admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-13T02:00:50.875669+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-13 02:00:54 +00:00
parent 4f72caebac
commit f52c365025
58 changed files with 2197 additions and 115 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
CVE-2021/CVE-2021-09xx/CVE-2021-0948.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2021-0948",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.133",
"lastModified": "2023-07-13T00:15:23.133",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The PVRSRVBridgeGetMultiCoreInfo ioctl in the PowerVR kernel driver can return uninitialized kernel memory to user space. The contents of this memory could contain sensitive information.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

71
CVE-2022/CVE-2022-485xx/CVE-2022-48510.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2022-48510",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-07-06T13:15:10.187",
"lastModified": "2023-07-06T14:27:22.657",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-13T01:28:03.890",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Input verification vulnerability in the AMS module. Successful exploitation of this vulnerability will cause unauthorized operations."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -23,14 +56,42 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/7/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

71
CVE-2022/CVE-2022-485xx/CVE-2022-48511.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2022-48511",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-07-06T13:15:10.233",
"lastModified": "2023-07-06T14:27:22.657",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-13T01:26:08.630",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Use After Free (UAF) vulnerability in the audio PCM driver module under special conditions. Successful exploitation of this vulnerability may cause audio features to perform abnormally."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -23,14 +56,42 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/7/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

71
CVE-2022/CVE-2022-485xx/CVE-2022-48512.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2022-48512",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-07-06T13:15:10.280",
"lastModified": "2023-07-06T14:27:22.657",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-13T01:07:21.960",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Use After Free (UAF) vulnerability in the Vdecoderservice service. Successful exploitation of this vulnerability may cause the image decoding feature to perform abnormally."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -23,14 +56,42 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/7/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

101
CVE-2022/CVE-2022-485xx/CVE-2022-48513.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2022-48513",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-07-06T13:15:10.330",
"lastModified": "2023-07-06T14:27:22.657",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-13T00:58:46.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability of identity verification being bypassed in the Gallery module. Successful exploitation of this vulnerability may cause out-of-bounds access."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-290"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -23,14 +56,72 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF07E7F-3A18-4B74-B73D-DF3647C2A48F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64118936-E2A5-4935-8594-29DF29B5475A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/7/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2022/CVE-2022-485xx/CVE-2022-48514.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2022-48514",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-07-06T13:15:10.377",
"lastModified": "2023-07-06T14:27:22.657",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-13T01:02:11.377",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Sepolicy module has inappropriate permission control on the use of Netlink.Successful exploitation of this vulnerability may affect confidentiality."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -23,10 +56,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C01447F1-7F58-4AE3-B403-C01B2575D898"
}
]
}
]
}
],
"references": [
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

91
CVE-2022/CVE-2022-485xx/CVE-2022-48515.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2022-48515",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-07-06T13:15:10.427",
"lastModified": "2023-07-06T14:27:22.657",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-13T01:05:49.397",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability of inappropriate permission control in Nearby. Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -23,14 +56,62 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF07E7F-3A18-4B74-B73D-DF3647C2A48F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64118936-E2A5-4935-8594-29DF29B5475A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C01447F1-7F58-4AE3-B403-C01B2575D898"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/7/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

22
CVE-2023/CVE-2023-209xx/CVE-2023-20910.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-20910",
"sourceIdentifier": "security@android.com",
"published": "2023-03-24T20:15:09.113",
"lastModified": "2023-03-29T14:59:51.350",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-13T00:15:23.223",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "In addNetworkSuggestions of WifiManager.java, there is a possible way to trigger permanent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-245299920"
"value": "In add of WifiNetworkSuggestionsManager.java, there is a possible way to trigger permanent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {
@ -80,12 +80,16 @@
],
"references": [
{
"url": "https://source.android.com/security/bulletin/2023-03-01",
"source": "security@android.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/8827591ae680c4d0bd0e373d4ca20cb35f53faa6",
"source": "security@android.com"
},
{
"url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/d7df9d633c2726fa2bee8739c9ba274f300e1ea9",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

32
CVE-2023/CVE-2023-209xx/CVE-2023-20918.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-20918",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.317",
"lastModified": "2023-07-13T00:15:23.317",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In getPendingIntentLaunchFlags of ActivityOptions.java, there is a possible elevation of privilege due to a confused deputy with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/16c604aa7c253ce5cf075368a258c0b21386160d",
"source": "security@android.com"
},
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/51051de4eb40bb502db448084a83fd6cbfb7d3cf",
"source": "security@android.com"
},
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/8418e3a017428683d173c0c82b0eb02d5b923a4e",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

32
CVE-2023/CVE-2023-209xx/CVE-2023-20942.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-20942",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.363",
"lastModified": "2023-07-13T00:15:23.363",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In openMmapStream of AudioFlinger.cpp, there is a possible way to record audio without displaying the microphone privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/av/+/770b45c3c1619cf4008b89e7a0f4392bf2224bbc",
"source": "security@android.com"
},
{
"url": "https://android.googlesource.com/platform/frameworks/av/+/b072419650958c41c87d2baa572dc2fe6da9ea6b",
"source": "security@android.com"
},
{
"url": "https://android.googlesource.com/platform/frameworks/av/+/bae3b00a5873d1562679a1289fd8490178cfe064",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

24
CVE-2023/CVE-2023-211xx/CVE-2023-21145.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-21145",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.413",
"lastModified": "2023-07-13T00:15:23.413",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In updatePictureInPictureMode of ActivityRecord.java, there is a possible bypass of background launch restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/44aeef1b82ecf21187d4903c9e3666a118bdeaf3",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

24
CVE-2023/CVE-2023-212xx/CVE-2023-21238.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-21238",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.457",
"lastModified": "2023-07-13T00:15:23.457",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In visitUris of RemoteViews.java, there is a possible leak of images between users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/91bfcbbd87886049778142618a655352b16cd911",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

24
CVE-2023/CVE-2023-212xx/CVE-2023-21239.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-21239",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.503",
"lastModified": "2023-07-13T00:15:23.503",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In visitUris of Notification.java, there is a possible way to leak image data across user boundaries due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/c451aa5710e1da19139eb3716e39a5d6f04de5c2",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

24
CVE-2023/CVE-2023-212xx/CVE-2023-21240.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-21240",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.547",
"lastModified": "2023-07-13T00:15:23.547",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In Policy of Policy.java, there is a possible boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/69119d1d3102e27b6473c785125696881bce9563",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

24
CVE-2023/CVE-2023-212xx/CVE-2023-21241.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-21241",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.590",
"lastModified": "2023-07-13T00:15:23.590",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In rw_i93_send_to_upper of rw_i93.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/system/nfc/+/907d17eeefec6f672ea824e126406e6d8f6b56d8",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

24
CVE-2023/CVE-2023-212xx/CVE-2023-21243.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-21243",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.637",
"lastModified": "2023-07-13T00:15:23.637",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In validateForCommonR1andR2 of PasspointConfiguration.java, there is a possible way to inflate the size of a config file with no limits due to a buffer overflow. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/5b49b8711efaadadf5052ba85288860c2d7ca7a6",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

24
CVE-2023/CVE-2023-212xx/CVE-2023-21245.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-21245",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.683",
"lastModified": "2023-07-13T00:15:23.683",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In showNextSecurityScreenOrFinish of KeyguardSecurityContainerController.java, there is a possible way to access the lock screen during device setup due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/a33159e8cb297b9eee6fa5c63c0e343d05fad622",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

24
CVE-2023/CVE-2023-212xx/CVE-2023-21246.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-21246",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.727",
"lastModified": "2023-07-13T00:15:23.727",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In ShortcutInfo of ShortcutInfo.java, there is a possible way for an app to retain notification listening access due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/fc1b9998ca8a9fceba47d67fd9ea9b45705b53e0",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

24
CVE-2023/CVE-2023-212xx/CVE-2023-21247.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-21247",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.777",
"lastModified": "2023-07-13T00:15:23.777",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In getAvailabilityStatus of BluetoothScanningMainSwitchPreferenceController.java, there is a possible way to bypass a device policy restriction due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/apps/Settings/+/edd4023805bc7fa54ae31de222cde02b9012bbc4",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

24
CVE-2023/CVE-2023-212xx/CVE-2023-21248.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-21248",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.820",
"lastModified": "2023-07-13T00:15:23.820",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In getAvailabilityStatus of WifiScanningMainSwitchPreferenceController.java, there is a possible way to bypass a device policy restriction due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/apps/Settings/+/edd4023805bc7fa54ae31de222cde02b9012bbc4",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

24
CVE-2023/CVE-2023-212xx/CVE-2023-21249.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-21249",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.867",
"lastModified": "2023-07-13T00:15:23.867",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In multiple functions of OneTimePermissionUserManager.java, there is a possible one-time permission retention due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/c00b7e7dbc1fa30339adef693d02a51254755d7f",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

24
CVE-2023/CVE-2023-212xx/CVE-2023-21250.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-21250",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.917",
"lastModified": "2023-07-13T00:15:23.917",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In gatt_end_operation of gatt_utils.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/ec573bc83f1ed6722f7cb29431dcb2db7f10bf28",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

24
CVE-2023/CVE-2023-212xx/CVE-2023-21251.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-21251",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.963",
"lastModified": "2023-07-13T00:15:23.963",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In onCreate of ConfirmDialog.java, there is a possible way to connect to VNP bypassing user's consent due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/57946e2bb73850e817b3c01fa5350d705e178e39",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

24
CVE-2023/CVE-2023-212xx/CVE-2023-21254.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-21254",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:24.007",
"lastModified": "2023-07-13T00:15:24.007",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In getCurrentState of OneTimePermissionUserManager.java, there is a possible way to hold one-time permissions after the app is being killed due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/fa539c85503dc63bfb53c76b6f12b3549f14a709",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

24
CVE-2023/CVE-2023-212xx/CVE-2023-21255.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-21255",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:24.053",
"lastModified": "2023-07-13T00:15:24.053",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/kernel/common/+/1ca1130ec62d",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

24
CVE-2023/CVE-2023-212xx/CVE-2023-21256.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-21256",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:24.097",
"lastModified": "2023-07-13T00:15:24.097",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In SettingsHomepageActivity.java, there is a possible way to launch arbitrary activities via Settings due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/packages/apps/Settings/+/62fc1d269f5e754fc8f00b6167d79c3933b4c1f4",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

24
CVE-2023/CVE-2023-212xx/CVE-2023-21257.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-21257",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:24.143",
"lastModified": "2023-07-13T00:15:24.143",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In updateSettingsInternalLI of InstallPackageHelper.java, there is a possible way to sideload an app in the work profile due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/1aec7feaf07e6d4568ca75d18158445dbeac10f6",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-212xx/CVE-2023-21260.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21260",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T01:15:08.667",
"lastModified": "2023-07-13T01:15:08.667",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In notification access permission dialog box, malicious application can embedded a very long service label that overflow the original user prompt and possibly contains mis-leading information to be appeared as a system message for user confirmation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/security/bulletin/aaos/2023-07-01",
"source": "security@android.com"
}
]
}

24
CVE-2023/CVE-2023-212xx/CVE-2023-21261.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-21261",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:24.203",
"lastModified": "2023-07-13T00:15:24.203",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In ft_open_face_internal of ftobjs.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/external/freetype/+/d45f0e49ab54065eb72d92aa3cc5f2152b0910b7",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

24
CVE-2023/CVE-2023-212xx/CVE-2023-21262.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-21262",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:24.250",
"lastModified": "2023-07-13T00:15:24.250",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way of erroneously displaying the microphone privacy indicator due to a race condition. This could lead to false user expectations. User interaction is needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/av/+/2c8973c39478cd3c8cf11d9f27cc0556a106d006",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21399.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21399",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:24.297",
"lastModified": "2023-07-13T00:15:24.297",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "there is a possible way to bypass cryptographic assurances due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2023-07-01",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-214xx/CVE-2023-21400.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21400",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:24.340",
"lastModified": "2023-07-13T00:15:24.340",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2023-07-01",
"source": "security@android.com"
}
]
}

58
CVE-2023/CVE-2023-223xx/CVE-2023-22365.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22365",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:10.973",
"lastModified": "2023-07-06T15:16:38.363",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-13T01:37:25.207",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -46,10 +66,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ur32l_firmware:32.3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CF5F2502-0C97-4AC3-BD0A-45065C64F99B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ur32l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "224B5936-7A7A-48E7-B0F3-754B74E4BF2D"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1711",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-235xx/CVE-2023-23547.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23547",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:11.427",
"lastModified": "2023-07-06T15:16:32.190",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-13T01:49:25.823",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +64,55 @@
"value": "CWE-22"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ur32l_firmware:32.3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CF5F2502-0C97-4AC3-BD0A-45065C64F99B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ur32l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "224B5936-7A7A-48E7-B0F3-754B74E4BF2D"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1695",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-237xx/CVE-2023-23787.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23787",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-10T16:15:49.390",
"lastModified": "2023-07-10T16:27:17.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-12T23:55:45.907",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:premmerce:redirect_manager:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.9",
"matchCriteriaId": "CAC50249-E7C1-46AA-8C0B-5D8A4807844F"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/premmerce-redirect-manager/wordpress-premmerce-redirect-manager-plugin-1-0-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-238xx/CVE-2023-23804.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23804",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-10T16:15:49.470",
"lastModified": "2023-07-10T16:27:17.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-12T23:55:54.530",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +64,43 @@
"value": "CWE-352"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hasthemes:ht_feed:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.2.8",
"matchCriteriaId": "343D1847-87E2-427E-9190-AB6CE99F33CC"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ht-instagram/wordpress-ht-feed-plugin-1-2-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-238xx/CVE-2023-23869.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23869",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-10T16:15:49.547",
"lastModified": "2023-07-10T16:27:17.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-13T00:08:41.700",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:digitalinspiration:google_xml_sitemap_for_mobile:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.6.1",
"matchCriteriaId": "12FBF3D8-B210-4459-9983-0740D9D19AD1"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/google-mobile-sitemap/wordpress-google-xml-sitemap-for-mobile-plugin-1-6-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-238xx/CVE-2023-23897.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23897",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-10T16:15:49.610",
"lastModified": "2023-07-10T16:27:17.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-13T00:08:48.257",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ozette:simple_mobile_url_redirect:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.7.2",
"matchCriteriaId": "C074856A-F6C1-462C-8D93-962B1DD60F1B"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/simple-mobile-url-redirect/wordpress-simple-mobile-url-redirect-plugin-1-7-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-239xx/CVE-2023-23993.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23993",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-10T16:15:49.677",
"lastModified": "2023-07-10T16:27:17.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-13T00:08:54.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lionscripts:ip_blocker_lite:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "11.1.1",
"matchCriteriaId": "6EEC953C-3725-4477-95D0-5DAA0048EC72"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ip-address-blocker/wordpress-lionscripts-ip-blocker-lite-plugin-11-1-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-243xx/CVE-2023-24395.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24395",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-10T16:15:49.743",
"lastModified": "2023-07-10T16:27:17.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-13T00:09:02.493",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpplugin:contact_form_7_redirect_\\&_thank_you_page:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.4",
"matchCriteriaId": "D7018DCE-65E7-43AB-BC60-6CDA3CD92324"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/cf7-redirect-thank-you-page/wordpress-contact-form-7-redirect-thank-you-page-plugin-1-0-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-244xx/CVE-2023-24405.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24405",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-10T16:15:49.813",
"lastModified": "2023-07-10T16:27:17.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-13T00:20:19.390",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpplugin:paypal_\\&_stripe_add-on:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.9.4",
"matchCriteriaId": "CAF6BFA9-7867-42FB-A699-B461154521DC"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/contact-form-7-paypal-add-on/wordpress-contact-form-7-paypal-stripe-add-on-plugin-1-9-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-244xx/CVE-2023-24496.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24496",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:11.953",
"lastModified": "2023-07-06T15:16:32.190",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-13T01:54:21.520",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 2.7
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:milesight:milesightvpn:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4943376D-ADEB-4BC5-BAF4-81C14233E3C0"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1704",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-244xx/CVE-2023-24497.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24497",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:12.037",
"lastModified": "2023-07-06T15:16:32.190",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-13T01:55:26.930",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 2.7
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:o:milesight:milesightvpn:2.0.2:*:*:*:*:*:*",
"matchCriteriaId": "D8575C81-3250-4983-9AA6-B4DBFFBA3689"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1704",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-254xx/CVE-2023-25478.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25478",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-10T16:15:49.877",
"lastModified": "2023-07-10T16:27:17.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-13T00:20:25.517",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:weather_station_project:weather_station:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.8.12",
"matchCriteriaId": "0059C764-CEBF-4D97-8CAE-DD4CF23AC363"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/live-weather-station/wordpress-weather-station-plugin-3-8-11-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-306xx/CVE-2023-30675.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-30675",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-07-06T03:15:12.160",
"lastModified": "2023-07-06T11:55:38.310",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-13T01:11:18.983",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper authentication in Samsung Pass prior to version 4.2.03.1 allows local attacker to access stored account information when Samsung Wallet is not installed."
},
{
"lang": "es",
"value": "La autenticaci\u00f3n incorrecta en Samsung Pass antes de la versi\u00f3n 4.2.03.1 permite a un atacante local acceder a la informaci\u00f3n de la cuenta almacenada cuando Samsung Wallet no est\u00e1 instalado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -46,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samsung:pass:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.03.1",
"matchCriteriaId": "D2F5FB7F-E952-4E01-B25C-9125EC60A729"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=07",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-306xx/CVE-2023-30676.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-30676",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-07-06T03:15:12.240",
"lastModified": "2023-07-06T11:55:38.310",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-13T01:13:38.107",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper access control vulnerability in Samsung Pass prior to version 4.2.03.1 allows physical attackers to access data of Samsung Pass."
},
{
"lang": "es",
"value": "Una vulnerabilidad de control de acceso inadecuado en Samsung Pass anterior a la versi\u00f3n 4.2.03.1 permite a los atacantes f\u00edsicamente acceder a los datos de Samsung Pass."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -46,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samsung:pass:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.03.1",
"matchCriteriaId": "D2F5FB7F-E952-4E01-B25C-9125EC60A729"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=07",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-306xx/CVE-2023-30677.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-30677",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-07-06T03:15:12.317",
"lastModified": "2023-07-06T11:55:38.310",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-13T01:17:19.173",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper access control vulnerability in Samsung Pass prior to version 4.2.03.1 allows physical attackers to access data of Samsung Pass on a certain state of an unlocked device."
},
{
"lang": "es",
"value": "Una vulnerabilidad de control de acceso inadecuado en Samsung Pass anterior a la versi\u00f3n 4.2.03.1 permite a los atacantes f\u00edsicamente acceder a los datos de Samsung Pass en un determinado estado de un dispositivo desbloqueado. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -46,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samsung:pass:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.03.1",
"matchCriteriaId": "D2F5FB7F-E952-4E01-B25C-9125EC60A729"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=07",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-306xx/CVE-2023-30678.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30678",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-07-06T03:15:12.397",
"lastModified": "2023-07-06T11:55:38.310",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-13T01:09:28.843",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -46,10 +76,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samsung:calendar:*:*:*:*:*:*:*:*",
"versionEndExcluding": "12.4.07.15",
"matchCriteriaId": "41A0BB00-A4AD-4107-A9C1-729FACD5A6D5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=07",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

36
CVE-2023/CVE-2023-341xx/CVE-2023-34123.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-34123",
"sourceIdentifier": "PSIRT@sonicwall.com",
"published": "2023-07-13T00:15:24.387",
"lastModified": "2023-07-13T00:15:24.387",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n"
}
],
"metrics": {},
"weaknesses": [
{
"source": "PSIRT@sonicwall.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-321"
}
]
}
],
"references": [
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010",
"source": "PSIRT@sonicwall.com"
},
{
"url": "https://www.sonicwall.com/support/notices/230710150218060",
"source": "PSIRT@sonicwall.com"
}
]
}

36
CVE-2023/CVE-2023-341xx/CVE-2023-34124.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-34124",
"sourceIdentifier": "PSIRT@sonicwall.com",
"published": "2023-07-13T01:15:08.723",
"lastModified": "2023-07-13T01:15:08.723",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks, allowing authentication bypass. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n"
}
],
"metrics": {},
"weaknesses": [
{
"source": "PSIRT@sonicwall.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-305"
}
]
}
],
"references": [
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010",
"source": "PSIRT@sonicwall.com"
},
{
"url": "https://www.sonicwall.com/support/notices/230710150218060",
"source": "PSIRT@sonicwall.com"
}
]
}

36
CVE-2023/CVE-2023-341xx/CVE-2023-34125.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-34125",
"sourceIdentifier": "PSIRT@sonicwall.com",
"published": "2023-07-13T01:15:08.783",
"lastModified": "2023-07-13T01:15:08.783",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Path Traversal vulnerability in GMS and Analytics allows an authenticated attacker to read arbitrary files from the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n"
}
],
"metrics": {},
"weaknesses": [
{
"source": "PSIRT@sonicwall.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-27"
}
]
}
],
"references": [
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010",
"source": "PSIRT@sonicwall.com"
},
{
"url": "https://www.sonicwall.com/support/notices/230710150218060",
"source": "PSIRT@sonicwall.com"
}
]
}

36
CVE-2023/CVE-2023-341xx/CVE-2023-34126.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-34126",
"sourceIdentifier": "PSIRT@sonicwall.com",
"published": "2023-07-13T01:15:08.837",
"lastModified": "2023-07-13T01:15:08.837",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in SonicWall GMS and Analytics allows an authenticated attacker to upload files on the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"metrics": {},
"weaknesses": [
{
"source": "PSIRT@sonicwall.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010",
"source": "PSIRT@sonicwall.com"
},
{
"url": "https://www.sonicwall.com/support/notices/230710150218060",
"source": "PSIRT@sonicwall.com"
}
]
}

36
CVE-2023/CVE-2023-341xx/CVE-2023-34127.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-34127",
"sourceIdentifier": "PSIRT@sonicwall.com",
"published": "2023-07-13T01:15:08.893",
"lastModified": "2023-07-13T01:15:08.893",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SonicWall GMS, SonicWall Analytics enables an authenticated attacker to execute arbitrary code with root privileges. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"metrics": {},
"weaknesses": [
{
"source": "PSIRT@sonicwall.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010",
"source": "PSIRT@sonicwall.com"
},
{
"url": "https://www.sonicwall.com/support/notices/230710150218060",
"source": "PSIRT@sonicwall.com"
}
]
}

36
CVE-2023/CVE-2023-341xx/CVE-2023-34128.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-34128",
"sourceIdentifier": "PSIRT@sonicwall.com",
"published": "2023-07-13T01:15:08.950",
"lastModified": "2023-07-13T01:15:08.950",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Tomcat application credentials are hardcoded in SonicWall GMS and Analytics configuration file. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions."
}
],
"metrics": {},
"weaknesses": [
{
"source": "PSIRT@sonicwall.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-260"
}
]
}
],
"references": [
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010",
"source": "PSIRT@sonicwall.com"
},
{
"url": "https://www.sonicwall.com/support/notices/230710150218060",
"source": "PSIRT@sonicwall.com"
}
]
}

20
CVE-2023/CVE-2023-356xx/CVE-2023-35691.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-35691",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:24.457",
"lastModified": "2023-07-13T00:15:24.457",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2023-07-01",
"source": "security@android.com"
}
]
}

24
CVE-2023/CVE-2023-356xx/CVE-2023-35693.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-35693",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:24.503",
"lastModified": "2023-07-13T00:15:24.503",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In incfs_kill_sb of fs/incfs/vfs.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/kernel/common/+/8ff940b3513cb",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/pixel/2023-07-01",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-356xx/CVE-2023-35694.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-35694",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:24.550",
"lastModified": "2023-07-13T00:15:24.550",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In DMPixelLogger_ProcessDmCommand of DMPixelLogger.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2023-07-01",
"source": "security@android.com"
}
]
}

81
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-07-12T23:55:31.179878+00:00
2023-07-13T02:00:50.875669+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-07-12T23:33:53.107000+00:00
2023-07-13T01:55:26.930000+00:00
```
### Last Data Feed Release
@ -23,46 +23,73 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain
2023-07-12T00:00:13.565727+00:00
2023-07-13T00:00:13.560870+00:00
```
### Total Number of included CVEs
```plain
220141
220175
```
### CVEs added in the last Commit
Recently added CVEs: `0`
Recently added CVEs: `34`
* [CVE-2023-21245](CVE-2023/CVE-2023-212xx/CVE-2023-21245.json) (`2023-07-13T00:15:23.683`)
* [CVE-2023-21246](CVE-2023/CVE-2023-212xx/CVE-2023-21246.json) (`2023-07-13T00:15:23.727`)
* [CVE-2023-21247](CVE-2023/CVE-2023-212xx/CVE-2023-21247.json) (`2023-07-13T00:15:23.777`)
* [CVE-2023-21248](CVE-2023/CVE-2023-212xx/CVE-2023-21248.json) (`2023-07-13T00:15:23.820`)
* [CVE-2023-21249](CVE-2023/CVE-2023-212xx/CVE-2023-21249.json) (`2023-07-13T00:15:23.867`)
* [CVE-2023-21250](CVE-2023/CVE-2023-212xx/CVE-2023-21250.json) (`2023-07-13T00:15:23.917`)
* [CVE-2023-21251](CVE-2023/CVE-2023-212xx/CVE-2023-21251.json) (`2023-07-13T00:15:23.963`)
* [CVE-2023-21254](CVE-2023/CVE-2023-212xx/CVE-2023-21254.json) (`2023-07-13T00:15:24.007`)
* [CVE-2023-21255](CVE-2023/CVE-2023-212xx/CVE-2023-21255.json) (`2023-07-13T00:15:24.053`)
* [CVE-2023-21256](CVE-2023/CVE-2023-212xx/CVE-2023-21256.json) (`2023-07-13T00:15:24.097`)
* [CVE-2023-21257](CVE-2023/CVE-2023-212xx/CVE-2023-21257.json) (`2023-07-13T00:15:24.143`)
* [CVE-2023-21261](CVE-2023/CVE-2023-212xx/CVE-2023-21261.json) (`2023-07-13T00:15:24.203`)
* [CVE-2023-21262](CVE-2023/CVE-2023-212xx/CVE-2023-21262.json) (`2023-07-13T00:15:24.250`)
* [CVE-2023-21399](CVE-2023/CVE-2023-213xx/CVE-2023-21399.json) (`2023-07-13T00:15:24.297`)
* [CVE-2023-21400](CVE-2023/CVE-2023-214xx/CVE-2023-21400.json) (`2023-07-13T00:15:24.340`)
* [CVE-2023-34123](CVE-2023/CVE-2023-341xx/CVE-2023-34123.json) (`2023-07-13T00:15:24.387`)
* [CVE-2023-35691](CVE-2023/CVE-2023-356xx/CVE-2023-35691.json) (`2023-07-13T00:15:24.457`)
* [CVE-2023-35693](CVE-2023/CVE-2023-356xx/CVE-2023-35693.json) (`2023-07-13T00:15:24.503`)
* [CVE-2023-35694](CVE-2023/CVE-2023-356xx/CVE-2023-35694.json) (`2023-07-13T00:15:24.550`)
* [CVE-2023-21260](CVE-2023/CVE-2023-212xx/CVE-2023-21260.json) (`2023-07-13T01:15:08.667`)
* [CVE-2023-34124](CVE-2023/CVE-2023-341xx/CVE-2023-34124.json) (`2023-07-13T01:15:08.723`)
* [CVE-2023-34125](CVE-2023/CVE-2023-341xx/CVE-2023-34125.json) (`2023-07-13T01:15:08.783`)
* [CVE-2023-34126](CVE-2023/CVE-2023-341xx/CVE-2023-34126.json) (`2023-07-13T01:15:08.837`)
* [CVE-2023-34127](CVE-2023/CVE-2023-341xx/CVE-2023-34127.json) (`2023-07-13T01:15:08.893`)
* [CVE-2023-34128](CVE-2023/CVE-2023-341xx/CVE-2023-34128.json) (`2023-07-13T01:15:08.950`)
### CVEs modified in the last Commit
Recently modified CVEs: `21`
Recently modified CVEs: `23`
* [CVE-2022-48516](CVE-2022/CVE-2022-485xx/CVE-2022-48516.json) (`2023-07-12T22:23:21.653`)
* [CVE-2022-48517](CVE-2022/CVE-2022-485xx/CVE-2022-48517.json) (`2023-07-12T22:35:11.063`)
* [CVE-2022-48518](CVE-2022/CVE-2022-485xx/CVE-2022-48518.json) (`2023-07-12T22:36:34.873`)
* [CVE-2022-48519](CVE-2022/CVE-2022-485xx/CVE-2022-48519.json) (`2023-07-12T22:39:57.940`)
* [CVE-2022-48520](CVE-2022/CVE-2022-485xx/CVE-2022-48520.json) (`2023-07-12T22:40:05.937`)
* [CVE-2023-27390](CVE-2023/CVE-2023-273xx/CVE-2023-27390.json) (`2023-07-12T22:11:30.093`)
* [CVE-2023-31194](CVE-2023/CVE-2023-311xx/CVE-2023-31194.json) (`2023-07-12T22:23:05.890`)
* [CVE-2023-1691](CVE-2023/CVE-2023-16xx/CVE-2023-1691.json) (`2023-07-12T22:42:44.353`)
* [CVE-2023-1695](CVE-2023/CVE-2023-16xx/CVE-2023-1695.json) (`2023-07-12T22:45:16.747`)
* [CVE-2023-34164](CVE-2023/CVE-2023-341xx/CVE-2023-34164.json) (`2023-07-12T22:46:55.213`)
* [CVE-2023-37238](CVE-2023/CVE-2023-372xx/CVE-2023-37238.json) (`2023-07-12T22:51:22.043`)
* [CVE-2023-29381](CVE-2023/CVE-2023-293xx/CVE-2023-29381.json) (`2023-07-12T22:58:46.303`)
* [CVE-2023-35948](CVE-2023/CVE-2023-359xx/CVE-2023-35948.json) (`2023-07-12T22:59:03.060`)
* [CVE-2023-29382](CVE-2023/CVE-2023-293xx/CVE-2023-29382.json) (`2023-07-12T23:00:33.740`)
* [CVE-2023-30319](CVE-2023/CVE-2023-303xx/CVE-2023-30319.json) (`2023-07-12T23:03:07.083`)
* [CVE-2023-30320](CVE-2023/CVE-2023-303xx/CVE-2023-30320.json) (`2023-07-12T23:03:16.713`)
* [CVE-2023-30321](CVE-2023/CVE-2023-303xx/CVE-2023-30321.json) (`2023-07-12T23:08:22.767`)
* [CVE-2023-34192](CVE-2023/CVE-2023-341xx/CVE-2023-34192.json) (`2023-07-12T23:08:32.340`)
* [CVE-2023-34193](CVE-2023/CVE-2023-341xx/CVE-2023-34193.json) (`2023-07-12T23:13:27.507`)
* [CVE-2023-22694](CVE-2023/CVE-2023-226xx/CVE-2023-22694.json) (`2023-07-12T23:28:28.043`)
* [CVE-2023-22695](CVE-2023/CVE-2023-226xx/CVE-2023-22695.json) (`2023-07-12T23:33:53.107`)
* [CVE-2022-48513](CVE-2022/CVE-2022-485xx/CVE-2022-48513.json) (`2023-07-13T00:58:46.147`)
* [CVE-2022-48514](CVE-2022/CVE-2022-485xx/CVE-2022-48514.json) (`2023-07-13T01:02:11.377`)
* [CVE-2022-48515](CVE-2022/CVE-2022-485xx/CVE-2022-48515.json) (`2023-07-13T01:05:49.397`)
* [CVE-2022-48512](CVE-2022/CVE-2022-485xx/CVE-2022-48512.json) (`2023-07-13T01:07:21.960`)
* [CVE-2022-48511](CVE-2022/CVE-2022-485xx/CVE-2022-48511.json) (`2023-07-13T01:26:08.630`)
* [CVE-2022-48510](CVE-2022/CVE-2022-485xx/CVE-2022-48510.json) (`2023-07-13T01:28:03.890`)
* [CVE-2023-23787](CVE-2023/CVE-2023-237xx/CVE-2023-23787.json) (`2023-07-12T23:55:45.907`)
* [CVE-2023-23804](CVE-2023/CVE-2023-238xx/CVE-2023-23804.json) (`2023-07-12T23:55:54.530`)
* [CVE-2023-23869](CVE-2023/CVE-2023-238xx/CVE-2023-23869.json) (`2023-07-13T00:08:41.700`)
* [CVE-2023-23897](CVE-2023/CVE-2023-238xx/CVE-2023-23897.json) (`2023-07-13T00:08:48.257`)
* [CVE-2023-23993](CVE-2023/CVE-2023-239xx/CVE-2023-23993.json) (`2023-07-13T00:08:54.487`)
* [CVE-2023-24395](CVE-2023/CVE-2023-243xx/CVE-2023-24395.json) (`2023-07-13T00:09:02.493`)
* [CVE-2023-20910](CVE-2023/CVE-2023-209xx/CVE-2023-20910.json) (`2023-07-13T00:15:23.223`)
* [CVE-2023-24405](CVE-2023/CVE-2023-244xx/CVE-2023-24405.json) (`2023-07-13T00:20:19.390`)
* [CVE-2023-25478](CVE-2023/CVE-2023-254xx/CVE-2023-25478.json) (`2023-07-13T00:20:25.517`)
* [CVE-2023-30678](CVE-2023/CVE-2023-306xx/CVE-2023-30678.json) (`2023-07-13T01:09:28.843`)
* [CVE-2023-30675](CVE-2023/CVE-2023-306xx/CVE-2023-30675.json) (`2023-07-13T01:11:18.983`)
* [CVE-2023-30676](CVE-2023/CVE-2023-306xx/CVE-2023-30676.json) (`2023-07-13T01:13:38.107`)
* [CVE-2023-30677](CVE-2023/CVE-2023-306xx/CVE-2023-30677.json) (`2023-07-13T01:17:19.173`)
* [CVE-2023-22365](CVE-2023/CVE-2023-223xx/CVE-2023-22365.json) (`2023-07-13T01:37:25.207`)
* [CVE-2023-23547](CVE-2023/CVE-2023-235xx/CVE-2023-23547.json) (`2023-07-13T01:49:25.823`)
* [CVE-2023-24496](CVE-2023/CVE-2023-244xx/CVE-2023-24496.json) (`2023-07-13T01:54:21.520`)
* [CVE-2023-24497](CVE-2023/CVE-2023-244xx/CVE-2023-24497.json) (`2023-07-13T01:55:26.930`)
## Download and Usage