admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-27T08:00:25.511855+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-27 08:00:29 +00:00
parent 5aa282357a
commit f98382daa7
4 changed files with 136 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2023/CVE-2023-250xx/CVE-2023-25074.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25074", "id": "CVE-2023-25074",
"sourceIdentifier": "disclosures@gallagher.com", "sourceIdentifier": "disclosures@gallagher.com",
"published": "2023-07-25T00:15:09.637", "published": "2023-07-25T00:15:09.637",
"lastModified": "2023-07-25T13:01:04.750", "lastModified": "2023-07-27T06:15:09.897",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
@ -48,7 +48,7 @@
], ],
"references": [ "references": [
{ {
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2023-25704", "url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2023-25074",
"source": "disclosures@gallagher.com" "source": "disclosures@gallagher.com"
} }
] ]

63
CVE-2023/CVE-2023-39xx/CVE-2023-3956.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-3956",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-27T07:15:09.857",
"lastModified": "2023-07-27T07:15:09.857",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The InstaWP Connect plugin for WordPress is vulnerable to unauthorized access of data, modification of data and loss of data due to a missing capability check on the 'events_receiver' function in versions up to, and including, 0.0.9.18. This makes it possible for unauthenticated attackers to add, modify or delete post and taxonomy, install, activate or deactivate plugin, change customizer settings, add or modify or delete user including administrator user."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/instawp-connect/tags/0.0.9.18/includes/class-instawp-rest-apis.php#L103",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2942363/instawp-connect#file5",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/48e7acf2-61d4-4762-8657-0701910ce69b?source=cve",
"source": "security@wordfence.com"
}
]
}

63
CVE-2023/CVE-2023-39xx/CVE-2023-3957.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-3957",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-27T07:15:10.253",
"lastModified": "2023-07-27T07:15:10.253",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The ACF Photo Gallery Field plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient restriction on the 'apg_profile_update' function in versions up to, and including, 1.9. This makes it possible for authenticated attackers, with subscriber-level permissions or above, to update the user metas arbitrarily. The meta value can only be a string."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-285"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/navz-photo-gallery/tags/1.9/includes/acf_photo_gallery_save.php#L42",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2943404/navz-photo-gallery#file0",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/689511e0-1355-4fcb-8a72-d819abc8e9a3?source=cve",
"source": "security@wordfence.com"
}
]
}

39
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-07-27T06:00:26.346583+00:00 2023-07-27T08:00:25.511855+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-07-27T05:15:10.613000+00:00 2023-07-27T07:15:10.253000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,45 +29,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
221136 221138
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `1` Recently added CVEs: `2`
* [CVE-2023-32450](CVE-2023/CVE-2023-324xx/CVE-2023-32450.json) (`2023-07-27T05:15:10.363`) * [CVE-2023-3956](CVE-2023/CVE-2023-39xx/CVE-2023-3956.json) (`2023-07-27T07:15:09.857`)
* [CVE-2023-3957](CVE-2023/CVE-2023-39xx/CVE-2023-3957.json) (`2023-07-27T07:15:10.253`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `204` Recently modified CVEs: `1`
* [CVE-2023-37450](CVE-2023/CVE-2023-374xx/CVE-2023-37450.json) (`2023-07-27T04:15:42.017`) * [CVE-2023-25074](CVE-2023/CVE-2023-250xx/CVE-2023-25074.json) (`2023-07-27T06:15:09.897`)
* [CVE-2023-38133](CVE-2023/CVE-2023-381xx/CVE-2023-38133.json) (`2023-07-27T04:15:42.297`)
* [CVE-2023-38136](CVE-2023/CVE-2023-381xx/CVE-2023-38136.json) (`2023-07-27T04:15:42.747`)
* [CVE-2023-38258](CVE-2023/CVE-2023-382xx/CVE-2023-38258.json) (`2023-07-27T04:15:43.523`)
* [CVE-2023-38259](CVE-2023/CVE-2023-382xx/CVE-2023-38259.json) (`2023-07-27T04:15:43.787`)
* [CVE-2023-38410](CVE-2023/CVE-2023-384xx/CVE-2023-38410.json) (`2023-07-27T04:15:44.003`)
* [CVE-2023-38421](CVE-2023/CVE-2023-384xx/CVE-2023-38421.json) (`2023-07-27T04:15:44.237`)
* [CVE-2023-38424](CVE-2023/CVE-2023-384xx/CVE-2023-38424.json) (`2023-07-27T04:15:44.553`)
* [CVE-2023-38425](CVE-2023/CVE-2023-384xx/CVE-2023-38425.json) (`2023-07-27T04:15:44.827`)
* [CVE-2023-38565](CVE-2023/CVE-2023-385xx/CVE-2023-38565.json) (`2023-07-27T04:15:45.210`)
* [CVE-2023-38572](CVE-2023/CVE-2023-385xx/CVE-2023-38572.json) (`2023-07-27T04:15:45.570`)
* [CVE-2023-38593](CVE-2023/CVE-2023-385xx/CVE-2023-38593.json) (`2023-07-27T04:15:45.950`)
* [CVE-2023-38594](CVE-2023/CVE-2023-385xx/CVE-2023-38594.json) (`2023-07-27T04:15:46.267`)
* [CVE-2023-38595](CVE-2023/CVE-2023-385xx/CVE-2023-38595.json) (`2023-07-27T04:15:46.603`)
* [CVE-2023-38597](CVE-2023/CVE-2023-385xx/CVE-2023-38597.json) (`2023-07-27T04:15:46.957`)
* [CVE-2023-38600](CVE-2023/CVE-2023-386xx/CVE-2023-38600.json) (`2023-07-27T04:15:47.267`)
* [CVE-2023-38602](CVE-2023/CVE-2023-386xx/CVE-2023-38602.json) (`2023-07-27T04:15:47.573`)
* [CVE-2023-38603](CVE-2023/CVE-2023-386xx/CVE-2023-38603.json) (`2023-07-27T04:15:47.900`)
* [CVE-2023-38606](CVE-2023/CVE-2023-386xx/CVE-2023-38606.json) (`2023-07-27T04:15:48.257`)
* [CVE-2023-38608](CVE-2023/CVE-2023-386xx/CVE-2023-38608.json) (`2023-07-27T04:15:48.577`)
* [CVE-2023-38611](CVE-2023/CVE-2023-386xx/CVE-2023-38611.json) (`2023-07-27T04:15:48.833`)
* [CVE-2023-20593](CVE-2023/CVE-2023-205xx/CVE-2023-20593.json) (`2023-07-27T05:15:10.213`)
* [CVE-2023-32001](CVE-2023/CVE-2023-320xx/CVE-2023-32001.json) (`2023-07-27T05:15:10.297`)
* [CVE-2023-33460](CVE-2023/CVE-2023-334xx/CVE-2023-33460.json) (`2023-07-27T05:15:10.483`)
* [CVE-2023-38197](CVE-2023/CVE-2023-381xx/CVE-2023-38197.json) (`2023-07-27T05:15:10.613`)
## Download and Usage ## Download and Usage