diff --git a/CVE-2020/CVE-2020-221xx/CVE-2020-22151.json b/CVE-2020/CVE-2020-221xx/CVE-2020-22151.json new file mode 100644 index 00000000000..119d398633d --- /dev/null +++ b/CVE-2020/CVE-2020-221xx/CVE-2020-22151.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-22151", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-03T21:15:09.240", + "lastModified": "2023-07-03T21:15:09.240", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Permissions vulnerability in Fuel-CMS v.1.4.6 allows a remote attacker to execute arbitrary code via a crafted zip file to the assests parameter of the upload function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/daylightstudio/FUEL-CMS/issues/551", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-221xx/CVE-2020-22152.json b/CVE-2020/CVE-2020-221xx/CVE-2020-22152.json new file mode 100644 index 00000000000..b7ed9345b5a --- /dev/null +++ b/CVE-2020/CVE-2020-221xx/CVE-2020-22152.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-22152", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-03T21:15:09.293", + "lastModified": "2023-07-03T21:15:09.293", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Scripting vulnerability in daylight studio FUEL- CMS v.1.4.6 allows a remote attacker to execute arbitrary code via the page title, meta description and meta keywords of the pages function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/daylightstudio/FUEL-CMS/issues/552", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-221xx/CVE-2020-22153.json b/CVE-2020/CVE-2020-221xx/CVE-2020-22153.json new file mode 100644 index 00000000000..7dafc893f48 --- /dev/null +++ b/CVE-2020/CVE-2020-221xx/CVE-2020-22153.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-22153", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-03T21:15:09.340", + "lastModified": "2023-07-03T21:15:09.340", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "File Upload vulnerability in FUEL-CMS v.1.4.6 allows a remote attacker to execute arbitrary code via a crafted .php file to the upload parameter in the navigation function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/daylightstudio/FUEL-CMS/issues/553", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-225xx/CVE-2020-22597.json b/CVE-2020/CVE-2020-225xx/CVE-2020-22597.json new file mode 100644 index 00000000000..39cd50caea2 --- /dev/null +++ b/CVE-2020/CVE-2020-225xx/CVE-2020-22597.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-22597", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-03T21:15:09.383", + "lastModified": "2023-07-03T21:15:09.383", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue in Jerrscript- project Jerryscrip v. 2.3.0 allows a remote attacker to execute arbitrary code via the ecma_builtin_array_prototype_object_slice parameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/jerryscript-project/jerryscript/issues/3637", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-218xx/CVE-2022-21816.json b/CVE-2022/CVE-2022-218xx/CVE-2022-21816.json index 48c5936f95a..a2a37860881 100644 --- a/CVE-2022/CVE-2022-218xx/CVE-2022-21816.json +++ b/CVE-2022/CVE-2022-218xx/CVE-2022-21816.json @@ -2,7 +2,7 @@ "id": "CVE-2022-21816", "sourceIdentifier": "psirt@nvidia.com", "published": "2022-02-07T20:15:07.943", - "lastModified": "2022-09-03T03:54:17.577", + "lastModified": "2023-07-03T20:35:17.977", "vulnStatus": "Analyzed", "descriptions": [ { @@ -90,7 +90,7 @@ "description": [ { "lang": "en", - "value": "NVD-CWE-noinfo" + "value": "CWE-306" } ] }, diff --git a/CVE-2022/CVE-2022-218xx/CVE-2022-21817.json b/CVE-2022/CVE-2022-218xx/CVE-2022-21817.json index 24ed34e6d78..e0514213462 100644 --- a/CVE-2022/CVE-2022-218xx/CVE-2022-21817.json +++ b/CVE-2022/CVE-2022-218xx/CVE-2022-21817.json @@ -2,7 +2,7 @@ "id": "CVE-2022-21817", "sourceIdentifier": "psirt@nvidia.com", "published": "2022-02-02T13:15:08.340", - "lastModified": "2022-02-07T16:03:16.460", + "lastModified": "2023-07-03T20:34:54.417", "vulnStatus": "Analyzed", "descriptions": [ { @@ -70,7 +70,7 @@ "description": [ { "lang": "en", - "value": "CWE-668" + "value": "CWE-426" } ] } diff --git a/CVE-2022/CVE-2022-237xx/CVE-2022-23708.json b/CVE-2022/CVE-2022-237xx/CVE-2022-23708.json index d07614204e5..7b304194a55 100644 --- a/CVE-2022/CVE-2022-237xx/CVE-2022-23708.json +++ b/CVE-2022/CVE-2022-237xx/CVE-2022-23708.json @@ -2,7 +2,7 @@ "id": "CVE-2022-23708", "sourceIdentifier": "bressers@elastic.co", "published": "2022-03-03T22:15:08.800", - "lastModified": "2022-11-09T21:38:27.293", + "lastModified": "2023-07-03T20:34:44.583", "vulnStatus": "Analyzed", "descriptions": [ { @@ -70,7 +70,7 @@ "description": [ { "lang": "en", - "value": "CWE-269" + "value": "NVD-CWE-Other" } ] }, diff --git a/CVE-2022/CVE-2022-237xx/CVE-2022-23714.json b/CVE-2022/CVE-2022-237xx/CVE-2022-23714.json index f04d2ca8e37..8968d634beb 100644 --- a/CVE-2022/CVE-2022-237xx/CVE-2022-23714.json +++ b/CVE-2022/CVE-2022-237xx/CVE-2022-23714.json @@ -2,7 +2,7 @@ "id": "CVE-2022-23714", "sourceIdentifier": "bressers@elastic.co", "published": "2022-07-06T14:15:18.460", - "lastModified": "2022-07-14T18:04:27.113", + "lastModified": "2023-07-03T20:34:29.593", "vulnStatus": "Analyzed", "descriptions": [ { @@ -70,7 +70,7 @@ "description": [ { "lang": "en", - "value": "CWE-269" + "value": "NVD-CWE-noinfo" } ] }, diff --git a/CVE-2022/CVE-2022-237xx/CVE-2022-23719.json b/CVE-2022/CVE-2022-237xx/CVE-2022-23719.json index 163651f0b34..6a4f15fda8f 100644 --- a/CVE-2022/CVE-2022-237xx/CVE-2022-23719.json +++ b/CVE-2022/CVE-2022-237xx/CVE-2022-23719.json @@ -2,7 +2,7 @@ "id": "CVE-2022-23719", "sourceIdentifier": "responsible-disclosure@pingidentity.com", "published": "2022-06-30T20:15:08.310", - "lastModified": "2022-07-11T19:15:52.617", + "lastModified": "2023-07-03T20:34:16.163", "vulnStatus": "Analyzed", "descriptions": [ { @@ -90,7 +90,7 @@ "description": [ { "lang": "en", - "value": "CWE-287" + "value": "CWE-306" } ] }, diff --git a/CVE-2022/CVE-2022-237xx/CVE-2022-23727.json b/CVE-2022/CVE-2022-237xx/CVE-2022-23727.json index fe09920a518..1422865dfd3 100644 --- a/CVE-2022/CVE-2022-237xx/CVE-2022-23727.json +++ b/CVE-2022/CVE-2022-237xx/CVE-2022-23727.json @@ -2,7 +2,7 @@ "id": "CVE-2022-23727", "sourceIdentifier": "product.security@lge.com", "published": "2022-01-28T20:15:12.913", - "lastModified": "2022-02-03T19:48:14.520", + "lastModified": "2023-07-03T20:34:03.637", "vulnStatus": "Analyzed", "descriptions": [ { @@ -70,7 +70,7 @@ "description": [ { "lang": "en", - "value": "CWE-269" + "value": "NVD-CWE-noinfo" } ] } diff --git a/CVE-2022/CVE-2022-237xx/CVE-2022-23730.json b/CVE-2022/CVE-2022-237xx/CVE-2022-23730.json index f26f3b7eeb5..275cf254d5b 100644 --- a/CVE-2022/CVE-2022-237xx/CVE-2022-23730.json +++ b/CVE-2022/CVE-2022-237xx/CVE-2022-23730.json @@ -2,7 +2,7 @@ "id": "CVE-2022-23730", "sourceIdentifier": "product.security@lge.com", "published": "2022-03-11T18:15:32.000", - "lastModified": "2022-03-18T20:17:58.480", + "lastModified": "2023-07-03T20:33:45.863", "vulnStatus": "Analyzed", "descriptions": [ { @@ -70,7 +70,7 @@ "description": [ { "lang": "en", - "value": "CWE-863" + "value": "NVD-CWE-Other" } ] }, diff --git a/CVE-2022/CVE-2022-247xx/CVE-2022-24719.json b/CVE-2022/CVE-2022-247xx/CVE-2022-24719.json index 02681680f4a..a47d570beec 100644 --- a/CVE-2022/CVE-2022-247xx/CVE-2022-24719.json +++ b/CVE-2022/CVE-2022-247xx/CVE-2022-24719.json @@ -2,7 +2,7 @@ "id": "CVE-2022-24719", "sourceIdentifier": "security-advisories@github.com", "published": "2022-03-01T21:15:07.923", - "lastModified": "2022-03-14T18:46:35.930", + "lastModified": "2023-07-03T20:33:34.237", "vulnStatus": "Analyzed", "descriptions": [ { @@ -90,7 +90,7 @@ "description": [ { "lang": "en", - "value": "CWE-601" + "value": "CWE-212" } ] }, @@ -114,13 +114,13 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:fluture-node_project:fluture-node:4.0.0:*:*:*:*:*:*:*", - "matchCriteriaId": "45C6924D-F90A-4129-AF75-420DF6FB9A5F" + "criteria": "cpe:2.3:a:fluture-node_project:fluture-node:4.0.0:*:*:*:*:node.js:*:*", + "matchCriteriaId": "9E134C6B-520E-4721-92D9-C128A97DD5D7" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:fluture-node_project:fluture-node:4.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "7C01C43F-7542-4990-8644-E70043810F16" + "criteria": "cpe:2.3:a:fluture-node_project:fluture-node:4.0.1:*:*:*:*:node.js:*:*", + "matchCriteriaId": "EDE49B85-4FA8-45EE-8C14-47E835A658D9" } ] } @@ -132,16 +132,14 @@ "url": "https://github.com/fluture-js/fluture-node/commit/0c99bc511533d48be17dc6bfe641f7d0aeb34d77", "source": "security-advisories@github.com", "tags": [ - "Patch", - "Third Party Advisory" + "Patch" ] }, { "url": "https://github.com/fluture-js/fluture-node/commit/125e4474f910c1507f8ec3232848626fbc0f55c4", "source": "security-advisories@github.com", "tags": [ - "Patch", - "Third Party Advisory" + "Patch" ] }, { @@ -149,7 +147,7 @@ "source": "security-advisories@github.com", "tags": [ "Patch", - "Third Party Advisory" + "Vendor Advisory" ] }, { diff --git a/CVE-2022/CVE-2022-247xx/CVE-2022-24720.json b/CVE-2022/CVE-2022-247xx/CVE-2022-24720.json index ac3ae07b225..d1e605162b1 100644 --- a/CVE-2022/CVE-2022-247xx/CVE-2022-24720.json +++ b/CVE-2022/CVE-2022-247xx/CVE-2022-24720.json @@ -2,7 +2,7 @@ "id": "CVE-2022-24720", "sourceIdentifier": "security-advisories@github.com", "published": "2022-03-01T23:15:08.993", - "lastModified": "2023-02-22T17:49:00.657", + "lastModified": "2023-07-03T20:35:53.343", "vulnStatus": "Analyzed", "descriptions": [ { @@ -85,22 +85,22 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-20" + "value": "NVD-CWE-Other" } ] }, { - "source": "nvd@nist.gov", + "source": "security-advisories@github.com", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-78" + "value": "CWE-20" } ] } diff --git a/CVE-2022/CVE-2022-247xx/CVE-2022-24723.json b/CVE-2022/CVE-2022-247xx/CVE-2022-24723.json index a73648a555a..18cdf50c291 100644 --- a/CVE-2022/CVE-2022-247xx/CVE-2022-24723.json +++ b/CVE-2022/CVE-2022-247xx/CVE-2022-24723.json @@ -2,7 +2,7 @@ "id": "CVE-2022-24723", "sourceIdentifier": "security-advisories@github.com", "published": "2022-03-03T21:15:07.813", - "lastModified": "2022-11-29T15:00:51.357", + "lastModified": "2023-07-03T20:35:47.993", "vulnStatus": "Analyzed", "descriptions": [ { @@ -85,8 +85,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-247xx/CVE-2022-24754.json b/CVE-2022/CVE-2022-247xx/CVE-2022-24754.json index 86ae404472c..825980433a6 100644 --- a/CVE-2022/CVE-2022-247xx/CVE-2022-24754.json +++ b/CVE-2022/CVE-2022-247xx/CVE-2022-24754.json @@ -2,7 +2,7 @@ "id": "CVE-2022-24754", "sourceIdentifier": "security-advisories@github.com", "published": "2022-03-11T20:15:08.873", - "lastModified": "2022-11-16T19:26:42.193", + "lastModified": "2023-07-03T20:35:39.967", "vulnStatus": "Analyzed", "descriptions": [ { @@ -85,22 +85,22 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-120" + "value": "CWE-1284" } ] }, { - "source": "nvd@nist.gov", + "source": "security-advisories@github.com", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-787" + "value": "CWE-120" } ] } diff --git a/CVE-2022/CVE-2022-247xx/CVE-2022-24762.json b/CVE-2022/CVE-2022-247xx/CVE-2022-24762.json index 4e87e008363..f2188db4404 100644 --- a/CVE-2022/CVE-2022-247xx/CVE-2022-24762.json +++ b/CVE-2022/CVE-2022-247xx/CVE-2022-24762.json @@ -2,7 +2,7 @@ "id": "CVE-2022-24762", "sourceIdentifier": "security-advisories@github.com", "published": "2022-03-14T23:15:08.427", - "lastModified": "2022-03-21T18:48:38.580", + "lastModified": "2023-07-03T20:35:28.853", "vulnStatus": "Analyzed", "descriptions": [ { @@ -85,8 +85,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-346" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-41xx/CVE-2022-4115.json b/CVE-2022/CVE-2022-41xx/CVE-2022-4115.json index b4ec5459fb8..54b32582962 100644 --- a/CVE-2022/CVE-2022-41xx/CVE-2022-4115.json +++ b/CVE-2022/CVE-2022-41xx/CVE-2022-4115.json @@ -2,15 +2,38 @@ "id": "CVE-2022-4115", "sourceIdentifier": "contact@wpscan.com", "published": "2023-06-27T14:15:10.077", - "lastModified": "2023-06-27T16:15:38.897", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-03T20:37:29.117", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Editorial Calendar WordPress plugin through 3.7.12 does not sanitise and escape its settings, allowing users with roles as low as contributor to inject arbitrary web scripts in the plugin admin panel, enabling a Stored Cross-Site Scripting vulnerability targeting higher privileged users." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,10 +46,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:editorial_calendar_project:editorial_calendar:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.7.12", + "matchCriteriaId": "A66D4176-1FDA-4F4E-913C-0DAB74158EBC" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/2b5071e1-9532-4a6c-9da4-d07932474ca4", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-05xx/CVE-2023-0588.json b/CVE-2023/CVE-2023-05xx/CVE-2023-0588.json index 735fc0bf79e..589caac423b 100644 --- a/CVE-2023/CVE-2023-05xx/CVE-2023-0588.json +++ b/CVE-2023/CVE-2023-05xx/CVE-2023-0588.json @@ -2,15 +2,38 @@ "id": "CVE-2023-0588", "sourceIdentifier": "contact@wpscan.com", "published": "2023-06-27T14:15:10.150", - "lastModified": "2023-06-27T16:15:38.897", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-03T20:28:13.577", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Catalyst Connect Zoho CRM Client Portal WordPress plugin before 2.1.0 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high-privilege users such as admin." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,10 +46,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:catalystconnect:zoho_crm_client_portal:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.1.0", + "matchCriteriaId": "B80D9973-704C-4832-A8FD-8D13DE7242E8" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/84be272e-0891-461c-91ad-496b64f92f8f", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2326.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2326.json index 0397e44d70e..7412777b1f0 100644 --- a/CVE-2023/CVE-2023-23xx/CVE-2023-2326.json +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2326.json @@ -2,15 +2,38 @@ "id": "CVE-2023-2326", "sourceIdentifier": "contact@wpscan.com", "published": "2023-06-27T14:15:10.600", - "lastModified": "2023-06-27T16:15:38.897", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-03T20:23:43.963", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Gravity Forms Google Sheet Connector WordPress plugin before 1.3.5, gsheetconnector-gravityforms-pro WordPress plugin through 1.3.5 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a CSRF attack" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,10 +46,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gsheetconnector:gravity_forms_google_sheets_connector:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.3.5", + "matchCriteriaId": "CF2C6A01-7557-48D0-A21C-A79D8775247E" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/f922695a-b803-4edf-aadc-80c79d99bebb", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2482.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2482.json index 6e61f04fcbe..bb100d21763 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2482.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2482.json @@ -2,18 +2,41 @@ "id": "CVE-2023-2482", "sourceIdentifier": "contact@wpscan.com", "published": "2023-06-27T14:15:10.663", - "lastModified": "2023-06-27T16:15:38.897", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-03T20:07:45.610", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Responsive CSS EDITOR WordPress plugin through 1.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high-privilege users such as admin." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ { - "source": "contact@wpscan.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -21,12 +44,44 @@ "value": "CWE-89" } ] + }, + { + "source": "contact@wpscan.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpwox:responsive_css_editor:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.0", + "matchCriteriaId": "0B35C7E9-12F6-42F3-8FAA-C1B84ADD9408" + } + ] + } + ] } ], "references": [ { "url": "https://wpscan.com/vulnerability/c0f73781-be7e-482e-91de-ad7991ad4bd5", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-25xx/CVE-2023-2580.json b/CVE-2023/CVE-2023-25xx/CVE-2023-2580.json index 75cb36ffae3..2e5bb93a0c1 100644 --- a/CVE-2023/CVE-2023-25xx/CVE-2023-2580.json +++ b/CVE-2023/CVE-2023-25xx/CVE-2023-2580.json @@ -2,15 +2,38 @@ "id": "CVE-2023-2580", "sourceIdentifier": "contact@wpscan.com", "published": "2023-06-27T14:15:10.730", - "lastModified": "2023-06-27T16:15:38.897", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-03T20:05:34.090", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The AI Engine WordPress plugin before 1.6.83 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup)." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,10 +46,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ai_engine_project:ai_engine:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.6.83", + "matchCriteriaId": "11AC00F2-23A9-48B2-B944-998E0E35C7A0" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/7ee1efb1-9969-40b2-8ab2-ea427091bbd8", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-262xx/CVE-2023-26273.json b/CVE-2023/CVE-2023-262xx/CVE-2023-26273.json index 84db14f55dd..7025678ee45 100644 --- a/CVE-2023/CVE-2023-262xx/CVE-2023-26273.json +++ b/CVE-2023/CVE-2023-262xx/CVE-2023-26273.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26273", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-06-27T18:15:12.640", - "lastModified": "2023-06-27T18:34:43.840", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-03T20:48:51.157", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -46,14 +76,76 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:*", + "matchCriteriaId": "DACA17CC-8B71-4E71-B075-BFFB65AD989C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_1:*:*:*:*:*:*", + "matchCriteriaId": "BA60FDE5-8C40-4C7A-97CF-BA2A64BF307D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_2:*:*:*:*:*:*", + "matchCriteriaId": "AB518E06-00BA-48F3-8AEC-6E1E97CAA2CC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_3:*:*:*:*:*:*", + "matchCriteriaId": "289027A2-178C-45DE-A86F-1207F23D13B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_4:*:*:*:*:*:*", + "matchCriteriaId": "5047AECF-879B-427A-ACF7-ECB10965E1B0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_5:*:*:*:*:*:*", + "matchCriteriaId": "CD448AB8-E3CC-41A1-9D32-B1B35C68FA5C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/248134", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7006083", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2727.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2727.json new file mode 100644 index 00000000000..7e0098a0aaa --- /dev/null +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2727.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-2727", + "sourceIdentifier": "jordan@liggitt.net", + "published": "2023-07-03T21:15:09.480", + "lastModified": "2023-07-03T21:15:09.480", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "jordan@liggitt.net", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "jordan@liggitt.net", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/kubernetes/kubernetes/issues/118640", + "source": "jordan@liggitt.net" + }, + { + "url": "https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8", + "source": "jordan@liggitt.net" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2728.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2728.json new file mode 100644 index 00000000000..6dde46d9ec3 --- /dev/null +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2728.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-2728", + "sourceIdentifier": "jordan@liggitt.net", + "published": "2023-07-03T21:15:09.557", + "lastModified": "2023-07-03T21:15:09.557", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account\u2019s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the `kubernetes.io/enforce-mountable-secrets` annotation are used together with ephemeral containers.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "jordan@liggitt.net", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "jordan@liggitt.net", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/kubernetes/kubernetes/issues/118640", + "source": "jordan@liggitt.net" + }, + { + "url": "https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8", + "source": "jordan@liggitt.net" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-33xx/CVE-2023-3395.json b/CVE-2023/CVE-2023-33xx/CVE-2023-3395.json new file mode 100644 index 00000000000..8117c330b00 --- /dev/null +++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3395.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-3395", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2023-07-03T21:15:10.107", + "lastModified": "2023-07-03T21:15:10.107", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\n?All versions of the TWinSoft Configuration Tool store encrypted passwords as plaintext in memory. An attacker with access to system files could open a file to load the document into memory, including sensitive information associated with document, such as password. The attacker could then obtain the plaintext password by using a memory viewer.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-256" + } + ] + } + ], + "references": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-03", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-359xx/CVE-2023-35925.json b/CVE-2023/CVE-2023-359xx/CVE-2023-35925.json index cd81487a77f..3922220ff95 100644 --- a/CVE-2023/CVE-2023-359xx/CVE-2023-35925.json +++ b/CVE-2023/CVE-2023-359xx/CVE-2023-35925.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35925", "sourceIdentifier": "security-advisories@github.com", "published": "2023-06-23T16:15:09.477", - "lastModified": "2023-06-23T17:21:14.907", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-03T20:46:49.440", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -36,7 +56,7 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,20 +64,57 @@ "value": "CWE-400" } ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intellectualsites:fastasyncworldedit:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.6.3", + "matchCriteriaId": "FC7A135E-1B28-4070-AB2D-14BAC7CD983D" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/IntellectualSites/FastAsyncWorldEdit/pull/2285", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/IntellectualSites/FastAsyncWorldEdit/releases/tag/2.6.3", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/IntellectualSites/FastAsyncWorldEdit/security/advisories/GHSA-whj9-m24x-qhhp", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-361xx/CVE-2023-36162.json b/CVE-2023/CVE-2023-361xx/CVE-2023-36162.json new file mode 100644 index 00000000000..971e1c5a59a --- /dev/null +++ b/CVE-2023/CVE-2023-361xx/CVE-2023-36162.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-36162", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-03T21:15:09.620", + "lastModified": "2023-07-03T21:15:09.620", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Request Forgery vulnerability in ZZCMS v.2023 alows a remote attacker to gain privileges via the add function in adminlist.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://www.zzcms.net/about/download.html", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/forget-code/zzcms/issues/6", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-361xx/CVE-2023-36183.json b/CVE-2023/CVE-2023-361xx/CVE-2023-36183.json new file mode 100644 index 00000000000..f3900a206e5 --- /dev/null +++ b/CVE-2023/CVE-2023-361xx/CVE-2023-36183.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-36183", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-03T21:15:09.663", + "lastModified": "2023-07-03T21:15:09.663", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in OpenImageIO v.2.4.12.0 and before allows a remote to execute arbitrary code and obtain sensitive information via a crafted file to the readimg function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/OpenImageIO/oiio/issues/3871", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-362xx/CVE-2023-36222.json b/CVE-2023/CVE-2023-362xx/CVE-2023-36222.json new file mode 100644 index 00000000000..5e069b4cc1b --- /dev/null +++ b/CVE-2023/CVE-2023-362xx/CVE-2023-36222.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-36222", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-03T21:15:09.707", + "lastModified": "2023-07-03T21:15:09.707", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and before allows a remote attacker to execute arbitrary code via a crafted payload to the comment parameter in the article function." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://bbs-go.com", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/mlogclub/bbs-go", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/mlogclub/bbs-go/issues/206", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-362xx/CVE-2023-36223.json b/CVE-2023/CVE-2023-362xx/CVE-2023-36223.json new file mode 100644 index 00000000000..0e8a3fd7e3a --- /dev/null +++ b/CVE-2023/CVE-2023-362xx/CVE-2023-36223.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-36223", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-03T21:15:09.750", + "lastModified": "2023-07-03T21:15:09.750", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and before allows a remote attacker to execute arbitrary code via a crafted payload to the announcements parameter in the settings function." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://bbs-go.com", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/mlogclub/bbs-go", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/mlogclub/bbs-go/issues/208", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-362xx/CVE-2023-36258.json b/CVE-2023/CVE-2023-362xx/CVE-2023-36258.json new file mode 100644 index 00000000000..df6cf65d54a --- /dev/null +++ b/CVE-2023/CVE-2023-362xx/CVE-2023-36258.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-36258", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-03T21:15:09.797", + "lastModified": "2023-07-03T21:15:09.797", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue in langchain v.0.0.199 allows an attacker to execute arbitrary code via the PALChain in the python exec method." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/hwchase17/langchain/issues/5872", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-362xx/CVE-2023-36262.json b/CVE-2023/CVE-2023-362xx/CVE-2023-36262.json new file mode 100644 index 00000000000..918036e73a6 --- /dev/null +++ b/CVE-2023/CVE-2023-362xx/CVE-2023-36262.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-36262", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-03T21:15:09.837", + "lastModified": "2023-07-03T21:15:09.837", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue in OBS Studio OBS-Studio v.29.1.2 allows a local attack to obtain sensitive information via the password parameter in locale/ca-ini." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/obsproject/obs-studio/issues/8966", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-362xx/CVE-2023-36291.json b/CVE-2023/CVE-2023-362xx/CVE-2023-36291.json new file mode 100644 index 00000000000..7f5d0866818 --- /dev/null +++ b/CVE-2023/CVE-2023-362xx/CVE-2023-36291.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-36291", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-03T21:15:09.883", + "lastModified": "2023-07-03T21:15:09.883", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Scripting vulnerability in Maxsite CMS v.108.7 allows a remote attacker to execute arbitrary code via the f_content parameter in the admin/page_new file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/maxsite/cms/issues/500", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-363xx/CVE-2023-36377.json b/CVE-2023/CVE-2023-363xx/CVE-2023-36377.json new file mode 100644 index 00000000000..191f87cb0af --- /dev/null +++ b/CVE-2023/CVE-2023-363xx/CVE-2023-36377.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-36377", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-03T21:15:09.923", + "lastModified": "2023-07-03T21:15:09.923", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in mtrojnar osslsigncode v.2.3 and before allows a local attacker to execute arbitrary code via a crafted .exe, .sys, and .dll files." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/mtrojnar/osslsigncode/compare/2.2...2.3", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/mtrojnar/osslsigncode/releases/tag/2.3", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-366xx/CVE-2023-36608.json b/CVE-2023/CVE-2023-366xx/CVE-2023-36608.json new file mode 100644 index 00000000000..85757b7a1c7 --- /dev/null +++ b/CVE-2023/CVE-2023-366xx/CVE-2023-36608.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-36608", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2023-07-03T20:15:09.450", + "lastModified": "2023-07-03T20:31:37.327", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nThe affected TBox RTUs store hashed passwords using MD5 encryption, which is an insecure encryption algorithm." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-327" + } + ] + } + ], + "references": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-03", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-366xx/CVE-2023-36609.json b/CVE-2023/CVE-2023-366xx/CVE-2023-36609.json new file mode 100644 index 00000000000..42755024752 --- /dev/null +++ b/CVE-2023/CVE-2023-366xx/CVE-2023-36609.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-36609", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2023-07-03T20:15:09.537", + "lastModified": "2023-07-03T20:31:37.327", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nThe affected TBox RTUs run OpenVPN with root privileges and can run user defined configuration scripts. An attacker could set up a local OpenVPN server and push a malicious script onto the TBox host to acquire root privileges.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-829" + } + ] + } + ], + "references": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-03", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-366xx/CVE-2023-36610.json b/CVE-2023/CVE-2023-366xx/CVE-2023-36610.json new file mode 100644 index 00000000000..be4b34b66cd --- /dev/null +++ b/CVE-2023/CVE-2023-366xx/CVE-2023-36610.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-36610", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2023-07-03T21:15:09.967", + "lastModified": "2023-07-03T21:15:09.967", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\n?The affected TBox RTUs generate software security tokens using insufficient entropy. The random seed used to generate the software tokens is not initialized correctly, and other parts of the token are generated using predictable time-based values. An attacker with this knowledge could successfully brute force the token and authenticate themselves.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-331" + } + ] + } + ], + "references": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-03", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-366xx/CVE-2023-36611.json b/CVE-2023/CVE-2023-366xx/CVE-2023-36611.json new file mode 100644 index 00000000000..f79e875afe6 --- /dev/null +++ b/CVE-2023/CVE-2023-366xx/CVE-2023-36611.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-36611", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2023-07-03T21:15:10.037", + "lastModified": "2023-07-03T21:15:10.037", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nThe affected TBox RTUs allow low privilege users to access software security tokens of higher privilege. This could allow an attacker with \u201cuser\u201d privileges to access files requiring higher privileges by establishing an SSH session and providing the other tokens.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-03", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36819.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36819.json index 93fc368653d..f635efd52ab 100644 --- a/CVE-2023/CVE-2023-368xx/CVE-2023-36819.json +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36819.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36819", "sourceIdentifier": "security-advisories@github.com", "published": "2023-07-03T19:15:09.183", - "lastModified": "2023-07-03T19:15:09.183", - "vulnStatus": "Received", + "lastModified": "2023-07-03T20:31:37.327", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37378.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37378.json new file mode 100644 index 00000000000..0fa530a6961 --- /dev/null +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37378.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2023-37378", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-03T20:15:09.620", + "lastModified": "2023-07-03T20:31:37.327", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Nullsoft Scriptable Install System (NSIS) before 3.09 mishandles access control for an uninstaller directory." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://sf.net/p/nsis/bugs/1296", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/kichik/nsis/commit/281e2851fe669d10e0650fc89d0e7fb74a598967", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/kichik/nsis/commit/409b5841479c44fbf33a6ba97c1146e46f965467", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/kichik/nsis/commit/c40cf78994e74a1a3a381a850c996b251e3277c0", + "source": "cve@mitre.org" + }, + { + "url": "https://nsis.sourceforge.io/Docs/AppendixF.html#v3.09", + "source": "cve@mitre.org" + }, + { + "url": "https://sourceforge.net/p/nsis/news/2023/07/nsis-309-released/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index cc95e80ae36..2eecf1e7676 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-07-03T20:00:28.709051+00:00 +2023-07-03T22:00:26.306309+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-07-03T19:38:57.370000+00:00 +2023-07-03T21:15:10.107000+00:00 ``` ### Last Data Feed Release @@ -29,47 +29,59 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -219067 +219087 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `20` -* [CVE-2023-36815](CVE-2023/CVE-2023-368xx/CVE-2023-36815.json) (`2023-07-03T18:15:09.653`) -* [CVE-2023-36817](CVE-2023/CVE-2023-368xx/CVE-2023-36817.json) (`2023-07-03T18:15:09.733`) -* [CVE-2023-36819](CVE-2023/CVE-2023-368xx/CVE-2023-36819.json) (`2023-07-03T19:15:09.183`) +* [CVE-2020-22151](CVE-2020/CVE-2020-221xx/CVE-2020-22151.json) (`2023-07-03T21:15:09.240`) +* [CVE-2020-22152](CVE-2020/CVE-2020-221xx/CVE-2020-22152.json) (`2023-07-03T21:15:09.293`) +* [CVE-2020-22153](CVE-2020/CVE-2020-221xx/CVE-2020-22153.json) (`2023-07-03T21:15:09.340`) +* [CVE-2020-22597](CVE-2020/CVE-2020-225xx/CVE-2020-22597.json) (`2023-07-03T21:15:09.383`) +* [CVE-2023-36608](CVE-2023/CVE-2023-366xx/CVE-2023-36608.json) (`2023-07-03T20:15:09.450`) +* [CVE-2023-36609](CVE-2023/CVE-2023-366xx/CVE-2023-36609.json) (`2023-07-03T20:15:09.537`) +* [CVE-2023-37378](CVE-2023/CVE-2023-373xx/CVE-2023-37378.json) (`2023-07-03T20:15:09.620`) +* [CVE-2023-2727](CVE-2023/CVE-2023-27xx/CVE-2023-2727.json) (`2023-07-03T21:15:09.480`) +* [CVE-2023-2728](CVE-2023/CVE-2023-27xx/CVE-2023-2728.json) (`2023-07-03T21:15:09.557`) +* [CVE-2023-36162](CVE-2023/CVE-2023-361xx/CVE-2023-36162.json) (`2023-07-03T21:15:09.620`) +* [CVE-2023-36183](CVE-2023/CVE-2023-361xx/CVE-2023-36183.json) (`2023-07-03T21:15:09.663`) +* [CVE-2023-36222](CVE-2023/CVE-2023-362xx/CVE-2023-36222.json) (`2023-07-03T21:15:09.707`) +* [CVE-2023-36223](CVE-2023/CVE-2023-362xx/CVE-2023-36223.json) (`2023-07-03T21:15:09.750`) +* [CVE-2023-36258](CVE-2023/CVE-2023-362xx/CVE-2023-36258.json) (`2023-07-03T21:15:09.797`) +* [CVE-2023-36262](CVE-2023/CVE-2023-362xx/CVE-2023-36262.json) (`2023-07-03T21:15:09.837`) +* [CVE-2023-36291](CVE-2023/CVE-2023-362xx/CVE-2023-36291.json) (`2023-07-03T21:15:09.883`) +* [CVE-2023-36377](CVE-2023/CVE-2023-363xx/CVE-2023-36377.json) (`2023-07-03T21:15:09.923`) +* [CVE-2023-36610](CVE-2023/CVE-2023-366xx/CVE-2023-36610.json) (`2023-07-03T21:15:09.967`) +* [CVE-2023-36611](CVE-2023/CVE-2023-366xx/CVE-2023-36611.json) (`2023-07-03T21:15:10.037`) +* [CVE-2023-3395](CVE-2023/CVE-2023-33xx/CVE-2023-3395.json) (`2023-07-03T21:15:10.107`) ### CVEs modified in the last Commit -Recently modified CVEs: `59` +Recently modified CVEs: `20` -* [CVE-2023-34242](CVE-2023/CVE-2023-342xx/CVE-2023-34242.json) (`2023-07-03T19:12:59.533`) -* [CVE-2023-25515](CVE-2023/CVE-2023-255xx/CVE-2023-25515.json) (`2023-07-03T19:15:31.923`) -* [CVE-2023-23344](CVE-2023/CVE-2023-233xx/CVE-2023-23344.json) (`2023-07-03T19:16:21.420`) -* [CVE-2023-28016](CVE-2023/CVE-2023-280xx/CVE-2023-28016.json) (`2023-07-03T19:17:06.243`) -* [CVE-2023-36301](CVE-2023/CVE-2023-363xx/CVE-2023-36301.json) (`2023-07-03T19:18:49.437`) -* [CVE-2023-25307](CVE-2023/CVE-2023-253xx/CVE-2023-25307.json) (`2023-07-03T19:19:20.030`) -* [CVE-2023-29423](CVE-2023/CVE-2023-294xx/CVE-2023-29423.json) (`2023-07-03T19:19:39.733`) -* [CVE-2023-2533](CVE-2023/CVE-2023-25xx/CVE-2023-2533.json) (`2023-07-03T19:19:40.983`) -* [CVE-2023-29093](CVE-2023/CVE-2023-290xx/CVE-2023-29093.json) (`2023-07-03T19:19:55.117`) -* [CVE-2023-36675](CVE-2023/CVE-2023-366xx/CVE-2023-36675.json) (`2023-07-03T19:20:19.150`) -* [CVE-2023-36660](CVE-2023/CVE-2023-366xx/CVE-2023-36660.json) (`2023-07-03T19:20:47.360`) -* [CVE-2023-28485](CVE-2023/CVE-2023-284xx/CVE-2023-28485.json) (`2023-07-03T19:22:57.320`) -* [CVE-2023-3432](CVE-2023/CVE-2023-34xx/CVE-2023-3432.json) (`2023-07-03T19:24:13.527`) -* [CVE-2023-3431](CVE-2023/CVE-2023-34xx/CVE-2023-3431.json) (`2023-07-03T19:24:51.337`) -* [CVE-2023-2996](CVE-2023/CVE-2023-29xx/CVE-2023-2996.json) (`2023-07-03T19:26:05.237`) -* [CVE-2023-2877](CVE-2023/CVE-2023-28xx/CVE-2023-2877.json) (`2023-07-03T19:26:43.103`) -* [CVE-2023-2842](CVE-2023/CVE-2023-28xx/CVE-2023-2842.json) (`2023-07-03T19:27:16.967`) -* [CVE-2023-25520](CVE-2023/CVE-2023-255xx/CVE-2023-25520.json) (`2023-07-03T19:27:23.943`) -* [CVE-2023-2795](CVE-2023/CVE-2023-27xx/CVE-2023-2795.json) (`2023-07-03T19:28:20.887`) -* [CVE-2023-34839](CVE-2023/CVE-2023-348xx/CVE-2023-34839.json) (`2023-07-03T19:29:43.347`) -* [CVE-2023-34838](CVE-2023/CVE-2023-348xx/CVE-2023-34838.json) (`2023-07-03T19:30:00.057`) -* [CVE-2023-34837](CVE-2023/CVE-2023-348xx/CVE-2023-34837.json) (`2023-07-03T19:30:12.097`) -* [CVE-2023-34836](CVE-2023/CVE-2023-348xx/CVE-2023-34836.json) (`2023-07-03T19:30:27.440`) -* [CVE-2023-34835](CVE-2023/CVE-2023-348xx/CVE-2023-34835.json) (`2023-07-03T19:30:38.090`) -* [CVE-2023-35171](CVE-2023/CVE-2023-351xx/CVE-2023-35171.json) (`2023-07-03T19:38:57.370`) +* [CVE-2022-24719](CVE-2022/CVE-2022-247xx/CVE-2022-24719.json) (`2023-07-03T20:33:34.237`) +* [CVE-2022-23730](CVE-2022/CVE-2022-237xx/CVE-2022-23730.json) (`2023-07-03T20:33:45.863`) +* [CVE-2022-23727](CVE-2022/CVE-2022-237xx/CVE-2022-23727.json) (`2023-07-03T20:34:03.637`) +* [CVE-2022-23719](CVE-2022/CVE-2022-237xx/CVE-2022-23719.json) (`2023-07-03T20:34:16.163`) +* [CVE-2022-23714](CVE-2022/CVE-2022-237xx/CVE-2022-23714.json) (`2023-07-03T20:34:29.593`) +* [CVE-2022-23708](CVE-2022/CVE-2022-237xx/CVE-2022-23708.json) (`2023-07-03T20:34:44.583`) +* [CVE-2022-21817](CVE-2022/CVE-2022-218xx/CVE-2022-21817.json) (`2023-07-03T20:34:54.417`) +* [CVE-2022-21816](CVE-2022/CVE-2022-218xx/CVE-2022-21816.json) (`2023-07-03T20:35:17.977`) +* [CVE-2022-24762](CVE-2022/CVE-2022-247xx/CVE-2022-24762.json) (`2023-07-03T20:35:28.853`) +* [CVE-2022-24754](CVE-2022/CVE-2022-247xx/CVE-2022-24754.json) (`2023-07-03T20:35:39.967`) +* [CVE-2022-24723](CVE-2022/CVE-2022-247xx/CVE-2022-24723.json) (`2023-07-03T20:35:47.993`) +* [CVE-2022-24720](CVE-2022/CVE-2022-247xx/CVE-2022-24720.json) (`2023-07-03T20:35:53.343`) +* [CVE-2022-4115](CVE-2022/CVE-2022-41xx/CVE-2022-4115.json) (`2023-07-03T20:37:29.117`) +* [CVE-2023-2580](CVE-2023/CVE-2023-25xx/CVE-2023-2580.json) (`2023-07-03T20:05:34.090`) +* [CVE-2023-2482](CVE-2023/CVE-2023-24xx/CVE-2023-2482.json) (`2023-07-03T20:07:45.610`) +* [CVE-2023-2326](CVE-2023/CVE-2023-23xx/CVE-2023-2326.json) (`2023-07-03T20:23:43.963`) +* [CVE-2023-0588](CVE-2023/CVE-2023-05xx/CVE-2023-0588.json) (`2023-07-03T20:28:13.577`) +* [CVE-2023-36819](CVE-2023/CVE-2023-368xx/CVE-2023-36819.json) (`2023-07-03T20:31:37.327`) +* [CVE-2023-35925](CVE-2023/CVE-2023-359xx/CVE-2023-35925.json) (`2023-07-03T20:46:49.440`) +* [CVE-2023-26273](CVE-2023/CVE-2023-262xx/CVE-2023-26273.json) (`2023-07-03T20:48:51.157`) ## Download and Usage