admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-12-27T19:00:24.767863+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-12-27 19:00:28 +00:00
parent 3c5ec36999
commit f59d76d376
34 changed files with 2850 additions and 136 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
CVE-2022/CVE-2022-475xx/CVE-2022-47599.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2022-47599",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-20T18:15:11.417",
"lastModified": "2023-12-20T19:52:41.030",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-27T17:16:25.117",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in File Manager by Bit Form Team File Manager \u2013 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager.This issue affects File Manager \u2013 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager: from n/a through 5.2.7.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de deserializaci\u00f3n de datos no confiables en File Manager by Bit Form Team File Manager \u2013 100% Free & Open Source File Manager complemento para Wordpress | Bit File Manager. Este problema afecta a File Manager \u2013 100% Free & Open Source File Manager complemento para Wordpress | Bit File Manager : desde n/a hasta 5.2.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/file-manager/wordpress-bit-file-manager-100-free-file-manager-for-wordpress-plugin-5-2-7-php-object-injection?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bitapps:file_manager:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.0.0",
"matchCriteriaId": "B0FD0DEF-AA73-4ED1-BAE8-30C1477F1E09"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/file-manager/wordpress-bit-file-manager-100-free-file-manager-for-wordpress-plugin-5-2-7-php-object-injection?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-290xx/CVE-2023-29096.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-29096",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-20T18:15:12.327",
"lastModified": "2023-12-20T19:52:34.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-27T17:32:59.767",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BestWebSoft Contact Form to DB by BestWebSoft \u2013 Messages Database Plugin For WordPress.This issue affects Contact Form to DB by BestWebSoft \u2013 Messages Database Plugin For WordPress: from n/a through 1.7.0.\n\n"
},
{
"lang": "es",
"value": "Neutralizaci\u00f3n incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL ('Inyecci\u00f3n SQL') en BestWebSoft Contact Form to DB by BestWebSoft \u2013 Messages Database Plugin for WordPress. Este problema afecta a Contact Form to DB by BestWebSoft \u2013 Messages Database Plugin for WordPress: desde n /a hasta 1.7.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/contact-form-to-db/wordpress-contact-form-to-db-by-bestwebsoft-plugin-1-7-0-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bestwebsoft:contact_form_to_db:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.7.0",
"matchCriteriaId": "69E2C5EF-2E30-43B8-A66F-5E0BE1F33658"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/contact-form-to-db/wordpress-contact-form-to-db-by-bestwebsoft-plugin-1-7-0-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-31xx/CVE-2023-3171.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3171",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-12-27T16:15:13.103",
"lastModified": "2023-12-27T16:15:13.103",
"vulnStatus": "Received",
"lastModified": "2023-12-27T18:24:09.770",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

78
CVE-2023/CVE-2023-420xx/CVE-2023-42012.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42012",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-20T00:15:08.190",
"lastModified": "2023-12-20T13:50:26.727",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-27T18:09:34.133",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -40,8 +60,18 @@
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -50,14 +80,46 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/265509",
"source": "psirt@us.ibm.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0.0",
"versionEndIncluding": "7.2.3.7",
"matchCriteriaId": "B06C8A89-2DB4-4A6D-BD31-8B2BA54218A2"
},
{
"url": "https://www.ibm.com/support/pages/node/7096548",
"source": "psirt@us.ibm.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.3.0.0",
"versionEndIncluding": "7.3.2.2",
"matchCriteriaId": "86E324E0-1439-4F6B-8768-96F384630CE7"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/265509",
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7096548",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

80
CVE-2023/CVE-2023-420xx/CVE-2023-42013.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42013",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-20T00:15:08.383",
"lastModified": "2023-12-20T13:50:26.727",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-27T18:18:23.723",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -50,14 +70,60 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/265510",
"source": "psirt@us.ibm.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0.0",
"versionEndIncluding": "7.0.5.18",
"matchCriteriaId": "8D9BA852-DB65-4E85-8F40-EAD6897A42C5"
},
{
"url": "https://www.ibm.com/support/pages/node/7096547",
"source": "psirt@us.ibm.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.1.0.0",
"versionEndIncluding": "7.1.2.14",
"matchCriteriaId": "D26A6175-309B-4841-8ED2-CAE52C56660D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0.0",
"versionEndIncluding": "7.2.3.7",
"matchCriteriaId": "B06C8A89-2DB4-4A6D-BD31-8B2BA54218A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.3.0.0",
"versionEndIncluding": "7.3.2.2",
"matchCriteriaId": "86E324E0-1439-4F6B-8768-96F384630CE7"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/265510",
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7096547",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

88
CVE-2023/CVE-2023-420xx/CVE-2023-42015.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42015",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-19T03:15:07.950",
"lastModified": "2023-12-19T13:42:12.823",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-27T18:52:58.957",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -38,14 +58,66 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/265512",
"source": "psirt@us.ibm.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.ibm.com/support/pages/node/7096546",
"source": "psirt@us.ibm.com"
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.1.0.0",
"versionEndExcluding": "7.1.2.15",
"matchCriteriaId": "845BBD2F-F115-493B-862B-0B1E57A2CF17"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0.0",
"versionEndExcluding": "7.2.3.8",
"matchCriteriaId": "D0831485-4FCF-47B5-9480-F03028E6CC85"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.3.0.0",
"versionEndExcluding": "7.3.2.3",
"matchCriteriaId": "FFBAF5A7-B9AA-4335-B27B-DD9C109425BE"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/265512",
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7096546",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

81
CVE-2023/CVE-2023-451xx/CVE-2023-45172.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45172",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-19T23:15:07.707",
"lastModified": "2023-12-20T13:50:26.727",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-27T17:51:23.967",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -40,8 +60,18 @@
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -50,14 +80,49 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/267970",
"source": "psirt@us.ibm.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:vios:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F61BE89-FBDE-4312-8422-86D1A9F57C9E"
},
{
"url": "https://www.ibm.com/support/pages/node/7099314",
"source": "psirt@us.ibm.com"
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:aix:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6791504A-A48A-4ED0-94AF-4C8A3B91516F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:aix:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "35DF3DE0-1AE4-4B25-843F-BC08DBBFDF78"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/267970",
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7099314",
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-46xx/CVE-2023-4641.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4641",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-12-27T16:15:13.363",
"lastModified": "2023-12-27T16:15:13.363",
"vulnStatus": "Received",
"lastModified": "2023-12-27T18:24:09.770",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

106
CVE-2023/CVE-2023-471xx/CVE-2023-47146.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47146",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-19T22:15:07.863",
"lastModified": "2023-12-20T13:50:26.727",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-27T17:50:55.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -40,8 +60,18 @@
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -50,14 +80,74 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/270372",
"source": "psirt@us.ibm.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "DACA17CC-8B71-4E71-B075-BFFB65AD989C"
},
{
"url": "https://https://www.ibm.com/support/pages/node/7099297",
"source": "psirt@us.ibm.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_1:*:*:*:*:*:*",
"matchCriteriaId": "BA60FDE5-8C40-4C7A-97CF-BA2A64BF307D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_2:*:*:*:*:*:*",
"matchCriteriaId": "AB518E06-00BA-48F3-8AEC-6E1E97CAA2CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_3:*:*:*:*:*:*",
"matchCriteriaId": "289027A2-178C-45DE-A86F-1207F23D13B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_4:*:*:*:*:*:*",
"matchCriteriaId": "5047AECF-879B-427A-ACF7-ECB10965E1B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_5:*:*:*:*:*:*",
"matchCriteriaId": "CD448AB8-E3CC-41A1-9D32-B1B35C68FA5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_6:*:*:*:*:*:*",
"matchCriteriaId": "9F4014E8-42E2-4B76-B2DA-8B50929A4AB5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_7:*:*:*:*:*:*",
"matchCriteriaId": "BD0A459A-C74A-4E18-83B3-4C29D47D2C2B"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/270372",
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://https://www.ibm.com/support/pages/node/7099297",
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

80
CVE-2023/CVE-2023-471xx/CVE-2023-47161.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47161",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-20T00:15:08.670",
"lastModified": "2023-12-20T13:50:26.727",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-27T18:41:28.277",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -50,14 +70,60 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/270799",
"source": "psirt@us.ibm.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0.0",
"versionEndIncluding": "7.0.5.18",
"matchCriteriaId": "8D9BA852-DB65-4E85-8F40-EAD6897A42C5"
},
{
"url": "https://www.ibm.com/support/pages/node/7096552",
"source": "psirt@us.ibm.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.1.0.0",
"versionEndIncluding": "7.1.2.14",
"matchCriteriaId": "D26A6175-309B-4841-8ED2-CAE52C56660D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0.0",
"versionEndIncluding": "7.2.3.7",
"matchCriteriaId": "B06C8A89-2DB4-4A6D-BD31-8B2BA54218A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.3.0.0",
"versionEndIncluding": "7.3.2.2",
"matchCriteriaId": "86E324E0-1439-4F6B-8768-96F384630CE7"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/270799",
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7096552",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-480xx/CVE-2023-48003.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-48003",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-26T22:15:13.907",
"lastModified": "2023-12-26T22:15:13.907",
"vulnStatus": "Received",
"lastModified": "2023-12-27T18:24:09.770",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An open redirect through HTML injection in user messages in Asp.Net Zero before 12.3.0 allows remote attackers to redirect targeted victims to any URL via the '<meta http-equiv=\"refresh\"' in the WebSocket messages."
},
{
"lang": "es",
"value": "Una redirecci\u00f3n abierta mediante inyecci\u00f3n de HTML en mensajes de usuario en Asp.Net Zero anterior a 12.3.0 permite a atacantes remotos redirigir a v\u00edctimas objetivo a cualquier URL a trav\u00e9s de '"
}
],
"metrics": {},

86
CVE-2023/CVE-2023-480xx/CVE-2023-48050.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48050",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-15T01:15:08.093",
"lastModified": "2023-12-15T13:42:13.817",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-27T18:36:33.847",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,85 @@
"value": "Vulnerabilidad de inyecci\u00f3n SQL en Cams Biometrics Zkteco, eSSL, Cams Biometrics Integration Module with HR Attendance (tambi\u00e9n conocido como odoo-biometric-attendance) v. 13.0 a 16.0.1 permite a un atacante remoto ejecutar c\u00f3digo arbitrario y obtener privilegios a trav\u00e9s del par\u00e1metro db en el componente controllers/controllers.py."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/luvsn/OdZoo/tree/main/exploits/odoo-biometric-attendance",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:camsbiometrics:zkteco\\,_essl\\,_cams_biometrics_integration_module:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndIncluding": "16.0.1",
"matchCriteriaId": "D19187DF-F113-433C-8313-398E94085F89"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:odoo:biometric_attendance:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndIncluding": "16.0.1",
"matchCriteriaId": "76C86D2C-5B44-418A-8FB8-AB68BE0C7D14"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/luvsn/OdZoo/tree/main/exploits/odoo-biometric-attendance",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-491xx/CVE-2023-49161.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-49161",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-20T18:15:12.787",
"lastModified": "2023-12-20T19:52:34.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-27T17:02:54.350",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Guelben Bravo Translate.This issue affects Bravo Translate: from n/a through 1.2.\n\n"
},
{
"lang": "es",
"value": "La neutralizaci\u00f3n incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL ('inyecci\u00f3n SQL') en Guelben Bravo Translate. Este problema afecta a Bravo Translate: desde n/a hasta 1.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/bravo-translate/wordpress-bravo-translate-plugin-1-2-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:guelbetech:bravo_translate:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2",
"matchCriteriaId": "CF408AF4-5165-446F-962D-5D5ACD27AAC3"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/bravo-translate/wordpress-bravo-translate-plugin-1-2-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-491xx/CVE-2023-49166.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-49166",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-20T18:15:12.997",
"lastModified": "2023-12-20T19:52:34.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-27T17:04:38.483",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Magic Logix MSync.This issue affects MSync: from n/a through 1.0.0.\n\n"
},
{
"lang": "es",
"value": "La neutralizaci\u00f3n incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL ('inyecci\u00f3n SQL') en Magic Logix MSync. Este problema afecta a MSync: desde n/a hasta 1.0.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/msync/wordpress-msync-plugin-1-0-0-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:magiclogix:msync:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.0",
"matchCriteriaId": "BEAD53D4-F6B7-4EDB-8F00-881331B04E17"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/msync/wordpress-msync-plugin-1-0-0-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

66
CVE-2023/CVE-2023-492xx/CVE-2023-49269.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2023-49269",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-20T18:15:13.240",
"lastModified": "2023-12-20T19:52:34.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-27T17:17:44.617",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'adults' parameter of the reservation.php resource\u00a0is copied into the HTML document as plain text\u00a0between tags. Any input is echoed unmodified in the\u00a0application's response.\n\n"
},
{
"lang": "es",
"value": "Hotel Management v1.0 es afectado por m\u00faltiples vulnerabilidades de Cross-Site Scripting reflejadas y autenticadas. El par\u00e1metro 'adults' del recurso reservation.php se copia en el documento HTML como texto plano entre etiquetas. Cualquier entrada se repite sin modificaciones en la respuesta de la aplicaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "help@fluidattacks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
@ -46,14 +70,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://fluidattacks.com/advisories/lang/",
"source": "help@fluidattacks.com"
},
"nodes": [
{
"url": "https://www.kashipara.com/",
"source": "help@fluidattacks.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gvnpatidar:hotel_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CECE715-C5F2-4C50-9FE6-39F332E48356"
}
]
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/lang/",
"source": "help@fluidattacks.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.kashipara.com/",
"source": "help@fluidattacks.com",
"tags": [
"Product"
]
}
]
}

8
CVE-2023/CVE-2023-494xx/CVE-2023-49438.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-49438",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-26T22:15:13.973",
"lastModified": "2023-12-26T22:15:13.973",
"vulnStatus": "Received",
"lastModified": "2023-12-27T18:24:09.770",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An open redirect vulnerability in the python package Flask-Security-Too <=5.3.2 allows attackers to redirect unsuspecting users to malicious sites via a crafted URL by abusing the ?next parameter on the /login and /register routes."
},
{
"lang": "es",
"value": "Una vulnerabilidad de redireccionamiento abierto en el paquete Python Flask-Security-Too &lt;=5.3.2 permite a los atacantes redirigir a usuarios desprevenidos a sitios maliciosos a trav\u00e9s de una URL manipulada abusando del par\u00e1metro ?next en las rutas /login y /register."
}
],
"metrics": {},

254
CVE-2023/CVE-2023-497xx/CVE-2023-49786.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-49786",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-14T20:15:52.927",
"lastModified": "2023-12-20T01:15:07.937",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-27T18:40:36.307",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,30 +80,224 @@
]
}
],
"references": [
"configurations": [
{
"url": "http://packetstormsecurity.com/files/176251/Asterisk-20.1.0-Denial-Of-Service.html",
"source": "security-advisories@github.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.20.1",
"matchCriteriaId": "A49E9157-3440-47C5-B730-B1F3BE7240C9"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Dec/24",
"source": "security-advisories@github.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*",
"versionStartIncluding": "19.0.0",
"versionEndExcluding": "20.5.1",
"matchCriteriaId": "FCA06EB6-E31A-43B2-A750-186255114B8F"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/12/15/7",
"source": "security-advisories@github.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:digium:asterisk:21.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E690E3-3E92-42ED-87DD-1C6B838A3FF9"
},
{
"url": "https://github.com/EnableSecurity/advisories/tree/master/ES2023-01-asterisk-dtls-hello-race",
"source": "security-advisories@github.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:13.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2AFE2011-05AA-45A6-A561-65C6C664DA7B"
},
{
"url": "https://github.com/asterisk/asterisk/commit/d7d7764cb07c8a1872804321302ef93bf62cba05",
"source": "security-advisories@github.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:13.13.0:cert1:*:*:*:*:*:*",
"matchCriteriaId": "C1117AA4-CE6B-479B-9995-A9F71C430663"
},
{
"url": "https://github.com/asterisk/asterisk/security/advisories/GHSA-hxj9-xwr8-w8pq",
"source": "security-advisories@github.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:13.13.0:cert1-rc1:*:*:*:*:*:*",
"matchCriteriaId": "775041BD-5C86-42B6-8B34-E1D5171B3D87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:13.13.0:cert1-rc2:*:*:*:*:*:*",
"matchCriteriaId": "55EC2877-2FF5-4777-B118-E764A94BCE56"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:13.13.0:cert1-rc3:*:*:*:*:*:*",
"matchCriteriaId": "EB0392C9-A5E9-4D71-8B8D-63FB96E055A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:13.13.0:cert1-rc4:*:*:*:*:*:*",
"matchCriteriaId": "09AF962D-D4BB-40BA-B435-A59E4402931C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:13.13.0:cert2:*:*:*:*:*:*",
"matchCriteriaId": "559D1063-7F37-44F8-B5C6-94758B675FDF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:13.13.0:cert3:*:*:*:*:*:*",
"matchCriteriaId": "185B2B4B-B246-4379-906B-9BDA7CDD4400"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:13.13.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "73D3592D-3CE5-4462-9FE8-4BCB54E74B5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:13.13.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B3CCE9E0-5DC4-43A2-96DB-9ABEA60EC157"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:16.8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "1EAD713A-CBA2-40C3-9DE3-5366827F18C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert1:*:*:*:*:*:*",
"matchCriteriaId": "A5F5A8B7-29C9-403C-9561-7B3E96F9FCA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert10:*:*:*:*:*:*",
"matchCriteriaId": "F9B96A53-2263-463C-9CCA-0F29865FE500"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert11:*:*:*:*:*:*",
"matchCriteriaId": "A53049F1-8551-453E-834A-68826A7AA959"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert12:*:*:*:*:*:*",
"matchCriteriaId": "B224A4E9-4B6B-4187-B0D6-E4BAE2637960"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert2:*:*:*:*:*:*",
"matchCriteriaId": "9501DBFF-516D-4F26-BBF6-1B453EE2A630"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert3:*:*:*:*:*:*",
"matchCriteriaId": "9D3E9AC0-C0B4-4E87-8D48-2B688D28B678"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert4:*:*:*:*:*:*",
"matchCriteriaId": "1A8628F6-F8D1-4C0C-BD89-8E2EEF19A5F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert5:*:*:*:*:*:*",
"matchCriteriaId": "E27A6FD1-9321-4C9E-B32B-D6330CD3DC92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert6:*:*:*:*:*:*",
"matchCriteriaId": "B6BF5EDB-9D17-453D-A22E-FDDC4DCDD85B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert7:*:*:*:*:*:*",
"matchCriteriaId": "4C75A21E-5D05-434B-93DE-8DAC4DD3E587"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert8:*:*:*:*:*:*",
"matchCriteriaId": "1D725758-C9F5-4DB2-8C45-CC052518D3FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert9:*:*:*:*:*:*",
"matchCriteriaId": "B5E2AECC-B681-4EA5-9DE5-2086BB37A5F4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert1:*:*:*:*:*:*",
"matchCriteriaId": "79EEB5E5-B79E-454B-8DCD-3272BA337A9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert2:*:*:*:*:*:*",
"matchCriteriaId": "892BAE5D-A64E-4FE0-9A99-8C07F342A042"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert3:*:*:*:*:*:*",
"matchCriteriaId": "1A716A45-7075-4CA6-9EF5-2DD088248A5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert4:*:*:*:*:*:*",
"matchCriteriaId": "80EFA05B-E22D-49CE-BDD6-5C7123F1C12B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:certified_asterisk:18.9:cert5:*:*:*:*:*:*",
"matchCriteriaId": "20FD475F-2B46-47C9-B535-1561E29CB7A1"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/176251/Asterisk-20.1.0-Denial-Of-Service.html",
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Dec/24",
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/12/15/7",
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Mailing List"
]
},
{
"url": "https://github.com/EnableSecurity/advisories/tree/master/ES2023-01-asterisk-dtls-hello-race",
"source": "security-advisories@github.com",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/asterisk/asterisk/commit/d7d7764cb07c8a1872804321302ef93bf62cba05",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/asterisk/asterisk/security/advisories/GHSA-hxj9-xwr8-w8pq",
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

67
CVE-2023/CVE-2023-502xx/CVE-2023-50255.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-50255",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-27T17:15:07.847",
"lastModified": "2023-12-27T18:24:09.770",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that can be exploited to achieve Remote Command Execution on the target system upon opening crafted archives. Users are advised to update to version 5.12.21 which addresses the issue. There are no known workarounds for this vulnerability.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.3,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
},
{
"lang": "en",
"value": "CWE-23"
},
{
"lang": "en",
"value": "CWE-26"
}
]
}
],
"references": [
{
"url": "https://github.com/linuxdeepin/deepin-compressor/commit/82f668c78c133873f5094cfab6e4eabc0b70e4b6",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/linuxdeepin/developer-center/security/advisories/GHSA-rw5r-8p9h-3gp2",
"source": "security-advisories@github.com"
}
]
}

73
CVE-2023/CVE-2023-507xx/CVE-2023-50715.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50715",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-15T03:15:45.127",
"lastModified": "2023-12-15T13:42:13.817",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-27T18:39:30.170",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -40,8 +60,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -50,14 +80,39 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/home-assistant/core/commit/dbfc5ea8f96bde6cd165892f5a6a6f9a65731c76",
"source": "security-advisories@github.com"
},
"nodes": [
{
"url": "https://github.com/home-assistant/core/security/advisories/GHSA-jqpc-rc7g-vf83",
"source": "security-advisories@github.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:home-assistant:home-assistant:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2023.12.3",
"matchCriteriaId": "FADE988B-E6D6-498D-883F-0DDBFE62EC24"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/home-assistant/core/commit/dbfc5ea8f96bde6cd165892f5a6a6f9a65731c76",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/home-assistant/core/security/advisories/GHSA-jqpc-rc7g-vf83",
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

72
CVE-2023/CVE-2023-509xx/CVE-2023-50979.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-50979",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-18T04:15:50.970",
"lastModified": "2023-12-18T14:05:22.187",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-27T18:59:12.027",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Crypto++ (aka cryptopp) through 8.9.0 has a Marvin side channel during decryption with PKCS#1 v1.5 padding."
},
{
"lang": "es",
"value": "Crypto++ (tambi\u00e9n conocido como cryptopp) hasta 8.9.0 tiene un canal lateral de Marvin durante el descifrado con relleno PKCS#1 v1.5."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/weidai11/cryptopp/issues/1247",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cryptopp:crypto\\+\\+:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.9.0",
"matchCriteriaId": "CE3A7AA7-A0EF-4363-A9D8-D1D31498B936"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/weidai11/cryptopp/issues/1247",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

59
CVE-2023/CVE-2023-514xx/CVE-2023-51443.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-51443",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-27T17:15:08.093",
"lastModified": "2023-12-27T18:24:09.770",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.11, when handling DTLS-SRTP for media setup, FreeSWITCH is susceptible to Denial of Service due to a race condition in the hello handshake phase of the DTLS protocol. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during the attack. If an attacker manages to send a ClientHello DTLS message with an invalid CipherSuite (such as `TLS_NULL_WITH_NULL_NULL`) to the port on the FreeSWITCH server that is expecting packets from the caller, a DTLS error is generated. This results in the media session being torn down, which is followed by teardown at signaling (SIP) level too. Abuse of this vulnerability may lead to a massive Denial of Service on vulnerable FreeSWITCH servers for calls that rely on DTLS-SRTP. To address this vulnerability, upgrade FreeSWITCH to 1.10.11 which includes the security fix. The solution implemented is to drop all packets from addresses that have not been validated by an ICE check."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-703"
}
]
}
],
"references": [
{
"url": "https://github.com/signalwire/freeswitch/commit/86cbda90b84ba186e508fbc7bfae469270a97d11",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/signalwire/freeswitch/security/advisories/GHSA-39gv-hq72-j6m6",
"source": "security-advisories@github.com"
}
]
}

71
CVE-2023/CVE-2023-514xx/CVE-2023-51459.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-51459",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-12-20T14:15:22.043",
"lastModified": "2023-12-20T14:33:33.880",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-27T18:43:46.757",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser."
},
{
"lang": "es",
"value": "Las versiones 6.5.18 y anteriores de Adobe Experience Manager se ven afectadas por una vulnerabilidad de Cross-Site Scripting (XSS) reflejado. Si un atacante con pocos privilegios puede convencer a una v\u00edctima para que visite una URL que hace referencia a una p\u00e1gina vulnerable, se puede ejecutar contenido JavaScript malicioso dentro del contexto del navegador de la v\u00edctima."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
@ -46,10 +70,47 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html",
"source": "psirt@adobe.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.5.18.0",
"matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*",
"versionEndExcluding": "2023.11.0",
"matchCriteriaId": "7562BF4F-8ACB-4EEE-A042-74855AC5DA14"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html",
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-514xx/CVE-2023-51460.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-51460",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-12-20T14:15:22.240",
"lastModified": "2023-12-20T14:33:33.880",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-27T18:44:08.557",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field."
},
{
"lang": "es",
"value": "Las versiones 6.5.18 y anteriores de Adobe Experience Manager se ven afectadas por una vulnerabilidad de Cross-Site Scripting (XSS) almacenado que podr\u00eda ser aprovechada por un atacante con pocos privilegios para inyectar scripts maliciosos en campos de formulario vulnerables. Se puede ejecutar JavaScript malicioso en el navegador de la v\u00edctima cuando navega a la p\u00e1gina que contiene el campo vulnerable."
}
],
"metrics": {
@ -46,10 +50,47 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html",
"source": "psirt@adobe.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.5.18.0",
"matchCriteriaId": "FA275504-C2EE-42D5-AC1B-01DC1DAC1CA1"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:aem_cloud_service:*:*:*",
"versionEndExcluding": "2023.11.0",
"matchCriteriaId": "7562BF4F-8ACB-4EEE-A042-74855AC5DA14"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html",
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-516xx/CVE-2023-51664.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2023-51664",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-27T17:15:08.340",
"lastModified": "2023-12-27T18:24:09.770",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "tj-actions/changed-files is a Github action to retrieve all files and directories. Prior to 41.0.0, the `tj-actions/changed-files` workflow allows for command injection in changed filenames, allowing an attacker to execute arbitrary code and potentially leak secrets. This issue may lead to arbitrary command execution in the GitHub Runner. This vulnerability has been addressed in version 41.0.0. Users are advised to upgrade."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://github.com/tj-actions/changed-files/commit/0102c07446a3cad972f4afcbd0ee4dbc4b6d2d1b",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/tj-actions/changed-files/commit/716b1e13042866565e00e85fd4ec490e186c4a2f",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/tj-actions/changed-files/commit/ff2f6e6b91913a7be42be1b5917330fe442f2ede",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/tj-actions/changed-files/security/advisories/GHSA-mcph-m25j-8j63",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2023/CVE-2023-516xx/CVE-2023-51665.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-51665",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-27T18:15:23.267",
"lastModified": "2023-12-27T18:24:09.770",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.7.0, Audiobookshelf is vulnerable to unauthenticated blind server-side request (SSRF) vulnerability in Auth.js. This vulnerability has been addressed in version 2.7.0. There are no known workarounds for this vulnerability.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://github.com/advplyr/audiobookshelf/commit/728496010cbfcee5b7b54001c9f79e02ede30d82",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/advplyr/audiobookshelf/security/advisories/GHSA-gjgj-98v3-47pg",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2023/CVE-2023-516xx/CVE-2023-51697.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-51697",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-27T18:15:23.487",
"lastModified": "2023-12-27T18:24:09.770",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.7.0, Audiobookshelf is vulnerable to unauthenticated blind server-side request (SSRF) vulnerability in `podcastUtils.js`. This vulnerability has been addressed in version 2.7.0. There are no known workarounds for this vulnerability.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://github.com/advplyr/audiobookshelf/commit/f2f2ea161ca0701e1405e737b0df0f96296e4f64",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/advplyr/audiobookshelf/security/advisories/GHSA-jhjx-c3wx-q2x7",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2023/CVE-2023-517xx/CVE-2023-51700.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-51700",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-27T18:15:23.700",
"lastModified": "2023-12-27T18:24:09.770",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Unofficial Mobile BankID Integration for WordPress lets users employ Mobile BankID to authenticate themselves on your WordPress site. Prior to 1.0.1, WP-Mobile-BankID-Integration is affected by a vulnerability classified as a Deserialization of Untrusted Data vulnerability, specifically impacting scenarios where an attacker can manipulate the database. If unauthorized actors gain access to the database, they could exploit this vulnerability to execute object injection attacks. This could lead to unauthorized code execution, data manipulation, or data exfiltration within the WordPress environment. Users of the plugin should upgrade to version 1.0.1 (or later), where the serialization and deserialization of OrderResponse objects have been switched out to an array stored as JSON. A possible workaround for users unable to upgrade immediately is to enforce stricter access controls on the database, ensuring that only trusted and authorized entities can modify data. Additionally, implementing monitoring tools to detect unusual database activities could help identify and mitigate potential exploitation attempts.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://github.com/jamieblomerus/WP-Mobile-BankID-Integration/commit/8251c6298a995ccf4f26c43f03ed11a275dd0c5f",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/jamieblomerus/WP-Mobile-BankID-Integration/security/advisories/GHSA-pqwp-qrp7-grg4",
"source": "security-advisories@github.com"
}
]
}

8
CVE-2023/CVE-2023-520xx/CVE-2023-52096.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-52096",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-26T23:15:07.947",
"lastModified": "2023-12-26T23:15:07.947",
"vulnStatus": "Received",
"lastModified": "2023-12-27T18:24:09.770",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "SteVe Community ocpp-jaxb before 0.0.8 generates invalid timestamps such as ones with month 00 in certain situations (such as when an application receives a StartTransaction Open Charge Point Protocol message with a timestamp parameter of 1000000). This may lead to a SQL exception in applications, and may undermine the integrity of transaction records."
},
{
"lang": "es",
"value": "SteVe Community ocpp-jaxb anterior a 0.0.8 genera marcas de tiempo no v\u00e1lidas, como las del mes 00 en determinadas situaciones (como cuando una aplicaci\u00f3n recibe un Open Charge Point Protocol de StartTransaction con un par\u00e1metro de marca de tiempo de 1000000). Esto puede provocar una excepci\u00f3n de SQL en las aplicaciones y puede socavar la integridad de los registros de transacciones."
}
],
"metrics": {},

479
CVE-2023/CVE-2023-56xx/CVE-2023-5629.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-5629",
"sourceIdentifier": "cybersecurity@se.com",
"published": "2023-12-14T05:15:12.463",
"lastModified": "2023-12-14T13:52:06.780",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-27T18:45:15.347",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\nA CWE-601:URL Redirection to Untrusted Site (\u2018Open Redirect\u2019) vulnerability exists that could\ncause disclosure of information through phishing attempts over HTTP.\n\n"
},
{
"lang": "es",
"value": "Existe una vulnerabilidad CWE-601: Redirecci\u00f3n de URL a un sitio que no es de confianza (\"Open Redirect\") que podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n mediante intentos de phishing a trav\u00e9s de HTTP."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cybersecurity@se.com",
"type": "Secondary",
@ -46,10 +70,455 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-346-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-346-01.pdf",
"source": "cybersecurity@se.com"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:eb450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21062F1C-3DFF-423E-B877-9EC4A7512C8F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:eb450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93C4743E-EA8F-41F7-B927-59119186EE58"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:eb45e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F87662D7-090B-4102-97EA-953E82EDC6D7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:eb45e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F330AF13-C6E6-4BC3-80B1-717D755CB304"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:eh450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02F28552-804B-4E93-9C0B-459432F4C7D5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:eh450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2A3352D-B514-4A6F-88F9-B22FC87B223A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:eh45e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "030A8208-5ABB-4F4D-BF37-70A8FB0F99E6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:eh45e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C624E8B-75CF-4176-B74B-1132B4CBDB65"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:er450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "944C4A5F-5CBA-4169-8ED9-DC3BAF5EEC04"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:er450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70F26352-CB68-4674-B71F-697E86D36217"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:er45e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A097E0-13E2-45F2-AF8E-E5EA4D1AEE7D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:er45e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59E1DDCC-E95A-4FBF-99AD-3225DD03C0F1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:jr240_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "644B0D04-1D2B-42BF-A43F-9155DE63BCE4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:jr240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CAB2776-BC11-4CD5-B0AE-EFCB89D04C86"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:jr900_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36FE5F9E-FDA4-40C6-82A5-27CAA02B3D04"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:jr900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D30DB44F-D82C-4072-82EF-9BC9D2EC27C5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:qr450_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.7.0",
"matchCriteriaId": "C186BF8E-C108-4689-A34A-324A95CF589F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:qr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC2441EF-2DD9-4174-8421-3F521F96CE1F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:qr150_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.7.0",
"matchCriteriaId": "50B32D14-79D7-45FB-8C11-7B95B37083A1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:qr150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49302836-DFBE-454A-AB83-4638CB684BF1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:qb450_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.7.0",
"matchCriteriaId": "74F7A88E-A0BB-43B5-B54F-385A02790FE3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:qb450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "004A77A5-5E91-4EDA-A10D-F03932B2A873"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:qb150_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.7.0",
"matchCriteriaId": "67092820-EB7F-475C-903D-9A0B0AF34CD9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:qb150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D82FD907-1946-4E02-9AAE-749D8DDF766D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:qp450_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.7.0",
"matchCriteriaId": "8F7B149E-AA67-4F69-A620-385AEB48832A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:qp450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FE6FD95-99FA-4A74-840F-D3E32FF48166"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:qp150_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.7.0",
"matchCriteriaId": "FF6C3BE6-A707-4779-AE91-A6993994627E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:qp150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BE803BD-F5A3-4BB4-995B-02E395E667F5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:qh450_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.7.0",
"matchCriteriaId": "BEF6A365-9AF7-4D1C-ACBF-C607EB78F0AC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:qh450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0AA4D76-E32C-4EE5-B36F-6DF1827B35DF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:qh150_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.7.0",
"matchCriteriaId": "7F4EA25C-AD2C-4610-8159-5A4FA8F1F008"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:qh150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A5ABB78-4B7E-4C24-BA89-8798059B3B56"
}
]
}
]
}
],
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-346-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-346-01.pdf",
"source": "cybersecurity@se.com",
"tags": [
"Vendor Advisory"
]
}
]
}

479
CVE-2023/CVE-2023-56xx/CVE-2023-5630.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-5630",
"sourceIdentifier": "cybersecurity@se.com",
"published": "2023-12-14T05:15:13.663",
"lastModified": "2023-12-14T13:52:06.780",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-27T18:45:36.387",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\n\n\nA CWE-494: Download of Code Without Integrity Check vulnerability exists that could allow a\nprivileged user to install an untrusted firmware.\n\n\n\n"
},
{
"lang": "es",
"value": "Existe una vulnerabilidad CWE-494: Descarga de c\u00f3digo sin verificaci\u00f3n de integridad que podr\u00eda permitir a un usuario privilegiado instalar un firmware que no es de confianza."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "cybersecurity@se.com",
"type": "Secondary",
@ -46,10 +70,455 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-346-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-346-01.pdf",
"source": "cybersecurity@se.com"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:eb450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21062F1C-3DFF-423E-B877-9EC4A7512C8F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:eb450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93C4743E-EA8F-41F7-B927-59119186EE58"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:eb45e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F87662D7-090B-4102-97EA-953E82EDC6D7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:eb45e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F330AF13-C6E6-4BC3-80B1-717D755CB304"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:eh450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02F28552-804B-4E93-9C0B-459432F4C7D5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:eh450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2A3352D-B514-4A6F-88F9-B22FC87B223A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:eh45e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "030A8208-5ABB-4F4D-BF37-70A8FB0F99E6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:eh45e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C624E8B-75CF-4176-B74B-1132B4CBDB65"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:er450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "944C4A5F-5CBA-4169-8ED9-DC3BAF5EEC04"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:er450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70F26352-CB68-4674-B71F-697E86D36217"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:er45e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A097E0-13E2-45F2-AF8E-E5EA4D1AEE7D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:er45e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59E1DDCC-E95A-4FBF-99AD-3225DD03C0F1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:jr240_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "644B0D04-1D2B-42BF-A43F-9155DE63BCE4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:jr240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CAB2776-BC11-4CD5-B0AE-EFCB89D04C86"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:jr900_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36FE5F9E-FDA4-40C6-82A5-27CAA02B3D04"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:jr900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D30DB44F-D82C-4072-82EF-9BC9D2EC27C5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:qr450_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.7.0",
"matchCriteriaId": "C186BF8E-C108-4689-A34A-324A95CF589F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:qr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC2441EF-2DD9-4174-8421-3F521F96CE1F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:qr150_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.7.0",
"matchCriteriaId": "50B32D14-79D7-45FB-8C11-7B95B37083A1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:qr150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49302836-DFBE-454A-AB83-4638CB684BF1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:qb450_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.7.0",
"matchCriteriaId": "74F7A88E-A0BB-43B5-B54F-385A02790FE3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:qb450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "004A77A5-5E91-4EDA-A10D-F03932B2A873"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:qb150_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.7.0",
"matchCriteriaId": "67092820-EB7F-475C-903D-9A0B0AF34CD9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:qb150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D82FD907-1946-4E02-9AAE-749D8DDF766D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:qp450_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.7.0",
"matchCriteriaId": "8F7B149E-AA67-4F69-A620-385AEB48832A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:qp450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FE6FD95-99FA-4A74-840F-D3E32FF48166"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:qp150_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.7.0",
"matchCriteriaId": "FF6C3BE6-A707-4779-AE91-A6993994627E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:qp150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BE803BD-F5A3-4BB4-995B-02E395E667F5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:qh450_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.7.0",
"matchCriteriaId": "BEF6A365-9AF7-4D1C-ACBF-C607EB78F0AC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:qh450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0AA4D76-E32C-4EE5-B36F-6DF1827B35DF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:qh150_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.7.0",
"matchCriteriaId": "7F4EA25C-AD2C-4610-8159-5A4FA8F1F008"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:qh150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A5ABB78-4B7E-4C24-BA89-8798059B3B56"
}
]
}
]
}
],
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-346-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-346-01.pdf",
"source": "cybersecurity@se.com",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-61xx/CVE-2023-6190.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-6190",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2023-12-27T15:15:45.900",
"lastModified": "2023-12-27T15:15:45.900",
"vulnStatus": "Received",
"lastModified": "2023-12-27T18:24:09.770",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Input Validation vulnerability in \u0130zmir Katip \u00c7elebi University University Information Management System allows Absolute Path Traversal.This issue affects University Information Management System: before 30.11.2023.\n\n"
"value": "Improper Input Validation vulnerability in ?zmir Katip \u00c7elebi University University Information Management System allows Absolute Path Traversal.This issue affects University Information Management System: before 30.11.2023.\n\n"
}
],
"metrics": {

286
CVE-2023/CVE-2023-65xx/CVE-2023-6563.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-6563",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-12-14T18:15:45.540",
"lastModified": "2023-12-14T22:15:44.303",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-27T18:49:44.490",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An unconstrained memory consumption vulnerability was discovered in Keycloak. It can be triggered in environments which have millions of offline tokens (> 500,000 users with each having at least 2 saved sessions). If an attacker creates two or more user sessions and then open the \"consents\" tab of the admin User Interface, the UI attempts to load a huge number of offline client sessions leading to excessive memory and CPU consumption which could potentially crash the entire system."
},
{
"lang": "es",
"value": "Se descubri\u00f3 una vulnerabilidad de consumo de memoria sin restricciones en Keycloak. Se puede activar en entornos que tienen millones de tokens fuera de l\u00ednea (&gt; 500.000 usuarios, cada uno con al menos 2 sesiones guardadas). Si un atacante crea dos o m\u00e1s sesiones de usuario y luego abre la pesta\u00f1a \"consentimientos\" de la interfaz de usuario del administrador, la interfaz de usuario intenta cargar una gran cantidad de sesiones de clientes fuera de l\u00ednea, lo que genera un consumo excesivo de memoria y CPU, lo que potencialmente podr\u00eda bloquear todo el sistema."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -46,38 +80,228 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:7854",
"source": "secalert@redhat.com"
},
"nodes": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:7855",
"source": "secalert@redhat.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:7856",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7857",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7858",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6563",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253308",
"source": "secalert@redhat.com"
},
{
"url": "https://github.com/keycloak/keycloak/issues/13340",
"source": "secalert@redhat.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*",
"versionEndExcluding": "21.0.0",
"matchCriteriaId": "DD663F41-3B6D-4AF0-9ABA-1F3BF292C632"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:single_sign-on:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2DEC61BC-E699-456E-99B6-C049F2A5F23F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:single_sign-on:-:*:*:*:text-only:*:*:*",
"matchCriteriaId": "341E6313-20D5-44CB-9719-B20585DC5AD6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EA983F8C-3A06-450A-AEFF-9429DE9A3454"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "40449571-22F8-44FA-B57B-B43F71AB25E2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "30E2CF79-2D56-48AB-952E-5DDAFE471073"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "54E24055-813B-4E6D-94B7-FAD5F78B8537"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_linuxone:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8C519B1A-1CD6-426C-9339-F28E4FEF581B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_linuxone:4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "91EE3858-A648-44B4-B282-8F808D88D3B9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:7854",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7855",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7856",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7857",
"source": "secalert@redhat.com",
"tags": [
"Exploit"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7858",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6563",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253308",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://github.com/keycloak/keycloak/issues/13340",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
]
}
]
}

4
CVE-2023/CVE-2023-71xx/CVE-2023-7116.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7116",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-27T16:15:13.580",
"lastModified": "2023-12-27T16:15:13.580",
"vulnStatus": "Received",
"lastModified": "2023-12-27T18:24:09.770",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

70
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-12-27T17:00:24.984657+00:00
2023-12-27T19:00:24.767863+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-12-27T16:49:50.117000+00:00
2023-12-27T18:59:12.027000+00:00
```
### Last Data Feed Release
@ -29,48 +29,50 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
234278
234284
```
### CVEs added in the last Commit
Recently added CVEs: `4`
Recently added CVEs: `6`
* [CVE-2023-6190](CVE-2023/CVE-2023-61xx/CVE-2023-6190.json) (`2023-12-27T15:15:45.900`)
* [CVE-2023-3171](CVE-2023/CVE-2023-31xx/CVE-2023-3171.json) (`2023-12-27T16:15:13.103`)
* [CVE-2023-4641](CVE-2023/CVE-2023-46xx/CVE-2023-4641.json) (`2023-12-27T16:15:13.363`)
* [CVE-2023-7116](CVE-2023/CVE-2023-71xx/CVE-2023-7116.json) (`2023-12-27T16:15:13.580`)
* [CVE-2023-50255](CVE-2023/CVE-2023-502xx/CVE-2023-50255.json) (`2023-12-27T17:15:07.847`)
* [CVE-2023-51443](CVE-2023/CVE-2023-514xx/CVE-2023-51443.json) (`2023-12-27T17:15:08.093`)
* [CVE-2023-51664](CVE-2023/CVE-2023-516xx/CVE-2023-51664.json) (`2023-12-27T17:15:08.340`)
* [CVE-2023-51665](CVE-2023/CVE-2023-516xx/CVE-2023-51665.json) (`2023-12-27T18:15:23.267`)
* [CVE-2023-51697](CVE-2023/CVE-2023-516xx/CVE-2023-51697.json) (`2023-12-27T18:15:23.487`)
* [CVE-2023-51700](CVE-2023/CVE-2023-517xx/CVE-2023-51700.json) (`2023-12-27T18:15:23.700`)
### CVEs modified in the last Commit
Recently modified CVEs: `33`
Recently modified CVEs: `27`
* [CVE-2014-3639](CVE-2014/CVE-2014-36xx/CVE-2014-3639.json) (`2023-12-27T16:36:58.353`)
* [CVE-2014-3636](CVE-2014/CVE-2014-36xx/CVE-2014-3636.json) (`2023-12-27T16:36:58.353`)
* [CVE-2014-7824](CVE-2014/CVE-2014-78xx/CVE-2014-7824.json) (`2023-12-27T16:36:58.353`)
* [CVE-2015-1197](CVE-2015/CVE-2015-11xx/CVE-2015-1197.json) (`2023-12-27T15:15:43.853`)
* [CVE-2015-0245](CVE-2015/CVE-2015-02xx/CVE-2015-0245.json) (`2023-12-27T16:36:58.353`)
* [CVE-2018-8088](CVE-2018/CVE-2018-80xx/CVE-2018-8088.json) (`2023-12-27T15:15:44.463`)
* [CVE-2019-10158](CVE-2019/CVE-2019-101xx/CVE-2019-10158.json) (`2023-12-27T15:15:44.750`)
* [CVE-2019-3773](CVE-2019/CVE-2019-37xx/CVE-2019-3773.json) (`2023-12-27T15:15:44.890`)
* [CVE-2020-35512](CVE-2020/CVE-2020-355xx/CVE-2020-35512.json) (`2023-12-27T16:36:58.353`)
* [CVE-2022-42010](CVE-2022/CVE-2022-420xx/CVE-2022-42010.json) (`2023-12-27T16:49:29.303`)
* [CVE-2022-42012](CVE-2022/CVE-2022-420xx/CVE-2022-42012.json) (`2023-12-27T16:49:43.400`)
* [CVE-2022-42011](CVE-2022/CVE-2022-420xx/CVE-2022-42011.json) (`2023-12-27T16:49:50.117`)
* [CVE-2023-28491](CVE-2023/CVE-2023-284xx/CVE-2023-28491.json) (`2023-12-27T15:04:11.497`)
* [CVE-2023-28788](CVE-2023/CVE-2023-287xx/CVE-2023-28788.json) (`2023-12-27T15:04:40.417`)
* [CVE-2023-26525](CVE-2023/CVE-2023-265xx/CVE-2023-26525.json) (`2023-12-27T15:05:36.660`)
* [CVE-2023-48231](CVE-2023/CVE-2023-482xx/CVE-2023-48231.json) (`2023-12-27T15:15:45.050`)
* [CVE-2023-48232](CVE-2023/CVE-2023-482xx/CVE-2023-48232.json) (`2023-12-27T15:15:45.190`)
* [CVE-2023-48233](CVE-2023/CVE-2023-482xx/CVE-2023-48233.json) (`2023-12-27T15:15:45.297`)
* [CVE-2023-48234](CVE-2023/CVE-2023-482xx/CVE-2023-48234.json) (`2023-12-27T15:15:45.393`)
* [CVE-2023-48235](CVE-2023/CVE-2023-482xx/CVE-2023-48235.json) (`2023-12-27T15:15:45.493`)
* [CVE-2023-48236](CVE-2023/CVE-2023-482xx/CVE-2023-48236.json) (`2023-12-27T15:15:45.593`)
* [CVE-2023-48237](CVE-2023/CVE-2023-482xx/CVE-2023-48237.json) (`2023-12-27T15:15:45.693`)
* [CVE-2023-5954](CVE-2023/CVE-2023-59xx/CVE-2023-5954.json) (`2023-12-27T15:15:45.790`)
* [CVE-2023-34969](CVE-2023/CVE-2023-349xx/CVE-2023-34969.json) (`2023-12-27T16:36:58.353`)
* [CVE-2023-29432](CVE-2023/CVE-2023-294xx/CVE-2023-29432.json) (`2023-12-27T16:45:43.877`)
* [CVE-2023-49166](CVE-2023/CVE-2023-491xx/CVE-2023-49166.json) (`2023-12-27T17:04:38.483`)
* [CVE-2023-49269](CVE-2023/CVE-2023-492xx/CVE-2023-49269.json) (`2023-12-27T17:17:44.617`)
* [CVE-2023-29096](CVE-2023/CVE-2023-290xx/CVE-2023-29096.json) (`2023-12-27T17:32:59.767`)
* [CVE-2023-47146](CVE-2023/CVE-2023-471xx/CVE-2023-47146.json) (`2023-12-27T17:50:55.147`)
* [CVE-2023-45172](CVE-2023/CVE-2023-451xx/CVE-2023-45172.json) (`2023-12-27T17:51:23.967`)
* [CVE-2023-42012](CVE-2023/CVE-2023-420xx/CVE-2023-42012.json) (`2023-12-27T18:09:34.133`)
* [CVE-2023-42013](CVE-2023/CVE-2023-420xx/CVE-2023-42013.json) (`2023-12-27T18:18:23.723`)
* [CVE-2023-48003](CVE-2023/CVE-2023-480xx/CVE-2023-48003.json) (`2023-12-27T18:24:09.770`)
* [CVE-2023-49438](CVE-2023/CVE-2023-494xx/CVE-2023-49438.json) (`2023-12-27T18:24:09.770`)
* [CVE-2023-52096](CVE-2023/CVE-2023-520xx/CVE-2023-52096.json) (`2023-12-27T18:24:09.770`)
* [CVE-2023-6190](CVE-2023/CVE-2023-61xx/CVE-2023-6190.json) (`2023-12-27T18:24:09.770`)
* [CVE-2023-3171](CVE-2023/CVE-2023-31xx/CVE-2023-3171.json) (`2023-12-27T18:24:09.770`)
* [CVE-2023-4641](CVE-2023/CVE-2023-46xx/CVE-2023-4641.json) (`2023-12-27T18:24:09.770`)
* [CVE-2023-7116](CVE-2023/CVE-2023-71xx/CVE-2023-7116.json) (`2023-12-27T18:24:09.770`)
* [CVE-2023-48050](CVE-2023/CVE-2023-480xx/CVE-2023-48050.json) (`2023-12-27T18:36:33.847`)
* [CVE-2023-50715](CVE-2023/CVE-2023-507xx/CVE-2023-50715.json) (`2023-12-27T18:39:30.170`)
* [CVE-2023-49786](CVE-2023/CVE-2023-497xx/CVE-2023-49786.json) (`2023-12-27T18:40:36.307`)
* [CVE-2023-47161](CVE-2023/CVE-2023-471xx/CVE-2023-47161.json) (`2023-12-27T18:41:28.277`)
* [CVE-2023-51459](CVE-2023/CVE-2023-514xx/CVE-2023-51459.json) (`2023-12-27T18:43:46.757`)
* [CVE-2023-51460](CVE-2023/CVE-2023-514xx/CVE-2023-51460.json) (`2023-12-27T18:44:08.557`)
* [CVE-2023-5629](CVE-2023/CVE-2023-56xx/CVE-2023-5629.json) (`2023-12-27T18:45:15.347`)
* [CVE-2023-5630](CVE-2023/CVE-2023-56xx/CVE-2023-5630.json) (`2023-12-27T18:45:36.387`)
* [CVE-2023-6563](CVE-2023/CVE-2023-65xx/CVE-2023-6563.json) (`2023-12-27T18:49:44.490`)
* [CVE-2023-42015](CVE-2023/CVE-2023-420xx/CVE-2023-42015.json) (`2023-12-27T18:52:58.957`)
* [CVE-2023-50979](CVE-2023/CVE-2023-509xx/CVE-2023-50979.json) (`2023-12-27T18:59:12.027`)
## Download and Usage