diff --git a/CVE-2021/CVE-2021-359xx/CVE-2021-35991.json b/CVE-2021/CVE-2021-359xx/CVE-2021-35991.json index c0b312fb38a..d9844ff5b43 100644 --- a/CVE-2021/CVE-2021-359xx/CVE-2021-35991.json +++ b/CVE-2021/CVE-2021-359xx/CVE-2021-35991.json @@ -2,8 +2,8 @@ "id": "CVE-2021-35991", "sourceIdentifier": "psirt@adobe.com", "published": "2021-08-20T19:15:10.263", - "lastModified": "2023-10-25T18:16:53.437", - "vulnStatus": "Modified", + "lastModified": "2023-12-04T17:31:51.637", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -65,7 +65,7 @@ }, "weaknesses": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -75,12 +75,12 @@ ] }, { - "source": "nvd@nist.gov", + "source": "psirt@adobe.com", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-908" + "value": "CWE-824" } ] } diff --git a/CVE-2022/CVE-2022-419xx/CVE-2022-41951.json b/CVE-2022/CVE-2022-419xx/CVE-2022-41951.json index f58eaeabf26..8de44be1cea 100644 --- a/CVE-2022/CVE-2022-419xx/CVE-2022-41951.json +++ b/CVE-2022/CVE-2022-419xx/CVE-2022-41951.json @@ -2,8 +2,8 @@ "id": "CVE-2022-41951", "sourceIdentifier": "security-advisories@github.com", "published": "2023-11-27T21:15:07.553", - "lastModified": "2023-11-28T14:12:58.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:28:54.857", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -50,10 +70,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oroinc:oroplatform:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.0.9", + "matchCriteriaId": "1124E7EE-1C8D-4B17-8803-81B7BF744F83" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/oroinc/platform/security/advisories/GHSA-9v3j-4j64-p937", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-423xx/CVE-2022-42344.json b/CVE-2022/CVE-2022-423xx/CVE-2022-42344.json index a3aabc2b760..7b015ced356 100644 --- a/CVE-2022/CVE-2022-423xx/CVE-2022-42344.json +++ b/CVE-2022/CVE-2022-423xx/CVE-2022-42344.json @@ -2,8 +2,8 @@ "id": "CVE-2022-42344", "sourceIdentifier": "psirt@adobe.com", "published": "2022-10-20T17:15:10.723", - "lastModified": "2023-10-25T18:17:18.470", - "vulnStatus": "Modified", + "lastModified": "2023-12-04T17:33:35.887", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -40,7 +40,7 @@ }, "weaknesses": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -50,12 +50,12 @@ ] }, { - "source": "nvd@nist.gov", + "source": "psirt@adobe.com", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-639" + "value": "CWE-863" } ] } diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2448.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2448.json index 0b5b6ed4f24..535bc074ac5 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2448.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2448.json @@ -2,16 +2,40 @@ "id": "CVE-2023-2448", "sourceIdentifier": "security@wordfence.com", "published": "2023-11-22T16:15:08.537", - "lastModified": "2023-11-22T18:15:08.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T17:38:31.713", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The UserPro plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'userpro_shortcode_template' function in versions up to, and including, 5.1.4. This makes it possible for unauthenticated attackers to arbitrary shortcode execution. An attacker can leverage CVE-2023-2446 to get sensitive information via shortcode." + }, + { + "lang": "es", + "value": "El complemento UserPro para WordPress es vulnerable al acceso no autorizado a los datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n 'userpro_shortcode_template' en versiones hasta la 5.1.4 incluida. Esto hace posible que atacantes no autenticados ejecuten c\u00f3digos cortos arbitrarios. Un atacante puede aprovechar CVE-2023-2446 para obtener informaci\u00f3n confidencial mediante un c\u00f3digo corto." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -34,18 +58,58 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:userproplugin:userpro:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "5.1.4", + "matchCriteriaId": "498C35EE-4702-4B1C-BF55-71F81664FB52" + } + ] + } + ] + } + ], "references": [ { "url": "http://packetstormsecurity.com/files/175871/WordPress-UserPro-5.1.x-Password-Reset-Authentication-Bypass-Escalation.html", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://codecanyon.net/item/userpro-user-profiles-with-social-login/5958681", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7cbe9175-4a6f-4eb6-8d31-9a9fda9b4f40?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2449.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2449.json index 5ac165292a5..9aa0875ce23 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2449.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2449.json @@ -2,16 +2,40 @@ "id": "CVE-2023-2449", "sourceIdentifier": "security@wordfence.com", "published": "2023-11-22T16:15:08.697", - "lastModified": "2023-11-22T18:15:08.663", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T17:17:55.380", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The UserPro plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 5.1.1. This is due to the plugin using native password reset functionality, with insufficient validation on the password reset function (userpro_process_form). The function uses the plaintext value of a password reset key instead of a hashed value which means it can easily be retrieved and subsequently used. An attacker can leverage CVE-2023-2448 and CVE-2023-2446, or another vulnerability like SQL Injection in another plugin or theme installed on the site to successfully exploit this vulnerability." + }, + { + "lang": "es", + "value": "El complemento UserPro para WordPress es vulnerable a restablecimientos de contrase\u00f1a no autorizados en versiones hasta la 5.1.1 incluida. Esto se debe a que el complemento utiliza la funcionalidad nativa de restablecimiento de contrase\u00f1a, con una validaci\u00f3n insuficiente de la funci\u00f3n de restablecimiento de contrase\u00f1a (userpro_process_form). La funci\u00f3n utiliza el valor de texto plano de una clave de restablecimiento de contrase\u00f1a en lugar de un valor hash, lo que significa que se puede recuperar y utilizar posteriormente f\u00e1cilmente. Un atacante puede aprovechar CVE-2023-2448 y CVE-2023-2446, u otra vulnerabilidad como inyecci\u00f3n SQL en otro complemento o tema instalado en el sitio para explotar con \u00e9xito esta vulnerabilidad." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -34,18 +58,58 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:userproplugin:userpro:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "5.1.1", + "matchCriteriaId": "E30F7B1B-A4E6-4C8F-ACA8-0A9B16EED37B" + } + ] + } + ] + } + ], "references": [ { "url": "http://packetstormsecurity.com/files/175871/WordPress-UserPro-5.1.x-Password-Reset-Authentication-Bypass-Escalation.html", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://codecanyon.net/item/userpro-user-profiles-with-social-login/5958681", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/de9be7bc-4f8a-4393-8ebb-1b1f141b7585?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-305xx/CVE-2023-30588.json b/CVE-2023/CVE-2023-305xx/CVE-2023-30588.json index a4ff7c57a61..4f9352fbbc8 100644 --- a/CVE-2023/CVE-2023-305xx/CVE-2023-30588.json +++ b/CVE-2023/CVE-2023-305xx/CVE-2023-30588.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30588", "sourceIdentifier": "support@hackerone.com", "published": "2023-11-28T20:15:07.437", - "lastModified": "2023-11-29T14:18:11.973", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T17:40:31.033", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,82 @@ "value": "Cuando se utiliza una clave p\u00fablica no v\u00e1lida para crear x509 certificates utilizando la API crypto.X509Certificate(), se produce una terminaci\u00f3n no esperada que la hace susceptible a ataques DoS cuando el atacante podr\u00eda forzar interrupciones en el procesamiento de la aplicaci\u00f3n, ya que el proceso finaliza al acceder a la informaci\u00f3n de clave p\u00fablica de los certificados proporcionados desde el c\u00f3digo de usuario. El contexto actual de los usuarios desaparecer\u00e1 y eso provocar\u00e1 un escenario DoS. Esta vulnerabilidad afecta a todas las versiones activas de Node.js v16, v18 y v20." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.0.0", + "versionEndExcluding": "16.20.1", + "matchCriteriaId": "7E7F6F9A-AF9F-453B-870D-1E8759567F29" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*", + "versionStartIncluding": "18.0.0", + "versionEndExcluding": "18.16.1", + "matchCriteriaId": "3AA02CEF-5AC5-46F7-94DE-D9EA15678AE7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*", + "versionStartIncluding": "20.0.0", + "versionEndExcluding": "20.3.1", + "matchCriteriaId": "1CAA23E6-4930-4326-9CB0-AEE5013BFD37" + } + ] + } + ] + } + ], "references": [ { "url": "https://nodejs.org/en/blog/vulnerability/june-2023-security-releases", - "source": "support@hackerone.com" + "source": "support@hackerone.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-305xx/CVE-2023-30590.json b/CVE-2023/CVE-2023-305xx/CVE-2023-30590.json index ff2adb046e5..c7fcea20a8d 100644 --- a/CVE-2023/CVE-2023-305xx/CVE-2023-30590.json +++ b/CVE-2023/CVE-2023-305xx/CVE-2023-30590.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30590", "sourceIdentifier": "support@hackerone.com", "published": "2023-11-28T20:15:07.480", - "lastModified": "2023-11-29T14:18:11.973", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T17:39:07.437", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,82 @@ "value": "La funci\u00f3n API generateKeys() devuelta por crypto.createDiffieHellman() solo genera claves faltantes (o desactualizadas), es decir, solo genera una clave privada si a\u00fan no se ha configurado ninguna, pero la funci\u00f3n tambi\u00e9n es necesaria para calcular la clave p\u00fablica correspondiente. despu\u00e9s de llamar a setPrivateKey(). Sin embargo, la documentaci\u00f3n dice que esta llamada API: \"Genera valores de clave Diffie-Hellman p\u00fablicos y privados\". El comportamiento documentado es muy diferente del comportamiento real, y esta diferencia podr\u00eda conducir f\u00e1cilmente a problemas de seguridad en las aplicaciones que utilizan estas API, ya que DiffieHellman puede usarse como base para la seguridad a nivel de aplicaci\u00f3n; en consecuencia, las implicaciones son amplias." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.0.0", + "versionEndExcluding": "16.20.1", + "matchCriteriaId": "7E7F6F9A-AF9F-453B-870D-1E8759567F29" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*", + "versionStartIncluding": "18.0.0", + "versionEndExcluding": "18.16.1", + "matchCriteriaId": "3AA02CEF-5AC5-46F7-94DE-D9EA15678AE7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*", + "versionStartIncluding": "20.0.0", + "versionEndExcluding": "20.3.1", + "matchCriteriaId": "1CAA23E6-4930-4326-9CB0-AEE5013BFD37" + } + ] + } + ] + } + ], "references": [ { "url": "https://nodejs.org/en/blog/vulnerability/june-2023-security-releases", - "source": "support@hackerone.com" + "source": "support@hackerone.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-33xx/CVE-2023-3368.json b/CVE-2023/CVE-2023-33xx/CVE-2023-3368.json index 9e9cf730c83..767c183bdc5 100644 --- a/CVE-2023/CVE-2023-33xx/CVE-2023-3368.json +++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3368.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3368", "sourceIdentifier": "info@starlabs.sg", "published": "2023-11-28T07:15:41.683", - "lastModified": "2023-11-28T14:12:58.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:57:35.040", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "info@starlabs.sg", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + }, { "source": "info@starlabs.sg", "type": "Secondary", @@ -50,22 +80,54 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:chamilo:chamilo:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.11.20", + "matchCriteriaId": "0B1CD4A4-2EE0-453B-B45B-753D6539D7C4" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/chamilo/chamilo-lms/commit/37be9ce7243a30259047dd4517c48ff8b21d657a", - "source": "info@starlabs.sg" + "source": "info@starlabs.sg", + "tags": [ + "Patch" + ] }, { "url": "https://https://github.com/chamilo/chamilo-lms/commit/4c69b294f927db62092e01b70ac9bd6e32d5b48b", - "source": "info@starlabs.sg" + "source": "info@starlabs.sg", + "tags": [ + "Patch" + ] }, { "url": "https://starlabs.sg/advisories/23/23-3368/", - "source": "info@starlabs.sg" + "source": "info@starlabs.sg", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://support.chamilo.org/projects/chamilo-18/wiki/security_issues#Issue-121-2023-07-05-Critical-impact-High-risk-Unauthenticated-Command-Injection-CVE-2023-3368", - "source": "info@starlabs.sg" + "source": "info@starlabs.sg", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35136.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35136.json index d114b4b14bc..6d05e83723a 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35136.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35136.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35136", "sourceIdentifier": "security@zyxel.com.tw", "published": "2023-11-28T02:15:42.143", - "lastModified": "2023-11-28T14:12:58.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:09:37.583", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -50,10 +50,206 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.32", + "versionEndIncluding": "5.37", + "matchCriteriaId": "2A9AF767-1BC2-4160-9FD6-246DD2AD0F18" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7F7654A1-3806-41C7-82D4-46B0CD7EE53B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D68A36FF-8CAF-401C-9F18-94F3A2405CF4" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0B41F437-855B-4490-8011-DF59887BE6D5" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "66B99746-0589-46E6-9CBD-F38619AD97DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.50", + "versionEndIncluding": "5.37", + "matchCriteriaId": "03FAEFC8-186B-4B52-869F-DA27224692C0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.16", + "versionEndIncluding": "5.37", + "matchCriteriaId": "0DE544DC-2644-4706-BB80-75B7E16DF4DD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "371CE32A-C28E-44D2-9B0B-D8775928FD0E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.30", + "versionEndIncluding": "5.37", + "matchCriteriaId": "549A6FE1-25D6-4239-87B6-B729C098C625" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EECD311A-4E96-4576-AADF-47291EDE3559" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps", - "source": "security@zyxel.com.tw" + "source": "security@zyxel.com.tw", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35139.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35139.json index 7b925eaa9f1..da5fb7dfd43 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35139.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35139.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35139", "sourceIdentifier": "security@zyxel.com.tw", "published": "2023-11-28T02:15:42.347", - "lastModified": "2023-11-28T14:12:58.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:09:27.617", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -17,8 +17,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@zyxel.com.tw", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, + { + "source": "security@zyxel.com.tw", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", @@ -50,10 +70,206 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndIncluding": "5.37", + "matchCriteriaId": "A959A961-FE39-4743-BCFB-700131DE4372" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7F7654A1-3806-41C7-82D4-46B0CD7EE53B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D68A36FF-8CAF-401C-9F18-94F3A2405CF4" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0B41F437-855B-4490-8011-DF59887BE6D5" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "66B99746-0589-46E6-9CBD-F38619AD97DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndIncluding": "5.37", + "matchCriteriaId": "78B5CDFF-8571-4232-AC38-8E4AD12F683B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndIncluding": "5.37", + "matchCriteriaId": "A959A961-FE39-4743-BCFB-700131DE4372" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "371CE32A-C28E-44D2-9B0B-D8775928FD0E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndIncluding": "5.37", + "matchCriteriaId": "78B5CDFF-8571-4232-AC38-8E4AD12F683B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EECD311A-4E96-4576-AADF-47291EDE3559" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps", - "source": "security@zyxel.com.tw" + "source": "security@zyxel.com.tw", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-35xx/CVE-2023-3545.json b/CVE-2023/CVE-2023-35xx/CVE-2023-3545.json index 92bd1f906c0..a0d9cfe7529 100644 --- a/CVE-2023/CVE-2023-35xx/CVE-2023-3545.json +++ b/CVE-2023/CVE-2023-35xx/CVE-2023-3545.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3545", "sourceIdentifier": "info@starlabs.sg", "published": "2023-11-28T07:15:42.913", - "lastModified": "2023-11-28T14:12:58.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:50:46.923", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "info@starlabs.sg", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-178" + } + ] + }, { "source": "info@starlabs.sg", "type": "Secondary", @@ -50,18 +80,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:chamilo:chamilo:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.11.20", + "matchCriteriaId": "FF883FF3-A05D-4939-9777-9FCC16A9AFBB" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/chamilo/chamilo-lms/commit/dc7bfce429fbd843a95a57c184b6992c4d709549", - "source": "info@starlabs.sg" + "source": "info@starlabs.sg", + "tags": [ + "Patch" + ] }, { "url": "https://starlabs.sg/advisories/23/23-3545/", - "source": "info@starlabs.sg" + "source": "info@starlabs.sg", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://support.chamilo.org/projects/chamilo-18/wiki/security_issues#Issue-125-2023-07-13-Critical-impact-Moderate-risk-Htaccess-File-Upload-Security-Bypass-on-Windows-CVE-2023-3545", - "source": "info@starlabs.sg" + "source": "info@starlabs.sg", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-379xx/CVE-2023-37925.json b/CVE-2023/CVE-2023-379xx/CVE-2023-37925.json index 4709f8c2c7f..8d3d27e5896 100644 --- a/CVE-2023/CVE-2023-379xx/CVE-2023-37925.json +++ b/CVE-2023/CVE-2023-379xx/CVE-2023-37925.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37925", "sourceIdentifier": "security@zyxel.com.tw", "published": "2023-11-28T02:15:42.547", - "lastModified": "2023-11-28T14:12:58.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:09:07.153", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -50,10 +50,738 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.32", + "versionEndIncluding": "5.37", + "matchCriteriaId": "2A9AF767-1BC2-4160-9FD6-246DD2AD0F18" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7F7654A1-3806-41C7-82D4-46B0CD7EE53B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D68A36FF-8CAF-401C-9F18-94F3A2405CF4" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0B41F437-855B-4490-8011-DF59887BE6D5" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "66B99746-0589-46E6-9CBD-F38619AD97DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.50", + "versionEndIncluding": "5.37", + "matchCriteriaId": "03FAEFC8-186B-4B52-869F-DA27224692C0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.16", + "versionEndIncluding": "5.37", + "matchCriteriaId": "0DE544DC-2644-4706-BB80-75B7E16DF4DD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "371CE32A-C28E-44D2-9B0B-D8775928FD0E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.30", + "versionEndIncluding": "5.37", + "matchCriteriaId": "549A6FE1-25D6-4239-87B6-B729C098C625" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EECD311A-4E96-4576-AADF-47291EDE3559" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(abtg.0\\)", + "matchCriteriaId": "C7DDF8F2-1E1C-4040-B24D-7959863AD5AF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6A3F9232-F988-4428-9898-4F536123CE88" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(abvt.0\\)", + "matchCriteriaId": "6372C936-65AD-431B-B0F3-3731E6B236EC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "36C13E7F-2186-4587-83E9-57B05A7147B7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(abtd.0\\)", + "matchCriteriaId": "D24E34B2-E5E8-4269-A168-4904A7751427" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1BB129F9-64D8-43C2-9366-51EBDF419F5F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(acco.0\\)", + "matchCriteriaId": "A3B44BE7-A6FD-4B9B-B6F9-60A4B792E57B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6E03F755-424D-4248-9076-ED7BECEB94C5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.80\\(abyw.0\\)", + "matchCriteriaId": "D93BE4DB-8B74-4FE1-814D-22E78027FC7B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2806A3B3-8F13-4170-B284-8809E3502044" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nwa50ax-pro_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.80\\(acge.0\\)", + "matchCriteriaId": "A88CCD01-D827-4891-8E99-67B6FD064FE9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nwa50ax-pro:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D7DD6E6B-61EC-4E60-8244-56ADB26F2234" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.80\\(abzl.0\\)", + "matchCriteriaId": "C732FD48-F3FC-45A6-9081-D2067305D6F7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B7440976-5CB4-40BE-95C2-98EF4B888109" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.80\\(accv.0\\)", + "matchCriteriaId": "221D7820-55CA-447C-94FB-4946EC1536E7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3A903978-737E-4266-A670-BC94E32CAF96" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nwa90ax-pro_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.80\\(acgf.0\\)", + "matchCriteriaId": "9D936894-A119-4EC4-BA51-3B2CD9F3F477" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nwa90ax-pro:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EFA44855-B135-44BD-AE21-FC58CD647AB6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(abvs.0\\)", + "matchCriteriaId": "34B57801-88C6-4BAB-A47F-EE428F8208C1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7C024551-F08F-4152-940D-1CF8BCD79613" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(abwa.0\\)", + "matchCriteriaId": "9E013C28-F1C2-474C-B909-6BE89752C335" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1A1FD502-4F62-4C77-B3BC-E563B24F0067" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(abtf.0\\)", + "matchCriteriaId": "E174A280-1FC8-4A97-B7B1-3B8F5B47EB82" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(abte.0\\)", + "matchCriteriaId": "40288F50-E5B5-4398-BCBB-0C946869AB64" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3518DA0A-2C7B-4979-A457-0826C921B0F0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(accn.0\\)", + "matchCriteriaId": "B6EE5DA9-A76F-47EE-8DF2-7950DD37A1B7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(abzd.0\\)", + "matchCriteriaId": "5C0C05AC-CF02-4D2B-BB8D-7DF960BAD814" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DC74AAF9-5206-4CEB-9023-6CD4F38AA623" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(accm.0\\)", + "matchCriteriaId": "9EBCEA07-66B1-48A0-9121-09C5FE30A4E2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "20E4E9A0-DF92-47B7-94D6-0867E3171E47" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(abrm.0\\)", + "matchCriteriaId": "0FE4DC40-903F-4063-99EA-D7D272400D22" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D784994E-E2CE-4328-B490-D9DC195A53DB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(acdo.0\\)", + "matchCriteriaId": "9C85EF6D-0300-4AE9-98FE-2FA05F6392D4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "61158220-B5E8-4BF4-B2C2-E8ABFD3266CF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(acgg.0\\)", + "matchCriteriaId": "31DA2420-6E71-45FE-A1B4-76524431F932" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9FC2F3A4-0598-49B0-9829-AF43C97E9E8E" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps", - "source": "security@zyxel.com.tw" + "source": "security@zyxel.com.tw", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-379xx/CVE-2023-37926.json b/CVE-2023/CVE-2023-379xx/CVE-2023-37926.json index 49085eab666..907b82becc2 100644 --- a/CVE-2023/CVE-2023-379xx/CVE-2023-37926.json +++ b/CVE-2023/CVE-2023-379xx/CVE-2023-37926.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37926", "sourceIdentifier": "security@zyxel.com.tw", "published": "2023-11-28T02:15:42.740", - "lastModified": "2023-11-28T14:12:58.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:08:43.703", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -39,6 +39,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + }, { "source": "security@zyxel.com.tw", "type": "Secondary", @@ -50,10 +60,206 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.32", + "versionEndIncluding": "5.37", + "matchCriteriaId": "2A9AF767-1BC2-4160-9FD6-246DD2AD0F18" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7F7654A1-3806-41C7-82D4-46B0CD7EE53B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D68A36FF-8CAF-401C-9F18-94F3A2405CF4" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0B41F437-855B-4490-8011-DF59887BE6D5" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "66B99746-0589-46E6-9CBD-F38619AD97DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.50", + "versionEndIncluding": "5.37", + "matchCriteriaId": "03FAEFC8-186B-4B52-869F-DA27224692C0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.16", + "versionEndIncluding": "5.37", + "matchCriteriaId": "0DE544DC-2644-4706-BB80-75B7E16DF4DD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "371CE32A-C28E-44D2-9B0B-D8775928FD0E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.30", + "versionEndIncluding": "5.37", + "matchCriteriaId": "549A6FE1-25D6-4239-87B6-B729C098C625" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EECD311A-4E96-4576-AADF-47291EDE3559" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps", - "source": "security@zyxel.com.tw" + "source": "security@zyxel.com.tw", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-382xx/CVE-2023-38268.json b/CVE-2023/CVE-2023-382xx/CVE-2023-38268.json index 95c90dcd179..26974555903 100644 --- a/CVE-2023/CVE-2023-382xx/CVE-2023-38268.json +++ b/CVE-2023/CVE-2023-382xx/CVE-2023-38268.json @@ -2,16 +2,40 @@ "id": "CVE-2023-38268", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-12-01T20:15:07.083", - "lastModified": "2023-12-03T16:37:34.417", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:33:51.837", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 260585." + }, + { + "lang": "es", + "value": "IBM InfoSphere Information Server 11.7 es vulnerable a cross-site request forgery, lo que podr\u00eda permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas por un usuario en el que conf\u00eda el sitio web. ID de IBM X-Force: 260585." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -46,14 +70,70 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.7.0.0", + "versionEndExcluding": "11.7.1.0", + "matchCriteriaId": "8DD9FF76-6982-4FBF-847D-2408A166ADFB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:on_cloud:*:*:*", + "versionStartIncluding": "11.7.0.0", + "versionEndExcluding": "11.7.1.4", + "matchCriteriaId": "0F179F2C-DF77-462C-BCA6-7F64CE1812BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/260585", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7067682", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-400xx/CVE-2023-40056.json b/CVE-2023/CVE-2023-400xx/CVE-2023-40056.json index 51024a2b1bd..93f9f82e50a 100644 --- a/CVE-2023/CVE-2023-400xx/CVE-2023-40056.json +++ b/CVE-2023/CVE-2023-400xx/CVE-2023-40056.json @@ -2,19 +2,43 @@ "id": "CVE-2023-40056", "sourceIdentifier": "psirt@solarwinds.com", "published": "2023-11-28T18:15:07.900", - "lastModified": "2023-11-28T18:29:23.617", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:51:22.073", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\n\n\n\n\n\n\n\n\n\n\n\nSQL Injection Remote Code Vulnerability was found in the SolarWinds\nPlatform. This vulnerability can be exploited with a low privileged account. \n\n\n\n\n\n" + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad de c\u00f3digo remoto de inyecci\u00f3n SQL en la plataforma SolarWinds. Esta vulnerabilidad se puede explotar con una cuenta con pocos privilegios." } ], "metrics": { "cvssMetricV31": [ { - "source": "psirt@solarwinds.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, + { + "source": "psirt@solarwinds.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", @@ -46,14 +70,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:solarwinds:solarwinds_platform:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.4.2", + "matchCriteriaId": "5C3B0A46-E7A1-4BBB-96B0-6F074FE6ACC7" + } + ] + } + ] + } + ], "references": [ { "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-4-2_release_notes.htm", - "source": "psirt@solarwinds.com" + "source": "psirt@solarwinds.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-40056", - "source": "psirt@solarwinds.com" + "source": "psirt@solarwinds.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-406xx/CVE-2023-40699.json b/CVE-2023/CVE-2023-406xx/CVE-2023-40699.json index b8798ab6e94..98356b0c97b 100644 --- a/CVE-2023/CVE-2023-406xx/CVE-2023-40699.json +++ b/CVE-2023/CVE-2023-406xx/CVE-2023-40699.json @@ -2,16 +2,40 @@ "id": "CVE-2023-40699", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-12-01T21:15:07.633", - "lastModified": "2023-12-03T16:37:34.417", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:33:32.667", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\n\n\nIBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161.\n\n\n\n" + }, + { + "lang": "es", + "value": "IBM InfoSphere Information Server 11.7 podr\u00eda permitir que un atacante remoto provoque una denegaci\u00f3n de servicio debido a una validaci\u00f3n de entrada incorrecta. ID de IBM X-Force: 265161." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -36,8 +60,18 @@ }, "weaknesses": [ { - "source": "psirt@us.ibm.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "psirt@us.ibm.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,14 +80,70 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.7.0.0", + "versionEndExcluding": "11.7.1.0", + "matchCriteriaId": "8DD9FF76-6982-4FBF-847D-2408A166ADFB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:on_cloud:*:*:*", + "versionStartIncluding": "11.7.0.0", + "versionEndExcluding": "11.7.1.4", + "matchCriteriaId": "0F179F2C-DF77-462C-BCA6-7F64CE1812BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/265161", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7067714", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-416xx/CVE-2023-41613.json b/CVE-2023/CVE-2023-416xx/CVE-2023-41613.json index 5a7ce86e3ad..79061eb3758 100644 --- a/CVE-2023/CVE-2023-416xx/CVE-2023-41613.json +++ b/CVE-2023/CVE-2023-416xx/CVE-2023-41613.json @@ -2,8 +2,8 @@ "id": "CVE-2023-41613", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-04T14:15:07.457", - "lastModified": "2023-12-04T14:15:07.457", - "vulnStatus": "Received", + "lastModified": "2023-12-04T17:16:41.913", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-420xx/CVE-2023-42009.json b/CVE-2023/CVE-2023-420xx/CVE-2023-42009.json index 7cbec1c7e6a..0b688da214e 100644 --- a/CVE-2023/CVE-2023-420xx/CVE-2023-42009.json +++ b/CVE-2023/CVE-2023-420xx/CVE-2023-42009.json @@ -2,16 +2,40 @@ "id": "CVE-2023-42009", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-12-01T21:15:07.857", - "lastModified": "2023-12-03T16:37:34.417", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:33:10.530", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 265504." + }, + { + "lang": "es", + "value": "IBM InfoSphere Information Server 11.7 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar c\u00f3digo JavaScript arbitrario en la interfaz de usuario web, alterando as\u00ed la funcionalidad prevista, lo que podr\u00eda conducir a la divulgaci\u00f3n de credenciales dentro de una sesi\u00f3n confiable. ID de IBM X-Force: 265504." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -46,14 +70,69 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.7.0.0", + "versionEndExcluding": "11.7.1.0", + "matchCriteriaId": "8DD9FF76-6982-4FBF-847D-2408A166ADFB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:on_cloud:*:*:*", + "versionStartIncluding": "11.7.0.0", + "versionEndExcluding": "11.7.1.4", + "matchCriteriaId": "0F179F2C-DF77-462C-BCA6-7F64CE1812BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/265504", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://https://www.ibm.com/support/pages/node/7070755", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-420xx/CVE-2023-42019.json b/CVE-2023/CVE-2023-420xx/CVE-2023-42019.json index af45e14f3ce..0092bfbc8fd 100644 --- a/CVE-2023/CVE-2023-420xx/CVE-2023-42019.json +++ b/CVE-2023/CVE-2023-420xx/CVE-2023-42019.json @@ -2,16 +2,40 @@ "id": "CVE-2023-42019", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-12-01T21:15:08.053", - "lastModified": "2023-12-03T16:37:34.417", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:32:49.137", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\n\n\nIBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161.\n\n\n\n" + }, + { + "lang": "es", + "value": "IBM InfoSphere Information Server 11.7 podr\u00eda permitir que un atacante remoto provoque una denegaci\u00f3n de servicio debido a una validaci\u00f3n de entrada incorrecta. ID de IBM X-Force: 265161." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -46,14 +70,70 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.7.0.0", + "versionEndExcluding": "11.7.1.0", + "matchCriteriaId": "8DD9FF76-6982-4FBF-847D-2408A166ADFB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:on_cloud:*:*:*", + "versionStartIncluding": "11.7.0.0", + "versionEndExcluding": "11.7.1.4", + "matchCriteriaId": "0F179F2C-DF77-462C-BCA6-7F64CE1812BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/265569", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7067719", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-420xx/CVE-2023-42022.json b/CVE-2023/CVE-2023-420xx/CVE-2023-42022.json index d91f5f707d8..6e9d92728a7 100644 --- a/CVE-2023/CVE-2023-420xx/CVE-2023-42022.json +++ b/CVE-2023/CVE-2023-420xx/CVE-2023-42022.json @@ -2,16 +2,40 @@ "id": "CVE-2023-42022", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-12-01T21:15:08.260", - "lastModified": "2023-12-03T16:37:34.417", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:32:03.803", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\n\n\nIBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 265938.\n\n\n\n" + }, + { + "lang": "es", + "value": "IBM InfoSphere Information Server 11.7 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar c\u00f3digo JavaScript arbitrario en la interfaz de usuario web, alterando as\u00ed la funcionalidad prevista, lo que podr\u00eda conducir a la divulgaci\u00f3n de credenciales dentro de una sesi\u00f3n confiable. ID de IBM X-Force: 265938." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -46,14 +70,70 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.7.0.0", + "versionEndExcluding": "11.7.1.0", + "matchCriteriaId": "8DD9FF76-6982-4FBF-847D-2408A166ADFB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:on_cloud:*:*:*", + "versionStartIncluding": "11.7.0.0", + "versionEndExcluding": "11.7.1.4", + "matchCriteriaId": "0F179F2C-DF77-462C-BCA6-7F64CE1812BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/265938", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7074335", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-425xx/CVE-2023-42504.json b/CVE-2023/CVE-2023-425xx/CVE-2023-42504.json index ac19d38b85a..cab3a587eb0 100644 --- a/CVE-2023/CVE-2023-425xx/CVE-2023-42504.json +++ b/CVE-2023/CVE-2023-425xx/CVE-2023-42504.json @@ -2,16 +2,40 @@ "id": "CVE-2023-42504", "sourceIdentifier": "security@apache.org", "published": "2023-11-28T18:15:08.353", - "lastModified": "2023-11-28T18:29:23.617", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:44:20.847", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An authenticated malicious user could initiate multiple concurrent requests, each requesting multiple dashboard exports, leading to a possible denial of service.\n\nThis issue affects Apache Superset: before 3.0.0\n\n" + }, + { + "lang": "es", + "value": "Un usuario malicioso autenticado podr\u00eda iniciar m\u00faltiples solicitudes simult\u00e1neas, cada una de las cuales solicita m\u00faltiples exportaciones de paneles, lo que lleva a una posible denegaci\u00f3n de servicio. Este problema afecta a Apache Superset: antes de 3.0.0" } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security@apache.org", "type": "Secondary", @@ -46,14 +70,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.0.0", + "matchCriteriaId": "B7CD7B20-D07E-4327-AA44-37ABCBA3E656" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/11/28/6", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.apache.org/thread/yzq5gk1y9lyw6nxwd3xdkxg1djqw1h6l", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-425xx/CVE-2023-42505.json b/CVE-2023/CVE-2023-425xx/CVE-2023-42505.json index df53302a438..a0a8ef9d16b 100644 --- a/CVE-2023/CVE-2023-425xx/CVE-2023-42505.json +++ b/CVE-2023/CVE-2023-425xx/CVE-2023-42505.json @@ -2,16 +2,40 @@ "id": "CVE-2023-42505", "sourceIdentifier": "security@apache.org", "published": "2023-11-28T17:15:08.093", - "lastModified": "2023-11-28T18:29:23.617", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:58:39.287", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An authenticated user with read permissions on database connections metadata could potentially access sensitive information such as the connection's username.\n\nThis issue affects Apache Superset before 3.0.0.\n\n" + }, + { + "lang": "es", + "value": "Un usuario autenticado con permisos de lectura sobre los metadatos de las conexiones de bases de datos podr\u00eda acceder a informaci\u00f3n confidencial, como el nombre de usuario de la conexi\u00f3n. Este problema afecta a Apache Superset anterior a 3.0.0." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "security@apache.org", "type": "Secondary", @@ -36,8 +60,18 @@ }, "weaknesses": [ { - "source": "security@apache.org", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "security@apache.org", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,14 +80,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.0.0", + "matchCriteriaId": "B7CD7B20-D07E-4327-AA44-37ABCBA3E656" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/11/28/5", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.apache.org/thread/bd0fhtfzrtgo1q8x35tpm8ms144d1t2y", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-430xx/CVE-2023-43015.json b/CVE-2023/CVE-2023-430xx/CVE-2023-43015.json index 9dc1217e56e..25d29b99fe0 100644 --- a/CVE-2023/CVE-2023-430xx/CVE-2023-43015.json +++ b/CVE-2023/CVE-2023-430xx/CVE-2023-43015.json @@ -2,16 +2,40 @@ "id": "CVE-2023-43015", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-12-01T20:15:07.287", - "lastModified": "2023-12-03T16:37:34.417", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:33:42.547", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 266064." + }, + { + "lang": "es", + "value": "IBM InfoSphere Information Server 11.7 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar c\u00f3digo JavaScript arbitrario en la interfaz de usuario web, alterando as\u00ed la funcionalidad prevista, lo que podr\u00eda conducir a la divulgaci\u00f3n de credenciales dentro de una sesi\u00f3n confiable. ID de IBM X-Force: 266064." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -46,14 +70,70 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.7.0.0", + "versionEndExcluding": "11.7.1.0", + "matchCriteriaId": "8DD9FF76-6982-4FBF-847D-2408A166ADFB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:on_cloud:*:*:*", + "versionStartIncluding": "11.7.0.0", + "versionEndExcluding": "11.7.1.4", + "matchCriteriaId": "0F179F2C-DF77-462C-BCA6-7F64CE1812BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/266064", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7067704", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-430xx/CVE-2023-43021.json b/CVE-2023/CVE-2023-430xx/CVE-2023-43021.json index f6dabefb6cd..3fc0eca6f47 100644 --- a/CVE-2023/CVE-2023-430xx/CVE-2023-43021.json +++ b/CVE-2023/CVE-2023-430xx/CVE-2023-43021.json @@ -2,16 +2,40 @@ "id": "CVE-2023-43021", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-12-01T21:15:08.460", - "lastModified": "2023-12-03T16:37:34.417", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:31:26.617", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\nIBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 266167.\n\n" + }, + { + "lang": "es", + "value": "IBM InfoSphere Information Server 11.7 podr\u00eda permitir a un atacante remoto obtener informaci\u00f3n confidencial cuando se devuelve un mensaje de error t\u00e9cnico detallado en el navegador. Esta informaci\u00f3n podr\u00eda usarse en futuros ataques contra el sistema. ID de IBM X-Force: 266167." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -46,14 +70,70 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.7.0.0", + "versionEndExcluding": "11.7.1.0", + "matchCriteriaId": "8DD9FF76-6982-4FBF-847D-2408A166ADFB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:on_cloud:*:*:*", + "versionStartIncluding": "11.7.0.0", + "versionEndExcluding": "11.7.1.4", + "matchCriteriaId": "0F179F2C-DF77-462C-BCA6-7F64CE1812BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/266167", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7074317", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-43xx/CVE-2023-4397.json b/CVE-2023/CVE-2023-43xx/CVE-2023-4397.json index baa66b97bba..17dfe44cea6 100644 --- a/CVE-2023/CVE-2023-43xx/CVE-2023-4397.json +++ b/CVE-2023/CVE-2023-43xx/CVE-2023-4397.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4397", "sourceIdentifier": "security@zyxel.com.tw", "published": "2023-11-28T02:15:42.990", - "lastModified": "2023-11-28T14:12:58.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:05:04.100", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -50,10 +50,156 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:5.37:*:*:*:*:*:*:*", + "matchCriteriaId": "26B7AE28-E9ED-4488-BF31-74A15DE79C7A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7F7654A1-3806-41C7-82D4-46B0CD7EE53B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D68A36FF-8CAF-401C-9F18-94F3A2405CF4" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0B41F437-855B-4490-8011-DF59887BE6D5" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "66B99746-0589-46E6-9CBD-F38619AD97DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:5.37:*:*:*:*:*:*:*", + "matchCriteriaId": "26B7AE28-E9ED-4488-BF31-74A15DE79C7A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:5.37:*:*:*:*:*:*:*", + "matchCriteriaId": "26B7AE28-E9ED-4488-BF31-74A15DE79C7A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "371CE32A-C28E-44D2-9B0B-D8775928FD0E" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps", - "source": "security@zyxel.com.tw" + "source": "security@zyxel.com.tw", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-43xx/CVE-2023-4398.json b/CVE-2023/CVE-2023-43xx/CVE-2023-4398.json index 8786797008f..67a3a74791f 100644 --- a/CVE-2023/CVE-2023-43xx/CVE-2023-4398.json +++ b/CVE-2023/CVE-2023-43xx/CVE-2023-4398.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4398", "sourceIdentifier": "security@zyxel.com.tw", "published": "2023-11-28T02:15:43.187", - "lastModified": "2023-11-28T14:12:58.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:04:39.363", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "security@zyxel.com.tw", "type": "Secondary", @@ -50,10 +70,206 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.32", + "versionEndIncluding": "5.37", + "matchCriteriaId": "2A9AF767-1BC2-4160-9FD6-246DD2AD0F18" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7F7654A1-3806-41C7-82D4-46B0CD7EE53B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D68A36FF-8CAF-401C-9F18-94F3A2405CF4" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0B41F437-855B-4490-8011-DF59887BE6D5" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "66B99746-0589-46E6-9CBD-F38619AD97DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.50", + "versionEndIncluding": "5.37", + "matchCriteriaId": "03FAEFC8-186B-4B52-869F-DA27224692C0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.16", + "versionEndIncluding": "5.37", + "matchCriteriaId": "0DE544DC-2644-4706-BB80-75B7E16DF4DD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "371CE32A-C28E-44D2-9B0B-D8775928FD0E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.30", + "versionEndIncluding": "5.37", + "matchCriteriaId": "549A6FE1-25D6-4239-87B6-B729C098C625" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EECD311A-4E96-4576-AADF-47291EDE3559" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps", - "source": "security@zyxel.com.tw" + "source": "security@zyxel.com.tw", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-443xx/CVE-2023-44339.json b/CVE-2023/CVE-2023-443xx/CVE-2023-44339.json index 206d8ee24f6..49fd903b3d4 100644 --- a/CVE-2023/CVE-2023-443xx/CVE-2023-44339.json +++ b/CVE-2023/CVE-2023-443xx/CVE-2023-44339.json @@ -2,7 +2,7 @@ "id": "CVE-2023-44339", "sourceIdentifier": "psirt@adobe.com", "published": "2023-11-16T10:15:10.717", - "lastModified": "2023-11-22T17:15:45.410", + "lastModified": "2023-12-04T17:34:46.583", "vulnStatus": "Analyzed", "descriptions": [ { @@ -21,19 +21,19 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", - "privilegesRequired": "LOW", + "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", - "baseScore": 5.0, + "baseScore": 5.5, "baseSeverity": "MEDIUM" }, - "exploitabilityScore": 1.3, + "exploitabilityScore": 1.8, "impactScore": 3.6 }, { @@ -61,7 +61,7 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Secondary", + "type": "Primary", "description": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-461xx/CVE-2023-46174.json b/CVE-2023/CVE-2023-461xx/CVE-2023-46174.json index 676b9604fe2..f4f349b25f8 100644 --- a/CVE-2023/CVE-2023-461xx/CVE-2023-46174.json +++ b/CVE-2023/CVE-2023-461xx/CVE-2023-46174.json @@ -2,16 +2,40 @@ "id": "CVE-2023-46174", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-12-01T21:15:08.663", - "lastModified": "2023-12-03T16:37:34.417", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:31:04.347", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\n\n\nIBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 269506.\n\n\n\n" + }, + { + "lang": "es", + "value": "IBM InfoSphere Information Server 11.7 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar c\u00f3digo JavaScript arbitrario en la interfaz de usuario web, alterando as\u00ed la funcionalidad prevista, lo que podr\u00eda conducir a la divulgaci\u00f3n de credenciales dentro de una sesi\u00f3n confiable. ID de IBM X-Force: 269506." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -46,14 +70,70 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.7.0.0", + "versionEndExcluding": "11.7.1.0", + "matchCriteriaId": "8DD9FF76-6982-4FBF-847D-2408A166ADFB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:on_cloud:*:*:*", + "versionStartIncluding": "11.7.0.0", + "versionEndExcluding": "11.7.1.4", + "matchCriteriaId": "0F179F2C-DF77-462C-BCA6-7F64CE1812BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/269506", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7067717", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-480xx/CVE-2023-48022.json b/CVE-2023/CVE-2023-480xx/CVE-2023-48022.json index 31c1e9b2443..f2f33712dc7 100644 --- a/CVE-2023/CVE-2023-480xx/CVE-2023-48022.json +++ b/CVE-2023/CVE-2023-480xx/CVE-2023-48022.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48022", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-28T08:15:06.910", - "lastModified": "2023-11-28T14:12:58.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:46:54.517", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,15 +14,80 @@ "value": "Anyscale Ray 2.6.3 y 2.8.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de la API de env\u00edo de trabajos. NOTA: la posici\u00f3n del proveedor es que este informe es irrelevante porque Ray, como se indica en su documentaci\u00f3n, no est\u00e1 manipulado para su uso fuera de un entorno de red estrictamente controlado." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:anyscale:ray:2.6.3:*:*:*:*:*:*:*", + "matchCriteriaId": "1083D908-E7F7-44BE-89CD-B760224C5585" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:anyscale:ray:2.8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DE882370-6570-49E0-A11F-95D3FBCD4714" + } + ] + } + ] + } + ], "references": [ { "url": "https://bishopfox.com/blog/ray-versions-2-6-3-2-8-0", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://docs.ray.io/en/latest/ray-security/index.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product", + "Release Notes" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-480xx/CVE-2023-48023.json b/CVE-2023/CVE-2023-480xx/CVE-2023-48023.json index 44d15df7d58..7e17d27ef40 100644 --- a/CVE-2023/CVE-2023-480xx/CVE-2023-48023.json +++ b/CVE-2023/CVE-2023-480xx/CVE-2023-48023.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48023", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-28T08:15:07.060", - "lastModified": "2023-11-28T14:12:58.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:30:56.670", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,15 +14,80 @@ "value": "Anyscale Ray 2.6.3 y 2.8.0 permite /log_proxy SSRF. NOTA: la posici\u00f3n del proveedor es que este informe es irrelevante porque Ray, como se indica en su documentaci\u00f3n, no est\u00e1 manipulado para su uso fuera de un entorno de red estrictamente controlado." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:anyscale:ray:2.6.3:*:*:*:*:*:*:*", + "matchCriteriaId": "1083D908-E7F7-44BE-89CD-B760224C5585" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:anyscale:ray:2.8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DE882370-6570-49E0-A11F-95D3FBCD4714" + } + ] + } + ] + } + ], "references": [ { "url": "https://bishopfox.com/blog/ray-versions-2-6-3-2-8-0", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://docs.ray.io/en/latest/ray-security/index.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product", + "Release Notes" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-480xx/CVE-2023-48034.json b/CVE-2023/CVE-2023-480xx/CVE-2023-48034.json index 8a95524d5ec..d1f72174d1b 100644 --- a/CVE-2023/CVE-2023-480xx/CVE-2023-48034.json +++ b/CVE-2023/CVE-2023-480xx/CVE-2023-48034.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48034", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-27T21:15:07.777", - "lastModified": "2023-11-28T14:12:58.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:11:26.057", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,78 @@ "value": "Un problema descubierto en Acer Wireless Keyboard SK-9662 permite a un atacante en proximidad f\u00edsica descifrar pulsaciones de teclas inal\u00e1mbricas e inyectar pulsaciones de teclas arbitrarias mediante el uso de un cifrado d\u00e9bil." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-326" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:acer:sk-9662_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1E945161-CF3F-48FD-937C-7AF63670842F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:acer:sk-9662:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4A6ADD71-B71C-4E5F-ACD0-010A107EE6CD" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/aprkr/CVE-2023-48034", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-481xx/CVE-2023-48193.json b/CVE-2023/CVE-2023-481xx/CVE-2023-48193.json index 3b119cc3833..31259badaed 100644 --- a/CVE-2023/CVE-2023-481xx/CVE-2023-48193.json +++ b/CVE-2023/CVE-2023-481xx/CVE-2023-48193.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48193", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-28T21:15:08.373", - "lastModified": "2023-11-29T14:18:11.973", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T17:41:43.977", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,19 +14,81 @@ "value": "La vulnerabilidad de permisos inseguros en JumpServer GPLv3 v.3.8.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario omitiendo la funci\u00f3n de filtrado de comandos." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fit2cloud:jumpserver:3.8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "BEA14CBD-A40D-4DB1-B0F4-42E9C62A5B54" + } + ] + } + ] + } + ], "references": [ { "url": "http://jumpserver.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/296430468/lcc_test/blob/main/jumpserver_BUG.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/jumpserver/jumpserver", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-488xx/CVE-2023-48815.json b/CVE-2023/CVE-2023-488xx/CVE-2023-48815.json index ad4e2007cb2..339532a2135 100644 --- a/CVE-2023/CVE-2023-488xx/CVE-2023-48815.json +++ b/CVE-2023/CVE-2023-488xx/CVE-2023-48815.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48815", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-04T15:15:07.500", - "lastModified": "2023-12-04T15:15:07.500", - "vulnStatus": "Received", + "lastModified": "2023-12-04T17:16:41.913", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-488xx/CVE-2023-48866.json b/CVE-2023/CVE-2023-488xx/CVE-2023-48866.json index be7bba92c8d..c1a41bab5d4 100644 --- a/CVE-2023/CVE-2023-488xx/CVE-2023-48866.json +++ b/CVE-2023/CVE-2023-488xx/CVE-2023-48866.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48866", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-04T15:15:07.560", - "lastModified": "2023-12-04T15:15:07.560", - "vulnStatus": "Received", + "lastModified": "2023-12-04T17:16:41.913", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-489xx/CVE-2023-48910.json b/CVE-2023/CVE-2023-489xx/CVE-2023-48910.json new file mode 100644 index 00000000000..9d109fdbd95 --- /dev/null +++ b/CVE-2023/CVE-2023-489xx/CVE-2023-48910.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-48910", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-12-04T17:15:07.137", + "lastModified": "2023-12-04T17:16:41.913", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Microcks up to 1.17.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /jobs and /artifact/download. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/b33t1e/2a2dc17cf36cd741b2c99425c892d826", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/microcks/microcks", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/orgs/microcks/discussions/892", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-489xx/CVE-2023-48965.json b/CVE-2023/CVE-2023-489xx/CVE-2023-48965.json index e79e453c135..4aa6afaca86 100644 --- a/CVE-2023/CVE-2023-489xx/CVE-2023-48965.json +++ b/CVE-2023/CVE-2023-489xx/CVE-2023-48965.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48965", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-04T16:15:11.640", - "lastModified": "2023-12-04T16:15:11.640", - "vulnStatus": "Received", + "lastModified": "2023-12-04T17:16:41.913", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-489xx/CVE-2023-48966.json b/CVE-2023/CVE-2023-489xx/CVE-2023-48966.json index edd8be94855..39391708a35 100644 --- a/CVE-2023/CVE-2023-489xx/CVE-2023-48966.json +++ b/CVE-2023/CVE-2023-489xx/CVE-2023-48966.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48966", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-04T16:15:11.727", - "lastModified": "2023-12-04T16:15:11.727", - "vulnStatus": "Received", + "lastModified": "2023-12-04T17:16:41.913", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-489xx/CVE-2023-48967.json b/CVE-2023/CVE-2023-489xx/CVE-2023-48967.json new file mode 100644 index 00000000000..cc2a27d0005 --- /dev/null +++ b/CVE-2023/CVE-2023-489xx/CVE-2023-48967.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-48967", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-12-04T17:15:07.190", + "lastModified": "2023-12-04T17:16:41.913", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Ssolon <= 2.6.0 and <=2.5.12 is vulnerable to Deserialization of Untrusted Data." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/noear/solon/issues/226", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-490xx/CVE-2023-49075.json b/CVE-2023/CVE-2023-490xx/CVE-2023-49075.json index 66e219af9d5..589010cb171 100644 --- a/CVE-2023/CVE-2023-490xx/CVE-2023-49075.json +++ b/CVE-2023/CVE-2023-490xx/CVE-2023-49075.json @@ -2,8 +2,8 @@ "id": "CVE-2023-49075", "sourceIdentifier": "security-advisories@github.com", "published": "2023-11-28T05:15:08.160", - "lastModified": "2023-11-28T14:12:58.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T17:53:15.497", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -50,22 +70,56 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pimcore:admin_classic_bundle:*:*:*:*:*:pimcore:*:*", + "versionEndExcluding": "1.2.2", + "matchCriteriaId": "6FC10AB5-C7AE-40CF-BC49-6F46432ED1B4" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/pimcore/admin-ui-classic-bundle/commit/e412b0597830ae564a604e2579eb40e76f7f0628", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/pimcore/admin-ui-classic-bundle/pull/345", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch", + "URL Repurposed", + "Vendor Advisory" + ] }, { "url": "https://github.com/pimcore/admin-ui-classic-bundle/security/advisories/GHSA-9wwg-r3c7-4vfg", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] }, { "url": "https://patch-diff.githubusercontent.com/raw/pimcore/admin-ui-classic-bundle/pull/345.patch", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-490xx/CVE-2023-49078.json b/CVE-2023/CVE-2023-490xx/CVE-2023-49078.json index bcf3b582133..cbe0cdbe727 100644 --- a/CVE-2023/CVE-2023-490xx/CVE-2023-49078.json +++ b/CVE-2023/CVE-2023-490xx/CVE-2023-49078.json @@ -2,8 +2,8 @@ "id": "CVE-2023-49078", "sourceIdentifier": "security-advisories@github.com", "published": "2023-11-28T19:15:07.397", - "lastModified": "2023-11-29T14:18:18.333", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T17:41:18.540", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -50,14 +70,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zediious:raptor-web:0.4.4:*:*:*:*:*:*:*", + "matchCriteriaId": "E59B46AE-B7E3-446D-B612-15849A930CD4" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/zediious/raptor-web/releases/tag/0.4.4.1", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/zediious/raptor-web/security/advisories/GHSA-8r6g-fhh4-xhmq", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-56xx/CVE-2023-5650.json b/CVE-2023/CVE-2023-56xx/CVE-2023-5650.json index d3ce8aebe63..0fca1994918 100644 --- a/CVE-2023/CVE-2023-56xx/CVE-2023-5650.json +++ b/CVE-2023/CVE-2023-56xx/CVE-2023-5650.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5650", "sourceIdentifier": "security@zyxel.com.tw", "published": "2023-11-28T02:15:43.380", - "lastModified": "2023-11-28T14:12:58.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:02:41.510", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -50,10 +50,206 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.32", + "versionEndIncluding": "5.37", + "matchCriteriaId": "2A9AF767-1BC2-4160-9FD6-246DD2AD0F18" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7F7654A1-3806-41C7-82D4-46B0CD7EE53B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D68A36FF-8CAF-401C-9F18-94F3A2405CF4" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0B41F437-855B-4490-8011-DF59887BE6D5" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "66B99746-0589-46E6-9CBD-F38619AD97DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.50", + "versionEndIncluding": "5.37", + "matchCriteriaId": "03FAEFC8-186B-4B52-869F-DA27224692C0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.16", + "versionEndIncluding": "5.37", + "matchCriteriaId": "0DE544DC-2644-4706-BB80-75B7E16DF4DD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "371CE32A-C28E-44D2-9B0B-D8775928FD0E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.30", + "versionEndIncluding": "5.37", + "matchCriteriaId": "549A6FE1-25D6-4239-87B6-B729C098C625" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EECD311A-4E96-4576-AADF-47291EDE3559" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps", - "source": "security@zyxel.com.tw" + "source": "security@zyxel.com.tw", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-57xx/CVE-2023-5767.json b/CVE-2023/CVE-2023-57xx/CVE-2023-5767.json index b7984bbe73b..21c07bc2c7b 100644 --- a/CVE-2023/CVE-2023-57xx/CVE-2023-5767.json +++ b/CVE-2023/CVE-2023-57xx/CVE-2023-5767.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5767", "sourceIdentifier": "cybersecurity@hitachienergy.com", "published": "2023-12-04T15:15:07.613", - "lastModified": "2023-12-04T15:15:07.613", - "vulnStatus": "Received", + "lastModified": "2023-12-04T17:16:41.913", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-57xx/CVE-2023-5768.json b/CVE-2023/CVE-2023-57xx/CVE-2023-5768.json index cacd633b046..3fd986100b5 100644 --- a/CVE-2023/CVE-2023-57xx/CVE-2023-5768.json +++ b/CVE-2023/CVE-2023-57xx/CVE-2023-5768.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5768", "sourceIdentifier": "cybersecurity@hitachienergy.com", "published": "2023-12-04T15:15:07.793", - "lastModified": "2023-12-04T15:15:07.793", - "vulnStatus": "Received", + "lastModified": "2023-12-04T17:16:41.913", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-57xx/CVE-2023-5797.json b/CVE-2023/CVE-2023-57xx/CVE-2023-5797.json index 0ae44386577..17a0aa8ec70 100644 --- a/CVE-2023/CVE-2023-57xx/CVE-2023-5797.json +++ b/CVE-2023/CVE-2023-57xx/CVE-2023-5797.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5797", "sourceIdentifier": "security@zyxel.com.tw", "published": "2023-11-28T03:15:07.123", - "lastModified": "2023-11-28T14:12:58.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:01:55.800", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -50,10 +50,738 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.32", + "versionEndIncluding": "5.37", + "matchCriteriaId": "2A9AF767-1BC2-4160-9FD6-246DD2AD0F18" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7F7654A1-3806-41C7-82D4-46B0CD7EE53B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "47398FD0-6C5E-4625-9EFD-DE08C9AB7DB2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D68A36FF-8CAF-401C-9F18-94F3A2405CF4" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2818E8AC-FFEE-4DF9-BF3F-C75166C0E851" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0B41F437-855B-4490-8011-DF59887BE6D5" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "66B99746-0589-46E6-9CBD-F38619AD97DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.50", + "versionEndIncluding": "5.37", + "matchCriteriaId": "03FAEFC8-186B-4B52-869F-DA27224692C0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.16", + "versionEndIncluding": "5.37", + "matchCriteriaId": "0DE544DC-2644-4706-BB80-75B7E16DF4DD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "371CE32A-C28E-44D2-9B0B-D8775928FD0E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zld:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.30", + "versionEndIncluding": "5.37", + "matchCriteriaId": "549A6FE1-25D6-4239-87B6-B729C098C625" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EECD311A-4E96-4576-AADF-47291EDE3559" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(abtg.0\\)", + "matchCriteriaId": "C7DDF8F2-1E1C-4040-B24D-7959863AD5AF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6A3F9232-F988-4428-9898-4F536123CE88" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nwa1123acv3_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(abvt.0\\)", + "matchCriteriaId": "6372C936-65AD-431B-B0F3-3731E6B236EC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nwa1123acv3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "36C13E7F-2186-4587-83E9-57B05A7147B7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(abtd.0\\)", + "matchCriteriaId": "D24E34B2-E5E8-4269-A168-4904A7751427" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1BB129F9-64D8-43C2-9366-51EBDF419F5F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(acco.0\\)", + "matchCriteriaId": "A3B44BE7-A6FD-4B9B-B6F9-60A4B792E57B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6E03F755-424D-4248-9076-ED7BECEB94C5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.80\\(abyw.0\\)", + "matchCriteriaId": "D93BE4DB-8B74-4FE1-814D-22E78027FC7B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2806A3B3-8F13-4170-B284-8809E3502044" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nwa50ax-pro_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.80\\(acge.0\\)", + "matchCriteriaId": "A88CCD01-D827-4891-8E99-67B6FD064FE9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nwa50ax-pro:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D7DD6E6B-61EC-4E60-8244-56ADB26F2234" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.80\\(abzl.0\\)", + "matchCriteriaId": "C732FD48-F3FC-45A6-9081-D2067305D6F7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B7440976-5CB4-40BE-95C2-98EF4B888109" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.80\\(accv.0\\)", + "matchCriteriaId": "221D7820-55CA-447C-94FB-4946EC1536E7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3A903978-737E-4266-A670-BC94E32CAF96" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nwa90ax-pro_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.80\\(acgf.0\\)", + "matchCriteriaId": "9D936894-A119-4EC4-BA51-3B2CD9F3F477" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nwa90ax-pro:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EFA44855-B135-44BD-AE21-FC58CD647AB6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:wac500_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(abvs.0\\)", + "matchCriteriaId": "34B57801-88C6-4BAB-A47F-EE428F8208C1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:wac500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7C024551-F08F-4152-940D-1CF8BCD79613" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(abwa.0\\)", + "matchCriteriaId": "9E013C28-F1C2-474C-B909-6BE89752C335" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1A1FD502-4F62-4C77-B3BC-E563B24F0067" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(abtf.0\\)", + "matchCriteriaId": "E174A280-1FC8-4A97-B7B1-3B8F5B47EB82" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(abte.0\\)", + "matchCriteriaId": "40288F50-E5B5-4398-BCBB-0C946869AB64" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3518DA0A-2C7B-4979-A457-0826C921B0F0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(accn.0\\)", + "matchCriteriaId": "B6EE5DA9-A76F-47EE-8DF2-7950DD37A1B7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(abzd.0\\)", + "matchCriteriaId": "5C0C05AC-CF02-4D2B-BB8D-7DF960BAD814" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DC74AAF9-5206-4CEB-9023-6CD4F38AA623" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(accm.0\\)", + "matchCriteriaId": "9EBCEA07-66B1-48A0-9121-09C5FE30A4E2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "20E4E9A0-DF92-47B7-94D6-0867E3171E47" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(abrm.0\\)", + "matchCriteriaId": "0FE4DC40-903F-4063-99EA-D7D272400D22" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D784994E-E2CE-4328-B490-D9DC195A53DB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(acdo.0\\)", + "matchCriteriaId": "9C85EF6D-0300-4AE9-98FE-2FA05F6392D4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "61158220-B5E8-4BF4-B2C2-E8ABFD3266CF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.70\\(acgg.0\\)", + "matchCriteriaId": "31DA2420-6E71-45FE-A1B4-76524431F932" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9FC2F3A4-0598-49B0-9829-AF43C97E9E8E" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-aps", - "source": "security@zyxel.com.tw" + "source": "security@zyxel.com.tw", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-62xx/CVE-2023-6226.json b/CVE-2023/CVE-2023-62xx/CVE-2023-6226.json index 15f6216c5ac..b553d9d60b7 100644 --- a/CVE-2023/CVE-2023-62xx/CVE-2023-6226.json +++ b/CVE-2023/CVE-2023-62xx/CVE-2023-6226.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6226", "sourceIdentifier": "security@wordfence.com", "published": "2023-11-28T05:15:08.920", - "lastModified": "2023-11-28T14:12:58.173", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-04T18:58:04.080", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -38,18 +58,58 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:getshortcodes:shortcodes_ultimate:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "7.0.0", + "matchCriteriaId": "7D04A19E-D1D5-4629-992D-B5493FF1F8A3" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/shortcodes/meta.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3000576%40shortcodes-ultimate&new=3000576%40shortcodes-ultimate&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4d936a48-b300-4a41-8d28-ba34cb3c5cb7?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 91b3560c708..6a2d1a352b2 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-12-04T17:00:19.669004+00:00 +2023-12-04T19:00:18.495838+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-12-04T16:54:09.293000+00:00 +2023-12-04T18:58:39.287000+00:00 ``` ### Last Data Feed Release @@ -29,50 +29,46 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -232141 +232143 ``` ### CVEs added in the last Commit -Recently added CVEs: `6` +Recently added CVEs: `2` -* [CVE-2023-48815](CVE-2023/CVE-2023-488xx/CVE-2023-48815.json) (`2023-12-04T15:15:07.500`) -* [CVE-2023-48866](CVE-2023/CVE-2023-488xx/CVE-2023-48866.json) (`2023-12-04T15:15:07.560`) -* [CVE-2023-5767](CVE-2023/CVE-2023-57xx/CVE-2023-5767.json) (`2023-12-04T15:15:07.613`) -* [CVE-2023-5768](CVE-2023/CVE-2023-57xx/CVE-2023-5768.json) (`2023-12-04T15:15:07.793`) -* [CVE-2023-48965](CVE-2023/CVE-2023-489xx/CVE-2023-48965.json) (`2023-12-04T16:15:11.640`) -* [CVE-2023-48966](CVE-2023/CVE-2023-489xx/CVE-2023-48966.json) (`2023-12-04T16:15:11.727`) +* [CVE-2023-48910](CVE-2023/CVE-2023-489xx/CVE-2023-48910.json) (`2023-12-04T17:15:07.137`) +* [CVE-2023-48967](CVE-2023/CVE-2023-489xx/CVE-2023-48967.json) (`2023-12-04T17:15:07.190`) ### CVEs modified in the last Commit -Recently modified CVEs: `27` +Recently modified CVEs: `43` -* [CVE-2023-6274](CVE-2023/CVE-2023-62xx/CVE-2023-6274.json) (`2023-12-04T15:08:18.743`) -* [CVE-2023-6275](CVE-2023/CVE-2023-62xx/CVE-2023-6275.json) (`2023-12-04T15:10:22.267`) -* [CVE-2023-6225](CVE-2023/CVE-2023-62xx/CVE-2023-6225.json) (`2023-12-04T15:10:44.187`) -* [CVE-2023-44327](CVE-2023/CVE-2023-443xx/CVE-2023-44327.json) (`2023-12-04T16:15:07.433`) -* [CVE-2023-44328](CVE-2023/CVE-2023-443xx/CVE-2023-44328.json) (`2023-12-04T16:15:07.673`) -* [CVE-2023-44329](CVE-2023/CVE-2023-443xx/CVE-2023-44329.json) (`2023-12-04T16:15:07.870`) -* [CVE-2023-44340](CVE-2023/CVE-2023-443xx/CVE-2023-44340.json) (`2023-12-04T16:15:08.083`) -* [CVE-2023-44348](CVE-2023/CVE-2023-443xx/CVE-2023-44348.json) (`2023-12-04T16:15:08.290`) -* [CVE-2023-44356](CVE-2023/CVE-2023-443xx/CVE-2023-44356.json) (`2023-12-04T16:15:08.517`) -* [CVE-2023-44357](CVE-2023/CVE-2023-443xx/CVE-2023-44357.json) (`2023-12-04T16:15:08.723`) -* [CVE-2023-44358](CVE-2023/CVE-2023-443xx/CVE-2023-44358.json) (`2023-12-04T16:15:08.937`) -* [CVE-2023-44360](CVE-2023/CVE-2023-443xx/CVE-2023-44360.json) (`2023-12-04T16:15:09.163`) -* [CVE-2023-47044](CVE-2023/CVE-2023-470xx/CVE-2023-47044.json) (`2023-12-04T16:15:09.370`) -* [CVE-2023-47046](CVE-2023/CVE-2023-470xx/CVE-2023-47046.json) (`2023-12-04T16:15:09.573`) -* [CVE-2023-47047](CVE-2023/CVE-2023-470xx/CVE-2023-47047.json) (`2023-12-04T16:15:09.783`) -* [CVE-2023-47048](CVE-2023/CVE-2023-470xx/CVE-2023-47048.json) (`2023-12-04T16:15:09.987`) -* [CVE-2023-47049](CVE-2023/CVE-2023-470xx/CVE-2023-47049.json) (`2023-12-04T16:15:10.200`) -* [CVE-2023-47050](CVE-2023/CVE-2023-470xx/CVE-2023-47050.json) (`2023-12-04T16:15:10.477`) -* [CVE-2023-47051](CVE-2023/CVE-2023-470xx/CVE-2023-47051.json) (`2023-12-04T16:15:10.677`) -* [CVE-2023-47054](CVE-2023/CVE-2023-470xx/CVE-2023-47054.json) (`2023-12-04T16:15:10.880`) -* [CVE-2023-47071](CVE-2023/CVE-2023-470xx/CVE-2023-47071.json) (`2023-12-04T16:15:11.263`) -* [CVE-2023-49287](CVE-2023/CVE-2023-492xx/CVE-2023-49287.json) (`2023-12-04T16:15:11.793`) -* [CVE-2023-5427](CVE-2023/CVE-2023-54xx/CVE-2023-5427.json) (`2023-12-04T16:15:12.013`) -* [CVE-2023-2497](CVE-2023/CVE-2023-24xx/CVE-2023-2497.json) (`2023-12-04T16:41:46.397`) -* [CVE-2023-38218](CVE-2023/CVE-2023-382xx/CVE-2023-38218.json) (`2023-12-04T16:54:09.293`) +* [CVE-2023-5797](CVE-2023/CVE-2023-57xx/CVE-2023-5797.json) (`2023-12-04T18:01:55.800`) +* [CVE-2023-5650](CVE-2023/CVE-2023-56xx/CVE-2023-5650.json) (`2023-12-04T18:02:41.510`) +* [CVE-2023-4398](CVE-2023/CVE-2023-43xx/CVE-2023-4398.json) (`2023-12-04T18:04:39.363`) +* [CVE-2023-4397](CVE-2023/CVE-2023-43xx/CVE-2023-4397.json) (`2023-12-04T18:05:04.100`) +* [CVE-2023-37926](CVE-2023/CVE-2023-379xx/CVE-2023-37926.json) (`2023-12-04T18:08:43.703`) +* [CVE-2023-37925](CVE-2023/CVE-2023-379xx/CVE-2023-37925.json) (`2023-12-04T18:09:07.153`) +* [CVE-2023-35139](CVE-2023/CVE-2023-351xx/CVE-2023-35139.json) (`2023-12-04T18:09:27.617`) +* [CVE-2023-35136](CVE-2023/CVE-2023-351xx/CVE-2023-35136.json) (`2023-12-04T18:09:37.583`) +* [CVE-2023-48034](CVE-2023/CVE-2023-480xx/CVE-2023-48034.json) (`2023-12-04T18:11:26.057`) +* [CVE-2023-48023](CVE-2023/CVE-2023-480xx/CVE-2023-48023.json) (`2023-12-04T18:30:56.670`) +* [CVE-2023-46174](CVE-2023/CVE-2023-461xx/CVE-2023-46174.json) (`2023-12-04T18:31:04.347`) +* [CVE-2023-43021](CVE-2023/CVE-2023-430xx/CVE-2023-43021.json) (`2023-12-04T18:31:26.617`) +* [CVE-2023-42022](CVE-2023/CVE-2023-420xx/CVE-2023-42022.json) (`2023-12-04T18:32:03.803`) +* [CVE-2023-42019](CVE-2023/CVE-2023-420xx/CVE-2023-42019.json) (`2023-12-04T18:32:49.137`) +* [CVE-2023-42009](CVE-2023/CVE-2023-420xx/CVE-2023-42009.json) (`2023-12-04T18:33:10.530`) +* [CVE-2023-40699](CVE-2023/CVE-2023-406xx/CVE-2023-40699.json) (`2023-12-04T18:33:32.667`) +* [CVE-2023-43015](CVE-2023/CVE-2023-430xx/CVE-2023-43015.json) (`2023-12-04T18:33:42.547`) +* [CVE-2023-38268](CVE-2023/CVE-2023-382xx/CVE-2023-38268.json) (`2023-12-04T18:33:51.837`) +* [CVE-2023-42504](CVE-2023/CVE-2023-425xx/CVE-2023-42504.json) (`2023-12-04T18:44:20.847`) +* [CVE-2023-48022](CVE-2023/CVE-2023-480xx/CVE-2023-48022.json) (`2023-12-04T18:46:54.517`) +* [CVE-2023-3545](CVE-2023/CVE-2023-35xx/CVE-2023-3545.json) (`2023-12-04T18:50:46.923`) +* [CVE-2023-40056](CVE-2023/CVE-2023-400xx/CVE-2023-40056.json) (`2023-12-04T18:51:22.073`) +* [CVE-2023-3368](CVE-2023/CVE-2023-33xx/CVE-2023-3368.json) (`2023-12-04T18:57:35.040`) +* [CVE-2023-6226](CVE-2023/CVE-2023-62xx/CVE-2023-6226.json) (`2023-12-04T18:58:04.080`) +* [CVE-2023-42505](CVE-2023/CVE-2023-425xx/CVE-2023-42505.json) (`2023-12-04T18:58:39.287`) ## Download and Usage