diff --git a/CVE-2008/CVE-2008-00xx/CVE-2008-0008.json b/CVE-2008/CVE-2008-00xx/CVE-2008-0008.json index 4dc76d052c0..5920ae84b20 100644 --- a/CVE-2008/CVE-2008-00xx/CVE-2008-0008.json +++ b/CVE-2008/CVE-2008-00xx/CVE-2008-0008.json @@ -2,8 +2,8 @@ "id": "CVE-2008-0008", "sourceIdentifier": "secalert@redhat.com", "published": "2008-01-29T00:00:00.000", - "lastModified": "2017-07-29T01:34:06.727", - "vulnStatus": "Modified", + "lastModified": "2024-01-09T02:46:32.613", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -68,8 +68,8 @@ }, { "vulnerable": false, - "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86-64:*:*:*:*:*", - "matchCriteriaId": "E7388F51-0BD2-4953-9B62-6E9C3C8EC6D2" + "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*", + "matchCriteriaId": "316AA6EB-7191-479E-99D5-40DA79E340E7" }, { "vulnerable": false, @@ -78,8 +78,8 @@ }, { "vulnerable": false, - "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:x86-64:*:*:*:*:*", - "matchCriteriaId": "E1EA333D-4BA5-476E-AD50-2041C3B37600" + "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:x86_64:*:*:*:*:*", + "matchCriteriaId": "5FE8C9E7-15C3-4F89-8E54-C9691FAD4E4C" }, { "vulnerable": false, @@ -115,7 +115,10 @@ "references": [ { "url": "http://bugs.gentoo.org/show_bug.cgi?id=207214", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://pulseaudio.org/changeset/2100", @@ -124,25 +127,69 @@ "Exploit" ] }, + { + "url": "http://secunia.com/advisories/28608", + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/28623", + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/28738", + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/28952", + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] + }, { "url": "http://security.gentoo.org/glsa/glsa-200802-07.xml", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://www.debian.org/security/2008/dsa-1476", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:027", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://www.securityfocus.com/bid/27449", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://www.ubuntu.com/usn/usn-573-1", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://www.vupen.com/english/advisories/2008/0283", @@ -153,23 +200,45 @@ }, { "url": "https://bugzilla.novell.com/show_bug.cgi?id=347822", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=425481", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39992", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "VDB Entry" + ] + }, + { + "url": "https://tango.0pointer.de/pipermail/pulseaudio-discuss/2008-January/001228.html", + "source": "secalert@redhat.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00852.html", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00869.html", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2008/CVE-2008-03xx/CVE-2008-0386.json b/CVE-2008/CVE-2008-03xx/CVE-2008-0386.json index 13c95cef141..53c45397501 100644 --- a/CVE-2008/CVE-2008-03xx/CVE-2008-0386.json +++ b/CVE-2008/CVE-2008-03xx/CVE-2008-0386.json @@ -2,8 +2,8 @@ "id": "CVE-2008-0386", "sourceIdentifier": "cve@mitre.org", "published": "2008-02-04T23:00:00.000", - "lastModified": "2011-03-08T03:04:37.360", - "vulnStatus": "Modified", + "lastModified": "2024-01-09T02:47:30.233", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -68,8 +68,8 @@ }, { "vulnerable": false, - "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86-64:*:*:*:*:*", - "matchCriteriaId": "E7388F51-0BD2-4953-9B62-6E9C3C8EC6D2" + "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*", + "matchCriteriaId": "316AA6EB-7191-479E-99D5-40DA79E340E7" }, { "vulnerable": false, @@ -78,8 +78,8 @@ }, { "vulnerable": false, - "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:x86-64:*:*:*:*:*", - "matchCriteriaId": "E1EA333D-4BA5-476E-AD50-2041C3B37600" + "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:x86_64:*:*:*:*:*", + "matchCriteriaId": "5FE8C9E7-15C3-4F89-8E54-C9691FAD4E4C" } ] }, @@ -108,11 +108,38 @@ }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/28638", + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/28728", + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "http://secunia.com/advisories/29048", + "source": "cve@mitre.org", + "tags": [ + "URL Repurposed" + ] }, { "url": "http://security.gentoo.org/glsa/glsa-200801-21.xml", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-email.in?r1=1.24&r2=1.25", @@ -151,27 +178,47 @@ }, { "url": "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-open?view=log", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:031", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://www.securityfocus.com/bid/27528", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://www.securitytracker.com/id?1019284", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://www.vupen.com/english/advisories/2008/0342", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=429513", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2009/CVE-2009-22xx/CVE-2009-2213.json b/CVE-2009/CVE-2009-22xx/CVE-2009-2213.json index f33ccc4f30e..1042f1e5750 100644 --- a/CVE-2009/CVE-2009-22xx/CVE-2009-2213.json +++ b/CVE-2009/CVE-2009-22xx/CVE-2009-2213.json @@ -2,8 +2,8 @@ "id": "CVE-2009-2213", "sourceIdentifier": "cve@mitre.org", "published": "2009-06-25T23:14:15.657", - "lastModified": "2017-08-17T01:30:42.227", - "vulnStatus": "Modified", + "lastModified": "2024-01-09T02:42:29.837", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,6 +15,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ], "cvssMetricV2": [ { "source": "nvd@nist.gov", @@ -48,7 +70,7 @@ "description": [ { "lang": "en", - "value": "CWE-16" + "value": "CWE-863" } ] } @@ -103,23 +125,33 @@ "url": "http://support.citrix.com/article/CTX118770", "source": "cve@mitre.org", "tags": [ + "Broken Link", "Vendor Advisory" ] }, { "url": "http://www.securityfocus.com/bid/35422", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://www.vupen.com/english/advisories/2009/1641", "source": "cve@mitre.org", "tags": [ - "Vendor Advisory" + "Permissions Required" ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51274", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2013/CVE-2013-14xx/CVE-2013-1465.json b/CVE-2013/CVE-2013-14xx/CVE-2013-1465.json index ab7a8114b1f..606146da150 100644 --- a/CVE-2013/CVE-2013-14xx/CVE-2013-1465.json +++ b/CVE-2013/CVE-2013-14xx/CVE-2013-1465.json @@ -2,8 +2,8 @@ "id": "CVE-2013-1465", "sourceIdentifier": "cve@mitre.org", "published": "2013-02-08T20:55:01.750", - "lastModified": "2017-08-29T01:33:09.760", - "vulnStatus": "Modified", + "lastModified": "2024-01-09T02:21:42.200", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,6 +15,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV2": [ { "source": "nvd@nist.gov", @@ -48,7 +70,7 @@ "description": [ { "lang": "en", - "value": "CWE-20" + "value": "CWE-502" } ] } @@ -62,88 +84,10 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:cubecart:cubecart:5.0.0:*:*:*:*:*:*:*", - "matchCriteriaId": "26E5808F-9E46-496A-BF55-2F7A7B2BDDE4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cubecart:cubecart:5.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "5CF52FE6-31F7-4817-B1A6-ACD42736D08F" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cubecart:cubecart:5.0.2:*:*:*:*:*:*:*", - "matchCriteriaId": "601916A1-209D-44BF-B405-BF390063C65A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cubecart:cubecart:5.0.3:*:*:*:*:*:*:*", - "matchCriteriaId": "94CE934A-6471-490C-B70F-85E16E121B1D" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cubecart:cubecart:5.0.4:*:*:*:*:*:*:*", - "matchCriteriaId": "F28AA2B7-978C-4CDB-BA6C-088C9D981FA7" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cubecart:cubecart:5.0.5:*:*:*:*:*:*:*", - "matchCriteriaId": "4825DC68-3C98-41E0-ACD6-8491442A7A87" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cubecart:cubecart:5.0.6:*:*:*:*:*:*:*", - "matchCriteriaId": "2D5F63EA-A137-4754-92D1-EA025CF36E7C" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cubecart:cubecart:5.0.7:*:*:*:*:*:*:*", - "matchCriteriaId": "F78D7A04-F1A9-4882-A68B-50FFFE668975" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cubecart:cubecart:5.0.8:*:*:*:*:*:*:*", - "matchCriteriaId": "2F2D4301-9D30-4CF1-B1D0-41908176E83A" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cubecart:cubecart:5.0.9:*:*:*:*:*:*:*", - "matchCriteriaId": "0A9E5C9F-2237-439B-B268-8B1498846BD2" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cubecart:cubecart:5.1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "203E42DF-2C2A-4B1E-A3B6-06CD8EF6A7E8" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cubecart:cubecart:5.1.1:*:*:*:*:*:*:*", - "matchCriteriaId": "4D254146-B1EC-4B62-AD14-73F057FB5ED4" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cubecart:cubecart:5.1.2:*:*:*:*:*:*:*", - "matchCriteriaId": "5B510375-6DB9-4E89-A03A-35AF37DFFD18" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cubecart:cubecart:5.1.3:*:*:*:*:*:*:*", - "matchCriteriaId": "96BB55DF-326C-4F4F-AF3A-12699DA03546" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cubecart:cubecart:5.1.4:*:*:*:*:*:*:*", - "matchCriteriaId": "06B2D6EE-9CEB-47BD-98B0-DD0601293EC3" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cubecart:cubecart:5.1.5:*:*:*:*:*:*:*", - "matchCriteriaId": "B6EA3125-B17B-4196-82E9-B8EDB298BA02" - }, - { - "vulnerable": true, - "criteria": "cpe:2.3:a:cubecart:cubecart:5.2.0:*:*:*:*:*:*:*", - "matchCriteriaId": "BE658EF0-286C-47E4-8443-0E5203D5ECD7" + "criteria": "cpe:2.3:a:cubecart:cubecart:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.0.0", + "versionEndIncluding": "5.2.0", + "matchCriteriaId": "40420555-46E6-4C86-BE77-03948AF775E9" } ] } @@ -153,7 +97,10 @@ "references": [ { "url": "http://archives.neohapsis.com/archives/bugtraq/2013-02/0032.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "http://forums.cubecart.com/?showtopic=47026", @@ -169,27 +116,52 @@ "Exploit" ] }, + { + "url": "http://osvdb.org/89923", + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] + }, { "url": "http://packetstormsecurity.com/files/120094/CubeCart-5.2.0-PHP-Object-Injection.html", "source": "cve@mitre.org", "tags": [ - "Exploit" + "Exploit", + "Third Party Advisory", + "VDB Entry" + ] + }, + { + "url": "http://secunia.com/advisories/52072", + "source": "cve@mitre.org", + "tags": [ + "Not Applicable" ] }, { "url": "http://www.exploit-db.com/exploits/24465", "source": "cve@mitre.org", "tags": [ - "Exploit" + "Exploit", + "Third Party Advisory", + "VDB Entry" ] }, { "url": "http://www.securityfocus.com/bid/57770", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81920", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2015/CVE-2015-101xx/CVE-2015-10103.json b/CVE-2015/CVE-2015-101xx/CVE-2015-10103.json index 6c347b3128a..55c6ac81f17 100644 --- a/CVE-2015/CVE-2015-101xx/CVE-2015-10103.json +++ b/CVE-2015/CVE-2015-101xx/CVE-2015-10103.json @@ -2,8 +2,8 @@ "id": "CVE-2015-10103", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-17T19:15:07.227", - "lastModified": "2023-11-07T02:23:57.133", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-01-09T02:18:56.097", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -33,7 +33,7 @@ "impactScore": 3.6 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -55,7 +55,7 @@ ], "cvssMetricV2": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "2.0", @@ -81,7 +81,7 @@ }, "weaknesses": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Primary", "description": [ { diff --git a/CVE-2015/CVE-2015-81xx/CVE-2015-8103.json b/CVE-2015/CVE-2015-81xx/CVE-2015-8103.json index 4f55fdb9415..625c47b6f36 100644 --- a/CVE-2015/CVE-2015-81xx/CVE-2015-8103.json +++ b/CVE-2015/CVE-2015-81xx/CVE-2015-8103.json @@ -2,8 +2,8 @@ "id": "CVE-2015-8103", "sourceIdentifier": "cve@mitre.org", "published": "2015-11-25T20:59:19.560", - "lastModified": "2019-12-17T17:41:03.340", - "vulnStatus": "Modified", + "lastModified": "2024-01-09T02:16:29.427", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,6 +15,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV2": [ { "source": "nvd@nist.gov", @@ -48,7 +70,7 @@ "description": [ { "lang": "en", - "value": "CWE-77" + "value": "CWE-502" } ] } @@ -62,25 +84,13 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*", - "versionEndIncluding": "3.1", - "matchCriteriaId": "0A492A49-052F-4CD5-AE7E-AF8A6B3E1B2D" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ + "criteria": "cpe:2.3:a:redhat:openshift_container_platform:2.2:*:*:*:*:*:*:*", + "matchCriteriaId": "6B17E72B-2403-4CA6-9F1F-3EDE99569232" + }, { "vulnerable": true, - "criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", - "versionEndIncluding": "1.637", - "matchCriteriaId": "3CB9B635-F70B-4BDB-B39C-C3A66255E0D4" + "criteria": "cpe:2.3:a:redhat:openshift_container_platform:3.1:*:*:*:*:*:*:*", + "matchCriteriaId": "93E3194E-7082-4E21-867B-FB4ECF482A07" } ] } @@ -95,23 +105,14 @@ { "vulnerable": true, "criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", - "versionEndIncluding": "1.625.1", - "matchCriteriaId": "7A8FFE37-57EC-4DEA-A2A5-F605AC622F0A" - } - ] - } - ] - }, - { - "nodes": [ - { - "operator": "OR", - "negate": false, - "cpeMatch": [ + "versionEndExcluding": "1.625.2", + "matchCriteriaId": "62164835-877E-4017-8751-E9890A7F76C3" + }, { "vulnerable": true, - "criteria": "cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*", - "matchCriteriaId": "B497EBB1-17A4-4FE8-B9FF-B2B53B18C175" + "criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.638", + "matchCriteriaId": "25BC2347-92E6-4462-956B-B21EC3E0B150" } ] } @@ -128,39 +129,68 @@ }, { "url": "http://packetstormsecurity.com/files/134805/Jenkins-CLI-RMI-Java-Deserialization.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://rhn.redhat.com/errata/RHSA-2016-0489.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://www.openwall.com/lists/oss-security/2015/11/09/5", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "http://www.openwall.com/lists/oss-security/2015/11/18/11", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "http://www.openwall.com/lists/oss-security/2015/11/18/13", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "http://www.openwall.com/lists/oss-security/2015/11/18/2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "http://www.securityfocus.com/bid/77636", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2016:0070", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://jenkins-ci.org/content/mitigating-unauthenticated-remote-code-execution-0-day-jenkins-cli", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] }, { "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11", @@ -171,7 +201,12 @@ }, { "url": "https://www.exploit-db.com/exploits/38983/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2016/CVE-2016-150xx/CVE-2016-15031.json b/CVE-2016/CVE-2016-150xx/CVE-2016-15031.json index 1d4de37eeec..a96cae364c4 100644 --- a/CVE-2016/CVE-2016-150xx/CVE-2016-15031.json +++ b/CVE-2016/CVE-2016-150xx/CVE-2016-15031.json @@ -2,8 +2,8 @@ "id": "CVE-2016-15031", "sourceIdentifier": "cna@vuldb.com", "published": "2023-05-06T01:15:08.827", - "lastModified": "2023-11-07T02:29:49.383", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-01-09T02:17:52.587", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -33,7 +33,7 @@ "impactScore": 5.9 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -55,7 +55,7 @@ ], "cvssMetricV2": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "2.0", @@ -81,7 +81,7 @@ }, "weaknesses": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Primary", "description": [ { diff --git a/CVE-2016/CVE-2016-200xx/CVE-2016-20017.json b/CVE-2016/CVE-2016-200xx/CVE-2016-20017.json index 698ec1869d2..1ecda735ed6 100644 --- a/CVE-2016/CVE-2016-200xx/CVE-2016-20017.json +++ b/CVE-2016/CVE-2016-200xx/CVE-2016-20017.json @@ -2,8 +2,12 @@ "id": "CVE-2016-20017", "sourceIdentifier": "cve@mitre.org", "published": "2022-10-19T05:15:08.817", - "lastModified": "2022-10-21T20:19:14.450", + "lastModified": "2024-01-09T02:00:01.950", "vulnStatus": "Analyzed", + "cisaExploitAdd": "2024-01-08", + "cisaActionDue": "2024-01-29", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "D-Link DSL-2750B Devices Command Injection Vulnerability", "descriptions": [ { "lang": "en", diff --git a/CVE-2019/CVE-2019-127xx/CVE-2019-12799.json b/CVE-2019/CVE-2019-127xx/CVE-2019-12799.json index bd7f02142f4..0c40437df15 100644 --- a/CVE-2019/CVE-2019-127xx/CVE-2019-12799.json +++ b/CVE-2019/CVE-2019-127xx/CVE-2019-12799.json @@ -2,8 +2,8 @@ "id": "CVE-2019-12799", "sourceIdentifier": "cve@mitre.org", "published": "2019-06-13T20:29:00.173", - "lastModified": "2019-10-09T23:46:12.467", - "vulnStatus": "Modified", + "lastModified": "2024-01-09T02:24:49.470", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,13 +15,13 @@ } ], "metrics": { - "cvssMetricV30": [ + "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", @@ -35,7 +35,9 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 - }, + } + ], + "cvssMetricV30": [ { "source": "cve@mitre.org", "type": "Secondary", diff --git a/CVE-2020/CVE-2020-266xx/CVE-2020-26623.json b/CVE-2020/CVE-2020-266xx/CVE-2020-26623.json index 3fb43cab7aa..2550619bf99 100644 --- a/CVE-2020/CVE-2020-266xx/CVE-2020-26623.json +++ b/CVE-2020/CVE-2020-266xx/CVE-2020-26623.json @@ -2,8 +2,8 @@ "id": "CVE-2020-26623", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-02T22:15:07.777", - "lastModified": "2024-01-03T13:48:00.677", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-09T01:48:52.037", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,23 +14,90 @@ "value": "Una vulnerabilidad de inyecci\u00f3n SQL descubierta en Gila CMS 1.15.4 y anteriores permite a un atacante remoto ejecutar scripts web arbitrarios a trav\u00e9s del par\u00e1metro Area en la pesta\u00f1a Administration>Widget despu\u00e9s del portal de inicio de sesi\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.8, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.2, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gilacms:gila_cms:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.15.4", + "matchCriteriaId": "A50D5646-7095-46DD-8C3F-1CA1FBD9D043" + } + ] + } + ] + } + ], "references": [ { "url": "http://gilacms.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/GilaCMS/gila", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/GilaCMS/gila/security/policy", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://packetstormsecurity.com/files/176301/GilaCMS-1.15.4-SQL-Injection.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-266xx/CVE-2020-26624.json b/CVE-2020/CVE-2020-266xx/CVE-2020-26624.json index 66c5f8bebea..6289fbe5aac 100644 --- a/CVE-2020/CVE-2020-266xx/CVE-2020-26624.json +++ b/CVE-2020/CVE-2020-266xx/CVE-2020-26624.json @@ -2,8 +2,8 @@ "id": "CVE-2020-26624", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-02T22:15:07.837", - "lastModified": "2024-01-03T13:48:00.677", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-09T01:54:04.817", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,23 +14,90 @@ "value": "Se descubri\u00f3 una vulnerabilidad de inyecci\u00f3n SQL en Gila CMS 1.15.4 y versiones anteriores que permite a un atacante remoto ejecutar scripts web arbitrarios a trav\u00e9s del par\u00e1metro ID despu\u00e9s del portal de inicio de sesi\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.8, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.2, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gilacms:gila_cms:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.15.4", + "matchCriteriaId": "A50D5646-7095-46DD-8C3F-1CA1FBD9D043" + } + ] + } + ] + } + ], "references": [ { "url": "http://gilacms.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/GilaCMS/gila", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/GilaCMS/gila/security/policy", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://packetstormsecurity.com/files/176301/GilaCMS-1.15.4-SQL-Injection.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-347xx/CVE-2022-34795.json b/CVE-2022/CVE-2022-347xx/CVE-2022-34795.json index 0c359cd562a..46e885ed0c6 100644 --- a/CVE-2022/CVE-2022-347xx/CVE-2022-34795.json +++ b/CVE-2022/CVE-2022-347xx/CVE-2022-34795.json @@ -2,8 +2,8 @@ "id": "CVE-2022-34795", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2022-06-30T18:15:12.727", - "lastModified": "2023-10-25T18:17:10.123", - "vulnStatus": "Modified", + "lastModified": "2024-01-09T02:56:14.150", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -63,6 +63,18 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], "configurations": [ { "nodes": [ diff --git a/CVE-2022/CVE-2022-483xx/CVE-2022-48321.json b/CVE-2022/CVE-2022-483xx/CVE-2022-48321.json index f547e5ed6e5..604508c907c 100644 --- a/CVE-2022/CVE-2022-483xx/CVE-2022-48321.json +++ b/CVE-2022/CVE-2022-483xx/CVE-2022-48321.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48321", "sourceIdentifier": "security@checkmk.com", "published": "2023-02-20T17:15:12.607", - "lastModified": "2023-10-25T18:17:22.573", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-01-09T02:10:28.540", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -17,20 +17,20 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.3, + "baseSeverity": "LOW" }, "exploitabilityScore": 1.8, - "impactScore": 5.9 + "impactScore": 1.4 }, { "source": "security@checkmk.com", @@ -204,7 +204,11 @@ }, { "url": "https://www.sonarsource.com/blog/checkmk-rce-chain-1/", - "source": "security@checkmk.com" + "source": "security@checkmk.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-00xx/CVE-2023-0004.json b/CVE-2023/CVE-2023-00xx/CVE-2023-0004.json index 7e60cfe624b..331a5c536d0 100644 --- a/CVE-2023/CVE-2023-00xx/CVE-2023-0004.json +++ b/CVE-2023/CVE-2023-00xx/CVE-2023-0004.json @@ -2,8 +2,8 @@ "id": "CVE-2023-0004", "sourceIdentifier": "psirt@paloaltonetworks.com", "published": "2023-04-12T17:15:07.043", - "lastModified": "2023-11-03T22:15:09.600", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-01-09T02:12:20.307", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -121,32 +121,81 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", + "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", + "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646" + } + ] + } + ] } ], "references": [ { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/", - "source": "psirt@paloaltonetworks.com" + "source": "psirt@paloaltonetworks.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/", - "source": "psirt@paloaltonetworks.com" + "source": "psirt@paloaltonetworks.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/", - "source": "psirt@paloaltonetworks.com" + "source": "psirt@paloaltonetworks.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/", - "source": "psirt@paloaltonetworks.com" + "source": "psirt@paloaltonetworks.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/", - "source": "psirt@paloaltonetworks.com" + "source": "psirt@paloaltonetworks.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/", - "source": "psirt@paloaltonetworks.com" + "source": "psirt@paloaltonetworks.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://security.paloaltonetworks.com/CVE-2023-0004", diff --git a/CVE-2023/CVE-2023-229xx/CVE-2023-22932.json b/CVE-2023/CVE-2023-229xx/CVE-2023-22932.json index c123cb68078..0f8dff625a1 100644 --- a/CVE-2023/CVE-2023-229xx/CVE-2023-22932.json +++ b/CVE-2023/CVE-2023-229xx/CVE-2023-22932.json @@ -2,8 +2,8 @@ "id": "CVE-2023-22932", "sourceIdentifier": "prodsec@splunk.com", "published": "2023-02-14T18:15:12.143", - "lastModified": "2023-11-07T04:07:32.670", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-01-09T02:26:38.127", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -33,7 +33,7 @@ "impactScore": 2.7 }, { - "source": "42b59230-ec95-491e-8425-5a5befa1a469", + "source": "prodsec@splunk.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -66,7 +66,7 @@ ] }, { - "source": "42b59230-ec95-491e-8425-5a5befa1a469", + "source": "prodsec@splunk.com", "type": "Secondary", "description": [ { @@ -111,7 +111,10 @@ }, { "url": "https://research.splunk.com/application/ce6e1268-e01c-4df2-a617-0f034ed49a43/", - "source": "prodsec@splunk.com" + "source": "prodsec@splunk.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-237xx/CVE-2023-23752.json b/CVE-2023/CVE-2023-237xx/CVE-2023-23752.json index 464fd0742d9..90eeacdbb24 100644 --- a/CVE-2023/CVE-2023-237xx/CVE-2023-23752.json +++ b/CVE-2023/CVE-2023-237xx/CVE-2023-23752.json @@ -2,8 +2,12 @@ "id": "CVE-2023-23752", "sourceIdentifier": "security@joomla.org", "published": "2023-02-16T17:15:10.603", - "lastModified": "2023-02-24T16:17:24.573", + "lastModified": "2024-01-09T02:00:01.953", "vulnStatus": "Analyzed", + "cisaExploitAdd": "2024-01-08", + "cisaActionDue": "2024-01-29", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Joomla! Improper Access Control Vulnerability", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-240xx/CVE-2023-24070.json b/CVE-2023/CVE-2023-240xx/CVE-2023-24070.json index e8c1910b8ce..cee7957c32a 100644 --- a/CVE-2023/CVE-2023-240xx/CVE-2023-24070.json +++ b/CVE-2023/CVE-2023-240xx/CVE-2023-24070.json @@ -2,8 +2,8 @@ "id": "CVE-2023-24070", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-23T05:15:18.997", - "lastModified": "2023-10-30T22:15:09.867", - "vulnStatus": "Modified", + "lastModified": "2024-01-09T02:55:33.710", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -75,7 +75,10 @@ }, { "url": "https://zigrin.com/advisories/misp-xss-in-add-action-of-the-authkeys-controller/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-269xx/CVE-2023-26998.json b/CVE-2023/CVE-2023-269xx/CVE-2023-26998.json new file mode 100644 index 00000000000..8195343d65b --- /dev/null +++ b/CVE-2023/CVE-2023-269xx/CVE-2023-26998.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-26998", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-09T02:15:43.960", + "lastModified": "2024-01-09T02:15:43.960", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the creator parameter of the Alert Configuration page." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://netscout.com", + "source": "cve@mitre.org" + }, + { + "url": "http://ngeniusone.com", + "source": "cve@mitre.org" + }, + { + "url": "https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-269xx/CVE-2023-26999.json b/CVE-2023/CVE-2023-269xx/CVE-2023-26999.json new file mode 100644 index 00000000000..5163c1d741f --- /dev/null +++ b/CVE-2023/CVE-2023-269xx/CVE-2023-26999.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-26999", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-09T02:15:44.020", + "lastModified": "2024-01-09T02:15:44.020", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue found in NetScout nGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted file." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://netscout.com", + "source": "cve@mitre.org" + }, + { + "url": "http://ngeniusone.com", + "source": "cve@mitre.org" + }, + { + "url": "https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-270xx/CVE-2023-27000.json b/CVE-2023/CVE-2023-270xx/CVE-2023-27000.json new file mode 100644 index 00000000000..374ff111237 --- /dev/null +++ b/CVE-2023/CVE-2023-270xx/CVE-2023-27000.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-27000", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-09T02:15:44.067", + "lastModified": "2024-01-09T02:15:44.067", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the name parameter of the Profile and Exclusion List page(s)." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://netscout.com", + "source": "cve@mitre.org" + }, + { + "url": "http://ngeniusone.com", + "source": "cve@mitre.org" + }, + { + "url": "https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-270xx/CVE-2023-27098.json b/CVE-2023/CVE-2023-270xx/CVE-2023-27098.json new file mode 100644 index 00000000000..4a0ffe49812 --- /dev/null +++ b/CVE-2023/CVE-2023-270xx/CVE-2023-27098.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-27098", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-09T02:15:44.113", + "lastModified": "2024-01-09T02:15:44.113", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://tp-lin.com", + "source": "cve@mitre.org" + }, + { + "url": "http://tp-link.com", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/c0d3x27/CVEs/tree/main/CVE-2023-27098", + "source": "cve@mitre.org" + }, + { + "url": "https://www.tp-link.com/support/contact-technical-support/#LiveChat-Support", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-275xx/CVE-2023-27524.json b/CVE-2023/CVE-2023-275xx/CVE-2023-27524.json index cbcdd74624d..3f4a31220b8 100644 --- a/CVE-2023/CVE-2023-275xx/CVE-2023-27524.json +++ b/CVE-2023/CVE-2023-275xx/CVE-2023-27524.json @@ -2,8 +2,12 @@ "id": "CVE-2023-27524", "sourceIdentifier": "security@apache.org", "published": "2023-04-24T16:15:07.843", - "lastModified": "2023-10-13T16:15:11.073", - "vulnStatus": "Modified", + "lastModified": "2024-01-09T02:00:01.953", + "vulnStatus": "Undergoing Analysis", + "cisaExploitAdd": "2024-01-08", + "cisaActionDue": "2024-01-29", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Apache Superset Insecure Default Initialization of Resource Vulnerability", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-278xx/CVE-2023-27857.json b/CVE-2023/CVE-2023-278xx/CVE-2023-27857.json index fcba6999faf..7905b34fc42 100644 --- a/CVE-2023/CVE-2023-278xx/CVE-2023-27857.json +++ b/CVE-2023/CVE-2023-278xx/CVE-2023-27857.json @@ -2,8 +2,8 @@ "id": "CVE-2023-27857", "sourceIdentifier": "PSIRT@rockwellautomation.com", "published": "2023-03-22T02:15:48.953", - "lastModified": "2023-10-25T18:17:26.953", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-01-09T02:31:27.647", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-284xx/CVE-2023-28471.json b/CVE-2023/CVE-2023-284xx/CVE-2023-28471.json index 1eb4aa142fa..77ce3065726 100644 --- a/CVE-2023/CVE-2023-284xx/CVE-2023-28471.json +++ b/CVE-2023/CVE-2023-284xx/CVE-2023-28471.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28471", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-28T14:15:10.307", - "lastModified": "2023-05-04T20:59:56.717", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-09T01:15:38.753", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Concrete CMS (previously concrete5) before 9.2 is vulnerable to Stored XSS via a container name." + "value": "Concrete CMS (previously concrete5) in versions 9.0 through 9.1.3 is vulnerable to Stored XSS via a container name." } ], "metrics": { @@ -72,6 +72,10 @@ "Product" ] }, + { + "url": "https://www.concretecms.org/about/project-news/security/2023-12-05-concrete-cms-new-cves-and-cve-updates", + "source": "cve@mitre.org" + }, { "url": "https://www.concretecms.org/about/project-news/security/concrete-cms-security-advisory-2023-04-20", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-293xx/CVE-2023-29300.json b/CVE-2023/CVE-2023-293xx/CVE-2023-29300.json index 0629903ab81..3b91baf1646 100644 --- a/CVE-2023/CVE-2023-293xx/CVE-2023-29300.json +++ b/CVE-2023/CVE-2023-293xx/CVE-2023-29300.json @@ -2,8 +2,12 @@ "id": "CVE-2023-29300", "sourceIdentifier": "psirt@adobe.com", "published": "2023-07-12T16:15:11.733", - "lastModified": "2023-07-20T14:22:26.210", + "lastModified": "2024-01-09T02:00:01.953", "vulnStatus": "Analyzed", + "cisaExploitAdd": "2024-01-08", + "cisaActionDue": "2024-01-29", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Adobe ColdFusion Deserialization of Untrusted Data Vulnerability", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-307xx/CVE-2023-30774.json b/CVE-2023/CVE-2023-307xx/CVE-2023-30774.json index 73e4bac5a1e..9b84cbd2229 100644 --- a/CVE-2023/CVE-2023-307xx/CVE-2023-30774.json +++ b/CVE-2023/CVE-2023-307xx/CVE-2023-30774.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30774", "sourceIdentifier": "secalert@redhat.com", "published": "2023-05-19T15:15:08.923", - "lastModified": "2023-10-26T00:15:09.963", - "vulnStatus": "Modified", + "lastModified": "2024-01-09T02:51:33.207", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -71,12 +71,32 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "14.1", + "matchCriteriaId": "2BB2BFC1-74A1-4178-8488-69EC5A60B34F" + } + ] + } + ] } ], "references": [ { "url": "http://seclists.org/fulldisclosure/2023/Oct/24", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/security/cve/CVE-2023-30774", @@ -103,11 +123,18 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20230703-0002/", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://support.apple.com/kb/HT213984", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Release Notes", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-340xx/CVE-2023-34039.json b/CVE-2023/CVE-2023-340xx/CVE-2023-34039.json index c0d931959ad..fbadbad05b3 100644 --- a/CVE-2023/CVE-2023-340xx/CVE-2023-34039.json +++ b/CVE-2023/CVE-2023-340xx/CVE-2023-34039.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34039", "sourceIdentifier": "security@vmware.com", "published": "2023-08-29T18:15:08.680", - "lastModified": "2023-10-25T18:17:27.823", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-01-09T02:32:49.600", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -88,11 +88,20 @@ "references": [ { "url": "http://packetstormsecurity.com/files/174452/VMWare-Aria-Operations-For-Networks-Remote-Code-Execution.html", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://packetstormsecurity.com/files/175320/VMWare-Aria-Operations-For-Networks-SSH-Private-Key-Exposure.html", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Exploit", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://www.vmware.com/security/advisories/VMSA-2023-0018.html", diff --git a/CVE-2023/CVE-2023-366xx/CVE-2023-36629.json b/CVE-2023/CVE-2023-366xx/CVE-2023-36629.json new file mode 100644 index 00000000000..6a67284a1f6 --- /dev/null +++ b/CVE-2023/CVE-2023-366xx/CVE-2023-36629.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-36629", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-09T02:15:44.163", + "lastModified": "2024-01-09T02:15:44.163", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The ST ST54-android-packages-apps-Nfc package before 130-20230215-23W07p0 for Android has an out-of-bounds read." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/STMicroelectronics/ST54-android-packages-apps-Nfc/releases/tag/130-20230215-23W07p0", + "source": "cve@mitre.org" + }, + { + "url": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/hunting-for-android-privilege-escalation-with-a-32-line-fuzzer/", + "source": "cve@mitre.org" + }, + { + "url": "https://www.trustwave.com/hubfs/Web/Library/Advisories_txt/TWSL2023-007_Xiaomi_Redmi_10sNote-1.txt", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-382xx/CVE-2023-38203.json b/CVE-2023/CVE-2023-382xx/CVE-2023-38203.json index 1283dfebc95..24fd873a5c5 100644 --- a/CVE-2023/CVE-2023-382xx/CVE-2023-38203.json +++ b/CVE-2023/CVE-2023-382xx/CVE-2023-38203.json @@ -2,8 +2,12 @@ "id": "CVE-2023-38203", "sourceIdentifier": "psirt@adobe.com", "published": "2023-07-20T16:15:12.180", - "lastModified": "2023-07-20T16:46:06.097", + "lastModified": "2024-01-09T02:00:01.953", "vulnStatus": "Analyzed", + "cisaExploitAdd": "2024-01-08", + "cisaActionDue": "2024-01-29", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Adobe ColdFusion Deserialization of Untrusted Data Vulnerability", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-384xx/CVE-2023-38403.json b/CVE-2023/CVE-2023-384xx/CVE-2023-38403.json index 7102ddc1a5f..2670f48b096 100644 --- a/CVE-2023/CVE-2023-384xx/CVE-2023-38403.json +++ b/CVE-2023/CVE-2023-384xx/CVE-2023-38403.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38403", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-17T21:15:09.800", - "lastModified": "2023-11-07T04:17:15.700", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-01-09T02:53:19.040", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -109,16 +109,65 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:clustered_data_ontap:9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "C3ED302E-F464-40DE-A976-FD518E42D95D" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "13.6.1", + "matchCriteriaId": "7AC99BA0-CC79-4E06-87CA-CA3525CEF81E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:14.0:*:*:*:*:*:*:*", + "matchCriteriaId": "9FE27DF1-3AF9-4BE4-8541-565FE5BC16A2" + } + ] + } + ] } ], "references": [ { "url": "http://seclists.org/fulldisclosure/2023/Oct/24", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "http://seclists.org/fulldisclosure/2023/Oct/26", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://bugs.debian.org/1040830", @@ -166,23 +215,42 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BV6EBWWF4PEQKROEVXGYSTIT2MGBTLU7/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M25Z5FHTO3XWMGP37JHJ7IIIHSGCLKEV/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://security.netapp.com/advisory/ntap-20230818-0016/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://support.apple.com/kb/HT213984", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes", + "Third Party Advisory" + ] }, { "url": "https://support.apple.com/kb/HT213985", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-393xx/CVE-2023-39336.json b/CVE-2023/CVE-2023-393xx/CVE-2023-39336.json new file mode 100644 index 00000000000..7ece44b851f --- /dev/null +++ b/CVE-2023/CVE-2023-393xx/CVE-2023-39336.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-39336", + "sourceIdentifier": "support@hackerone.com", + "published": "2024-01-09T02:15:44.207", + "lastModified": "2024-01-09T02:15:44.207", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An unspecified SQL Injection vulnerability in Ivanti Endpoint Manager released prior to 2022 SU 5 allows an attacker with access to the internal network to execute arbitrary SQL queries and retrieve output without the need for authentication. Under specific circumstances, this may also lead to RCE on the core server. " + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "support@hackerone.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.6, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.8, + "impactScore": 6.0 + } + ] + }, + "references": [ + { + "url": "https://forums.ivanti.com/s/article/SA-2023-12-19-CVE-2023-39336?language=en_US", + "source": "support@hackerone.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-39xx/CVE-2023-3997.json b/CVE-2023/CVE-2023-39xx/CVE-2023-3997.json index 2eda5d03608..5131d386812 100644 --- a/CVE-2023/CVE-2023-39xx/CVE-2023-3997.json +++ b/CVE-2023/CVE-2023-39xx/CVE-2023-3997.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3997", "sourceIdentifier": "prodsec@splunk.com", "published": "2023-07-31T17:15:10.110", - "lastModified": "2023-11-07T04:20:06.103", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-01-09T02:35:52.077", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -33,7 +33,7 @@ "impactScore": 5.9 }, { - "source": "42b59230-ec95-491e-8425-5a5befa1a469", + "source": "prodsec@splunk.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -61,12 +61,12 @@ "description": [ { "lang": "en", - "value": "CWE-74" + "value": "CWE-116" } ] }, { - "source": "42b59230-ec95-491e-8425-5a5befa1a469", + "source": "prodsec@splunk.com", "type": "Secondary", "description": [ { diff --git a/CVE-2023/CVE-2023-419xx/CVE-2023-41990.json b/CVE-2023/CVE-2023-419xx/CVE-2023-41990.json index 355bf77fa97..7834f26c207 100644 --- a/CVE-2023/CVE-2023-419xx/CVE-2023-41990.json +++ b/CVE-2023/CVE-2023-419xx/CVE-2023-41990.json @@ -2,8 +2,12 @@ "id": "CVE-2023-41990", "sourceIdentifier": "product-security@apple.com", "published": "2023-09-12T00:15:09.463", - "lastModified": "2023-09-21T19:15:10.970", - "vulnStatus": "Modified", + "lastModified": "2024-01-09T02:00:01.953", + "vulnStatus": "Undergoing Analysis", + "cisaExploitAdd": "2024-01-08", + "cisaActionDue": "2024-01-29", + "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", + "cisaVulnerabilityName": "Apple Multiple Products Code Execution Vulnerability", "descriptions": [ { "lang": "en", @@ -11,7 +15,7 @@ }, { "lang": "es", - "value": "El problema se solucion\u00f3 mejorando el manejo de los cach\u00e9s. Este problema se solucion\u00f3 en macOS Ventura 13.2, iOS 15.7.8 y iPadOS 15.7.8, watchOS 9.3, tvOS 16.3, iOS 16.3 y iPadOS 16.3, macOS Big Sur 11.7.9, macOS Monterey 12.6.8. El procesamiento de un archivo de fuente puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. Apple tiene conocimiento de un informe que indica que este problema puede haber sido explotado activamente en versiones de iOS lanzadas antes de iOS 15.7.1." + "value": "El problema se solucion\u00f3 mejorando el manejo de los cach\u00e9s. Este problema se solucion\u00f3 en tvOS 16.3, iOS 16.3 y iPadOS 16.3, macOS Monterey 12.6.8, macOS Big Sur 11.7.9, iOS 15.7.8 y iPadOS 15.7.8, macOS Ventura 13.2, watchOS 9.3. El procesamiento de un archivo de fuentes puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. Apple tiene conocimiento de un informe que indica que este problema puede haber sido explotado activamente en versiones de iOS lanzadas antes de iOS 15.7.1." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46603.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46603.json index 37685aa039e..7c90219eb13 100644 --- a/CVE-2023/CVE-2023-466xx/CVE-2023-46603.json +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46603.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46603", "sourceIdentifier": "cve@mitre.org", "published": "2023-10-23T20:15:09.180", - "lastModified": "2023-10-28T03:25:08.277", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-01-09T02:51:06.413", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -21,8 +21,8 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "attackVector": "LOCAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", @@ -30,10 +30,10 @@ "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", - "baseScore": 7.8, + "baseScore": 8.8, "baseSeverity": "HIGH" }, - "exploitabilityScore": 1.8, + "exploitabilityScore": 2.8, "impactScore": 5.9 } ] diff --git a/CVE-2023/CVE-2023-468xx/CVE-2023-46846.json b/CVE-2023/CVE-2023-468xx/CVE-2023-46846.json index 3694b016a01..42384d68af1 100644 --- a/CVE-2023/CVE-2023-468xx/CVE-2023-46846.json +++ b/CVE-2023/CVE-2023-468xx/CVE-2023-46846.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46846", "sourceIdentifier": "secalert@redhat.com", "published": "2023-11-03T08:15:07.953", - "lastModified": "2023-12-28T16:24:10.387", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-09T02:15:44.380", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -285,6 +285,10 @@ "Vendor Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html", + "source": "secalert@redhat.com" + }, { "url": "https://security.netapp.com/advisory/ntap-20231130-0002/", "source": "secalert@redhat.com", diff --git a/CVE-2023/CVE-2023-468xx/CVE-2023-46847.json b/CVE-2023/CVE-2023-468xx/CVE-2023-46847.json index 19ef340d84c..d6f3fdba4c9 100644 --- a/CVE-2023/CVE-2023-468xx/CVE-2023-46847.json +++ b/CVE-2023/CVE-2023-468xx/CVE-2023-46847.json @@ -2,7 +2,7 @@ "id": "CVE-2023-46847", "sourceIdentifier": "secalert@redhat.com", "published": "2023-11-03T08:15:08.023", - "lastModified": "2023-12-13T08:15:50.407", + "lastModified": "2024-01-09T02:15:44.557", "vulnStatus": "Undergoing Analysis", "descriptions": [ { @@ -306,6 +306,10 @@ "Vendor Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html", + "source": "secalert@redhat.com" + }, { "url": "https://security.netapp.com/advisory/ntap-20231130-0002/", "source": "secalert@redhat.com" diff --git a/CVE-2023/CVE-2023-469xx/CVE-2023-46906.json b/CVE-2023/CVE-2023-469xx/CVE-2023-46906.json new file mode 100644 index 00000000000..6317de7b2e6 --- /dev/null +++ b/CVE-2023/CVE-2023-469xx/CVE-2023-46906.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-46906", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-09T01:15:38.830", + "lastModified": "2024-01-09T01:15:38.830", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "juzaweb <= 3.4 is vulnerable to Incorrect Access Control, resulting in an application outage after a 500 HTTP status code. The payload in the timezone field was not correctly validated." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/juzaweb/cms", + "source": "cve@mitre.org" + }, + { + "url": "https://www.sumor.top/index.php/archives/880/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-47xx/CVE-2023-4746.json b/CVE-2023/CVE-2023-47xx/CVE-2023-4746.json index 77c5c98ff0b..883d7479f85 100644 --- a/CVE-2023/CVE-2023-47xx/CVE-2023-4746.json +++ b/CVE-2023/CVE-2023-47xx/CVE-2023-4746.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4746", "sourceIdentifier": "cna@vuldb.com", "published": "2023-09-04T01:15:07.437", - "lastModified": "2023-11-07T04:22:56.397", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-01-09T02:39:00.667", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -59,7 +59,7 @@ ], "cvssMetricV2": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "2.0", @@ -95,7 +95,7 @@ ] }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "description": [ { @@ -147,7 +147,7 @@ "url": "https://vuldb.com/?ctiid.238635", "source": "cna@vuldb.com", "tags": [ - "Third Party Advisory" + "Permissions Required" ] }, { diff --git a/CVE-2023/CVE-2023-492xx/CVE-2023-49238.json b/CVE-2023/CVE-2023-492xx/CVE-2023-49238.json new file mode 100644 index 00000000000..4882ab0036e --- /dev/null +++ b/CVE-2023/CVE-2023-492xx/CVE-2023-49238.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-49238", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-09T02:15:44.837", + "lastModified": "2024-01-09T02:15:44.837", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In Gradle Enterprise before 2023.1, a remote attacker may be able to gain access to a new installation (in certain installation scenarios) because of a non-unique initial system user password. Although this password must be changed upon the first login, it is possible that an attacker logs in before the legitimate administrator logs in." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://security.gradle.com", + "source": "cve@mitre.org" + }, + { + "url": "https://security.gradle.com/advisory/2023-01", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-492xx/CVE-2023-49285.json b/CVE-2023/CVE-2023-492xx/CVE-2023-49285.json index ea6c2de295d..667befdd495 100644 --- a/CVE-2023/CVE-2023-492xx/CVE-2023-49285.json +++ b/CVE-2023/CVE-2023-492xx/CVE-2023-49285.json @@ -2,7 +2,7 @@ "id": "CVE-2023-49285", "sourceIdentifier": "security-advisories@github.com", "published": "2023-12-04T23:15:27.007", - "lastModified": "2023-12-29T03:15:11.340", + "lastModified": "2024-01-09T02:15:44.903", "vulnStatus": "Modified", "descriptions": [ { @@ -134,6 +134,10 @@ "Vendor Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html", + "source": "security-advisories@github.com" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/", "source": "security-advisories@github.com" diff --git a/CVE-2023/CVE-2023-492xx/CVE-2023-49286.json b/CVE-2023/CVE-2023-492xx/CVE-2023-49286.json index 2ad56ca5399..61846a62c40 100644 --- a/CVE-2023/CVE-2023-492xx/CVE-2023-49286.json +++ b/CVE-2023/CVE-2023-492xx/CVE-2023-49286.json @@ -2,7 +2,7 @@ "id": "CVE-2023-49286", "sourceIdentifier": "security-advisories@github.com", "published": "2023-12-04T23:15:27.243", - "lastModified": "2023-12-29T03:15:11.453", + "lastModified": "2024-01-09T02:15:45.030", "vulnStatus": "Modified", "descriptions": [ { @@ -128,6 +128,10 @@ "Vendor Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html", + "source": "security-advisories@github.com" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/", "source": "security-advisories@github.com" diff --git a/CVE-2023/CVE-2023-495xx/CVE-2023-49583.json b/CVE-2023/CVE-2023-495xx/CVE-2023-49583.json index b65c848118d..62217ad977d 100644 --- a/CVE-2023/CVE-2023-495xx/CVE-2023-49583.json +++ b/CVE-2023/CVE-2023-495xx/CVE-2023-49583.json @@ -2,8 +2,8 @@ "id": "CVE-2023-49583", "sourceIdentifier": "cna@sap.com", "published": "2023-12-12T02:15:07.920", - "lastModified": "2023-12-15T15:28:14.160", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-09T02:15:45.140", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -103,6 +103,14 @@ "Permissions Required" ] }, + { + "url": "https://me.sap.com/notes/3412456", + "source": "cna@sap.com" + }, + { + "url": "https://me.sap.com/notes/3413475", + "source": "cna@sap.com" + }, { "url": "https://www.npmjs.com/package/@sap/xssec", "source": "cna@sap.com", diff --git a/CVE-2023/CVE-2023-49xx/CVE-2023-4966.json b/CVE-2023/CVE-2023-49xx/CVE-2023-4966.json index 3b811556ee0..a310c546da9 100644 --- a/CVE-2023/CVE-2023-49xx/CVE-2023-4966.json +++ b/CVE-2023/CVE-2023-49xx/CVE-2023-4966.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4966", "sourceIdentifier": "secure@citrix.com", "published": "2023-10-10T14:15:10.977", - "lastModified": "2023-11-07T04:23:14.160", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-01-09T02:27:10.417", + "vulnStatus": "Analyzed", "cisaExploitAdd": "2023-10-18", "cisaActionDue": "2023-11-08", "cisaRequiredAction": "Apply mitigations and kill all active and persistent sessions per vendor instructions [https://www.netscaler.com/blog/news/cve-2023-4966-critical-security-update-now-available-for-netscaler-adc-and-netscaler-gateway/] OR discontinue use of the product if mitigations are unavailable.", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "Sensitive information disclosure\u00a0in NetScaler ADC and NetScaler Gateway when configured as a\u00a0Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy)\u00a0or\u00a0AAA \u202fvirtual\u202fserver.\u00a0\n\n\n\n" + "value": "Sensitive information disclosure\u00a0in NetScaler ADC and NetScaler Gateway when configured as a\u00a0Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy)\u00a0or\u00a0AAA ?virtual?server.\u00a0\n\n\n\n" }, { "lang": "es", @@ -41,7 +41,7 @@ "impactScore": 3.6 }, { - "source": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6", + "source": "secure@citrix.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -74,7 +74,7 @@ ] }, { - "source": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6", + "source": "secure@citrix.com", "type": "Secondary", "description": [ { @@ -162,7 +162,11 @@ "references": [ { "url": "http://packetstormsecurity.com/files/175323/Citrix-Bleed-Session-Token-Leakage-Proof-Of-Concept.html", - "source": "secure@citrix.com" + "source": "secure@citrix.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://support.citrix.com/article/CTX579459", diff --git a/CVE-2023/CVE-2023-502xx/CVE-2023-50269.json b/CVE-2023/CVE-2023-502xx/CVE-2023-50269.json index 01dd5cf7532..907e95399ee 100644 --- a/CVE-2023/CVE-2023-502xx/CVE-2023-50269.json +++ b/CVE-2023/CVE-2023-502xx/CVE-2023-50269.json @@ -2,7 +2,7 @@ "id": "CVE-2023-50269", "sourceIdentifier": "security-advisories@github.com", "published": "2023-12-14T18:15:45.070", - "lastModified": "2023-12-29T03:15:11.727", + "lastModified": "2024-01-09T02:15:45.280", "vulnStatus": "Modified", "descriptions": [ { @@ -173,6 +173,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html", + "source": "security-advisories@github.com" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5QASTMCUSUEW3UOMKHZJB3FTONWSRXS/", "source": "security-advisories@github.com" diff --git a/CVE-2023/CVE-2023-504xx/CVE-2023-50422.json b/CVE-2023/CVE-2023-504xx/CVE-2023-50422.json index c7cc67e1c95..2a36aa88582 100644 --- a/CVE-2023/CVE-2023-504xx/CVE-2023-50422.json +++ b/CVE-2023/CVE-2023-504xx/CVE-2023-50422.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50422", "sourceIdentifier": "cna@sap.com", "published": "2023-12-12T02:15:08.587", - "lastModified": "2023-12-15T16:53:13.697", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-09T02:15:45.420", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -124,6 +124,10 @@ "Permissions Required" ] }, + { + "url": "https://me.sap.com/notes/3413475", + "source": "cna@sap.com" + }, { "url": "https://mvnrepository.com/artifact/com.sap.cloud.security.xsuaa/spring-xsuaa", "source": "cna@sap.com", diff --git a/CVE-2023/CVE-2023-506xx/CVE-2023-50643.json b/CVE-2023/CVE-2023-506xx/CVE-2023-50643.json new file mode 100644 index 00000000000..17453d25064 --- /dev/null +++ b/CVE-2023/CVE-2023-506xx/CVE-2023-50643.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-50643", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-09T01:15:38.890", + "lastModified": "2024-01-09T01:15:38.890", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue in Evernote Evernote for MacOS v.10.68.2 allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments components." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://evernote.com", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/V3x0r/CVE-2023-50643", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-517xx/CVE-2023-51717.json b/CVE-2023/CVE-2023-517xx/CVE-2023-51717.json new file mode 100644 index 00000000000..87fc8bbce51 --- /dev/null +++ b/CVE-2023/CVE-2023-517xx/CVE-2023-51717.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-51717", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-09T02:15:45.537", + "lastModified": "2024-01-09T02:15:45.537", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Dataiku DSS before 11.4.5 and 12.4.1 has Incorrect Access Control that could lead to a full authentication bypass." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://dataiku.com", + "source": "cve@mitre.org" + }, + { + "url": "https://doc.dataiku.com/dss/latest/security/advisories/dsa-2023-010.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-56xx/CVE-2023-5693.json b/CVE-2023/CVE-2023-56xx/CVE-2023-5693.json index 478232cad4d..f4d934a1586 100644 --- a/CVE-2023/CVE-2023-56xx/CVE-2023-5693.json +++ b/CVE-2023/CVE-2023-56xx/CVE-2023-5693.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5693", "sourceIdentifier": "cna@vuldb.com", "published": "2023-10-22T23:15:08.067", - "lastModified": "2023-11-07T04:24:15.637", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-01-09T02:49:34.650", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -59,7 +59,7 @@ ], "cvssMetricV2": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "2.0", @@ -95,7 +95,7 @@ ] }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "description": [ { @@ -114,8 +114,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:codeastro:internet_banking_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "1E22B024-DF7A-4CC7-BE59-CFA07165DC9F" + "criteria": "cpe:2.3:a:martmbithi:internet_banking_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "FD0AF461-CF49-4FCA-BDCC-935CE159A06A" } ] } diff --git a/CVE-2023/CVE-2023-71xx/CVE-2023-7192.json b/CVE-2023/CVE-2023-71xx/CVE-2023-7192.json index 95111b6682a..f0c7debba8b 100644 --- a/CVE-2023/CVE-2023-71xx/CVE-2023-7192.json +++ b/CVE-2023/CVE-2023-71xx/CVE-2023-7192.json @@ -2,16 +2,40 @@ "id": "CVE-2023-7192", "sourceIdentifier": "secalert@redhat.com", "published": "2024-01-02T19:15:11.510", - "lastModified": "2024-01-02T19:36:26.333", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-09T01:43:40.960", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 un problema de p\u00e9rdida de memoria en ctnetlink_create_conntrack en net/netfilter/nf_conntrack_netlink.c en el kernel de Linux. Este problema puede permitir que un atacante local con privilegios CAP_NET_ADMIN provoque un ataque de denegaci\u00f3n de servicio (DoS) debido a un desbordamiento de recuento." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-401" + } + ] + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -46,18 +80,67 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.3", + "matchCriteriaId": "3769AA63-B0A8-4EF1-96F9-6A6A6B305A02" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D" + } + ] + } + ] + } + ], "references": [ { "url": "https://access.redhat.com/security/cve/CVE-2023-7192", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256279", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking", + "Patch" + ] }, { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=ac4893980bbe79ce383daf9a0885666a30fe4c83", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Mailing List", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-01xx/CVE-2024-0195.json b/CVE-2024/CVE-2024-01xx/CVE-2024-0195.json index 7c31dae8009..63b2d864093 100644 --- a/CVE-2024/CVE-2024-01xx/CVE-2024-0195.json +++ b/CVE-2024/CVE-2024-01xx/CVE-2024-0195.json @@ -2,8 +2,8 @@ "id": "CVE-2024-0195", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-02T21:15:10.003", - "lastModified": "2024-01-03T13:48:00.677", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-09T02:03:10.443", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -64,6 +84,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -75,18 +105,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ssssssss:spider-flow:0.4.3:*:*:*:*:*:*:*", + "matchCriteriaId": "11D57CC0-8E2B-4D16-ABF8-115DC7DB053B" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/laoquanshi/puppy/blob/main/spider-flow%20code%20injection%20causes%20rce.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.249510", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.249510", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-216xx/CVE-2024-21646.json b/CVE-2024/CVE-2024-216xx/CVE-2024-21646.json new file mode 100644 index 00000000000..8234eeaf55d --- /dev/null +++ b/CVE-2024/CVE-2024-216xx/CVE-2024-21646.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-21646", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-01-09T01:15:38.937", + "lastModified": "2024-01-09T01:15:38.937", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remote code execution. This vulnerability has been patched in release 2024-01-01." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Azure/azure-uamqp-c/commit/12ddb3a31a5a97f55b06fa5d74c59a1d84ad78fe", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/Azure/azure-uamqp-c/security/advisories/GHSA-j29m-p99g-7hpv", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-217xx/CVE-2024-21734.json b/CVE-2024/CVE-2024-217xx/CVE-2024-21734.json new file mode 100644 index 00000000000..11cd7cd1a8d --- /dev/null +++ b/CVE-2024/CVE-2024-217xx/CVE-2024-21734.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-21734", + "sourceIdentifier": "cna@sap.com", + "published": "2024-01-09T01:15:39.130", + "lastModified": "2024-01-09T01:15:39.130", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SAP Marketing (Contacts App) - version 160, allows an attacker with low privileges to trick a user to open malicious page which could lead to a very convincing phishing attack with low impact on confidentiality and integrity of the application.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@sap.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.7, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.2, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "cna@sap.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-601" + } + ] + } + ], + "references": [ + { + "url": "https://me.sap.com/notes/3190894", + "source": "cna@sap.com" + }, + { + "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", + "source": "cna@sap.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-217xx/CVE-2024-21735.json b/CVE-2024/CVE-2024-217xx/CVE-2024-21735.json new file mode 100644 index 00000000000..796357c0960 --- /dev/null +++ b/CVE-2024/CVE-2024-217xx/CVE-2024-21735.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-21735", + "sourceIdentifier": "cna@sap.com", + "published": "2024-01-09T01:15:39.350", + "lastModified": "2024-01-09T01:15:39.350", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SAP LT Replication Server - version S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107, S4CORE 108, does not perform necessary authorization checks. This could allow an attacker with high privileges to perform unintended actions, resulting in escalation of privileges, which has High impact on confidentiality, integrity and availability of the system.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@sap.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 0.7, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "cna@sap.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://me.sap.com/notes/3407617", + "source": "cna@sap.com" + }, + { + "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", + "source": "cna@sap.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-217xx/CVE-2024-21736.json b/CVE-2024/CVE-2024-217xx/CVE-2024-21736.json new file mode 100644 index 00000000000..2ee1e839ed4 --- /dev/null +++ b/CVE-2024/CVE-2024-217xx/CVE-2024-21736.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-21736", + "sourceIdentifier": "cna@sap.com", + "published": "2024-01-09T02:15:45.593", + "lastModified": "2024-01-09T02:15:45.593", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SAP S/4HANA Finance for (Advanced Payment Management) - versions SAPSCORE 128, S4CORE 107, does not perform necessary authorization checks. A function import could be triggered allowing the attacker to create in-house bank accounts leading to low impact on the confidentiality of the application.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@sap.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "cna@sap.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://me.sap.com/notes/3260667", + "source": "cna@sap.com" + }, + { + "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", + "source": "cna@sap.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-217xx/CVE-2024-21737.json b/CVE-2024/CVE-2024-217xx/CVE-2024-21737.json new file mode 100644 index 00000000000..73ea59426c9 --- /dev/null +++ b/CVE-2024/CVE-2024-217xx/CVE-2024-21737.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-21737", + "sourceIdentifier": "cna@sap.com", + "published": "2024-01-09T02:15:45.823", + "lastModified": "2024-01-09T02:15:45.823", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In SAP Application Interface Framework File Adapter - version 702, a\u00a0high privilege user can use a function module to traverse through various layers and execute OS commands directly. By this,\u00a0such user can control\u00a0the behaviour of the application. This leads to considerable impact on confidentiality, integrity and availability.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@sap.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.4, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.7, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "cna@sap.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://me.sap.com/notes/3411869", + "source": "cna@sap.com" + }, + { + "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", + "source": "cna@sap.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-217xx/CVE-2024-21738.json b/CVE-2024/CVE-2024-217xx/CVE-2024-21738.json new file mode 100644 index 00000000000..86c0117488d --- /dev/null +++ b/CVE-2024/CVE-2024-217xx/CVE-2024-21738.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-21738", + "sourceIdentifier": "cna@sap.com", + "published": "2024-01-09T02:15:46.020", + "lastModified": "2024-01-09T02:15:46.020", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SAP NetWeaver ABAP Application Server and ABAP Platform do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.\u00a0An attacker with low privileges can cause limited impact to confidentiality of the application data after successful exploitation.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@sap.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "cna@sap.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://me.sap.com/notes/3387737", + "source": "cna@sap.com" + }, + { + "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", + "source": "cna@sap.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22124.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22124.json new file mode 100644 index 00000000000..d8455aa0151 --- /dev/null +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22124.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-22124", + "sourceIdentifier": "cna@sap.com", + "published": "2024-01-09T02:15:46.207", + "lastModified": "2024-01-09T02:15:46.207", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Under certain conditions,\u00a0Internet Communication Manager (ICM) or\u00a0SAP Web Dispatcher - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22_EXT, WEBDISP 7.22_EXT, WEBDISP 7.53, WEBDISP 7.54, could\u00a0allow an attacker to access information which would otherwise be restricted causing high impact on confidentiality.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@sap.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.5, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "cna@sap.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-497" + } + ] + } + ], + "references": [ + { + "url": "https://me.sap.com/notes/3392626", + "source": "cna@sap.com" + }, + { + "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", + "source": "cna@sap.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22125.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22125.json new file mode 100644 index 00000000000..2ddf453060f --- /dev/null +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22125.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-22125", + "sourceIdentifier": "cna@sap.com", + "published": "2024-01-09T02:15:46.413", + "lastModified": "2024-01-09T02:15:46.413", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Under certain conditions the Microsoft Edge browser extension (SAP GUI connector for Microsoft Edge)\u00a0- version 1.0, allows an attacker to access highly sensitive information which would otherwise be restricted causing high impact on confidentiality.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@sap.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.4, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "cna@sap.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-497" + } + ] + } + ], + "references": [ + { + "url": "https://me.sap.com/notes/3386378", + "source": "cna@sap.com" + }, + { + "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", + "source": "cna@sap.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index f4de4079085..ac1e20ac740 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-01-09T00:55:25.218797+00:00 +2024-01-09T03:00:32.833064+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-01-09T00:15:44.790000+00:00 +2024-01-09T02:56:14.150000+00:00 ``` ### Last Data Feed Release @@ -23,37 +23,68 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2024-01-08T01:00:28.247607+00:00 +2024-01-09T01:00:28.250132+00:00 ``` ### Total Number of included CVEs ```plain -235201 +235219 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `18` -* [CVE-2023-50162](CVE-2023/CVE-2023-501xx/CVE-2023-50162.json) (`2024-01-09T00:15:44.320`) -* [CVE-2024-21648](CVE-2024/CVE-2024-216xx/CVE-2024-21648.json) (`2024-01-09T00:15:44.383`) -* [CVE-2024-21651](CVE-2024/CVE-2024-216xx/CVE-2024-21651.json) (`2024-01-09T00:15:44.600`) -* [CVE-2024-21663](CVE-2024/CVE-2024-216xx/CVE-2024-21663.json) (`2024-01-09T00:15:44.790`) +* [CVE-2023-46906](CVE-2023/CVE-2023-469xx/CVE-2023-46906.json) (`2024-01-09T01:15:38.830`) +* [CVE-2023-50643](CVE-2023/CVE-2023-506xx/CVE-2023-50643.json) (`2024-01-09T01:15:38.890`) +* [CVE-2023-26998](CVE-2023/CVE-2023-269xx/CVE-2023-26998.json) (`2024-01-09T02:15:43.960`) +* [CVE-2023-26999](CVE-2023/CVE-2023-269xx/CVE-2023-26999.json) (`2024-01-09T02:15:44.020`) +* [CVE-2023-27000](CVE-2023/CVE-2023-270xx/CVE-2023-27000.json) (`2024-01-09T02:15:44.067`) +* [CVE-2023-27098](CVE-2023/CVE-2023-270xx/CVE-2023-27098.json) (`2024-01-09T02:15:44.113`) +* [CVE-2023-36629](CVE-2023/CVE-2023-366xx/CVE-2023-36629.json) (`2024-01-09T02:15:44.163`) +* [CVE-2023-39336](CVE-2023/CVE-2023-393xx/CVE-2023-39336.json) (`2024-01-09T02:15:44.207`) +* [CVE-2023-49238](CVE-2023/CVE-2023-492xx/CVE-2023-49238.json) (`2024-01-09T02:15:44.837`) +* [CVE-2023-51717](CVE-2023/CVE-2023-517xx/CVE-2023-51717.json) (`2024-01-09T02:15:45.537`) +* [CVE-2024-21646](CVE-2024/CVE-2024-216xx/CVE-2024-21646.json) (`2024-01-09T01:15:38.937`) +* [CVE-2024-21734](CVE-2024/CVE-2024-217xx/CVE-2024-21734.json) (`2024-01-09T01:15:39.130`) +* [CVE-2024-21735](CVE-2024/CVE-2024-217xx/CVE-2024-21735.json) (`2024-01-09T01:15:39.350`) +* [CVE-2024-21736](CVE-2024/CVE-2024-217xx/CVE-2024-21736.json) (`2024-01-09T02:15:45.593`) +* [CVE-2024-21737](CVE-2024/CVE-2024-217xx/CVE-2024-21737.json) (`2024-01-09T02:15:45.823`) +* [CVE-2024-21738](CVE-2024/CVE-2024-217xx/CVE-2024-21738.json) (`2024-01-09T02:15:46.020`) +* [CVE-2024-22124](CVE-2024/CVE-2024-221xx/CVE-2024-22124.json) (`2024-01-09T02:15:46.207`) +* [CVE-2024-22125](CVE-2024/CVE-2024-221xx/CVE-2024-22125.json) (`2024-01-09T02:15:46.413`) ### CVEs modified in the last Commit -Recently modified CVEs: `8` +Recently modified CVEs: `40` -* [CVE-2023-29048](CVE-2023/CVE-2023-290xx/CVE-2023-29048.json) (`2024-01-08T23:15:08.247`) -* [CVE-2023-29049](CVE-2023/CVE-2023-290xx/CVE-2023-29049.json) (`2024-01-08T23:15:08.553`) -* [CVE-2023-29050](CVE-2023/CVE-2023-290xx/CVE-2023-29050.json) (`2024-01-08T23:15:08.630`) -* [CVE-2023-29051](CVE-2023/CVE-2023-290xx/CVE-2023-29051.json) (`2024-01-08T23:15:08.707`) -* [CVE-2023-29052](CVE-2023/CVE-2023-290xx/CVE-2023-29052.json) (`2024-01-08T23:15:08.780`) -* [CVE-2023-41710](CVE-2023/CVE-2023-417xx/CVE-2023-41710.json) (`2024-01-08T23:15:08.850`) -* [CVE-2023-28474](CVE-2023/CVE-2023-284xx/CVE-2023-28474.json) (`2024-01-09T00:15:44.137`) -* [CVE-2023-28476](CVE-2023/CVE-2023-284xx/CVE-2023-28476.json) (`2024-01-09T00:15:44.243`) +* [CVE-2023-23752](CVE-2023/CVE-2023-237xx/CVE-2023-23752.json) (`2024-01-09T02:00:01.953`) +* [CVE-2023-27524](CVE-2023/CVE-2023-275xx/CVE-2023-27524.json) (`2024-01-09T02:00:01.953`) +* [CVE-2023-29300](CVE-2023/CVE-2023-293xx/CVE-2023-29300.json) (`2024-01-09T02:00:01.953`) +* [CVE-2023-38203](CVE-2023/CVE-2023-382xx/CVE-2023-38203.json) (`2024-01-09T02:00:01.953`) +* [CVE-2023-41990](CVE-2023/CVE-2023-419xx/CVE-2023-41990.json) (`2024-01-09T02:00:01.953`) +* [CVE-2023-0004](CVE-2023/CVE-2023-00xx/CVE-2023-0004.json) (`2024-01-09T02:12:20.307`) +* [CVE-2023-46846](CVE-2023/CVE-2023-468xx/CVE-2023-46846.json) (`2024-01-09T02:15:44.380`) +* [CVE-2023-46847](CVE-2023/CVE-2023-468xx/CVE-2023-46847.json) (`2024-01-09T02:15:44.557`) +* [CVE-2023-49285](CVE-2023/CVE-2023-492xx/CVE-2023-49285.json) (`2024-01-09T02:15:44.903`) +* [CVE-2023-49286](CVE-2023/CVE-2023-492xx/CVE-2023-49286.json) (`2024-01-09T02:15:45.030`) +* [CVE-2023-49583](CVE-2023/CVE-2023-495xx/CVE-2023-49583.json) (`2024-01-09T02:15:45.140`) +* [CVE-2023-50269](CVE-2023/CVE-2023-502xx/CVE-2023-50269.json) (`2024-01-09T02:15:45.280`) +* [CVE-2023-50422](CVE-2023/CVE-2023-504xx/CVE-2023-50422.json) (`2024-01-09T02:15:45.420`) +* [CVE-2023-22932](CVE-2023/CVE-2023-229xx/CVE-2023-22932.json) (`2024-01-09T02:26:38.127`) +* [CVE-2023-4966](CVE-2023/CVE-2023-49xx/CVE-2023-4966.json) (`2024-01-09T02:27:10.417`) +* [CVE-2023-27857](CVE-2023/CVE-2023-278xx/CVE-2023-27857.json) (`2024-01-09T02:31:27.647`) +* [CVE-2023-34039](CVE-2023/CVE-2023-340xx/CVE-2023-34039.json) (`2024-01-09T02:32:49.600`) +* [CVE-2023-3997](CVE-2023/CVE-2023-39xx/CVE-2023-3997.json) (`2024-01-09T02:35:52.077`) +* [CVE-2023-4746](CVE-2023/CVE-2023-47xx/CVE-2023-4746.json) (`2024-01-09T02:39:00.667`) +* [CVE-2023-5693](CVE-2023/CVE-2023-56xx/CVE-2023-5693.json) (`2024-01-09T02:49:34.650`) +* [CVE-2023-46603](CVE-2023/CVE-2023-466xx/CVE-2023-46603.json) (`2024-01-09T02:51:06.413`) +* [CVE-2023-30774](CVE-2023/CVE-2023-307xx/CVE-2023-30774.json) (`2024-01-09T02:51:33.207`) +* [CVE-2023-38403](CVE-2023/CVE-2023-384xx/CVE-2023-38403.json) (`2024-01-09T02:53:19.040`) +* [CVE-2023-24070](CVE-2023/CVE-2023-240xx/CVE-2023-24070.json) (`2024-01-09T02:55:33.710`) +* [CVE-2024-0195](CVE-2024/CVE-2024-01xx/CVE-2024-0195.json) (`2024-01-09T02:03:10.443`) ## Download and Usage