420",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nthat could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139438",
"source": "PSIRT@rockwellautomation.com"
}
]
}

55
CVE-2023/CVE-2023-290xx/CVE-2023-29027.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-29027",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-05-11T18:15:13.517",
"lastModified": "2023-05-11T18:15:13.517",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nthat could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139438",
"source": "PSIRT@rockwellautomation.com"
}
]
}

55
CVE-2023/CVE-2023-290xx/CVE-2023-29028.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-29028",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-05-11T18:15:13.610",
"lastModified": "2023-05-11T18:15:13.610",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nthat could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139438",
"source": "PSIRT@rockwellautomation.com"
}
]
}

55
CVE-2023/CVE-2023-290xx/CVE-2023-29029.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-29029",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-05-11T18:15:13.677",
"lastModified": "2023-05-11T18:15:13.677",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product \n\nthat could potentially allow a malicious user with admin privileges and network access to view user data and modify the web interface. Additionally, a malicious user could potentially cause interruptions to the availability of the web page.\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139438",
"source": "PSIRT@rockwellautomation.com"
}
]
}

55
CVE-2023/CVE-2023-290xx/CVE-2023-29030.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-29030",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-05-11T18:15:13.770",
"lastModified": "2023-05-11T18:15:13.770",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139438",
"source": "PSIRT@rockwellautomation.com"
}
]
}

55
CVE-2023/CVE-2023-290xx/CVE-2023-29031.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-29031",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-05-11T18:15:13.843",
"lastModified": "2023-05-11T18:15:13.843",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA cross site scripting vulnerability was discovered in Rockwell Automation's ArmorStart ST product that could potentially allow a malicious user to view and modify sensitive data or make the web page unavailable. User interaction, such as a phishing attack, is required for successful exploitation of this vulnerability.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1139438",
"source": "PSIRT@rockwellautomation.com"
}
]
}

8
CVE-2023/CVE-2023-290xx/CVE-2023-29085.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29085",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-14T21:15:08.193",
"lastModified": "2023-04-24T16:52:25.167",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T18:15:13.953",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -231,6 +231,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/172288/Shannon-Baseband-SIP-Status-Line-Stack-Buffer-Overflow.html",
"source": "cve@mitre.org"
},
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/",
"source": "cve@mitre.org",

8
CVE-2023/CVE-2023-290xx/CVE-2023-29086.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29086",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-14T21:15:08.243",
"lastModified": "2023-04-24T16:52:10.910",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T18:15:14.200",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -231,6 +231,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/172293/Shannon-Baseband-SIP-Min-SE-Header-Stack-Buffer-Overflow.html",
"source": "cve@mitre.org"
},
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/",
"source": "cve@mitre.org",

8
CVE-2023/CVE-2023-290xx/CVE-2023-29087.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29087",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-14T21:15:08.293",
"lastModified": "2023-04-24T16:51:38.263",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T18:15:14.300",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -231,6 +231,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/172295/Shannon-Baseband-SIP-Retry-After-Header-Heap-Buffer-Overflow.html",
"source": "cve@mitre.org"
},
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/",
"source": "cve@mitre.org",

8
CVE-2023/CVE-2023-290xx/CVE-2023-29088.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29088",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-14T21:15:08.337",
"lastModified": "2023-04-24T16:51:08.510",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T18:15:14.563",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -231,6 +231,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/172289/Shannon-Baseband-SIP-Session-Expires-Header-Stack-Buffer-Overflow.html",
"source": "cve@mitre.org"
},
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/",
"source": "cve@mitre.org",

8
CVE-2023/CVE-2023-290xx/CVE-2023-29089.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29089",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-14T21:15:08.400",
"lastModified": "2023-04-24T16:50:30.033",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T18:15:14.927",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -231,6 +231,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/172292/Shannon-Baseband-Negative-Size-Memcpy-Out-Of-Bounds-Read.html",
"source": "cve@mitre.org"
},
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/",
"source": "cve@mitre.org",

8
CVE-2023/CVE-2023-290xx/CVE-2023-29090.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29090",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-14T21:15:08.447",
"lastModified": "2023-04-24T16:49:52.767",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T18:15:15.277",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -231,6 +231,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/172287/Shannon-Baseband-Via-Header-Decoder-Stack-Buffer-Overflow.html",
"source": "cve@mitre.org"
},
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/",
"source": "cve@mitre.org",

8
CVE-2023/CVE-2023-290xx/CVE-2023-29091.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29091",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-14T21:15:08.493",
"lastModified": "2023-04-24T16:49:36.503",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T18:15:15.443",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -231,6 +231,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/172282/Shannon-Baseband-SIP-URI-Decoder-Stack-Buffer-Overflow.html",
"source": "cve@mitre.org"
},
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/",
"source": "cve@mitre.org",

64
CVE-2023/CVE-2023-299xx/CVE-2023-29932.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-29932",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:09.633",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:02:30.523",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "llvm-project commit fdbc55a5 was discovered to contain a segmentation fault via the component mlir::IROperand<mlir::OpOperand."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:llvm:llvm:2022-11-01:*:*:*:*:*:*:*",
"matchCriteriaId": "1B7B4679-F150-4937-8E6C-85F26EECA861"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/llvm/llvm-project/issues/58745",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
]
}
]
}

64
CVE-2023/CVE-2023-299xx/CVE-2023-29933.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-29933",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:09.683",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:06:22.817",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "llvm-project commit bd456297 was discovered to contain a segmentation fault via the component mlir::Block::getArgument."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:llvm:llvm:2022-12-11:*:*:*:*:*:*:*",
"matchCriteriaId": "01176116-1DD3-4B35-8387-6303D4AD731B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/llvm/llvm-project/issues/59442",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
]
}
]
}

64
CVE-2023/CVE-2023-299xx/CVE-2023-29934.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-29934",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:09.733",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:13:33.977",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect()."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:llvm:llvm:2022-11-22:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D60ABE-3E22-40CA-800B-77F8BAD4DCD2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/llvm/llvm-project/issues/59136",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
]
}
]
}

64
CVE-2023/CVE-2023-299xx/CVE-2023-29935.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-29935",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:09.783",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:17:06.773",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements.count(op) && \"operation was already replaced."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-617"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:llvm:llvm:2022-11-23:*:*:*:*:*:*:*",
"matchCriteriaId": "9B8D1FE3-4FF5-447A-8B19-FF362CD84298"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/llvm/llvm-project/issues/59182",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
]
}
]
}

64
CVE-2023/CVE-2023-299xx/CVE-2023-29939.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-29939",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:09.850",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:19:39.167",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::spirv::TargetEnv::TargetEnv(mlir::spirv::TargetEnvAttr)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:llvm:llvm:2023-01-12:*:*:*:*:*:*:*",
"matchCriteriaId": "3693A1CB-2899-4946-A444-0FB73D378422"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/llvm/llvm-project/issues/59983",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
]
}
]
}

64
CVE-2023/CVE-2023-299xx/CVE-2023-29941.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-29941",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:09.917",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:23:11.180",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "llvm-project commit a0138390 was discovered to contain a segmentation fault via the component matchAndRewriteSortOp<mlir::sparse_tensor::SortOp>(mlir::sparse_tensor::SortOp."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:llvm:llvm:2023-01-12:*:*:*:*:*:*:*",
"matchCriteriaId": "3693A1CB-2899-4946-A444-0FB73D378422"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/llvm/llvm-project/issues/59988",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
]
}
]
}

64
CVE-2023/CVE-2023-299xx/CVE-2023-29942.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-29942",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:09.970",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:23:44.497",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::Type::isa<mlir::LLVM::LLVMVoidType."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:llvm:llvm:2023-01-12:*:*:*:*:*:*:*",
"matchCriteriaId": "3693A1CB-2899-4946-A444-0FB73D378422"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/llvm/llvm-project/issues/59990",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
]
}
]
}

76
CVE-2023/CVE-2023-300xx/CVE-2023-30053.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-30053",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:10.020",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:31:11.017",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "TOTOLINK A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:a7100ru_firmware:7.4cu.2313_b20191024:*:*:*:*:*:*:*",
"matchCriteriaId": "83C47206-6608-4258-A2FE-D15C5637192D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:a7100ru:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DD0831-0EB3-4F09-B4E4-6165E53AB6A6"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Am1ngl/ttt/tree/main/160",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-300xx/CVE-2023-30054.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-30054",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:10.070",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:38:32.380",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "TOTOLINK A7100RU V7.4cu.2313_B20191024 has a Command Injection vulnerability. An attacker can obtain a stable root shell through a specially constructed payload."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:a7100ru_firmware:7.4cu.2313_b20191024:*:*:*:*:*:*:*",
"matchCriteriaId": "83C47206-6608-4258-A2FE-D15C5637192D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:a7100ru:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DD0831-0EB3-4F09-B4E4-6165E53AB6A6"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Am1ngl/ttt/tree/main/161",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

36
CVE-2023/CVE-2023-303xx/CVE-2023-30394.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-30394",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-11T19:15:09.497",
"lastModified": "2023-05-11T19:15:09.497",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "MoveIT v1.1.11 was discovered to contain a cross-site scripting (XSS) vulenrability via the API authentication function."
}
],
"metrics": {},
"references": [
{
"url": "http://moveit.com",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/M19O/Security-Advisories/tree/main/CVE-2023-30394",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/ros-planning/moveit",
"source": "cve@mitre.org"
},
{
"url": "https://i.ibb.co/R2JSPV5/2022-10-02-12-39-57-Window.png",
"source": "cve@mitre.org"
},
{
"url": "https://i.ibb.co/RyRSzpN/Response-Manipulation.png",
"source": "cve@mitre.org"
}
]
}

82
CVE-2023/CVE-2023-304xx/CVE-2023-30434.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30434",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-05T15:15:10.117",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T18:45:43.990",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,18 +66,70 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:elastic_storage_system:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1.0.0",
"versionEndExcluding": "6.1.2.6",
"matchCriteriaId": "E86D735A-E083-4F28-A5CA-008CE54BFC06"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:elastic_storage_system:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1.3.0",
"versionEndExcluding": "6.1.6.1",
"matchCriteriaId": "3C62D63F-902A-494C-842F-CF3810E232DC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:spectrum_scale:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.1.0.0",
"versionEndIncluding": "5.1.2.9",
"matchCriteriaId": "A43A3461-1512-4B3C-BEC2-09ACEB3372E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:spectrum_scale:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.1.3.0",
"versionEndIncluding": "5.1.6.1",
"matchCriteriaId": "FF53771C-2D6E-46FB-A7AA-FA48914F99AD"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/252187",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6988363",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6988365",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-311xx/CVE-2023-31183.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31183",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2023-05-08T21:15:12.227",
"lastModified": "2023-05-09T12:47:05.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T19:09:15.927",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cybonet:pineapp_mail_secure:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.10.1646",
"matchCriteriaId": "2C7966B3-7D4A-4699-AE54-2C4A3CEE3B84"
}
]
}
]
}
],
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il"
"source": "cna@cyber.gov.il",
"tags": [
"Third Party Advisory"
]
}
]
}

110
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-11T18:00:23.919646+00:00
2023-05-11T20:00:24.538776+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-11T17:54:34.873000+00:00
2023-05-11T19:20:28.837000+00:00
```
### Last Data Feed Release
@ -29,51 +29,87 @@ Download and Changelog: [Click](releases/latest)
### Total Number of included CVEs
```plain
214917
214932
```
### CVEs added in the last Commit
Recently added CVEs: `4`
Recently added CVEs: `15`
* [CVE-2023-24539](CVE-2023/CVE-2023-245xx/CVE-2023-24539.json) (`2023-05-11T16:15:09.600`)
* [CVE-2023-24540](CVE-2023/CVE-2023-245xx/CVE-2023-24540.json) (`2023-05-11T16:15:09.687`)
* [CVE-2023-29400](CVE-2023/CVE-2023-294xx/CVE-2023-29400.json) (`2023-05-11T16:15:09.850`)
* [CVE-2023-32075](CVE-2023/CVE-2023-320xx/CVE-2023-32075.json) (`2023-05-11T17:15:09.357`)
* [CVE-2023-1834](CVE-2023/CVE-2023-18xx/CVE-2023-1834.json) (`2023-05-11T19:15:09.283`)
* [CVE-2023-2443](CVE-2023/CVE-2023-24xx/CVE-2023-2443.json) (`2023-05-11T19:15:09.377`)
* [CVE-2023-2444](CVE-2023/CVE-2023-24xx/CVE-2023-2444.json) (`2023-05-11T19:15:09.437`)
* [CVE-2023-25309](CVE-2023/CVE-2023-253xx/CVE-2023-25309.json) (`2023-05-11T18:15:12.360`)
* [CVE-2023-29022](CVE-2023/CVE-2023-290xx/CVE-2023-29022.json) (`2023-05-11T18:15:13.023`)
* [CVE-2023-29023](CVE-2023/CVE-2023-290xx/CVE-2023-29023.json) (`2023-05-11T18:15:13.163`)
* [CVE-2023-29024](CVE-2023/CVE-2023-290xx/CVE-2023-29024.json) (`2023-05-11T18:15:13.240`)
* [CVE-2023-29025](CVE-2023/CVE-2023-290xx/CVE-2023-29025.json) (`2023-05-11T18:15:13.323`)
* [CVE-2023-29026](CVE-2023/CVE-2023-290xx/CVE-2023-29026.json) (`2023-05-11T18:15:13.420`)
* [CVE-2023-29027](CVE-2023/CVE-2023-290xx/CVE-2023-29027.json) (`2023-05-11T18:15:13.517`)
* [CVE-2023-29028](CVE-2023/CVE-2023-290xx/CVE-2023-29028.json) (`2023-05-11T18:15:13.610`)
* [CVE-2023-29029](CVE-2023/CVE-2023-290xx/CVE-2023-29029.json) (`2023-05-11T18:15:13.677`)
* [CVE-2023-29030](CVE-2023/CVE-2023-290xx/CVE-2023-29030.json) (`2023-05-11T18:15:13.770`)
* [CVE-2023-29031](CVE-2023/CVE-2023-290xx/CVE-2023-29031.json) (`2023-05-11T18:15:13.843`)
* [CVE-2023-30394](CVE-2023/CVE-2023-303xx/CVE-2023-30394.json) (`2023-05-11T19:15:09.497`)
### CVEs modified in the last Commit
Recently modified CVEs: `28`
Recently modified CVEs: `53`
* [CVE-2017-20183](CVE-2017/CVE-2017-201xx/CVE-2017-20183.json) (`2023-05-11T17:37:24.683`)
* [CVE-2020-18132](CVE-2020/CVE-2020-181xx/CVE-2020-18132.json) (`2023-05-11T17:53:50.410`)
* [CVE-2020-18282](CVE-2020/CVE-2020-182xx/CVE-2020-18282.json) (`2023-05-11T17:53:25.337`)
* [CVE-2020-19660](CVE-2020/CVE-2020-196xx/CVE-2020-19660.json) (`2023-05-11T17:53:02.137`)
* [CVE-2022-26562](CVE-2022/CVE-2022-265xx/CVE-2022-26562.json) (`2023-05-11T16:15:09.383`)
* [CVE-2022-43950](CVE-2022/CVE-2022-439xx/CVE-2022-43950.json) (`2023-05-11T17:51:16.800`)
* [CVE-2022-45608](CVE-2022/CVE-2022-456xx/CVE-2022-45608.json) (`2023-05-11T16:15:09.510`)
* [CVE-2022-45858](CVE-2022/CVE-2022-458xx/CVE-2022-45858.json) (`2023-05-11T17:50:46.947`)
* [CVE-2022-45859](CVE-2022/CVE-2022-458xx/CVE-2022-45859.json) (`2023-05-11T17:48:55.873`)
* [CVE-2022-45860](CVE-2022/CVE-2022-458xx/CVE-2022-45860.json) (`2023-05-11T17:48:23.927`)
* [CVE-2023-23383](CVE-2023/CVE-2023-233xx/CVE-2023-23383.json) (`2023-05-11T17:27:41.973`)
* [CVE-2023-23398](CVE-2023/CVE-2023-233xx/CVE-2023-23398.json) (`2023-05-11T17:27:54.713`)
* [CVE-2023-23494](CVE-2023/CVE-2023-234xx/CVE-2023-23494.json) (`2023-05-11T17:10:28.070`)
* [CVE-2023-23528](CVE-2023/CVE-2023-235xx/CVE-2023-23528.json) (`2023-05-11T17:11:26.573`)
* [CVE-2023-23533](CVE-2023/CVE-2023-235xx/CVE-2023-23533.json) (`2023-05-11T17:16:13.243`)
* [CVE-2023-23538](CVE-2023/CVE-2023-235xx/CVE-2023-23538.json) (`2023-05-11T17:16:11.393`)
* [CVE-2023-24788](CVE-2023/CVE-2023-247xx/CVE-2023-24788.json) (`2023-05-11T16:15:09.760`)
* [CVE-2023-2531](CVE-2023/CVE-2023-25xx/CVE-2023-2531.json) (`2023-05-11T17:21:01.777`)
* [CVE-2023-2565](CVE-2023/CVE-2023-25xx/CVE-2023-2565.json) (`2023-05-11T17:54:34.873`)
* [CVE-2023-29350](CVE-2023/CVE-2023-293xx/CVE-2023-29350.json) (`2023-05-11T16:19:58.783`)
* [CVE-2023-29354](CVE-2023/CVE-2023-293xx/CVE-2023-29354.json) (`2023-05-11T16:20:12.437`)
* [CVE-2023-29963](CVE-2023/CVE-2023-299xx/CVE-2023-29963.json) (`2023-05-11T17:26:19.890`)
* [CVE-2023-30013](CVE-2023/CVE-2023-300xx/CVE-2023-30013.json) (`2023-05-11T17:14:10.497`)
* [CVE-2023-30093](CVE-2023/CVE-2023-300xx/CVE-2023-30093.json) (`2023-05-11T16:15:09.923`)
* [CVE-2023-30094](CVE-2023/CVE-2023-300xx/CVE-2023-30094.json) (`2023-05-11T16:15:09.990`)
* [CVE-2023-30095](CVE-2023/CVE-2023-300xx/CVE-2023-30095.json) (`2023-05-11T16:15:10.080`)
* [CVE-2023-30096](CVE-2023/CVE-2023-300xx/CVE-2023-30096.json) (`2023-05-11T16:15:10.163`)
* [CVE-2023-30097](CVE-2023/CVE-2023-300xx/CVE-2023-30097.json) (`2023-05-11T16:15:10.240`)
* [CVE-2022-22313](CVE-2022/CVE-2022-223xx/CVE-2022-22313.json) (`2023-05-11T18:24:20.833`)
* [CVE-2022-34670](CVE-2022/CVE-2022-346xx/CVE-2022-34670.json) (`2023-05-11T18:15:09.800`)
* [CVE-2022-34674](CVE-2022/CVE-2022-346xx/CVE-2022-34674.json) (`2023-05-11T18:15:09.957`)
* [CVE-2022-34675](CVE-2022/CVE-2022-346xx/CVE-2022-34675.json) (`2023-05-11T18:15:10.070`)
* [CVE-2022-34677](CVE-2022/CVE-2022-346xx/CVE-2022-34677.json) (`2023-05-11T18:15:10.167`)
* [CVE-2022-34680](CVE-2022/CVE-2022-346xx/CVE-2022-34680.json) (`2023-05-11T18:15:10.287`)
* [CVE-2022-4118](CVE-2022/CVE-2022-41xx/CVE-2022-4118.json) (`2023-05-11T18:20:40.990`)
* [CVE-2022-42257](CVE-2022/CVE-2022-422xx/CVE-2022-42257.json) (`2023-05-11T18:15:10.413`)
* [CVE-2022-42258](CVE-2022/CVE-2022-422xx/CVE-2022-42258.json) (`2023-05-11T18:15:10.540`)
* [CVE-2022-42259](CVE-2022/CVE-2022-422xx/CVE-2022-42259.json) (`2023-05-11T18:15:10.693`)
* [CVE-2022-43769](CVE-2022/CVE-2022-437xx/CVE-2022-43769.json) (`2023-05-11T18:15:10.847`)
* [CVE-2022-43877](CVE-2022/CVE-2022-438xx/CVE-2022-43877.json) (`2023-05-11T18:22:32.347`)
* [CVE-2022-43939](CVE-2022/CVE-2022-439xx/CVE-2022-43939.json) (`2023-05-11T18:15:11.000`)
* [CVE-2022-45065](CVE-2022/CVE-2022-450xx/CVE-2022-45065.json) (`2023-05-11T18:29:25.107`)
* [CVE-2022-46081](CVE-2022/CVE-2022-460xx/CVE-2022-46081.json) (`2023-05-11T19:15:09.200`)
* [CVE-2022-47437](CVE-2022/CVE-2022-474xx/CVE-2022-47437.json) (`2023-05-11T18:29:03.820`)
* [CVE-2022-47439](CVE-2022/CVE-2022-474xx/CVE-2022-47439.json) (`2023-05-11T18:28:50.673`)
* [CVE-2022-48237](CVE-2022/CVE-2022-482xx/CVE-2022-48237.json) (`2023-05-11T19:20:28.837`)
* [CVE-2023-0008](CVE-2023/CVE-2023-00xx/CVE-2023-0008.json) (`2023-05-11T18:15:11.093`)
* [CVE-2023-0267](CVE-2023/CVE-2023-02xx/CVE-2023-0267.json) (`2023-05-11T18:15:16.573`)
* [CVE-2023-0268](CVE-2023/CVE-2023-02xx/CVE-2023-0268.json) (`2023-05-11T18:12:06.047`)
* [CVE-2023-1649](CVE-2023/CVE-2023-16xx/CVE-2023-1649.json) (`2023-05-11T18:53:04.560`)
* [CVE-2023-1651](CVE-2023/CVE-2023-16xx/CVE-2023-1651.json) (`2023-05-11T18:52:54.370`)
* [CVE-2023-1660](CVE-2023/CVE-2023-16xx/CVE-2023-1660.json) (`2023-05-11T18:50:04.077`)
* [CVE-2023-1806](CVE-2023/CVE-2023-18xx/CVE-2023-1806.json) (`2023-05-11T18:56:50.760`)
* [CVE-2023-21776](CVE-2023/CVE-2023-217xx/CVE-2023-21776.json) (`2023-05-11T18:15:12.250`)
* [CVE-2023-22710](CVE-2023/CVE-2023-227xx/CVE-2023-22710.json) (`2023-05-11T19:06:29.917`)
* [CVE-2023-23894](CVE-2023/CVE-2023-238xx/CVE-2023-23894.json) (`2023-05-11T19:08:44.543`)
* [CVE-2023-24376](CVE-2023/CVE-2023-243xx/CVE-2023-24376.json) (`2023-05-11T19:08:28.000`)
* [CVE-2023-24408](CVE-2023/CVE-2023-244xx/CVE-2023-24408.json) (`2023-05-11T19:01:08.147`)
* [CVE-2023-2560](CVE-2023/CVE-2023-25xx/CVE-2023-2560.json) (`2023-05-11T18:27:40.423`)
* [CVE-2023-28248](CVE-2023/CVE-2023-282xx/CVE-2023-28248.json) (`2023-05-11T18:15:12.443`)
* [CVE-2023-28271](CVE-2023/CVE-2023-282xx/CVE-2023-28271.json) (`2023-05-11T18:15:12.650`)
* [CVE-2023-28293](CVE-2023/CVE-2023-282xx/CVE-2023-28293.json) (`2023-05-11T18:15:12.817`)
* [CVE-2023-28493](CVE-2023/CVE-2023-284xx/CVE-2023-28493.json) (`2023-05-11T18:59:41.717`)
* [CVE-2023-29085](CVE-2023/CVE-2023-290xx/CVE-2023-29085.json) (`2023-05-11T18:15:13.953`)
* [CVE-2023-29086](CVE-2023/CVE-2023-290xx/CVE-2023-29086.json) (`2023-05-11T18:15:14.200`)
* [CVE-2023-29087](CVE-2023/CVE-2023-290xx/CVE-2023-29087.json) (`2023-05-11T18:15:14.300`)
* [CVE-2023-29088](CVE-2023/CVE-2023-290xx/CVE-2023-29088.json) (`2023-05-11T18:15:14.563`)
* [CVE-2023-29089](CVE-2023/CVE-2023-290xx/CVE-2023-29089.json) (`2023-05-11T18:15:14.927`)
* [CVE-2023-29090](CVE-2023/CVE-2023-290xx/CVE-2023-29090.json) (`2023-05-11T18:15:15.277`)
* [CVE-2023-29091](CVE-2023/CVE-2023-290xx/CVE-2023-29091.json) (`2023-05-11T18:15:15.443`)
* [CVE-2023-29932](CVE-2023/CVE-2023-299xx/CVE-2023-29932.json) (`2023-05-11T18:02:30.523`)
* [CVE-2023-29933](CVE-2023/CVE-2023-299xx/CVE-2023-29933.json) (`2023-05-11T18:06:22.817`)
* [CVE-2023-29934](CVE-2023/CVE-2023-299xx/CVE-2023-29934.json) (`2023-05-11T18:13:33.977`)
* [CVE-2023-29935](CVE-2023/CVE-2023-299xx/CVE-2023-29935.json) (`2023-05-11T18:17:06.773`)
* [CVE-2023-29939](CVE-2023/CVE-2023-299xx/CVE-2023-29939.json) (`2023-05-11T18:19:39.167`)
* [CVE-2023-29941](CVE-2023/CVE-2023-299xx/CVE-2023-29941.json) (`2023-05-11T18:23:11.180`)
* [CVE-2023-29942](CVE-2023/CVE-2023-299xx/CVE-2023-29942.json) (`2023-05-11T18:23:44.497`)
* [CVE-2023-30053](CVE-2023/CVE-2023-300xx/CVE-2023-30053.json) (`2023-05-11T18:31:11.017`)
* [CVE-2023-30054](CVE-2023/CVE-2023-300xx/CVE-2023-30054.json) (`2023-05-11T18:38:32.380`)
* [CVE-2023-30434](CVE-2023/CVE-2023-304xx/CVE-2023-30434.json) (`2023-05-11T18:45:43.990`)
* [CVE-2023-31183](CVE-2023/CVE-2023-311xx/CVE-2023-31183.json) (`2023-05-11T19:09:15.927`)
## Download and Usage