admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-12-11T21:00:19.024234+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-12-11 21:00:22 +00:00
parent 76f9ecb965
commit f4d86cd294
51 changed files with 22760 additions and 185 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
CVE-2020/CVE-2020-191xx/CVE-2020-19185.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-19185",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:15:57.233",
"lastModified": "2023-10-20T21:07:46.990",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-11T19:15:07.700",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -93,6 +93,18 @@
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214036",
"source": "cve@mitre.org"
},
{
"url": "https://support.apple.com/kb/HT214037",
"source": "cve@mitre.org"
},
{
"url": "https://support.apple.com/kb/HT214038",
"source": "cve@mitre.org"
}
]
}

16
CVE-2020/CVE-2020-191xx/CVE-2020-19186.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-19186",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:15:58.247",
"lastModified": "2023-10-20T21:09:02.453",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-11T19:15:07.797",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -93,6 +93,18 @@
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214036",
"source": "cve@mitre.org"
},
{
"url": "https://support.apple.com/kb/HT214037",
"source": "cve@mitre.org"
},
{
"url": "https://support.apple.com/kb/HT214038",
"source": "cve@mitre.org"
}
]
}

20
CVE-2020/CVE-2020-191xx/CVE-2020-19187.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2020-19187",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:15:59.317",
"lastModified": "2023-10-20T21:09:22.640",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-11T19:15:07.857",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command."
},
{
"lang": "es",
"value": "La vulnerabilidad de desbordamiento de b\u00fafer en la funci\u00f3n fmt_entry en progs/dump_entry.c:1100 en ncurses v6.1 permite a atacantes remotos causar una denegaci\u00f3n de servicio a trav\u00e9s de un comando manipulado."
}
],
"metrics": {
@ -93,6 +97,18 @@
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214036",
"source": "cve@mitre.org"
},
{
"url": "https://support.apple.com/kb/HT214037",
"source": "cve@mitre.org"
},
{
"url": "https://support.apple.com/kb/HT214038",
"source": "cve@mitre.org"
}
]
}

20
CVE-2020/CVE-2020-191xx/CVE-2020-19188.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2020-19188",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:00.380",
"lastModified": "2023-10-20T21:11:19.547",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-11T19:15:07.927",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1116 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command."
},
{
"lang": "es",
"value": "La vulnerabilidad de desbordamiento de b\u00fafer en la funci\u00f3n fmt_entry en progs/dump_entry.c:1116 en ncurses v6.1 permite a atacantes remotos causar una denegaci\u00f3n de servicios a trav\u00e9s de un comando manipulado. "
}
],
"metrics": {
@ -93,6 +97,18 @@
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214036",
"source": "cve@mitre.org"
},
{
"url": "https://support.apple.com/kb/HT214037",
"source": "cve@mitre.org"
},
{
"url": "https://support.apple.com/kb/HT214038",
"source": "cve@mitre.org"
}
]
}

20
CVE-2020/CVE-2020-191xx/CVE-2020-19189.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2020-19189",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:01.020",
"lastModified": "2023-10-20T21:21:18.277",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-11T19:15:07.993",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_entry.c:997 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command."
},
{
"lang": "es",
"value": "Vulnerabilidad de Buffer Overflow en la funci\u00f3n \"postprocess_terminfo\" en tinfo/parse_entry.c:997 en ncurses v6.1 que permite a atacantes remotos causar una denegaci\u00f3n de servicios a trav\u00e9s de un comando manipulado. "
}
],
"metrics": {
@ -116,6 +120,18 @@
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214036",
"source": "cve@mitre.org"
},
{
"url": "https://support.apple.com/kb/HT214037",
"source": "cve@mitre.org"
},
{
"url": "https://support.apple.com/kb/HT214038",
"source": "cve@mitre.org"
}
]
}

20
CVE-2020/CVE-2020-191xx/CVE-2020-19190.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2020-19190",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:01.803",
"lastModified": "2023-10-20T21:11:51.893",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-11T19:15:08.060",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in _nc_find_entry in tinfo/comp_hash.c:70 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command."
},
{
"lang": "es",
"value": "La vulnerabilidad de desbordamiento de b\u00fafer en \"_nc_find_entry\" en \"tinfo/comp_hash.c\" en ncurses 6.1 permite a atacantes remotos causar una denegaci\u00f3n de servicio a trav\u00e9s de un comando manipulado. "
}
],
"metrics": {
@ -93,6 +97,18 @@
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214036",
"source": "cve@mitre.org"
},
{
"url": "https://support.apple.com/kb/HT214037",
"source": "cve@mitre.org"
},
{
"url": "https://support.apple.com/kb/HT214038",
"source": "cve@mitre.org"
}
]
}

127
CVE-2021/CVE-2021-277xx/CVE-2021-27795.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2021-27795",
"sourceIdentifier": "sirt@brocade.com",
"published": "2023-12-06T02:15:06.573",
"lastModified": "2023-12-06T13:50:08.353",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-11T19:44:39.613",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Brocade Fabric OS (FOS) hardware \nplatforms running any version of Brocade Fabric OS software, which \nsupports the license string format; contain cryptographic \nissues that could allow for the installation of forged or fraudulent \nlicense keys. This would allow attackers or a malicious party to forge a\n counterfeit license key that the Brocade Fabric OS platform would \nauthenticate and activate as if it were a legitimate license key. \n\n\n\n"
},
{
"lang": "es",
"value": "Plataformas de hardware Brocade Fabric OS (FOS) que ejecutan cualquier versi\u00f3n del software Brocade Fabric OS, que admita el formato de cadena de licencia; contienen problemas criptogr\u00e1ficos que podr\u00edan permitir la instalaci\u00f3n de claves de licencia falsificadas o fraudulentas. Esto permitir\u00eda a los atacantes o a una parte malintencionada falsificar una clave de licencia falsa que la plataforma Brocade Fabric OS autenticar\u00eda y activar\u00eda como si fuera una clave de licencia leg\u00edtima."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
},
{
"source": "sirt@brocade.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
},
{
"source": "sirt@brocade.com",
"type": "Secondary",
@ -46,10 +80,97 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:broadcom:fabric_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A924BA8-278D-42F8-9A38-AE1087384629"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:broadcom:brocade_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "514B80C9-FB9A-46FF-A58F-F90D695CD6EF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:broadcom:brocade_610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71B3C11A-72A1-40E7-8062-FDCE8B31BF45"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:broadcom:brocade_6505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFE32859-8F51-41C0-829F-E2C7C70D2B32"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:broadcom:brocade_6510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB73E604-D2BA-463E-8F89-B6FA2D762C49"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:broadcom:brocade_6520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD15038-420D-456C-9E46-1F68730D5294"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:broadcom:brocade_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3E8C687-7999-4FC9-B6F0-8235808B2113"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:broadcom:brocade_7810:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E297EC07-ACD9-44CB-A52E-E8D77F1AB3B8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:broadcom:brocade_7840:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A3BC204-ED15-4F07-A493-D688A02E2AF4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:broadcom:brocade_g620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3C167A2-3A1D-4A7C-8BB0-E923F774DAE2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:broadcom:brocade_g630:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBE84E8-4D66-4CE7-B6D9-F67F92014C5C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:broadcom:brocade_x6-4_director:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03D3425B-AADB-4507-9D9D-907BD49359B0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:broadcom:brocade_x6-8_director:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FF27302-C9A5-4C62-B97D-BFEDAE2F9F5E"
}
]
}
]
}
],
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/21289",
"source": "sirt@brocade.com"
"source": "sirt@brocade.com",
"tags": [
"Vendor Advisory"
]
}
]
}

8
CVE-2022/CVE-2022-419xx/CVE-2022-41955.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-41955",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-01-14T01:15:12.743",
"lastModified": "2023-01-24T01:19:06.017",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-11T19:15:08.163",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -102,6 +102,10 @@
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://securitylab.github.com/advisories/GHSL-2022-100_Autolab/",
"source": "security-advisories@github.com"
}
]
}

8
CVE-2022/CVE-2022-419xx/CVE-2022-41956.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-41956",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-01-14T01:15:13.230",
"lastModified": "2023-01-24T17:39:05.930",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-11T19:15:08.293",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -92,6 +92,10 @@
"Third Party Advisory"
]
},
{
"url": "https://securitylab.github.com/advisories/GHSL-2022-100_Autolab/",
"source": "security-advisories@github.com"
},
{
"url": "https://www.stackhawk.com/blog/rails-path-traversal-guide-examples-and-prevention/",
"source": "security-advisories@github.com",

91
CVE-2023/CVE-2023-245xx/CVE-2023-24547.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-24547",
"sourceIdentifier": "psirt@arista.com",
"published": "2023-12-06T00:15:07.030",
"lastModified": "2023-12-06T13:50:15.017",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-11T19:53:32.703",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "On affected platforms running Arista MOS, the configuration of a BGP password will cause the password to be logged in clear text that can be revealed in local logs or remote logging servers by authenticated users, as well as appear in clear text in the device\u2019s running config. \n"
},
{
"lang": "es",
"value": "En las plataformas afectadas que ejecutan Arista MOS, la configuraci\u00f3n de una contrase\u00f1a BGP har\u00e1 que la contrase\u00f1a se registre en texto plano que los usuarios autenticados pueden revelar en registros locales o servidores de registro remotos, adem\u00e1s de aparecer en texto plano en la configuraci\u00f3n en ejecuci\u00f3n del dispositivo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "psirt@arista.com",
"type": "Secondary",
@ -34,10 +58,71 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:arista:mos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.13.0",
"versionEndIncluding": "0.39.4",
"matchCriteriaId": "924F1DE2-DEEB-4CC8-97CA-8D9B5E53F4BF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D832798-DA45-4F9E-AA31-5D088253A28A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7130-16g3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFFA321D-F4A5-434C-BB39-D2B2687001D6"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7130-48g3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BE67B8-F326-48B7-AB82-04FE8C2E37E2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7130-96s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3264E086-4E90-41D0-8583-8FCF3CE4885D"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/18644-security-advisory-0090",
"source": "psirt@arista.com"
"source": "psirt@arista.com",
"tags": [
"Vendor Advisory"
]
}
]
}

6739
CVE-2023/CVE-2023-285xx/CVE-2023-28551.json
View File

File diff suppressed because it is too large Load Diff

73
CVE-2023/CVE-2023-288xx/CVE-2023-28875.json
View File

@ -2,23 +2,86 @@
"id": "CVE-2023-28875",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-06T01:15:07.190",
"lastModified": "2023-12-06T13:50:08.353",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-11T19:48:00.830",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A Stored XSS issue in shared files download terms in Filerun Update 20220202 allows attackers to inject JavaScript code that is executed when a user follows the crafted share link."
},
{
"lang": "es",
"value": "Un problema de XSS almacenado en los t\u00e9rminos de descarga de archivos compartidos en Filerun Update 20220202 permite a los atacantes inyectar c\u00f3digo JavaScript que se ejecuta cuando un usuario sigue el enlace compartido manipulado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:afian:filerun:2022.02.02:*:*:*:*:*:*:*",
"matchCriteriaId": "7701407B-8FEF-448A-A4FD-985AB34AA2D4"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://filerun.com/changelog",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://herolab.usd.de/security-advisories/usd-2022-0009/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-288xx/CVE-2023-28876.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-28876",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-06T01:15:07.250",
"lastModified": "2023-12-06T13:50:08.353",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-11T19:48:26.177",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A Broken Access Control issue in comments to uploaded files in Filerun through Update 20220202 allows attackers to delete comments on files uploaded by other users."
},
{
"lang": "es",
"value": "Un problema de control de acceso roto en los comentarios de los archivos cargados en Filerun hasta la Actualizaci\u00f3n 20220202 permite a los atacantes eliminar comentarios en los archivos cargados por otros usuarios."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:afian:filerun:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2022.02.02",
"matchCriteriaId": "BA7DBD2D-7B20-45F7-AB15-CF36D9DA3622"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://filerun.com/changelog",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://herolab.usd.de/security-advisories/usd-2022-0010/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-305xx/CVE-2023-30581.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-30581",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-11-23T00:15:07.980",
"lastModified": "2023-11-30T01:52:32.100",
"lastModified": "2023-12-11T20:49:02.543",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -61,8 +61,22 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndIncluding": "20.6.1",
"matchCriteriaId": "02DFC7B9-207F-456E-8E25-99C175D6BF91"
"versionEndExcluding": "16.20.1",
"matchCriteriaId": "C5D7BC2C-D9AF-4048-9D36-55BF7CB6632B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"versionStartIncluding": "18.0.0",
"versionEndExcluding": "18.16.1",
"matchCriteriaId": "5C30F3E9-6CB7-4616-824E-A97BB69FB7E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"versionStartIncluding": "20.0.0",
"versionEndExcluding": "20.3.1",
"matchCriteriaId": "220A3D52-0B69-438A-B042-F19694CC63F1"
}
]
}

8
CVE-2023/CVE-2023-323xx/CVE-2023-32317.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32317",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-26T23:15:16.950",
"lastModified": "2023-06-03T03:27:00.970",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-11T19:15:08.393",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -108,6 +108,10 @@
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://securitylab.github.com/advisories/GHSL-2023-081_GHSL-2023-082_Autolab/",
"source": "security-advisories@github.com"
}
]
}

8
CVE-2023/CVE-2023-326xx/CVE-2023-32676.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32676",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-26T23:15:18.647",
"lastModified": "2023-06-05T15:30:07.343",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-11T19:15:08.510",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -108,6 +108,10 @@
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://securitylab.github.com/advisories/GHSL-2023-081_GHSL-2023-082_Autolab/",
"source": "security-advisories@github.com"
}
]
}

9925
CVE-2023/CVE-2023-330xx/CVE-2023-33080.json
View File

File diff suppressed because it is too large Load Diff

4066
CVE-2023/CVE-2023-330xx/CVE-2023-33081.json
View File

File diff suppressed because it is too large Load Diff

12
CVE-2023/CVE-2023-387xx/CVE-2023-38710.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-38710",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-25T21:15:08.167",
"lastModified": "2023-08-31T00:38:31.680",
"lastModified": "2023-12-11T19:34:38.997",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -17,19 +17,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]

12
CVE-2023/CVE-2023-387xx/CVE-2023-38712.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-38712",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-25T21:15:08.293",
"lastModified": "2023-08-31T00:37:58.830",
"lastModified": "2023-12-11T19:57:46.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -17,19 +17,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]

59
CVE-2023/CVE-2023-425xx/CVE-2023-42581.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42581",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-12-05T03:15:19.293",
"lastModified": "2023-12-05T13:51:04.540",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-11T20:33:24.510",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -38,10 +58,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samsung:galaxy_store:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.64.4",
"matchCriteriaId": "0ACEF30C-D21F-488C-A1D5-55CEEE49C724"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-428xx/CVE-2023-42842.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42842",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-10-25T19:15:10.483",
"lastModified": "2023-11-02T18:08:01.803",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-11T19:15:08.613",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -93,6 +93,10 @@
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT214036",
"source": "product-security@apple.com"
}
]
}

67
CVE-2023/CVE-2023-433xx/CVE-2023-43305.json
View File

@ -2,19 +2,78 @@
"id": "CVE-2023-43305",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-08T02:15:06.433",
"lastModified": "2023-12-08T14:23:10.393",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-11T20:01:29.977",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in studio kent mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token."
},
{
"lang": "es",
"value": "Un problema en la miniaplicaci\u00f3n Studio Kent en Line v13.6.1 permite a los atacantes enviar notificaciones maliciosas manipuladas mediante la fuga del token de acceso al canal."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:linecorp:line:13.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22743D41-3381-4220-8D9F-60CC36E48F78"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-43305.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

10
CVE-2023/CVE-2023-458xx/CVE-2023-45866.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-45866",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-08T06:15:45.690",
"lastModified": "2023-12-11T03:15:07.933",
"lastModified": "2023-12-11T19:15:08.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue."
},
{
"lang": "es",
"value": "Bluetooth HID Hosts in BlueZ pueden permitir que un dispositivo HID con funci\u00f3n perif\u00e9rica no autenticada inicie y establezca una conexi\u00f3n cifrada y acepte informes de teclado HID, lo que potencialmente permite la inyecci\u00f3n de mensajes HID cuando no se ha producido ninguna interacci\u00f3n del usuario en la funci\u00f3n central para autorizar dicho acceso. Un ejemplo de paquete afectado es bluez 5.64-0ubuntu1 en Ubuntu 22.04LTS. NOTA: en algunos casos, una mitigaci\u00f3n CVE-2020-0556 ya habr\u00eda solucionado este problema de hosts HID Bluetooth."
}
],
"metrics": {},
@ -35,6 +39,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2N2P5LMP3V7IJONALV2KOFL4NUU23CJ/",
"source": "cve@mitre.org"
},
{
"url": "https://support.apple.com/kb/HT214036",
"source": "cve@mitre.org"
}
]
}

68
CVE-2023/CVE-2023-466xx/CVE-2023-46693.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-46693",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-07T22:15:08.250",
"lastModified": "2023-12-08T14:23:14.473",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-11T19:14:27.790",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in FormaLMS before 4.0.5 allows attackers to run arbitrary code via title parameters."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross Site Scripting (XSS) en FormaLMS anterior a 4.0.5 permite a los atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de par\u00e1metros de t\u00edtulo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:formalms:formalms:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.5",
"matchCriteriaId": "41EA11FC-5723-47F6-AFBA-30D325FAE70D"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://www.formalms.org/download/342-forma-lms-4-0-5.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-467xx/CVE-2023-46746.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46746",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-01T22:15:10.167",
"lastModified": "2023-12-06T20:31:27.170",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-11T19:15:08.763",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -102,6 +102,10 @@
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://securitylab.github.com/advisories/GHSL-2023-185_posthog_posthog/",
"source": "security-advisories@github.com"
}
]
}

75
CVE-2023/CVE-2023-481xx/CVE-2023-48122.json
View File

@ -2,23 +2,88 @@
"id": "CVE-2023-48122",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-08T04:15:06.850",
"lastModified": "2023-12-08T14:23:10.393",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-11T19:08:29.210",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in microweber v.2.0.1 and fixed in v.2.0.4 allows a remote attacker to obtain sensitive information via the HTTP GET method."
},
{
"lang": "es",
"value": "Un problema en Microweber v.2.0.1 y solucionado en v.2.0.4 permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s del m\u00e9todo HTTP GET."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.1",
"versionEndExcluding": "2.0.4",
"matchCriteriaId": "605ACA3B-5D05-43F3-B3BC-20E3DC5471CC"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/grozdniyandy/1847ad48126d6bba39bdeb49114bc300",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/microweber/microweber/issues/1042",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

67
CVE-2023/CVE-2023-487xx/CVE-2023-48715.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-48715",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-11T19:15:08.860",
"lastModified": "2023-12-11T19:15:08.860",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Tuleap is an open source suite to improve management of software developments and collaboration. Prior to version 15.2.99.103 or Tuleap Community Edition and prior to versions 15.2-4 and 15.1-8 of Tuleap Enterprise Edition, the name of the releases are not properly escaped on the edition page of a release. A malicious user with the ability to create a FRS release could force a victim having write permissions in the FRS to execute uncontrolled code. Tuleap Community Edition 15.2.99.103, Tuleap Enterprise Edition 15.2-4, and Tuleap Enterprise Edition 15.1-8 contain a fix for this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/Enalean/tuleap/commit/ea71ec7ee062aae8d1fa7a7325aaa759205c17d8",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/Enalean/tuleap/security/advisories/GHSA-3m7g-7787-wc68",
"source": "security-advisories@github.com"
},
{
"url": "https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=ea71ec7ee062aae8d1fa7a7325aaa759205c17d8",
"source": "security-advisories@github.com"
},
{
"url": "https://tuleap.net/plugins/tracker/?aid=35143",
"source": "security-advisories@github.com"
}
]
}

78
CVE-2023/CVE-2023-489xx/CVE-2023-48930.json
View File

@ -2,27 +2,93 @@
"id": "CVE-2023-48930",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-06T01:15:07.507",
"lastModified": "2023-12-06T13:50:08.353",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-11T19:46:32.477",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "xinhu xinhuoa 2.2.1 contains a File upload vulnerability."
},
{
"lang": "es",
"value": "xinhu xinhuoa 2.2.1 contiene una vulnerabilidad de carga de archivos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockoa:xinhu:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0338256-2FAC-4290-90AA-A6373E07F8BF"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/Maverickfir/b8113bdb51ec66e454ffa5b50674c446",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/Maverickfir/Vulnerability-recurrence/blob/main/xinhuOA.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/Maverickfir/xinhuOA2.2.1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

77
CVE-2023/CVE-2023-489xx/CVE-2023-48940.json
View File

@ -2,27 +2,92 @@
"id": "CVE-2023-48940",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-06T02:15:06.810",
"lastModified": "2023-12-06T13:50:08.353",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-11T19:43:51.563",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability in /admin.php of DaiCuo v2.5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) Almacenadas en /admin.php de DaiCuo v2.5.15 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:daicuo:daicuo:2.5.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0500B3BB-DB6C-4D83-BF0C-4D424E2AA485"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://daicuo.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://gist.github.com/durian5201314/957af852a42dad9c07ceb3fb2f8359b2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.daicuo.net/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

12
CVE-2023/CVE-2023-490xx/CVE-2023-49093.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49093",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-04T05:15:07.430",
"lastModified": "2023-12-07T17:56:37.467",
"lastModified": "2023-12-11T19:33:53.580",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -21,19 +21,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{

68
CVE-2023/CVE-2023-494xx/CVE-2023-49443.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-49443",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-08T15:15:07.740",
"lastModified": "2023-12-08T16:37:50.297",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-11T19:12:46.117",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "DoraCMS v2.1.8 was discovered to re-use the same code for verification of valid usernames and passwords. This vulnerability allows attackers to gain access to the application via a bruteforce attack."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que DoraCMS v2.1.8 reutiliza el mismo c\u00f3digo para verificar nombres de usuario y contrase\u00f1as v\u00e1lidos. Esta vulnerabilidad permite a los atacantes obtener acceso a la aplicaci\u00f3n mediante un ataque de fuerza bruta."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-307"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:html-js:doracms:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FFA2258-7C76-482B-8076-AAD87B371A21"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/woshinibaba222/DoraCMS-Verification-Code-Reuse",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-494xx/CVE-2023-49444.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-49444",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-08T15:15:07.790",
"lastModified": "2023-12-08T16:37:45.763",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-11T19:11:35.700",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file upload vulnerability in DoraCMS v2.1.8 allow attackers to execute arbitrary code via uploading a crafted HTML or image file to the user avatar."
},
{
"lang": "es",
"value": "Una vulnerabilidad de carga de archivos arbitrarios en DoraCMS v2.1.8 permite a los atacantes ejecutar c\u00f3digo arbitrario cargando un archivo HTML o de imagen manipulado en el avatar del usuario."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:html-js:doracms:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FFA2258-7C76-482B-8076-AAD87B371A21"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/woshinibaba222/DoraCMS-File-Upload-Vulnerability",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-494xx/CVE-2023-49484.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-49484",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-08T15:15:07.840",
"lastModified": "2023-12-08T16:37:45.763",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-11T19:11:05.637",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Dreamer CMS v4.1.3 was discovered to contain a cross-site scripting (XSS) vulnerability in the article management department."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que Dreamer CMS v4.1.3 contiene una vulnerabilidad de Cross-Site Scripting (XSS) en el departamento de administraci\u00f3n de art\u00edculos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:iteachyou:dreamer_cms:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "113EEBC1-2B91-4AE0-995F-E24A4AD607BC"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/jiaofj/cms/blob/main/There%20is%20a%20storage%20based%20XSS%20in%20the%20article%20management%20department.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-497xx/CVE-2023-49795.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-49795",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-11T19:15:09.070",
"lastModified": "2023-12-11T19:15:09.070",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "MindsDB connects artificial intelligence models to real time data. Versions prior to 23.11.4.1 contain a server-side request forgery vulnerability in `file.py`. This can lead to limited information disclosure. Users should use MindsDB's `staging` branch or v23.11.4.1, which contain a fix for the issue.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://github.com/mindsdb/mindsdb/commit/8d13c9c28ebcf3b36509eb679378004d4648d8fe",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/mindsdb/mindsdb/security/advisories/GHSA-34mr-6q8x-g9r6",
"source": "security-advisories@github.com"
}
]
}

14
CVE-2023/CVE-2023-53xx/CVE-2023-5344.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5344",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-10-02T20:15:10.327",
"lastModified": "2023-11-03T22:15:11.870",
"lastModified": "2023-12-11T19:15:09.273",
"vulnStatus": "Modified",
"descriptions": [
{
@ -154,6 +154,18 @@
"tags": [
"Mailing List"
]
},
{
"url": "https://support.apple.com/kb/HT214036",
"source": "security@huntr.dev"
},
{
"url": "https://support.apple.com/kb/HT214037",
"source": "security@huntr.dev"
},
{
"url": "https://support.apple.com/kb/HT214038",
"source": "security@huntr.dev"
}
]
}

20
CVE-2023/CVE-2023-57xx/CVE-2023-5749.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-5749",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-12-11T20:15:07.093",
"lastModified": "2023-12-11T20:15:07.093",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The EmbedPress WordPress plugin before 3.9.2 does not sanitise and escape user input before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/3931daac-3899-4169-8625-4c95fd2adafc",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2023/CVE-2023-57xx/CVE-2023-5750.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-5750",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-12-11T20:15:07.160",
"lastModified": "2023-12-11T20:15:07.160",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The EmbedPress WordPress plugin before 3.9.2 does not sanitise and escape a parameter before outputting it back in the page containing a specific content, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/cf323f72-8374-40fe-9e2e-810e46de1ec8",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2023/CVE-2023-57xx/CVE-2023-5757.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-5757",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-12-11T20:15:07.213",
"lastModified": "2023-12-11T20:15:07.213",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The WP Crowdfunding WordPress plugin before 2.1.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/2adc5995-03a9-4860-b00b-7f8d7fe18058",
"source": "contact@wpscan.com"
}
]
}

15
CVE-2023/CVE-2023-58xx/CVE-2023-5871.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5871",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-27T12:15:07.940",
"lastModified": "2023-12-01T19:02:22.877",
"lastModified": "2023-12-11T19:33:57.477",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -21,7 +21,7 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -29,12 +29,12 @@
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
"impactScore": 1.4
},
{
"source": "secalert@redhat.com",
@ -121,7 +121,8 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247308",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
"Issue Tracking",
"Vendor Advisory"
]
},
{

20
CVE-2023/CVE-2023-59xx/CVE-2023-5907.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-5907",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-12-11T20:15:07.263",
"lastModified": "2023-12-11T20:15:07.263",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The File Manager WordPress plugin before 6.3 does not restrict the file managers root directory, allowing an administrator to set a root outside of the WordPress root directory, giving access to system files and directories even in a multisite setup, where site administrators should not be allowed to modify the sites files."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/f250226f-4a05-4d75-93c4-5444a4ce919e",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2023/CVE-2023-59xx/CVE-2023-5940.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-5940",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-12-11T20:15:07.313",
"lastModified": "2023-12-11T20:15:07.313",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The WP Not Login Hide (WPNLH) WordPress plugin through 1.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/d594c00d-2905-449b-80cd-95965a96cd4b",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2023/CVE-2023-59xx/CVE-2023-5955.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-5955",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-12-11T20:15:07.367",
"lastModified": "2023-12-11T20:15:07.367",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Contact Form Email WordPress plugin before 1.3.44 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/1b5fce7e-14fc-4548-8747-96fdd58fdd98",
"source": "contact@wpscan.com"
}
]
}

20
CVE-2023/CVE-2023-60xx/CVE-2023-6035.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-6035",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-12-11T20:15:07.420",
"lastModified": "2023-12-11T20:15:07.420",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The EazyDocs WordPress plugin before 2.3.4 does not properly sanitize and escape \"data\" parameter before using it in an SQL statement via an AJAX action, which could allow any authenticated users, such as subscribers, to perform SQL Injection attacks."
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/44f5a29a-05f9-40d2-80f2-6fb2bda60d79",
"source": "contact@wpscan.com"
}
]
}

99
CVE-2023/CVE-2023-63xx/CVE-2023-6357.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-6357",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-12-05T15:15:08.983",
"lastModified": "2023-12-05T15:27:51.100",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-11T20:49:14.117",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the device."
},
{
"lang": "es",
"value": "Un atacante remoto con pocos privilegios podr\u00eda aprovechar la vulnerabilidad e inyectar comandos adicionales del sistema a trav\u00e9s de librer\u00edas del sistema de archivos que podr\u00edan darle al atacante el control total del dispositivo."
}
],
"metrics": {
@ -46,10 +50,99 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.0.0",
"matchCriteriaId": "DEFEF3B4-03F2-4E09-A8F2-02A0604CB8BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_empc-a\\/imx6:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.0.0",
"matchCriteriaId": "B2DB55B1-CAFE-435B-8776-DB4D33ED9C98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.0.0",
"matchCriteriaId": "7D492DB3-94BA-4F14-8119-1610AB4F95EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_linux_arm_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.0.0",
"matchCriteriaId": "97D00DF9-EBF1-4DEC-8A49-694871643B9F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.0.0",
"matchCriteriaId": "D6F207B6-5906-4B39-A5B4-A07F6D5A9BB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.0.0",
"matchCriteriaId": "7791D9E4-CEC3-4658-8E2C-8F08882CE4F4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.0.0",
"matchCriteriaId": "9CADE021-8D58-4BC5-BA60-A16FE24FBA73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.0.0",
"matchCriteriaId": "B3948946-E7B8-4D7E-8D1D-80B9E0DB47AF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.0.0",
"matchCriteriaId": "7C9DF443-E965-4480-B76E-4A25CF2E714F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.11.0.0",
"matchCriteriaId": "F5FCD76E-A3F5-4E02-AD3F-B2BDE708A651"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codesys:runtime_toolkit:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.19.50",
"matchCriteriaId": "162DB2B8-3426-43F7-848A-BE542C24619C"
}
]
}
]
}
],
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-066",
"source": "nvd@nist.gov",
"tags": [
"Mitigation",
"Third Party Advisory"
]
},
{
"url": "https://https://cert.vde.com/en/advisories/VDE-2023-066",
"source": "info@cert.vde.com"
"source": "info@cert.vde.com",
"tags": [
"Broken Link"
]
}
]
}

117
CVE-2023/CVE-2023-65xx/CVE-2023-6508.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6508",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-12-06T02:15:07.297",
"lastModified": "2023-12-09T22:15:07.283",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-11T19:25:11.093",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,27 +14,128 @@
"value": "Use after free en Media Stream en Google Chrome anterior a 120.0.6099.62 permit\u00eda a un atacante remoto explotar potencialmente la corrupci\u00f3n del heap a trav\u00e9s de una p\u00e1gina HTML manipulada. (Severidad de seguridad de Chrome: alta)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "119.0.6045.105",
"matchCriteriaId": "EB02C074-0B9E-4658-BC8D-5F6198D2E3EB"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://crbug.com/1497984",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMHY76AWPA46MAFXPWDGJX6FEGXZVR5Z/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RI3UHCTFH6KWAJGDZ2TOLT6VHKW53WCC/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5573",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

117
CVE-2023/CVE-2023-65xx/CVE-2023-6509.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6509",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-12-06T02:15:07.343",
"lastModified": "2023-12-09T22:15:07.343",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-11T19:24:12.643",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,27 +14,128 @@
"value": "Use after free en Side Panel Search en Google Chrome anterior a 120.0.6099.62 permit\u00eda a un atacante remoto convencer a un usuario de participar en una interacci\u00f3n de interfaz de usuario espec\u00edfica para explotar potencialmente la corrupci\u00f3n del heap a trav\u00e9s de una interacci\u00f3n de interfaz de usuario espec\u00edfica. (Severidad de seguridad de Chrome: alta)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "119.0.6045.105",
"matchCriteriaId": "EB02C074-0B9E-4658-BC8D-5F6198D2E3EB"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://crbug.com/1494565",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMHY76AWPA46MAFXPWDGJX6FEGXZVR5Z/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RI3UHCTFH6KWAJGDZ2TOLT6VHKW53WCC/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5573",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

117
CVE-2023/CVE-2023-65xx/CVE-2023-6510.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6510",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-12-06T02:15:07.390",
"lastModified": "2023-12-09T22:15:07.400",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-11T19:16:22.197",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,27 +14,128 @@
"value": "Use after free en Media Capture en Google Chrome anterior a 120.0.6099.62 permit\u00eda a un atacante remoto convencer a un usuario de participar en una interacci\u00f3n de interfaz de usuario espec\u00edfica para explotar potencialmente la corrupci\u00f3n del heap a trav\u00e9s de una interacci\u00f3n de interfaz de usuario espec\u00edfica. (Severidad de seguridad de Chromium: media)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "119.0.6045.105",
"matchCriteriaId": "EB02C074-0B9E-4658-BC8D-5F6198D2E3EB"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://crbug.com/1480152",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMHY76AWPA46MAFXPWDGJX6FEGXZVR5Z/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RI3UHCTFH6KWAJGDZ2TOLT6VHKW53WCC/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5573",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

117
CVE-2023/CVE-2023-65xx/CVE-2023-6511.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6511",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-12-06T02:15:07.480",
"lastModified": "2023-12-09T22:15:07.453",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-11T19:02:25.903",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,27 +14,128 @@
"value": "La implementaci\u00f3n inapropiada de Autofill en Google Chrome anterior a 120.0.6099.62 permiti\u00f3 a un atacante remoto eludir las restricciones de Autocompletar a trav\u00e9s de una p\u00e1gina HTML manipulada. (Severidad de seguridad de Chrome: baja)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "119.0.6045.105",
"matchCriteriaId": "EB02C074-0B9E-4658-BC8D-5F6198D2E3EB"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://crbug.com/1478613",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMHY76AWPA46MAFXPWDGJX6FEGXZVR5Z/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RI3UHCTFH6KWAJGDZ2TOLT6VHKW53WCC/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5573",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-66xx/CVE-2023-6679.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-6679",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-12-11T19:15:09.440",
"lastModified": "2023-12-11T19:15:09.440",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference vulnerability was found in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c in the Digital Phase Locked Loop (DPLL) subsystem in the Linux kernel. This issue could be exploited to trigger a denial of service."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6679",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253986",
"source": "secalert@redhat.com"
},
{
"url": "https://lore.kernel.org/netdev/20231211083758.1082853-1-jiri@resnulli.us/",
"source": "secalert@redhat.com"
}
]
}

71
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-12-11T19:00:18.815163+00:00
2023-12-11T21:00:19.024234+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-12-11T18:54:15.047000+00:00
2023-12-11T20:49:14.117000+00:00
```
### Last Data Feed Release
@ -29,45 +29,54 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
232711
232721
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `10`
* [CVE-2023-6538](CVE-2023/CVE-2023-65xx/CVE-2023-6538.json) (`2023-12-11T18:15:30.250`)
* [CVE-2023-48715](CVE-2023/CVE-2023-487xx/CVE-2023-48715.json) (`2023-12-11T19:15:08.860`)
* [CVE-2023-49795](CVE-2023/CVE-2023-497xx/CVE-2023-49795.json) (`2023-12-11T19:15:09.070`)
* [CVE-2023-6679](CVE-2023/CVE-2023-66xx/CVE-2023-6679.json) (`2023-12-11T19:15:09.440`)
* [CVE-2023-5749](CVE-2023/CVE-2023-57xx/CVE-2023-5749.json) (`2023-12-11T20:15:07.093`)
* [CVE-2023-5750](CVE-2023/CVE-2023-57xx/CVE-2023-5750.json) (`2023-12-11T20:15:07.160`)
* [CVE-2023-5757](CVE-2023/CVE-2023-57xx/CVE-2023-5757.json) (`2023-12-11T20:15:07.213`)
* [CVE-2023-5907](CVE-2023/CVE-2023-59xx/CVE-2023-5907.json) (`2023-12-11T20:15:07.263`)
* [CVE-2023-5940](CVE-2023/CVE-2023-59xx/CVE-2023-5940.json) (`2023-12-11T20:15:07.313`)
* [CVE-2023-5955](CVE-2023/CVE-2023-59xx/CVE-2023-5955.json) (`2023-12-11T20:15:07.367`)
* [CVE-2023-6035](CVE-2023/CVE-2023-60xx/CVE-2023-6035.json) (`2023-12-11T20:15:07.420`)
### CVEs modified in the last Commit
Recently modified CVEs: `50`
Recently modified CVEs: `40`
* [CVE-2023-33024](CVE-2023/CVE-2023-330xx/CVE-2023-33024.json) (`2023-12-11T17:51:28.897`)
* [CVE-2023-5713](CVE-2023/CVE-2023-57xx/CVE-2023-5713.json) (`2023-12-11T17:51:32.003`)
* [CVE-2023-5712](CVE-2023/CVE-2023-57xx/CVE-2023-5712.json) (`2023-12-11T17:51:49.363`)
* [CVE-2023-5711](CVE-2023/CVE-2023-57xx/CVE-2023-5711.json) (`2023-12-11T17:52:02.330`)
* [CVE-2023-5710](CVE-2023/CVE-2023-57xx/CVE-2023-5710.json) (`2023-12-11T17:52:15.347`)
* [CVE-2023-33041](CVE-2023/CVE-2023-330xx/CVE-2023-33041.json) (`2023-12-11T17:52:30.027`)
* [CVE-2023-33042](CVE-2023/CVE-2023-330xx/CVE-2023-33042.json) (`2023-12-11T17:53:27.723`)
* [CVE-2023-33043](CVE-2023/CVE-2023-330xx/CVE-2023-33043.json) (`2023-12-11T17:54:32.727`)
* [CVE-2023-48861](CVE-2023/CVE-2023-488xx/CVE-2023-48861.json) (`2023-12-11T17:54:53.557`)
* [CVE-2023-33044](CVE-2023/CVE-2023-330xx/CVE-2023-33044.json) (`2023-12-11T18:03:59.473`)
* [CVE-2023-33053](CVE-2023/CVE-2023-330xx/CVE-2023-33053.json) (`2023-12-11T18:06:27.913`)
* [CVE-2023-33054](CVE-2023/CVE-2023-330xx/CVE-2023-33054.json) (`2023-12-11T18:13:32.720`)
* [CVE-2023-5808](CVE-2023/CVE-2023-58xx/CVE-2023-5808.json) (`2023-12-11T18:15:30.130`)
* [CVE-2023-33063](CVE-2023/CVE-2023-330xx/CVE-2023-33063.json) (`2023-12-11T18:20:10.893`)
* [CVE-2023-42794](CVE-2023/CVE-2023-427xx/CVE-2023-42794.json) (`2023-12-11T18:23:56.740`)
* [CVE-2023-22523](CVE-2023/CVE-2023-225xx/CVE-2023-22523.json) (`2023-12-11T18:29:13.970`)
* [CVE-2023-40360](CVE-2023/CVE-2023-403xx/CVE-2023-40360.json) (`2023-12-11T18:34:42.457`)
* [CVE-2023-4135](CVE-2023/CVE-2023-41xx/CVE-2023-4135.json) (`2023-12-11T18:35:03.667`)
* [CVE-2023-22522](CVE-2023/CVE-2023-225xx/CVE-2023-22522.json) (`2023-12-11T18:37:00.900`)
* [CVE-2023-41268](CVE-2023/CVE-2023-412xx/CVE-2023-41268.json) (`2023-12-11T18:39:45.353`)
* [CVE-2023-40053](CVE-2023/CVE-2023-400xx/CVE-2023-40053.json) (`2023-12-11T18:42:29.597`)
* [CVE-2023-33070](CVE-2023/CVE-2023-330xx/CVE-2023-33070.json) (`2023-12-11T18:43:52.907`)
* [CVE-2023-33071](CVE-2023/CVE-2023-330xx/CVE-2023-33071.json) (`2023-12-11T18:45:23.717`)
* [CVE-2023-6512](CVE-2023/CVE-2023-65xx/CVE-2023-6512.json) (`2023-12-11T18:53:29.410`)
* [CVE-2023-33079](CVE-2023/CVE-2023-330xx/CVE-2023-33079.json) (`2023-12-11T18:54:15.047`)
* [CVE-2023-32317](CVE-2023/CVE-2023-323xx/CVE-2023-32317.json) (`2023-12-11T19:15:08.393`)
* [CVE-2023-32676](CVE-2023/CVE-2023-326xx/CVE-2023-32676.json) (`2023-12-11T19:15:08.510`)
* [CVE-2023-42842](CVE-2023/CVE-2023-428xx/CVE-2023-42842.json) (`2023-12-11T19:15:08.613`)
* [CVE-2023-45866](CVE-2023/CVE-2023-458xx/CVE-2023-45866.json) (`2023-12-11T19:15:08.703`)
* [CVE-2023-46746](CVE-2023/CVE-2023-467xx/CVE-2023-46746.json) (`2023-12-11T19:15:08.763`)
* [CVE-2023-5344](CVE-2023/CVE-2023-53xx/CVE-2023-5344.json) (`2023-12-11T19:15:09.273`)
* [CVE-2023-6510](CVE-2023/CVE-2023-65xx/CVE-2023-6510.json) (`2023-12-11T19:16:22.197`)
* [CVE-2023-6509](CVE-2023/CVE-2023-65xx/CVE-2023-6509.json) (`2023-12-11T19:24:12.643`)
* [CVE-2023-6508](CVE-2023/CVE-2023-65xx/CVE-2023-6508.json) (`2023-12-11T19:25:11.093`)
* [CVE-2023-49093](CVE-2023/CVE-2023-490xx/CVE-2023-49093.json) (`2023-12-11T19:33:53.580`)
* [CVE-2023-5871](CVE-2023/CVE-2023-58xx/CVE-2023-5871.json) (`2023-12-11T19:33:57.477`)
* [CVE-2023-38710](CVE-2023/CVE-2023-387xx/CVE-2023-38710.json) (`2023-12-11T19:34:38.997`)
* [CVE-2023-48940](CVE-2023/CVE-2023-489xx/CVE-2023-48940.json) (`2023-12-11T19:43:51.563`)
* [CVE-2023-48930](CVE-2023/CVE-2023-489xx/CVE-2023-48930.json) (`2023-12-11T19:46:32.477`)
* [CVE-2023-33081](CVE-2023/CVE-2023-330xx/CVE-2023-33081.json) (`2023-12-11T19:46:53.910`)
* [CVE-2023-33080](CVE-2023/CVE-2023-330xx/CVE-2023-33080.json) (`2023-12-11T19:47:36.047`)
* [CVE-2023-28875](CVE-2023/CVE-2023-288xx/CVE-2023-28875.json) (`2023-12-11T19:48:00.830`)
* [CVE-2023-28876](CVE-2023/CVE-2023-288xx/CVE-2023-28876.json) (`2023-12-11T19:48:26.177`)
* [CVE-2023-24547](CVE-2023/CVE-2023-245xx/CVE-2023-24547.json) (`2023-12-11T19:53:32.703`)
* [CVE-2023-38712](CVE-2023/CVE-2023-387xx/CVE-2023-38712.json) (`2023-12-11T19:57:46.587`)
* [CVE-2023-43305](CVE-2023/CVE-2023-433xx/CVE-2023-43305.json) (`2023-12-11T20:01:29.977`)
* [CVE-2023-28551](CVE-2023/CVE-2023-285xx/CVE-2023-28551.json) (`2023-12-11T20:15:54.523`)
* [CVE-2023-42581](CVE-2023/CVE-2023-425xx/CVE-2023-42581.json) (`2023-12-11T20:33:24.510`)
* [CVE-2023-30581](CVE-2023/CVE-2023-305xx/CVE-2023-30581.json) (`2023-12-11T20:49:02.543`)
* [CVE-2023-6357](CVE-2023/CVE-2023-63xx/CVE-2023-6357.json) (`2023-12-11T20:49:14.117`)
## Download and Usage