admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 10:42:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-12-21T19:00:24.531153+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-12-21 19:00:28 +00:00
parent 73ec39824a
commit fbf355c835
93 changed files with 4122 additions and 335 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
CVE-2013/CVE-2013-74xx/CVE-2013-7437.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2013-7437",
"sourceIdentifier": "secalert@redhat.com",
"published": "2015-03-29T21:59:00.080",
"lastModified": "2016-12-07T03:00:16.367",
"vulnStatus": "Modified",
"lastModified": "2023-12-21T18:14:58.453",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -48,7 +48,7 @@
"description": [
{
"lang": "en",
"value": "CWE-189"
"value": "CWE-190"
}
]
}
@ -73,21 +73,34 @@
"references": [
{
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00034.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2015/02/06/12",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778646",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=955808",
"source": "secalert@redhat.com",
"tags": [
"Exploit"
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]

6
CVE-2015/CVE-2015-11xx/CVE-2015-1197.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2015-1197",
"sourceIdentifier": "cve@mitre.org",
"published": "2015-02-19T15:59:12.377",
"lastModified": "2022-10-20T17:15:09.627",
"lastModified": "2023-12-21T18:15:07.253",
"vulnStatus": "Modified",
"evaluatorComment": "<a href=\"http://cwe.mitre.org/data/definitions/61.html\">CWE-61: UNIX Symbolic Link (Symlink) Following</a>",
"descriptions": [
@ -95,6 +95,10 @@
"url": "http://www.openwall.com/lists/oss-security/2015/01/18/7",
"source": "cve@mitre.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/12/21/8",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/71914",
"source": "cve@mitre.org"

27
CVE-2020/CVE-2020-282xx/CVE-2020-28243.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-28243",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-02-27T05:15:13.630",
"lastModified": "2023-11-07T03:21:08.900",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-21T18:31:01.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -268,15 +268,27 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/",
@ -302,7 +314,10 @@
},
{
"url": "https://security.gentoo.org/glsa/202310-22",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2021/dsa-5011",

27
CVE-2020/CVE-2020-289xx/CVE-2020-28972.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-28972",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-02-27T05:15:13.690",
"lastModified": "2023-11-07T03:21:25.260",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-21T18:21:34.530",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -252,15 +252,27 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/",
@ -278,7 +290,10 @@
},
{
"url": "https://security.gentoo.org/glsa/202310-22",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2021/dsa-5011",

27
CVE-2020/CVE-2020-356xx/CVE-2020-35662.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-35662",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-02-27T05:15:13.753",
"lastModified": "2023-11-07T03:22:01.350",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-21T18:22:07.907",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -252,15 +252,27 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/",
@ -278,7 +290,10 @@
},
{
"url": "https://security.gentoo.org/glsa/202310-22",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2021/dsa-5011",

27
CVE-2021/CVE-2021-219xx/CVE-2021-21996.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-21996",
"sourceIdentifier": "security@vmware.com",
"published": "2021-09-08T15:15:12.670",
"lastModified": "2023-11-07T03:30:08.527",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-21T18:30:08.363",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -162,15 +162,27 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/",
@ -182,7 +194,10 @@
},
{
"url": "https://security.gentoo.org/glsa/202310-22",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2021/dsa-5011",

27
CVE-2021/CVE-2021-252xx/CVE-2021-25281.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-25281",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-02-27T05:15:13.847",
"lastModified": "2023-11-07T03:31:26.610",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-21T18:22:27.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -269,15 +269,27 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/",
@ -295,7 +307,10 @@
},
{
"url": "https://security.gentoo.org/glsa/202310-22",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2021/dsa-5011",

27
CVE-2021/CVE-2021-252xx/CVE-2021-25282.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-25282",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-02-27T05:15:13.910",
"lastModified": "2023-11-07T03:31:26.700",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-21T18:23:04.873",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -276,15 +276,27 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/",
@ -302,7 +314,10 @@
},
{
"url": "https://security.gentoo.org/glsa/202310-22",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2021/dsa-5011",

27
CVE-2021/CVE-2021-252xx/CVE-2021-25283.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-25283",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-02-27T05:15:13.973",
"lastModified": "2023-11-07T03:31:26.817",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-21T18:23:26.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -259,15 +259,27 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/",
@ -285,7 +297,10 @@
},
{
"url": "https://security.gentoo.org/glsa/202310-22",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2021/dsa-5011",

27
CVE-2021/CVE-2021-252xx/CVE-2021-25284.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-25284",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-02-27T05:15:14.037",
"lastModified": "2023-11-07T03:31:26.923",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-21T18:23:44.710",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -271,15 +271,27 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/",
@ -297,7 +309,10 @@
},
{
"url": "https://security.gentoo.org/glsa/202310-22",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2021/dsa-5011",

33
CVE-2021/CVE-2021-316xx/CVE-2021-31607.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31607",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-04-23T06:15:07.893",
"lastModified": "2023-11-07T03:34:59.000",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-21T18:32:15.987",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -130,19 +130,35 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDKMAJXYFHM4USVX3H5V2GCCBGASWUSM/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://sec.stealthcopter.com/saltstack-snapper-minion-privledge-escaltion/",
@ -155,7 +171,10 @@
},
{
"url": "https://security.gentoo.org/glsa/202310-22",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2021/dsa-5011",

27
CVE-2021/CVE-2021-31xx/CVE-2021-3144.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-3144",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-02-27T05:15:14.113",
"lastModified": "2023-11-07T03:37:55.990",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-21T18:31:17.197",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -259,15 +259,27 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/",
@ -285,7 +297,10 @@
},
{
"url": "https://security.gentoo.org/glsa/202310-22",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2021/dsa-5011",

27
CVE-2021/CVE-2021-31xx/CVE-2021-3148.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-3148",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-02-27T05:15:14.190",
"lastModified": "2023-11-07T03:37:56.090",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-21T18:31:34.073",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -259,15 +259,27 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/",
@ -285,7 +297,10 @@
},
{
"url": "https://security.gentoo.org/glsa/202310-22",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2021/dsa-5011",

27
CVE-2021/CVE-2021-31xx/CVE-2021-3197.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-3197",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-02-27T05:15:14.317",
"lastModified": "2023-11-07T03:37:57.397",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-21T18:29:48.660",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -267,15 +267,27 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/",
@ -293,7 +305,10 @@
},
{
"url": "https://security.gentoo.org/glsa/202310-22",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2021/dsa-5011",

19
CVE-2022/CVE-2022-229xx/CVE-2022-22934.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-22934",
"sourceIdentifier": "security@vmware.com",
"published": "2022-03-29T17:15:15.170",
"lastModified": "2023-11-07T03:44:00.407",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-21T18:45:25.720",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -111,7 +111,10 @@
"references": [
{
"url": "https://github.com/saltstack/salt/releases%2C",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://repo.saltproject.io/",
@ -122,11 +125,17 @@
},
{
"url": "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://security.gentoo.org/glsa/202310-22",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Third Party Advisory"
]
}
]
}

19
CVE-2022/CVE-2022-229xx/CVE-2022-22935.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-22935",
"sourceIdentifier": "security@vmware.com",
"published": "2022-03-29T17:15:15.220",
"lastModified": "2023-11-07T03:44:00.483",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-21T18:47:04.100",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -111,7 +111,10 @@
"references": [
{
"url": "https://github.com/saltstack/salt/releases%2C",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://repo.saltproject.io/",
@ -122,11 +125,17 @@
},
{
"url": "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://security.gentoo.org/glsa/202310-22",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Third Party Advisory"
]
}
]
}

19
CVE-2022/CVE-2022-229xx/CVE-2022-22936.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-22936",
"sourceIdentifier": "security@vmware.com",
"published": "2022-03-29T17:15:15.273",
"lastModified": "2023-11-07T03:44:00.560",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-21T18:47:15.553",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -111,7 +111,10 @@
"references": [
{
"url": "https://github.com/saltstack/salt/releases%2C",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://repo.saltproject.io/",
@ -122,11 +125,17 @@
},
{
"url": "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://security.gentoo.org/glsa/202310-22",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Third Party Advisory"
]
}
]
}

19
CVE-2022/CVE-2022-229xx/CVE-2022-22941.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-22941",
"sourceIdentifier": "security@vmware.com",
"published": "2022-03-29T17:15:15.327",
"lastModified": "2023-11-07T03:44:00.653",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-21T18:44:31.113",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -111,7 +111,10 @@
"references": [
{
"url": "https://github.com/saltstack/salt/releases%2C",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://repo.saltproject.io/",
@ -122,11 +125,17 @@
},
{
"url": "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://security.gentoo.org/glsa/202310-22",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Third Party Advisory"
]
}
]
}

14
CVE-2022/CVE-2022-229xx/CVE-2022-22967.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-22967",
"sourceIdentifier": "security@vmware.com",
"published": "2022-06-23T17:15:12.080",
"lastModified": "2023-11-07T03:44:00.893",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-21T18:44:00.137",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -118,11 +118,17 @@
},
{
"url": "https://saltproject.io/security_announcements/salt-security-advisory-release-june-21st-2022/%2C",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://security.gentoo.org/glsa/202310-22",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Third Party Advisory"
]
}
]
}

14
CVE-2022/CVE-2022-322xx/CVE-2022-32292.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-32292",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-08-03T14:15:08.620",
"lastModified": "2023-11-07T03:47:47.760",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-21T18:51:27.990",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -94,11 +94,17 @@
},
{
"url": "https://lore.kernel.org/connman/20220801080043.4861-5-wagi%40monom.org/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://security.gentoo.org/glsa/202310-21",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2022/dsa-5231",

19
CVE-2022/CVE-2022-322xx/CVE-2022-32293.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-32293",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-08-03T14:15:08.667",
"lastModified": "2023-11-07T03:47:47.847",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-21T18:51:04.713",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -94,15 +94,24 @@
},
{
"url": "https://lore.kernel.org/connman/20220801080043.4861-1-wagi%40monom.org/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://lore.kernel.org/connman/20220801080043.4861-3-wagi%40monom.org/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://security.gentoo.org/glsa/202310-21",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2022/dsa-5231",

45
CVE-2023/CVE-2023-07xx/CVE-2023-0757.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-0757",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-12-14T14:15:42.083",
"lastModified": "2023-12-14T14:49:08.357",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-21T17:13:25.403",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Incorrect Permission Assignment for Critical Resource vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX CONTACT ProConOS eCLR (SDK) allows an unauthenticated remote attacker to upload arbitrary malicious code and gain full access on the affected device."
},
{
"lang": "es",
"value": "Asignaci\u00f3n de permisos incorrecta para una vulnerabilidad de recursos cr\u00edticos en PHOENIX CONTACT MULTIPROG, PHOENIX CONTACT ProConOS eCLR (SDK) permite a un atacante remoto no autenticado cargar c\u00f3digo malicioso arbitrario y obtener acceso completo al dispositivo afectado."
}
],
"metrics": {
@ -46,10 +50,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:multiprog:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42452860-CB53-479D-ADE1-E8166EC834C4"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:proconos_eclr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9A422FD-2C4C-4B77-B619-6747474A3FA7"
}
]
}
]
}
],
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-051/",
"source": "info@cert.vde.com"
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-226xx/CVE-2023-22674.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22674",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-21T15:15:08.137",
"lastModified": "2023-12-21T15:15:08.137",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:45.660",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-24xx/CVE-2023-2487.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2487",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-21T14:15:07.750",
"lastModified": "2023-12-21T14:15:07.750",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:45.660",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-284xx/CVE-2023-28421.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28421",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-21T14:15:07.370",
"lastModified": "2023-12-21T14:15:07.370",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:45.660",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

51
CVE-2023/CVE-2023-332xx/CVE-2023-33214.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-33214",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-18T16:15:09.597",
"lastModified": "2023-12-18T17:24:19.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-21T18:57:33.513",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Tagbox Tagbox \u2013 UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox \u2013 UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Tagbox agbox \u2013 UGC Galleries, Social Media Widgets, User Reviews &amp; Analytics. Este problema afecta a Tagbox \u2013 UGC Galleries, Social Media Widgets, User Reviews &amp; Analytics: desde n/a hasta 3.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:taggbox:taggbox:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.1",
"matchCriteriaId": "CB4FE71D-2D79-4736-ABDB-BDB95F5D0371"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/taggbox-widget/wordpress-taggbox-ugc-galleries-social-media-widgets-user-reviews-analytics-plugin-2-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-400xx/CVE-2023-40058.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-40058",
"sourceIdentifier": "psirt@solarwinds.com",
"published": "2023-12-21T17:15:07.763",
"lastModified": "2023-12-21T18:15:28.593",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment. \n\n\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@solarwinds.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "psirt@solarwinds.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-40058",
"source": "psirt@solarwinds.com"
}
]
}

217
CVE-2023/CVE-2023-428xx/CVE-2023-42800.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-42800",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-14T17:15:07.463",
"lastModified": "2023-12-14T17:17:50.580",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-21T17:17:02.843",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Moonlight-common-c contains the core GameStream client code shared between Moonlight clients. Moonlight-common-c is vulnerable to buffer overflow starting in commit 50c0a51b10ecc5b3415ea78c21d96d679e2288f9 due to unmitigated usage of unsafe C functions and improper bounds checking. A malicious game streaming server could exploit a buffer overflow vulnerability to crash a moonlight client, or achieve remote code execution (RCE) on the client (with insufficient exploit mitigations or if mitigations can be bypassed). The bug was addressed in commit 24750d4b748fefa03d09fcfd6d45056faca354e0."
},
{
"lang": "es",
"value": "Moonlight-common-c contiene el c\u00f3digo principal del cliente GameStream compartido entre los clientes Moonlight. Moonlight-common-c es vulnerable al desbordamiento del b\u00fafer a partir de el commit 50c0a51b10ecc5b3415ea78c21d96d679e2288f9 debido al uso absoluto de funciones C inseguras y a una verificaci\u00f3n de l\u00edmites inadecuada. Un servidor de transmisi\u00f3n de juegos malicioso podr\u00eda aprovechar una vulnerabilidad de desbordamiento del b\u00fafer para bloquear un cliente de luz nocturna o lograr la ejecuci\u00f3n remota de c\u00f3digo (RCE) en el cliente (con mitigaciones de explotaci\u00f3n insuficientes o si se pueden evitar las mitigaciones). El error se solucion\u00f3 en el commit 24750d4b748fefa03d09fcfd6d45056faca354e0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,22 +70,203 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moonlight-stream:moonlight-common-c:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022-11-04",
"versionEndExcluding": "2023-10-06",
"matchCriteriaId": "EE5D99F2-FFB5-4239-855B-2CDAE0210FE3"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moonlight-stream:moonlight:*:*:*:*:*:iphone_os:*:*",
"versionStartIncluding": "8.4.0",
"versionEndIncluding": "8.5.0",
"matchCriteriaId": "730ABEDB-A45B-487D-90E5-58188F33021E"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moonlight-stream:moonlight:*:*:*:*:*:tvos:*:*",
"versionStartIncluding": "8.4.0",
"versionEndIncluding": "8.5.0",
"matchCriteriaId": "F8DC3BA3-941C-40D2-AD1B-AF7971D99672"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moonlight-stream:moonlight:*:*:*:*:*:android:*:*",
"versionStartIncluding": "10.10",
"versionEndIncluding": "11.0",
"matchCriteriaId": "6D8BB0A6-B219-4AFF-BE01-BC0546DAAF91"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moonlight-stream:moonlight:0.10.22:*:*:*:*:chrome:*:*",
"matchCriteriaId": "E50A8A78-8606-49DD-8D95-3AE7DFBA3E87"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moonlight-stream:moonlight_embedded:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E1F448D-0CFE-4DAE-A119-8AF4F8FD48EF"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moonlight-stream:moonlight_xbox:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.12.0",
"versionEndIncluding": "1.14.40",
"matchCriteriaId": "BFE72448-E647-43F9-A72C-F86118596EE3"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moonlight-stream:moonlight_tv:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.5.4",
"versionEndIncluding": "1.5.27",
"matchCriteriaId": "38BDA766-E56D-496D-BC16-AD2026E04A7F"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moonlight-stream:moonlight_switch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.13",
"versionEndIncluding": "0.13.3",
"matchCriteriaId": "5FFADEE0-F587-4444-AE6F-323E20808042"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moonlight-stream:moonlight_vita:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.9.2",
"versionEndIncluding": "0.9.3",
"matchCriteriaId": "EFAF4088-233D-46FA-A031-ACCF0D7FF78F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/moonlight-stream/moonlight-common-c/blob/2bb026c763fc18807d7e4a93f918054c488f84e1/src/RtspConnection.c#L796",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/moonlight-stream/moonlight-common-c/commit/24750d4b748fefa03d09fcfd6d45056faca354e0",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/moonlight-stream/moonlight-common-c/commit/50c0a51b10ecc5b3415ea78c21d96d679e2288f9",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/moonlight-stream/moonlight-common-c/security/advisories/GHSA-4927-23jw-rq62",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-42xx/CVE-2023-4255.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4255",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-12-21T16:15:10.017",
"lastModified": "2023-12-21T16:15:10.017",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:28.593",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-42xx/CVE-2023-4256.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4256",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-12-21T16:15:10.400",
"lastModified": "2023-12-21T16:15:10.400",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:28.593",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-451xx/CVE-2023-45115.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45115",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-21T16:15:07.517",
"lastModified": "2023-12-21T16:15:07.517",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:38.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-451xx/CVE-2023-45116.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45116",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-21T16:15:08.040",
"lastModified": "2023-12-21T16:15:08.040",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:38.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-451xx/CVE-2023-45117.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45117",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-21T16:15:08.380",
"lastModified": "2023-12-21T16:15:08.380",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:38.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-451xx/CVE-2023-45118.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45118",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-21T16:15:08.750",
"lastModified": "2023-12-21T16:15:08.750",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:38.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-451xx/CVE-2023-45119.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45119",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-21T16:15:09.197",
"lastModified": "2023-12-21T16:15:09.197",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:38.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2023/CVE-2023-451xx/CVE-2023-45120.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-45120",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-21T17:15:08.153",
"lastModified": "2023-12-21T18:15:28.593",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities.\u00a0The 'qid' parameter of the update.php resource\u00a0does not validate the characters received and they\u00a0are sent unfiltered to the database.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/argerich/",
"source": "help@fluidattacks.com"
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
}
]
}

59
CVE-2023/CVE-2023-451xx/CVE-2023-45121.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-45121",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-21T17:15:08.440",
"lastModified": "2023-12-21T18:15:28.593",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities.\u00a0The 'desc' parameter of the update.php resource\u00a0does not validate the characters received and they\u00a0are sent unfiltered to the database.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/argerich/",
"source": "help@fluidattacks.com"
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
}
]
}

59
CVE-2023/CVE-2023-451xx/CVE-2023-45122.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-45122",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-21T17:15:08.723",
"lastModified": "2023-12-21T18:15:28.593",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities.\u00a0The 'name' parameter of the update.php resource\u00a0does not validate the characters received and they\u00a0are sent unfiltered to the database.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/argerich/",
"source": "help@fluidattacks.com"
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
}
]
}

59
CVE-2023/CVE-2023-451xx/CVE-2023-45123.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-45123",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-12-21T17:15:09.007",
"lastModified": "2023-12-21T18:15:28.593",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities.\u00a0The 'right' parameter of the update.php resource\u00a0does not validate the characters received and they\u00a0are sent unfiltered to the database.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/argerich/",
"source": "help@fluidattacks.com"
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
}
]
}

441
CVE-2023/CVE-2023-461xx/CVE-2023-46141.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-46141",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-12-14T14:15:42.767",
"lastModified": "2023-12-14T14:49:08.357",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-21T17:14:56.770",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the PHOENIX CONTACT classic line allow an remote unauthenticated attacker to gain full access of the affected device."
},
{
"lang": "es",
"value": "La asignaci\u00f3n de permisos incorrecta para una vulnerabilidad de recursos cr\u00edticos en varios productos de la l\u00ednea cl\u00e1sica de PHOENIX CONTACT permite que un atacante remoto no autenticado obtenga acceso completo al dispositivo afectado."
}
],
"metrics": {
@ -46,10 +50,441 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:automationworx_software_suite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9797B615-825F-4CAA-B36E-5161E37FAF9A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:axc_1050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D586DC-2274-4A32-AE98-7BE174C230CC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:axc_1050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F55C821-DAA6-4098-BB54-80F6D9ED0CD6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:axc_1050_xc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "332A6164-CDC1-4DBF-9B62-946EC7D7C4B3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:axc_1050_xc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E03B5234-36FA-4BCE-964D-F55FFFD5CAAC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:axc_3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84066F7B-8306-4743-9F12-75B8F880AD93"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:axc_3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB9699A2-782D-40F3-B8D6-3C315104BA60"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:config\\+:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6D8FDB6-6181-49EB-BE6D-236D39A478A1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:fc_350_pci_eth_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DEB7CA5B-7EEF-4E0E-9A53-83FE28730852"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:fc_350_pci_eth:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4BB6654-41BB-488E-AC8C-E74C05CA198F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:ilc1x0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AC07A81-D5D6-449C-93F8-93D6E87487DD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:ilc1x0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE45F6AF-7286-48F7-B4BE-AFC948884C7C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:ilc1x1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E168AB1-1B81-4990-95E4-56C36275609B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:ilc1x1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E318A8B-D1D1-4DD5-AF71-DCBFEFCF2C5E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:ilc_3xx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65E1A201-E7B1-452B-8BC6-A355A3BF9460"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:ilc_3xx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF1C58A6-5220-4509-B426-D1ED5ECFAD05"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:pc_worx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B975C4E4-83B5-4C98-811B-E6D13687AB85"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:pc_worx_express:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE663FFA-4B82-4477-A424-4C9CC83C131E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:pc_worx_rt_basic_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8693B231-3A5C-47B7-BEA5-53D430BBACF4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:pc_worx_rt_basic:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08B214FC-776F-454B-8DC4-E7F2E6EFB013"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:pc_worx_srt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2A6F462-A12F-4E08-9AA6-1C1AF743A645"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:rfc_430_eth-ib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "643E47A5-E7AA-4321-99A1-05EEBD9A2B56"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:rfc_430_eth-ib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F32F262-519C-41BB-BF31-ECBCAC1ABEA9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:rfc_450_eth-ib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A91E019B-F0C5-4DF0-AE4C-E60F3D598F0C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:rfc_450_eth-ib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3C2EDF4-2982-4858-A960-7E7564E5B20A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:rfc_460r_pn_3tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "302995A9-E9CC-4477-B374-CE10F16A5E10"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:rfc_460r_pn_3tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7544E2C-2E63-4C36-AB64-764B4393E377"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:rfc_470s_pn_3tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCAB2CA6-EEC4-4E0D-B962-FC2C4EF06013"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:rfc_470s_pn_3tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD94CBFF-CC25-4122-96FE-2308A4D1659D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:rfc_480s_pn_4tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B383246-EF0A-466F-89EA-F61AFC447509"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:rfc_480s_pn_4tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B043176-58CC-438C-92D9-99F479BB1C58"
}
]
}
]
}
],
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-055/",
"source": "info@cert.vde.com"
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
]
}
]
}

255
CVE-2023/CVE-2023-461xx/CVE-2023-46142.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-46142",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-12-14T14:15:42.983",
"lastModified": "2023-12-14T14:49:08.357",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-21T17:15:15.170",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote attacker with low privileges to gain full access on the affected devices."
},
{
"lang": "es",
"value": "Una asignaci\u00f3n de permiso incorrecta para una vulnerabilidad de recursos cr\u00edticos en los productos PLCnext permite que un atacante remoto con privilegios bajos obtenga acceso completo a los dispositivos afectados."
}
],
"metrics": {
@ -46,10 +50,255 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:axc_f_1152_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024.0",
"matchCriteriaId": "9C72F7B2-43D1-43CB-B611-B57487E9AE53"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:axc_f_1152:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2474BD7-C447-4E07-A628-C729E376943D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:axc_f_2152_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024.0",
"matchCriteriaId": "4EA16E9E-ADBB-4943-AE2D-7C49F882A809"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:axc_f_2152:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE2E6118-6587-444A-A143-9C3A1E6ED4FD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:axc_f_3152_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024.0",
"matchCriteriaId": "E28DCF3B-C26E-44BE-BCA1-0AED56326FC3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:axc_f_3152:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57424998-4EAB-4682-BFC4-1D2A621514F4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:bpc_9102s_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024.0",
"matchCriteriaId": "A97B1250-2830-4EFC-9393-DF96E129E16D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:bpc_9102s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "346E85EB-8800-40C7-A7DA-EA587CF90F08"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:epc_1502_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024.0",
"matchCriteriaId": "F8E7E962-9BA0-418B-8A43-541C5278C9ED"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:epc_1502:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85AF0A71-02C4-4CFF-A820-5C326F066024"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:epc_1522_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024.0",
"matchCriteriaId": "E3671BE8-A1DE-444E-9A24-5C86E4F0BBF1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:epc_1522:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBD531B6-09DA-4B4A-AA7C-C2A54B089C67"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:plcnext_engineer:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024.0",
"matchCriteriaId": "C6A5C5E9-4F2C-44BC-8B64-29D25C789643"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:rfc_4072r_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024.0",
"matchCriteriaId": "FE1D89DD-1717-4E84-8A33-82AA29594E7D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:rfc_4072r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65D9C540-F273-4EA8-8FF6-95DF46B01D89"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:rfc_4072s_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024.0",
"matchCriteriaId": "E633B5AB-BD27-461D-8083-20CC1C768D34"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:rfc_4072s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF1EAD1-7C19-4A6E-BF87-EF3F7E526BD6"
}
]
}
]
}
],
"references": [
{
"url": "https://https://cert.vde.com/en/advisories/VDE-2023-056/",
"source": "info@cert.vde.com"
"source": "info@cert.vde.com",
"tags": [
"Broken Link"
]
}
]
}

441
CVE-2023/CVE-2023-461xx/CVE-2023-46143.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-46143",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-12-14T14:15:43.207",
"lastModified": "2023-12-14T14:49:08.357",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-21T17:15:46.577",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthenticated remote attacker to modify some or all applications on a PLC."
},
{
"lang": "es",
"value": "La vulnerabilidad de descarga de c\u00f3digo sin verificaci\u00f3n de integridad en los PLC de la l\u00ednea cl\u00e1sica de PHOENIX CONTACT permite que un atacante remoto no autenticado modifique algunas o todas las aplicaciones en un PLC."
}
],
"metrics": {
@ -46,10 +50,441 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:automationworx_software_suite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9797B615-825F-4CAA-B36E-5161E37FAF9A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:axc_1050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D586DC-2274-4A32-AE98-7BE174C230CC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:axc_1050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F55C821-DAA6-4098-BB54-80F6D9ED0CD6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:axc_1050_xc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "332A6164-CDC1-4DBF-9B62-946EC7D7C4B3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:axc_1050_xc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E03B5234-36FA-4BCE-964D-F55FFFD5CAAC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:axc_3050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84066F7B-8306-4743-9F12-75B8F880AD93"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:axc_3050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB9699A2-782D-40F3-B8D6-3C315104BA60"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:config\\+:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6D8FDB6-6181-49EB-BE6D-236D39A478A1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:fc_350_pci_eth_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DEB7CA5B-7EEF-4E0E-9A53-83FE28730852"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:fc_350_pci_eth:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4BB6654-41BB-488E-AC8C-E74C05CA198F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:ilc1x0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AC07A81-D5D6-449C-93F8-93D6E87487DD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:ilc1x0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE45F6AF-7286-48F7-B4BE-AFC948884C7C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:ilc1x1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E168AB1-1B81-4990-95E4-56C36275609B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:ilc1x1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E318A8B-D1D1-4DD5-AF71-DCBFEFCF2C5E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:ilc_3xx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65E1A201-E7B1-452B-8BC6-A355A3BF9460"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:ilc_3xx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF1C58A6-5220-4509-B426-D1ED5ECFAD05"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:pc_worx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B975C4E4-83B5-4C98-811B-E6D13687AB85"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:pc_worx_express:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE663FFA-4B82-4477-A424-4C9CC83C131E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:pc_worx_rt_basic_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8693B231-3A5C-47B7-BEA5-53D430BBACF4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:pc_worx_rt_basic:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08B214FC-776F-454B-8DC4-E7F2E6EFB013"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:pc_worx_srt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2A6F462-A12F-4E08-9AA6-1C1AF743A645"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:rfc_430_eth-ib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "643E47A5-E7AA-4321-99A1-05EEBD9A2B56"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:rfc_430_eth-ib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F32F262-519C-41BB-BF31-ECBCAC1ABEA9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:rfc_450_eth-ib_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A91E019B-F0C5-4DF0-AE4C-E60F3D598F0C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:rfc_450_eth-ib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3C2EDF4-2982-4858-A960-7E7564E5B20A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:rfc_460r_pn_3tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "302995A9-E9CC-4477-B374-CE10F16A5E10"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:rfc_460r_pn_3tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7544E2C-2E63-4C36-AB64-764B4393E377"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:rfc_470s_pn_3tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCAB2CA6-EEC4-4E0D-B962-FC2C4EF06013"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:rfc_470s_pn_3tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD94CBFF-CC25-4122-96FE-2308A4D1659D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:rfc_480s_pn_4tx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B383246-EF0A-466F-89EA-F61AFC447509"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:rfc_480s_pn_4tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B043176-58CC-438C-92D9-99F479BB1C58"
}
]
}
]
}
],
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-057/",
"source": "info@cert.vde.com"
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
]
}
]
}

275
CVE-2023/CVE-2023-461xx/CVE-2023-46144.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-46144",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-12-14T14:15:43.447",
"lastModified": "2023-12-14T14:49:08.357",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-21T17:16:11.880",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the connected devices."
},
{
"lang": "es",
"value": "Una descarga de c\u00f3digo sin vulnerabilidad de verificaci\u00f3n de integridad en los productos PLCnext permite que un atacante remoto con privilegios bajos comprometa la integridad de la estaci\u00f3n de ingenier\u00eda afectada y los dispositivos conectados."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "info@cert.vde.com",
"type": "Secondary",
@ -46,10 +70,255 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:axc_f_1152_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024.0",
"matchCriteriaId": "9C72F7B2-43D1-43CB-B611-B57487E9AE53"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:axc_f_1152:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2474BD7-C447-4E07-A628-C729E376943D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:axc_f_2152_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024.0",
"matchCriteriaId": "4EA16E9E-ADBB-4943-AE2D-7C49F882A809"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:axc_f_2152:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE2E6118-6587-444A-A143-9C3A1E6ED4FD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:axc_f_3152_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024.0",
"matchCriteriaId": "E28DCF3B-C26E-44BE-BCA1-0AED56326FC3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:axc_f_3152:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57424998-4EAB-4682-BFC4-1D2A621514F4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:bpc_9102s_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024.0",
"matchCriteriaId": "A97B1250-2830-4EFC-9393-DF96E129E16D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:bpc_9102s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "346E85EB-8800-40C7-A7DA-EA587CF90F08"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:epc_1502_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024.0",
"matchCriteriaId": "F8E7E962-9BA0-418B-8A43-541C5278C9ED"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:epc_1502:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85AF0A71-02C4-4CFF-A820-5C326F066024"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:epc_1522_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024.0",
"matchCriteriaId": "E3671BE8-A1DE-444E-9A24-5C86E4F0BBF1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:epc_1522:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBD531B6-09DA-4B4A-AA7C-C2A54B089C67"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:plcnext_engineer:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024.0",
"matchCriteriaId": "C6A5C5E9-4F2C-44BC-8B64-29D25C789643"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:rfc_4072r_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024.0",
"matchCriteriaId": "FE1D89DD-1717-4E84-8A33-82AA29594E7D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:rfc_4072r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65D9C540-F273-4EA8-8FF6-95DF46B01D89"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:phoenixcontact:rfc_4072s_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2024.0",
"matchCriteriaId": "E633B5AB-BD27-461D-8083-20CC1C768D34"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:phoenixcontact:rfc_4072s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF1EAD1-7C19-4A6E-BF87-EF3F7E526BD6"
}
]
}
]
}
],
"references": [
{
"url": "https://https://cert.vde.com/en/advisories/VDE-2023-056/",
"source": "info@cert.vde.com"
"source": "info@cert.vde.com",
"tags": [
"Broken Link"
]
}
]
}

4
CVE-2023/CVE-2023-475xx/CVE-2023-47525.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47525",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-21T15:15:09.097",
"lastModified": "2023-12-21T15:15:09.097",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:45.660",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-475xx/CVE-2023-47527.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47527",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-21T15:15:09.340",
"lastModified": "2023-12-21T15:15:09.340",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:45.660",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

75
CVE-2023/CVE-2023-47xx/CVE-2023-4724.json
View File

@ -2,19 +2,86 @@
"id": "CVE-2023-4724",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-12-18T20:15:08.453",
"lastModified": "2023-12-18T20:21:38.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-21T18:41:59.457",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Export any WordPress data to XML/CSV WordPress plugin before 1.4.0, WP All Export Pro WordPress plugin before 1.8.6 does not validate and sanitise the `wp_query` parameter which allows an attacker to run arbitrary command on the remote server"
},
{
"lang": "es",
"value": "Los complementos Export any WordPress data to XML/CSV de WordPress anterior a 1.4.0 y el complemento WP All Export Pro de WordPress anterior a 1.8.6 no validan ni sanitizan el par\u00e1metro `wp_query` que permite a un atacante ejecutar comandos arbitrarios en el servidor remoto"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:soflyy:export_any_wordpress_data_to_xml\\/csv:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.4.0",
"matchCriteriaId": "9479BFC7-D1DE-4B57-9C59-15AC7BBFCCA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:soflyy:wp_all_export:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding": "1.8.6",
"matchCriteriaId": "D5872FA3-45C5-4E05-B8F6-3BFA53456908"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/48820f1d-45cb-4f1f-990d-d132bfc5536f",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-481xx/CVE-2023-48114.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48114",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-21T15:15:09.587",
"lastModified": "2023-12-21T16:15:09.620",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:38.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-481xx/CVE-2023-48115.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48115",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-21T15:15:09.637",
"lastModified": "2023-12-21T16:15:09.793",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:38.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-481xx/CVE-2023-48116.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48116",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-21T15:15:09.697",
"lastModified": "2023-12-21T16:15:09.913",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:38.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-482xx/CVE-2023-48288.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48288",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-21T14:15:08.293",
"lastModified": "2023-12-21T14:15:08.293",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:45.660",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-491xx/CVE-2023-49162.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-49162",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-21T14:15:08.773",
"lastModified": "2023-12-21T14:15:08.773",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:45.660",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

51
CVE-2023/CVE-2023-491xx/CVE-2023-49191.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-49191",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-15T16:15:44.320",
"lastModified": "2023-12-15T16:53:06.030",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-21T17:20:50.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Supsystic GDPR Cookie Consent by Supsystic allows Stored XSS.This issue affects GDPR Cookie Consent by Supsystic: from n/a through 2.1.2.\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web (\"Cross-site Scripting\") en Supsystic GDPR Cookie Consent by Supsystic permite almacenar XSS. Este problema afecta a GDPR Cookie Consent by Supsystic: desde n/a hasta 2.1.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:supsystic:gdpr_cookie_consent:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.1.2",
"matchCriteriaId": "519FF277-4C7D-4A27-BF10-8D79FFC902B9"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/gdpr-compliance-by-supsystic/wordpress-gdpr-cookie-consent-by-supsystic-plugin-2-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-491xx/CVE-2023-49197.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-49197",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-15T16:15:44.510",
"lastModified": "2023-12-15T16:53:06.030",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-21T17:26:04.913",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Apasionados, Apasionados del Marketing, NetConsulting DoFollow Case by Case.This issue affects DoFollow Case by Case: from n/a through 3.4.2.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Apasionados, Apasionados del Marketing, NetConsulting DoFollow Case by Case. Este problema afecta a DoFollow Case by Case: desde n/a hasta 3.4.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apasionados:dofollow_case_by_case:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.4.2",
"matchCriteriaId": "CF19C86E-A2EC-4BE0-A9D9-009CB00BDCD1"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/dofollow-case-by-case/wordpress-dofollow-case-by-case-plugin-3-4-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-497xx/CVE-2023-49744.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-49744",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-15T16:15:44.707",
"lastModified": "2023-12-15T16:53:06.030",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-21T17:29:00.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Gift Up Gift Up Gift Cards for WordPress and WooCommerce.This issue affects Gift Up Gift Cards for WordPress and WooCommerce: from n/a through 2.21.3.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Gift Up Gift Up Gift Cards para WordPress y WooCommerce. Este problema afecta a Gift Up Gift Cards para WordPress y WooCommerce: desde n/a hasta 2.21.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:giftup:gift_up_gift_cards_for_wordpress_and_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.21.3",
"matchCriteriaId": "FADE8501-AA00-4871-BF15-032A9BC7137A"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/gift-up/wordpress-gift-up-gift-cards-for-wordpress-and-woocommerce-plugin-2-21-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-497xx/CVE-2023-49747.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-49747",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-15T16:15:44.903",
"lastModified": "2023-12-15T16:53:06.030",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-21T17:35:43.413",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebFactory Ltd Guest Author allows Stored XSS.This issue affects Guest Author: from n/a through 2.3.\n\n"
},
{
"lang": "es",
"value": "Neutralizaci\u00f3n inadecuada de la entrada durante la vulnerabilidad de generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en WebFactory Ltd Guest Author permite almacenar XSS. Este problema afecta a Guest Author: desde n/a hasta 2.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webfactoryltd:guest_author:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.3",
"matchCriteriaId": "C99E43FA-8FBD-40C0-AAF1-3AE0F4D56FB9"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/guest-author/wordpress-guest-author-plugin-2-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-497xx/CVE-2023-49749.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-49749",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-15T16:15:45.090",
"lastModified": "2023-12-15T16:53:06.030",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-21T17:43:48.513",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in SureTriggers SureTriggers \u2013 Connect All Your Plugins, Apps, Tools & Automate Everything!.This issue affects SureTriggers \u2013 Connect All Your Plugins, Apps, Tools & Automate Everything!: from n/a through 1.0.23.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en SureTriggers SureTriggers \u2013 Connect All Your Plugins, Apps, Tools &amp; Automate Everything!. Este problema afecta a SureTriggers: Connect All Your Plugins, Apps, Tools &amp; Automate Everything!: desde n/a hasta 1.0 .23."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:suretriggers:suretriggers:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.23",
"matchCriteriaId": "3597913D-DCA8-4ECB-9DBE-F8B09DE22646"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/suretriggers/wordpress-suretriggers-plugin-1-0-23-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-497xx/CVE-2023-49767.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-49767",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-15T16:15:45.280",
"lastModified": "2023-12-15T16:53:06.030",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-21T17:45:47.293",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Biteship Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo allows Stored XSS.This issue affects Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo: from n/a through 2.2.24.\n\n"
},
{
"lang": "es",
"value": "Neutralizaci\u00f3n inadecuada de la entrada durante la vulnerabilidad de generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Biteship Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo permite almacenar XSS. Este problema afecta a Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo: de n/a hasta el 2.2.24."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:biteship:biteship:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.2.24",
"matchCriteriaId": "11463865-C5C6-4BC8-9488-E88D1A522848"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/biteship/wordpress-biteship-plugin-2-2-22-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-498xx/CVE-2023-49823.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-49823",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-15T16:15:45.547",
"lastModified": "2023-12-15T16:53:06.030",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-21T17:48:09.407",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through 4.6.1.\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en BoldThemes Bold Page Builder permite almacenar XSS. Este problema afecta a Bold Page Builder: desde n/a hasta 4.6.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bold-themes:bold_page_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.6.1",
"matchCriteriaId": "1299BE74-FF1F-4A0C-BBBD-A20D9321B879"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/bold-page-builder/wordpress-bold-page-builder-plugin-4-6-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-498xx/CVE-2023-49829.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-49829",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-15T16:15:45.740",
"lastModified": "2023-12-15T16:53:06.030",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-21T17:50:30.280",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum Tutor LMS \u2013 eLearning and online course solution allows Stored XSS.This issue affects Tutor LMS \u2013 eLearning and online course solution: from n/a through 2.2.4.\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Themeum Tutor LMS \u2013 eLearning and online course solution permite almacenar XSS. Este problema afecta a Tutor LMS \u2013 eLearning and online course solution: desde n/a hasta 2.2. 4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.2.4",
"matchCriteriaId": "711155E8-212C-4AEE-A795-97B1DE394CF6"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-2-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

92
CVE-2023/CVE-2023-499xx/CVE-2023-49937.json
View File

@ -2,23 +2,105 @@
"id": "CVE-2023-49937",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-14T05:15:11.493",
"lastModified": "2023-12-14T13:52:06.780",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-21T17:17:34.317",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. Because of a double free, attackers can cause a denial of service or possibly execute arbitrary code. The fixed versions are 22.05.11, 23.02.7, and 23.11.1."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en SchedMD Slurm 22.05.x, 23.02.x y 23.11.x. Debido a una doble liberaci\u00f3n, los atacantes pueden provocar una denegaci\u00f3n de servicio o posiblemente ejecutar c\u00f3digo arbitrario. Las versiones fijas son 22.05.11, 23.02.7 y 23.11.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-415"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:schedmd:slurm:*:*:*:*:*:*:*:*",
"versionStartIncluding": "22.05",
"versionEndExcluding": "22.05.12",
"matchCriteriaId": "9F78B348-8518-461F-A411-6E04D00E0DB8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:schedmd:slurm:*:*:*:*:*:*:*:*",
"versionStartIncluding": "23.02",
"versionEndExcluding": "23.02.7",
"matchCriteriaId": "0FD67C27-289A-4071-9380-74059C3A24E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:schedmd:slurm:23.11:-:*:*:*:*:*:*",
"matchCriteriaId": "F7271FE9-7535-4337-8B65-61C533932E4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:schedmd:slurm:23.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1A2835FE-2E57-47FF-BD76-9817978108C5"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://lists.schedmd.com/pipermail/slurm-announce/2023/000103.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
},
{
"url": "https://www.schedmd.com/security-archive.php",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-503xx/CVE-2023-50377.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50377",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-21T15:15:10.290",
"lastModified": "2023-12-21T15:15:10.290",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:38.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-507xx/CVE-2023-50724.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50724",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-21T15:15:10.573",
"lastModified": "2023-12-21T15:15:10.573",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:38.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-508xx/CVE-2023-50822.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50822",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-21T15:15:10.927",
"lastModified": "2023-12-21T15:15:10.927",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:38.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-508xx/CVE-2023-50823.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50823",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-21T15:15:11.187",
"lastModified": "2023-12-21T15:15:11.187",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:38.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-508xx/CVE-2023-50824.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50824",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-21T15:15:11.487",
"lastModified": "2023-12-21T15:15:11.487",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:38.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-508xx/CVE-2023-50825.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50825",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-21T15:15:11.953",
"lastModified": "2023-12-21T15:15:11.953",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:38.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-508xx/CVE-2023-50826.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50826",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-21T15:15:12.213",
"lastModified": "2023-12-21T15:15:12.213",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:38.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-508xx/CVE-2023-50827.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50827",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-21T15:15:12.497",
"lastModified": "2023-12-21T15:15:12.497",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:38.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-508xx/CVE-2023-50828.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50828",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-21T15:15:12.990",
"lastModified": "2023-12-21T15:15:12.990",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:38.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-508xx/CVE-2023-50829.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-50829",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-21T18:15:07.477",
"lastModified": "2023-12-21T18:15:28.593",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aerin Loan Repayment Calculator and Application Form allows Stored XSS.This issue affects Loan Repayment Calculator and Application Form: from n/a through 2.9.3.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/quick-interest-slider/wordpress-loan-repayment-calculator-and-application-form-plugin-2-9-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-508xx/CVE-2023-50830.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-50830",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-21T18:15:07.797",
"lastModified": "2023-12-21T18:15:28.593",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Seosbg Seos Contact Form allows Stored XSS.This issue affects Seos Contact Form: from n/a through 1.8.0.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/seos-contact-form/wordpress-seos-contact-form-plugin-1-8-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-508xx/CVE-2023-50831.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-50831",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-21T18:15:08.050",
"lastModified": "2023-12-21T18:15:28.593",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VillaTheme CURCY \u2013 Multi Currency for WooCommerce allows Stored XSS.This issue affects CURCY \u2013 Multi Currency for WooCommerce: from n/a through 2.2.0.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woo-multi-currency/wordpress-curcy-plugin-2-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-508xx/CVE-2023-50832.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-50832",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-21T18:15:08.277",
"lastModified": "2023-12-21T18:15:28.593",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mondula GmbH Multi Step Form allows Stored XSS.This issue affects Multi Step Form: from n/a through 1.7.13.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/multi-step-form/wordpress-multi-step-form-plugin-1-7-13-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-508xx/CVE-2023-50833.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-50833",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-21T18:15:08.567",
"lastModified": "2023-12-21T18:15:28.593",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ExtendThemes Colibri Page Builder allows Stored XSS.This issue affects Colibri Page Builder: from n/a through 1.0.239.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/colibri-page-builder/wordpress-colibri-page-builder-plugin-1-0-239-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

4
CVE-2023/CVE-2023-510xx/CVE-2023-51048.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51048",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-21T16:15:10.797",
"lastModified": "2023-12-21T16:15:10.797",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:28.593",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-510xx/CVE-2023-51049.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51049",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-21T16:15:10.903",
"lastModified": "2023-12-21T16:15:10.903",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:28.593",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-510xx/CVE-2023-51050.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51050",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-21T16:15:11.000",
"lastModified": "2023-12-21T16:15:11.000",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:28.593",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-510xx/CVE-2023-51051.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51051",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-21T16:15:11.110",
"lastModified": "2023-12-21T16:15:11.110",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:28.593",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-510xx/CVE-2023-51052.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51052",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-21T16:15:11.220",
"lastModified": "2023-12-21T16:15:11.220",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:28.593",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-514xx/CVE-2023-51442.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51442",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-21T15:15:13.397",
"lastModified": "2023-12-21T15:15:13.397",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:38.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

83
CVE-2023/CVE-2023-53xx/CVE-2023-5310.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-5310",
"sourceIdentifier": "product-security@silabs.com",
"published": "2023-12-15T16:15:46.117",
"lastModified": "2023-12-15T16:53:06.030",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-21T18:02:21.913",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\nA denial of service vulnerability exists in all Silicon Labs Z-Wave controller and endpoint devices running Z-Wave SDK v7.20.3 (Gecko SDK v4.3.3) and earlier. This attack can be carried out only by devices on the network sending a stream of packets to the device.\n\n"
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de denegaci\u00f3n de servicio en todos los controladores y dispositivos de endpoint Z-Wave de Silicon Labs que ejecutan Z-Wave SDK v7.20.3 (Gecko SDK v4.3.3) y versiones anteriores. Este ataque solo puede ser llevado a cabo por dispositivos en la red que env\u00edan un flujo de paquetes al dispositivo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "product-security@silabs.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "product-security@silabs.com",
"type": "Secondary",
@ -46,14 +80,55 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:silabs:z-wave_software_development_kit:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.20.2.0",
"matchCriteriaId": "501E0DD5-542E-4338-B10A-8DC9DA158F56"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:silabs:z-wave_long_range_700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82CF7F87-FBE0-4173-ADA7-BC187486D2A9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:silabs:z-wave_long_range_800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8CB5B24F-84B1-4738-B9CA-8D1D5EF192F7"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/SiliconLabs/gecko_sdk/releases",
"source": "product-security@silabs.com"
"source": "product-security@silabs.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/069Vm0000005E7EIAU?%20operationContext=S1",
"source": "product-security@silabs.com"
"source": "product-security@silabs.com",
"tags": [
"Permissions Required"
]
}
]
}

45
CVE-2023/CVE-2023-55xx/CVE-2023-5592.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-5592",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-12-14T14:15:45.427",
"lastModified": "2023-12-14T14:49:08.357",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-21T17:16:30.290",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX CONTACT ProConOS eCLR (SDK) allows an unauthenticated remote attacker to download and execute applications without integrity checks on the device which may result in a complete loss of integrity."
},
{
"lang": "es",
"value": "Vulnerabilidad de descarga de c\u00f3digo sin verificaci\u00f3n de integridad en PHOENIX CONTACT MULTIPROG, PHOENIX CONTACT ProConOS eCLR (SDK) permite a un atacante remoto no autenticado descargar y ejecutar aplicaciones sin verificaciones de integridad en el dispositivo, lo que puede resultar en una p\u00e9rdida total de integridad."
}
],
"metrics": {
@ -46,10 +50,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:multiprog:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42452860-CB53-479D-ADE1-E8166EC834C4"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phoenixcontact:proconos_eclr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9A422FD-2C4C-4B77-B619-6747474A3FA7"
}
]
}
]
}
],
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-054/",
"source": "info@cert.vde.com"
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-61xx/CVE-2023-6122.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-6122",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2023-12-21T14:15:09.063",
"lastModified": "2023-12-21T14:15:09.063",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:45.660",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in \u0130stanbul Soft Informatics and Consultancy Limited Company Softomi Geli\u015fmi\u015f C2C Pazaryeri Yaz\u0131l\u0131m\u0131 allows Reflected XSS.This issue affects Softomi Geli\u015fmi\u015f C2C Pazaryeri Yaz\u0131l\u0131m\u0131: before 12122023.\n\n"
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ?stanbul Soft Informatics and Consultancy Limited Company Softomi Geli?mi? C2C Pazaryeri Yaz?l?m? allows Reflected XSS.This issue affects Softomi Geli?mi? C2C Pazaryeri Yaz?l?m?: before 12122023.\n\n"
}
],
"metrics": {

6
CVE-2023/CVE-2023-61xx/CVE-2023-6145.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-6145",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2023-12-21T14:15:09.430",
"lastModified": "2023-12-21T14:15:09.430",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:45.660",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in \u0130stanbul Soft Informatics and Consultancy Limited Company Softomi Advanced C2C Marketplace Software allows SQL Injection.This issue affects Softomi Advanced C2C Marketplace Software: before 12122023.\n\n"
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ?stanbul Soft Informatics and Consultancy Limited Company Softomi Advanced C2C Marketplace Software allows SQL Injection.This issue affects Softomi Advanced C2C Marketplace Software: before 12122023.\n\n"
}
],
"metrics": {

249
CVE-2023/CVE-2023-63xx/CVE-2023-6377.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6377",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-12-13T07:15:30.030",
"lastModified": "2023-12-20T15:15:10.243",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-21T17:18:05.783",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -50,50 +80,243 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "21.1.10",
"matchCriteriaId": "E0DB0A6B-1314-4125-8D5B-6C4F9CF22711"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*",
"versionEndExcluding": "23.2.3",
"matchCriteriaId": "95CD5142-5D27-4DD3-B91C-518D4324DC15"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tigervnc:tigervnc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79A8316C-BA22-441E-92AF-415AFABCEB76"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/12/13/1",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7886",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6377",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253291",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/0c1a93d319558fe3ab2d94f51d174b4f93810afd",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00008.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00013.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7PP47YXKM5ETLCYEF6473R3VFCJ6QT2S/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LJDFWDB7EQVZA45XDP7L5WRSRWS6RVRR/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.x.org/archives/xorg-announce/2023-December/003435.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5576",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
}
]
}

244
CVE-2023/CVE-2023-64xx/CVE-2023-6478.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6478",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-12-13T07:15:31.213",
"lastModified": "2023-12-20T15:15:10.347",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-21T17:21:03.223",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -50,46 +80,236 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "21.1.10",
"matchCriteriaId": "E0DB0A6B-1314-4125-8D5B-6C4F9CF22711"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*",
"versionEndExcluding": "23.2.3",
"matchCriteriaId": "95CD5142-5D27-4DD3-B91C-518D4324DC15"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tigervnc:tigervnc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79A8316C-BA22-441E-92AF-415AFABCEB76"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/12/13/1",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7886",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6478",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253298",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/14f480010a93ff962fef66a16412fafff81ad632",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00008.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7PP47YXKM5ETLCYEF6473R3VFCJ6QT2S/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LJDFWDB7EQVZA45XDP7L5WRSRWS6RVRR/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.x.org/archives/xorg-announce/2023-December/003435.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5576",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-69xx/CVE-2023-6902.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-6902",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-17T16:15:13.037",
"lastModified": "2023-12-18T14:05:22.187",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-21T18:39:09.373",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2.4 and classified as critical. This vulnerability affects unknown code of the file /file-manager/upload.php. The manipulation of the argument file leads to unrestricted upload. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248260."
},
{
"lang": "es",
"value": "Una vulnerabilidad ha sido encontrada en codelyfe Stupid Simple CMS hasta 1.2.4 y clasificada como cr\u00edtica. Esta vulnerabilidad afecta a un c\u00f3digo desconocido del archivo /file-manager/upload.php. La manipulaci\u00f3n del archivo de argumentos conduce a una carga sin restricciones. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-248260."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codelyfe:stupid_simple_cms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.2.4",
"matchCriteriaId": "700DA84E-DA65-4B87-B847-E4C61E24F5D1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/g1an123/POC/blob/main/Unauthorized%20file%20upload%20getshell.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.248260",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.248260",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-70xx/CVE-2023-7035.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7035",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-21T15:15:13.967",
"lastModified": "2023-12-21T15:15:13.967",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:38.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-70xx/CVE-2023-7036.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7036",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-21T16:15:11.320",
"lastModified": "2023-12-21T16:15:11.320",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:28.593",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

88
CVE-2023/CVE-2023-70xx/CVE-2023-7037.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-7037",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-21T17:15:09.383",
"lastModified": "2023-12-21T18:15:28.593",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in automad up to 1.10.9. It has been declared as critical. This vulnerability affects the function import of the file FileController.php. The manipulation of the argument importUrl leads to server-side request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-248686 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://github.com/screetsec/VDD/tree/main/Automad%20CMS/Authenticated%20Blind%20SSRF",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.248686",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.248686",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-70xx/CVE-2023-7038.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-7038",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-21T18:15:08.827",
"lastModified": "2023-12-21T18:15:28.593",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in automad up to 1.10.9. It has been rated as problematic. This issue affects some unknown processing of the file /dashboard?controller=UserCollection::createUser of the component User Creation Handler. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-248687. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://github.com/screetsec/VDD/tree/main/Automad%20CMS/Cross-Site%20Request%20Forgery%20(CSRF)",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.248687",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.248687",
"source": "cna@vuldb.com"
}
]
}

4
CVE-2023/CVE-2023-70xx/CVE-2023-7047.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7047",
"sourceIdentifier": "security@devolutions.net",
"published": "2023-12-21T15:15:14.427",
"lastModified": "2023-12-21T15:15:14.427",
"vulnStatus": "Received",
"lastModified": "2023-12-21T18:15:38.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

93
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-12-21T17:00:24.950171+00:00
2023-12-21T19:00:24.531153+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-12-21T16:49:34.847000+00:00
2023-12-21T18:57:33.513000+00:00
```
### Last Data Feed Release
@ -29,65 +29,56 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
233977
233989
```
### CVEs added in the last Commit
Recently added CVEs: `32`
Recently added CVEs: `12`
* [CVE-2023-50823](CVE-2023/CVE-2023-508xx/CVE-2023-50823.json) (`2023-12-21T15:15:11.187`)
* [CVE-2023-50824](CVE-2023/CVE-2023-508xx/CVE-2023-50824.json) (`2023-12-21T15:15:11.487`)
* [CVE-2023-50825](CVE-2023/CVE-2023-508xx/CVE-2023-50825.json) (`2023-12-21T15:15:11.953`)
* [CVE-2023-50826](CVE-2023/CVE-2023-508xx/CVE-2023-50826.json) (`2023-12-21T15:15:12.213`)
* [CVE-2023-50827](CVE-2023/CVE-2023-508xx/CVE-2023-50827.json) (`2023-12-21T15:15:12.497`)
* [CVE-2023-50828](CVE-2023/CVE-2023-508xx/CVE-2023-50828.json) (`2023-12-21T15:15:12.990`)
* [CVE-2023-51442](CVE-2023/CVE-2023-514xx/CVE-2023-51442.json) (`2023-12-21T15:15:13.397`)
* [CVE-2023-7035](CVE-2023/CVE-2023-70xx/CVE-2023-7035.json) (`2023-12-21T15:15:13.967`)
* [CVE-2023-7047](CVE-2023/CVE-2023-70xx/CVE-2023-7047.json) (`2023-12-21T15:15:14.427`)
* [CVE-2023-45115](CVE-2023/CVE-2023-451xx/CVE-2023-45115.json) (`2023-12-21T16:15:07.517`)
* [CVE-2023-45116](CVE-2023/CVE-2023-451xx/CVE-2023-45116.json) (`2023-12-21T16:15:08.040`)
* [CVE-2023-45117](CVE-2023/CVE-2023-451xx/CVE-2023-45117.json) (`2023-12-21T16:15:08.380`)
* [CVE-2023-45118](CVE-2023/CVE-2023-451xx/CVE-2023-45118.json) (`2023-12-21T16:15:08.750`)
* [CVE-2023-45119](CVE-2023/CVE-2023-451xx/CVE-2023-45119.json) (`2023-12-21T16:15:09.197`)
* [CVE-2023-48114](CVE-2023/CVE-2023-481xx/CVE-2023-48114.json) (`2023-12-21T15:15:09.587`)
* [CVE-2023-48115](CVE-2023/CVE-2023-481xx/CVE-2023-48115.json) (`2023-12-21T15:15:09.637`)
* [CVE-2023-48116](CVE-2023/CVE-2023-481xx/CVE-2023-48116.json) (`2023-12-21T15:15:09.697`)
* [CVE-2023-4255](CVE-2023/CVE-2023-42xx/CVE-2023-4255.json) (`2023-12-21T16:15:10.017`)
* [CVE-2023-4256](CVE-2023/CVE-2023-42xx/CVE-2023-4256.json) (`2023-12-21T16:15:10.400`)
* [CVE-2023-51048](CVE-2023/CVE-2023-510xx/CVE-2023-51048.json) (`2023-12-21T16:15:10.797`)
* [CVE-2023-51049](CVE-2023/CVE-2023-510xx/CVE-2023-51049.json) (`2023-12-21T16:15:10.903`)
* [CVE-2023-51050](CVE-2023/CVE-2023-510xx/CVE-2023-51050.json) (`2023-12-21T16:15:11.000`)
* [CVE-2023-51051](CVE-2023/CVE-2023-510xx/CVE-2023-51051.json) (`2023-12-21T16:15:11.110`)
* [CVE-2023-51052](CVE-2023/CVE-2023-510xx/CVE-2023-51052.json) (`2023-12-21T16:15:11.220`)
* [CVE-2023-7036](CVE-2023/CVE-2023-70xx/CVE-2023-7036.json) (`2023-12-21T16:15:11.320`)
* [CVE-2023-40058](CVE-2023/CVE-2023-400xx/CVE-2023-40058.json) (`2023-12-21T17:15:07.763`)
* [CVE-2023-45120](CVE-2023/CVE-2023-451xx/CVE-2023-45120.json) (`2023-12-21T17:15:08.153`)
* [CVE-2023-45121](CVE-2023/CVE-2023-451xx/CVE-2023-45121.json) (`2023-12-21T17:15:08.440`)
* [CVE-2023-45122](CVE-2023/CVE-2023-451xx/CVE-2023-45122.json) (`2023-12-21T17:15:08.723`)
* [CVE-2023-45123](CVE-2023/CVE-2023-451xx/CVE-2023-45123.json) (`2023-12-21T17:15:09.007`)
* [CVE-2023-7037](CVE-2023/CVE-2023-70xx/CVE-2023-7037.json) (`2023-12-21T17:15:09.383`)
* [CVE-2023-50829](CVE-2023/CVE-2023-508xx/CVE-2023-50829.json) (`2023-12-21T18:15:07.477`)
* [CVE-2023-50830](CVE-2023/CVE-2023-508xx/CVE-2023-50830.json) (`2023-12-21T18:15:07.797`)
* [CVE-2023-50831](CVE-2023/CVE-2023-508xx/CVE-2023-50831.json) (`2023-12-21T18:15:08.050`)
* [CVE-2023-50832](CVE-2023/CVE-2023-508xx/CVE-2023-50832.json) (`2023-12-21T18:15:08.277`)
* [CVE-2023-50833](CVE-2023/CVE-2023-508xx/CVE-2023-50833.json) (`2023-12-21T18:15:08.567`)
* [CVE-2023-7038](CVE-2023/CVE-2023-70xx/CVE-2023-7038.json) (`2023-12-21T18:15:08.827`)
### CVEs modified in the last Commit
Recently modified CVEs: `21`
Recently modified CVEs: `80`
* [CVE-2023-6831](CVE-2023/CVE-2023-68xx/CVE-2023-6831.json) (`2023-12-21T15:10:23.390`)
* [CVE-2023-0248](CVE-2023/CVE-2023-02xx/CVE-2023-0248.json) (`2023-12-21T15:12:05.170`)
* [CVE-2023-31438](CVE-2023/CVE-2023-314xx/CVE-2023-31438.json) (`2023-12-21T15:15:08.503`)
* [CVE-2023-31439](CVE-2023/CVE-2023-314xx/CVE-2023-31439.json) (`2023-12-21T15:15:08.630`)
* [CVE-2023-42792](CVE-2023/CVE-2023-427xx/CVE-2023-42792.json) (`2023-12-21T15:15:08.710`)
* [CVE-2023-45498](CVE-2023/CVE-2023-454xx/CVE-2023-45498.json) (`2023-12-21T15:15:08.843`)
* [CVE-2023-45499](CVE-2023/CVE-2023-454xx/CVE-2023-45499.json) (`2023-12-21T15:15:08.953`)
* [CVE-2023-47265](CVE-2023/CVE-2023-472xx/CVE-2023-47265.json) (`2023-12-21T15:15:09.020`)
* [CVE-2023-48291](CVE-2023/CVE-2023-482xx/CVE-2023-48291.json) (`2023-12-21T15:15:09.747`)
* [CVE-2023-49920](CVE-2023/CVE-2023-499xx/CVE-2023-49920.json) (`2023-12-21T15:15:09.817`)
* [CVE-2023-4911](CVE-2023/CVE-2023-49xx/CVE-2023-4911.json) (`2023-12-21T15:15:09.890`)
* [CVE-2023-50783](CVE-2023/CVE-2023-507xx/CVE-2023-50783.json) (`2023-12-21T15:15:10.860`)
* [CVE-2023-51656](CVE-2023/CVE-2023-516xx/CVE-2023-51656.json) (`2023-12-21T15:15:13.863`)
* [CVE-2023-48382](CVE-2023/CVE-2023-483xx/CVE-2023-48382.json) (`2023-12-21T15:43:01.890`)
* [CVE-2023-48374](CVE-2023/CVE-2023-483xx/CVE-2023-48374.json) (`2023-12-21T15:46:58.293`)
* [CVE-2023-48379](CVE-2023/CVE-2023-483xx/CVE-2023-48379.json) (`2023-12-21T15:50:53.093`)
* [CVE-2023-48378](CVE-2023/CVE-2023-483xx/CVE-2023-48378.json) (`2023-12-21T15:51:05.667`)
* [CVE-2023-48380](CVE-2023/CVE-2023-483xx/CVE-2023-48380.json) (`2023-12-21T15:58:54.407`)
* [CVE-2023-50784](CVE-2023/CVE-2023-507xx/CVE-2023-50784.json) (`2023-12-21T16:09:40.850`)
* [CVE-2023-49189](CVE-2023/CVE-2023-491xx/CVE-2023-49189.json) (`2023-12-21T16:48:17.663`)
* [CVE-2023-49190](CVE-2023/CVE-2023-491xx/CVE-2023-49190.json) (`2023-12-21T16:49:34.847`)
* [CVE-2023-50824](CVE-2023/CVE-2023-508xx/CVE-2023-50824.json) (`2023-12-21T18:15:38.237`)
* [CVE-2023-50825](CVE-2023/CVE-2023-508xx/CVE-2023-50825.json) (`2023-12-21T18:15:38.237`)
* [CVE-2023-50826](CVE-2023/CVE-2023-508xx/CVE-2023-50826.json) (`2023-12-21T18:15:38.237`)
* [CVE-2023-50827](CVE-2023/CVE-2023-508xx/CVE-2023-50827.json) (`2023-12-21T18:15:38.237`)
* [CVE-2023-50828](CVE-2023/CVE-2023-508xx/CVE-2023-50828.json) (`2023-12-21T18:15:38.237`)
* [CVE-2023-51442](CVE-2023/CVE-2023-514xx/CVE-2023-51442.json) (`2023-12-21T18:15:38.237`)
* [CVE-2023-7035](CVE-2023/CVE-2023-70xx/CVE-2023-7035.json) (`2023-12-21T18:15:38.237`)
* [CVE-2023-7047](CVE-2023/CVE-2023-70xx/CVE-2023-7047.json) (`2023-12-21T18:15:38.237`)
* [CVE-2023-45115](CVE-2023/CVE-2023-451xx/CVE-2023-45115.json) (`2023-12-21T18:15:38.237`)
* [CVE-2023-45116](CVE-2023/CVE-2023-451xx/CVE-2023-45116.json) (`2023-12-21T18:15:38.237`)
* [CVE-2023-45117](CVE-2023/CVE-2023-451xx/CVE-2023-45117.json) (`2023-12-21T18:15:38.237`)
* [CVE-2023-45118](CVE-2023/CVE-2023-451xx/CVE-2023-45118.json) (`2023-12-21T18:15:38.237`)
* [CVE-2023-45119](CVE-2023/CVE-2023-451xx/CVE-2023-45119.json) (`2023-12-21T18:15:38.237`)
* [CVE-2023-28421](CVE-2023/CVE-2023-284xx/CVE-2023-28421.json) (`2023-12-21T18:15:45.660`)
* [CVE-2023-2487](CVE-2023/CVE-2023-24xx/CVE-2023-2487.json) (`2023-12-21T18:15:45.660`)
* [CVE-2023-48288](CVE-2023/CVE-2023-482xx/CVE-2023-48288.json) (`2023-12-21T18:15:45.660`)
* [CVE-2023-49162](CVE-2023/CVE-2023-491xx/CVE-2023-49162.json) (`2023-12-21T18:15:45.660`)
* [CVE-2023-6122](CVE-2023/CVE-2023-61xx/CVE-2023-6122.json) (`2023-12-21T18:15:45.660`)
* [CVE-2023-6145](CVE-2023/CVE-2023-61xx/CVE-2023-6145.json) (`2023-12-21T18:15:45.660`)
* [CVE-2023-22674](CVE-2023/CVE-2023-226xx/CVE-2023-22674.json) (`2023-12-21T18:15:45.660`)
* [CVE-2023-47525](CVE-2023/CVE-2023-475xx/CVE-2023-47525.json) (`2023-12-21T18:15:45.660`)
* [CVE-2023-47527](CVE-2023/CVE-2023-475xx/CVE-2023-47527.json) (`2023-12-21T18:15:45.660`)
* [CVE-2023-6902](CVE-2023/CVE-2023-69xx/CVE-2023-6902.json) (`2023-12-21T18:39:09.373`)
* [CVE-2023-4724](CVE-2023/CVE-2023-47xx/CVE-2023-4724.json) (`2023-12-21T18:41:59.457`)
* [CVE-2023-33214](CVE-2023/CVE-2023-332xx/CVE-2023-33214.json) (`2023-12-21T18:57:33.513`)
## Download and Usage