diff --git a/CVE-2013/CVE-2013-74xx/CVE-2013-7437.json b/CVE-2013/CVE-2013-74xx/CVE-2013-7437.json index 5fd4fbc2b51..48276f1e068 100644 --- a/CVE-2013/CVE-2013-74xx/CVE-2013-7437.json +++ b/CVE-2013/CVE-2013-74xx/CVE-2013-7437.json @@ -2,8 +2,8 @@ "id": "CVE-2013-7437", "sourceIdentifier": "secalert@redhat.com", "published": "2015-03-29T21:59:00.080", - "lastModified": "2016-12-07T03:00:16.367", - "vulnStatus": "Modified", + "lastModified": "2023-12-21T18:14:58.453", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -48,7 +48,7 @@ "description": [ { "lang": "en", - "value": "CWE-189" + "value": "CWE-190" } ] } @@ -73,21 +73,34 @@ "references": [ { "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00034.html", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Broken Link" + ] }, { "url": "http://www.openwall.com/lists/oss-security/2015/02/06/12", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778646", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=955808", "source": "secalert@redhat.com", "tags": [ - "Exploit" + "Exploit", + "Issue Tracking", + "Third Party Advisory" ] } ] diff --git a/CVE-2015/CVE-2015-11xx/CVE-2015-1197.json b/CVE-2015/CVE-2015-11xx/CVE-2015-1197.json index 2a9903313fa..ca0364505da 100644 --- a/CVE-2015/CVE-2015-11xx/CVE-2015-1197.json +++ b/CVE-2015/CVE-2015-11xx/CVE-2015-1197.json @@ -2,7 +2,7 @@ "id": "CVE-2015-1197", "sourceIdentifier": "cve@mitre.org", "published": "2015-02-19T15:59:12.377", - "lastModified": "2022-10-20T17:15:09.627", + "lastModified": "2023-12-21T18:15:07.253", "vulnStatus": "Modified", "evaluatorComment": "CWE-61: UNIX Symbolic Link (Symlink) Following", "descriptions": [ @@ -95,6 +95,10 @@ "url": "http://www.openwall.com/lists/oss-security/2015/01/18/7", "source": "cve@mitre.org" }, + { + "url": "http://www.openwall.com/lists/oss-security/2023/12/21/8", + "source": "cve@mitre.org" + }, { "url": "http://www.securityfocus.com/bid/71914", "source": "cve@mitre.org" diff --git a/CVE-2020/CVE-2020-282xx/CVE-2020-28243.json b/CVE-2020/CVE-2020-282xx/CVE-2020-28243.json index b47863c9b96..a047d26534b 100644 --- a/CVE-2020/CVE-2020-282xx/CVE-2020-28243.json +++ b/CVE-2020/CVE-2020-282xx/CVE-2020-28243.json @@ -2,8 +2,8 @@ "id": "CVE-2020-28243", "sourceIdentifier": "cve@mitre.org", "published": "2021-02-27T05:15:13.630", - "lastModified": "2023-11-07T03:21:08.900", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-21T18:31:01.147", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -268,15 +268,27 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", @@ -302,7 +314,10 @@ }, { "url": "https://security.gentoo.org/glsa/202310-22", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.debian.org/security/2021/dsa-5011", diff --git a/CVE-2020/CVE-2020-289xx/CVE-2020-28972.json b/CVE-2020/CVE-2020-289xx/CVE-2020-28972.json index dc088490e0e..83d4861a708 100644 --- a/CVE-2020/CVE-2020-289xx/CVE-2020-28972.json +++ b/CVE-2020/CVE-2020-289xx/CVE-2020-28972.json @@ -2,8 +2,8 @@ "id": "CVE-2020-28972", "sourceIdentifier": "cve@mitre.org", "published": "2021-02-27T05:15:13.690", - "lastModified": "2023-11-07T03:21:25.260", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-21T18:21:34.530", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -252,15 +252,27 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", @@ -278,7 +290,10 @@ }, { "url": "https://security.gentoo.org/glsa/202310-22", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.debian.org/security/2021/dsa-5011", diff --git a/CVE-2020/CVE-2020-356xx/CVE-2020-35662.json b/CVE-2020/CVE-2020-356xx/CVE-2020-35662.json index 609ddabcfb5..2fb5e60a5bc 100644 --- a/CVE-2020/CVE-2020-356xx/CVE-2020-35662.json +++ b/CVE-2020/CVE-2020-356xx/CVE-2020-35662.json @@ -2,8 +2,8 @@ "id": "CVE-2020-35662", "sourceIdentifier": "cve@mitre.org", "published": "2021-02-27T05:15:13.753", - "lastModified": "2023-11-07T03:22:01.350", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-21T18:22:07.907", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -252,15 +252,27 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", @@ -278,7 +290,10 @@ }, { "url": "https://security.gentoo.org/glsa/202310-22", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.debian.org/security/2021/dsa-5011", diff --git a/CVE-2021/CVE-2021-219xx/CVE-2021-21996.json b/CVE-2021/CVE-2021-219xx/CVE-2021-21996.json index ca88ba86f51..3775529ee71 100644 --- a/CVE-2021/CVE-2021-219xx/CVE-2021-21996.json +++ b/CVE-2021/CVE-2021-219xx/CVE-2021-21996.json @@ -2,8 +2,8 @@ "id": "CVE-2021-21996", "sourceIdentifier": "security@vmware.com", "published": "2021-09-08T15:15:12.670", - "lastModified": "2023-11-07T03:30:08.527", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-21T18:30:08.363", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -162,15 +162,27 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/", @@ -182,7 +194,10 @@ }, { "url": "https://security.gentoo.org/glsa/202310-22", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.debian.org/security/2021/dsa-5011", diff --git a/CVE-2021/CVE-2021-252xx/CVE-2021-25281.json b/CVE-2021/CVE-2021-252xx/CVE-2021-25281.json index de59950be58..797fc2c9e0a 100644 --- a/CVE-2021/CVE-2021-252xx/CVE-2021-25281.json +++ b/CVE-2021/CVE-2021-252xx/CVE-2021-25281.json @@ -2,8 +2,8 @@ "id": "CVE-2021-25281", "sourceIdentifier": "cve@mitre.org", "published": "2021-02-27T05:15:13.847", - "lastModified": "2023-11-07T03:31:26.610", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-21T18:22:27.313", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -269,15 +269,27 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", @@ -295,7 +307,10 @@ }, { "url": "https://security.gentoo.org/glsa/202310-22", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.debian.org/security/2021/dsa-5011", diff --git a/CVE-2021/CVE-2021-252xx/CVE-2021-25282.json b/CVE-2021/CVE-2021-252xx/CVE-2021-25282.json index 369fae40c7e..5fd67532821 100644 --- a/CVE-2021/CVE-2021-252xx/CVE-2021-25282.json +++ b/CVE-2021/CVE-2021-252xx/CVE-2021-25282.json @@ -2,8 +2,8 @@ "id": "CVE-2021-25282", "sourceIdentifier": "cve@mitre.org", "published": "2021-02-27T05:15:13.910", - "lastModified": "2023-11-07T03:31:26.700", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-21T18:23:04.873", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -276,15 +276,27 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", @@ -302,7 +314,10 @@ }, { "url": "https://security.gentoo.org/glsa/202310-22", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.debian.org/security/2021/dsa-5011", diff --git a/CVE-2021/CVE-2021-252xx/CVE-2021-25283.json b/CVE-2021/CVE-2021-252xx/CVE-2021-25283.json index 1d4c2b043bb..b7bd2077774 100644 --- a/CVE-2021/CVE-2021-252xx/CVE-2021-25283.json +++ b/CVE-2021/CVE-2021-252xx/CVE-2021-25283.json @@ -2,8 +2,8 @@ "id": "CVE-2021-25283", "sourceIdentifier": "cve@mitre.org", "published": "2021-02-27T05:15:13.973", - "lastModified": "2023-11-07T03:31:26.817", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-21T18:23:26.487", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -259,15 +259,27 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", @@ -285,7 +297,10 @@ }, { "url": "https://security.gentoo.org/glsa/202310-22", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.debian.org/security/2021/dsa-5011", diff --git a/CVE-2021/CVE-2021-252xx/CVE-2021-25284.json b/CVE-2021/CVE-2021-252xx/CVE-2021-25284.json index fabd3cae1d7..1626aec0d73 100644 --- a/CVE-2021/CVE-2021-252xx/CVE-2021-25284.json +++ b/CVE-2021/CVE-2021-252xx/CVE-2021-25284.json @@ -2,8 +2,8 @@ "id": "CVE-2021-25284", "sourceIdentifier": "cve@mitre.org", "published": "2021-02-27T05:15:14.037", - "lastModified": "2023-11-07T03:31:26.923", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-21T18:23:44.710", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -271,15 +271,27 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", @@ -297,7 +309,10 @@ }, { "url": "https://security.gentoo.org/glsa/202310-22", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.debian.org/security/2021/dsa-5011", diff --git a/CVE-2021/CVE-2021-316xx/CVE-2021-31607.json b/CVE-2021/CVE-2021-316xx/CVE-2021-31607.json index 796048e4921..b0b55dc3640 100644 --- a/CVE-2021/CVE-2021-316xx/CVE-2021-31607.json +++ b/CVE-2021/CVE-2021-316xx/CVE-2021-31607.json @@ -2,8 +2,8 @@ "id": "CVE-2021-31607", "sourceIdentifier": "cve@mitre.org", "published": "2021-04-23T06:15:07.893", - "lastModified": "2023-11-07T03:34:59.000", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-21T18:32:15.987", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -130,19 +130,35 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BUWUF5VTENNP2ZYZBVFKPSUHLKLUBD5/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ACVT7M4YLZRLWWQ6SGRK3C6TOF4FXOXT/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDKMAJXYFHM4USVX3H5V2GCCBGASWUSM/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MBAHHSGZLEJRCG4DX6J4RBWJAAWH55RQ/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://sec.stealthcopter.com/saltstack-snapper-minion-privledge-escaltion/", @@ -155,7 +171,10 @@ }, { "url": "https://security.gentoo.org/glsa/202310-22", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.debian.org/security/2021/dsa-5011", diff --git a/CVE-2021/CVE-2021-31xx/CVE-2021-3144.json b/CVE-2021/CVE-2021-31xx/CVE-2021-3144.json index eb1cea7bd1e..e3d60bcff4e 100644 --- a/CVE-2021/CVE-2021-31xx/CVE-2021-3144.json +++ b/CVE-2021/CVE-2021-31xx/CVE-2021-3144.json @@ -2,8 +2,8 @@ "id": "CVE-2021-3144", "sourceIdentifier": "cve@mitre.org", "published": "2021-02-27T05:15:14.113", - "lastModified": "2023-11-07T03:37:55.990", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-21T18:31:17.197", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -259,15 +259,27 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", @@ -285,7 +297,10 @@ }, { "url": "https://security.gentoo.org/glsa/202310-22", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.debian.org/security/2021/dsa-5011", diff --git a/CVE-2021/CVE-2021-31xx/CVE-2021-3148.json b/CVE-2021/CVE-2021-31xx/CVE-2021-3148.json index 861964765b5..57f6a6ca341 100644 --- a/CVE-2021/CVE-2021-31xx/CVE-2021-3148.json +++ b/CVE-2021/CVE-2021-31xx/CVE-2021-3148.json @@ -2,8 +2,8 @@ "id": "CVE-2021-3148", "sourceIdentifier": "cve@mitre.org", "published": "2021-02-27T05:15:14.190", - "lastModified": "2023-11-07T03:37:56.090", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-21T18:31:34.073", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -259,15 +259,27 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", @@ -285,7 +297,10 @@ }, { "url": "https://security.gentoo.org/glsa/202310-22", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.debian.org/security/2021/dsa-5011", diff --git a/CVE-2021/CVE-2021-31xx/CVE-2021-3197.json b/CVE-2021/CVE-2021-31xx/CVE-2021-3197.json index ef0a3d7a1c0..1107205bbb1 100644 --- a/CVE-2021/CVE-2021-31xx/CVE-2021-3197.json +++ b/CVE-2021/CVE-2021-31xx/CVE-2021-3197.json @@ -2,8 +2,8 @@ "id": "CVE-2021-3197", "sourceIdentifier": "cve@mitre.org", "published": "2021-02-27T05:15:14.317", - "lastModified": "2023-11-07T03:37:57.397", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-21T18:29:48.660", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -267,15 +267,27 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/", @@ -293,7 +305,10 @@ }, { "url": "https://security.gentoo.org/glsa/202310-22", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.debian.org/security/2021/dsa-5011", diff --git a/CVE-2022/CVE-2022-229xx/CVE-2022-22934.json b/CVE-2022/CVE-2022-229xx/CVE-2022-22934.json index e649f01455e..c5a83422e7d 100644 --- a/CVE-2022/CVE-2022-229xx/CVE-2022-22934.json +++ b/CVE-2022/CVE-2022-229xx/CVE-2022-22934.json @@ -2,8 +2,8 @@ "id": "CVE-2022-22934", "sourceIdentifier": "security@vmware.com", "published": "2022-03-29T17:15:15.170", - "lastModified": "2023-11-07T03:44:00.407", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-21T18:45:25.720", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -111,7 +111,10 @@ "references": [ { "url": "https://github.com/saltstack/salt/releases%2C", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://repo.saltproject.io/", @@ -122,11 +125,17 @@ }, { "url": "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://security.gentoo.org/glsa/202310-22", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-229xx/CVE-2022-22935.json b/CVE-2022/CVE-2022-229xx/CVE-2022-22935.json index 3fc4bfcaeaf..df503b2c4ac 100644 --- a/CVE-2022/CVE-2022-229xx/CVE-2022-22935.json +++ b/CVE-2022/CVE-2022-229xx/CVE-2022-22935.json @@ -2,8 +2,8 @@ "id": "CVE-2022-22935", "sourceIdentifier": "security@vmware.com", "published": "2022-03-29T17:15:15.220", - "lastModified": "2023-11-07T03:44:00.483", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-21T18:47:04.100", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -111,7 +111,10 @@ "references": [ { "url": "https://github.com/saltstack/salt/releases%2C", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://repo.saltproject.io/", @@ -122,11 +125,17 @@ }, { "url": "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://security.gentoo.org/glsa/202310-22", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-229xx/CVE-2022-22936.json b/CVE-2022/CVE-2022-229xx/CVE-2022-22936.json index 5dbb89156a8..69eb1abaf90 100644 --- a/CVE-2022/CVE-2022-229xx/CVE-2022-22936.json +++ b/CVE-2022/CVE-2022-229xx/CVE-2022-22936.json @@ -2,8 +2,8 @@ "id": "CVE-2022-22936", "sourceIdentifier": "security@vmware.com", "published": "2022-03-29T17:15:15.273", - "lastModified": "2023-11-07T03:44:00.560", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-21T18:47:15.553", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -111,7 +111,10 @@ "references": [ { "url": "https://github.com/saltstack/salt/releases%2C", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://repo.saltproject.io/", @@ -122,11 +125,17 @@ }, { "url": "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://security.gentoo.org/glsa/202310-22", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-229xx/CVE-2022-22941.json b/CVE-2022/CVE-2022-229xx/CVE-2022-22941.json index 9d74cebca19..d9ba1aded92 100644 --- a/CVE-2022/CVE-2022-229xx/CVE-2022-22941.json +++ b/CVE-2022/CVE-2022-229xx/CVE-2022-22941.json @@ -2,8 +2,8 @@ "id": "CVE-2022-22941", "sourceIdentifier": "security@vmware.com", "published": "2022-03-29T17:15:15.327", - "lastModified": "2023-11-07T03:44:00.653", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-21T18:44:31.113", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -111,7 +111,10 @@ "references": [ { "url": "https://github.com/saltstack/salt/releases%2C", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://repo.saltproject.io/", @@ -122,11 +125,17 @@ }, { "url": "https://saltproject.io/security_announcements/salt-security-advisory-release/%2C", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://security.gentoo.org/glsa/202310-22", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-229xx/CVE-2022-22967.json b/CVE-2022/CVE-2022-229xx/CVE-2022-22967.json index 4cf8a351a09..b5286878d18 100644 --- a/CVE-2022/CVE-2022-229xx/CVE-2022-22967.json +++ b/CVE-2022/CVE-2022-229xx/CVE-2022-22967.json @@ -2,8 +2,8 @@ "id": "CVE-2022-22967", "sourceIdentifier": "security@vmware.com", "published": "2022-06-23T17:15:12.080", - "lastModified": "2023-11-07T03:44:00.893", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-21T18:44:00.137", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -118,11 +118,17 @@ }, { "url": "https://saltproject.io/security_announcements/salt-security-advisory-release-june-21st-2022/%2C", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Broken Link" + ] }, { "url": "https://security.gentoo.org/glsa/202310-22", - "source": "security@vmware.com" + "source": "security@vmware.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-322xx/CVE-2022-32292.json b/CVE-2022/CVE-2022-322xx/CVE-2022-32292.json index 2e1edd6fa7c..68e45685f07 100644 --- a/CVE-2022/CVE-2022-322xx/CVE-2022-32292.json +++ b/CVE-2022/CVE-2022-322xx/CVE-2022-32292.json @@ -2,8 +2,8 @@ "id": "CVE-2022-32292", "sourceIdentifier": "cve@mitre.org", "published": "2022-08-03T14:15:08.620", - "lastModified": "2023-11-07T03:47:47.760", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-21T18:51:27.990", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -94,11 +94,17 @@ }, { "url": "https://lore.kernel.org/connman/20220801080043.4861-5-wagi%40monom.org/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://security.gentoo.org/glsa/202310-21", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.debian.org/security/2022/dsa-5231", diff --git a/CVE-2022/CVE-2022-322xx/CVE-2022-32293.json b/CVE-2022/CVE-2022-322xx/CVE-2022-32293.json index 47b4e0822fb..fa165c4ddc2 100644 --- a/CVE-2022/CVE-2022-322xx/CVE-2022-32293.json +++ b/CVE-2022/CVE-2022-322xx/CVE-2022-32293.json @@ -2,8 +2,8 @@ "id": "CVE-2022-32293", "sourceIdentifier": "cve@mitre.org", "published": "2022-08-03T14:15:08.667", - "lastModified": "2023-11-07T03:47:47.847", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-21T18:51:04.713", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -94,15 +94,24 @@ }, { "url": "https://lore.kernel.org/connman/20220801080043.4861-1-wagi%40monom.org/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://lore.kernel.org/connman/20220801080043.4861-3-wagi%40monom.org/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://security.gentoo.org/glsa/202310-21", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.debian.org/security/2022/dsa-5231", diff --git a/CVE-2023/CVE-2023-07xx/CVE-2023-0757.json b/CVE-2023/CVE-2023-07xx/CVE-2023-0757.json index 04350f42aed..0d2dbfb6363 100644 --- a/CVE-2023/CVE-2023-07xx/CVE-2023-0757.json +++ b/CVE-2023/CVE-2023-07xx/CVE-2023-0757.json @@ -2,12 +2,16 @@ "id": "CVE-2023-0757", "sourceIdentifier": "info@cert.vde.com", "published": "2023-12-14T14:15:42.083", - "lastModified": "2023-12-14T14:49:08.357", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-21T17:13:25.403", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Incorrect Permission Assignment for Critical Resource vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX CONTACT ProConOS eCLR (SDK) allows an unauthenticated remote attacker to upload arbitrary malicious code and gain full access on the affected device." + }, + { + "lang": "es", + "value": "Asignaci\u00f3n de permisos incorrecta para una vulnerabilidad de recursos cr\u00edticos en PHOENIX CONTACT MULTIPROG, PHOENIX CONTACT ProConOS eCLR (SDK) permite a un atacante remoto no autenticado cargar c\u00f3digo malicioso arbitrario y obtener acceso completo al dispositivo afectado." } ], "metrics": { @@ -46,10 +50,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phoenixcontact:multiprog:*:*:*:*:*:*:*:*", + "matchCriteriaId": "42452860-CB53-479D-ADE1-E8166EC834C4" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phoenixcontact:proconos_eclr:*:*:*:*:*:*:*:*", + "matchCriteriaId": "B9A422FD-2C4C-4B77-B619-6747474A3FA7" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.vde.com/en/advisories/VDE-2023-051/", - "source": "info@cert.vde.com" + "source": "info@cert.vde.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-226xx/CVE-2023-22674.json b/CVE-2023/CVE-2023-226xx/CVE-2023-22674.json index 86c9d160bc0..1b593fbd696 100644 --- a/CVE-2023/CVE-2023-226xx/CVE-2023-22674.json +++ b/CVE-2023/CVE-2023-226xx/CVE-2023-22674.json @@ -2,8 +2,8 @@ "id": "CVE-2023-22674", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-21T15:15:08.137", - "lastModified": "2023-12-21T15:15:08.137", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:45.660", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2487.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2487.json index 10e16055a5b..d50655768ce 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2487.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2487.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2487", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-21T14:15:07.750", - "lastModified": "2023-12-21T14:15:07.750", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:45.660", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-284xx/CVE-2023-28421.json b/CVE-2023/CVE-2023-284xx/CVE-2023-28421.json index 36e9bfc520c..5a15e91ada1 100644 --- a/CVE-2023/CVE-2023-284xx/CVE-2023-28421.json +++ b/CVE-2023/CVE-2023-284xx/CVE-2023-28421.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28421", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-21T14:15:07.370", - "lastModified": "2023-12-21T14:15:07.370", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:45.660", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33214.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33214.json index 668c78a7aea..73cd42c1aa6 100644 --- a/CVE-2023/CVE-2023-332xx/CVE-2023-33214.json +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33214.json @@ -2,16 +2,40 @@ "id": "CVE-2023-33214", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-18T16:15:09.597", - "lastModified": "2023-12-18T17:24:19.373", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-21T18:57:33.513", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Tagbox Tagbox \u2013 UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox \u2013 UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Tagbox agbox \u2013 UGC Galleries, Social Media Widgets, User Reviews & Analytics. Este problema afecta a Tagbox \u2013 UGC Galleries, Social Media Widgets, User Reviews & Analytics: desde n/a hasta 3.1." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:taggbox:taggbox:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.1", + "matchCriteriaId": "CB4FE71D-2D79-4736-ABDB-BDB95F5D0371" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/taggbox-widget/wordpress-taggbox-ugc-galleries-social-media-widgets-user-reviews-analytics-plugin-2-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-400xx/CVE-2023-40058.json b/CVE-2023/CVE-2023-400xx/CVE-2023-40058.json new file mode 100644 index 00000000000..c2ace2deae0 --- /dev/null +++ b/CVE-2023/CVE-2023-400xx/CVE-2023-40058.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-40058", + "sourceIdentifier": "psirt@solarwinds.com", + "published": "2023-12-21T17:15:07.763", + "lastModified": "2023-12-21T18:15:28.593", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment. \n\n\n\n\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@solarwinds.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@solarwinds.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-40058", + "source": "psirt@solarwinds.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-428xx/CVE-2023-42800.json b/CVE-2023/CVE-2023-428xx/CVE-2023-42800.json index a096b298b00..d9ba40ccc05 100644 --- a/CVE-2023/CVE-2023-428xx/CVE-2023-42800.json +++ b/CVE-2023/CVE-2023-428xx/CVE-2023-42800.json @@ -2,16 +2,40 @@ "id": "CVE-2023-42800", "sourceIdentifier": "security-advisories@github.com", "published": "2023-12-14T17:15:07.463", - "lastModified": "2023-12-14T17:17:50.580", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-21T17:17:02.843", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Moonlight-common-c contains the core GameStream client code shared between Moonlight clients. Moonlight-common-c is vulnerable to buffer overflow starting in commit 50c0a51b10ecc5b3415ea78c21d96d679e2288f9 due to unmitigated usage of unsafe C functions and improper bounds checking. A malicious game streaming server could exploit a buffer overflow vulnerability to crash a moonlight client, or achieve remote code execution (RCE) on the client (with insufficient exploit mitigations or if mitigations can be bypassed). The bug was addressed in commit 24750d4b748fefa03d09fcfd6d45056faca354e0." + }, + { + "lang": "es", + "value": "Moonlight-common-c contiene el c\u00f3digo principal del cliente GameStream compartido entre los clientes Moonlight. Moonlight-common-c es vulnerable al desbordamiento del b\u00fafer a partir de el commit 50c0a51b10ecc5b3415ea78c21d96d679e2288f9 debido al uso absoluto de funciones C inseguras y a una verificaci\u00f3n de l\u00edmites inadecuada. Un servidor de transmisi\u00f3n de juegos malicioso podr\u00eda aprovechar una vulnerabilidad de desbordamiento del b\u00fafer para bloquear un cliente de luz nocturna o lograr la ejecuci\u00f3n remota de c\u00f3digo (RCE) en el cliente (con mitigaciones de explotaci\u00f3n insuficientes o si se pueden evitar las mitigaciones). El error se solucion\u00f3 en el commit 24750d4b748fefa03d09fcfd6d45056faca354e0." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,22 +70,203 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:moonlight-stream:moonlight-common-c:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2022-11-04", + "versionEndExcluding": "2023-10-06", + "matchCriteriaId": "EE5D99F2-FFB5-4239-855B-2CDAE0210FE3" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:moonlight-stream:moonlight:*:*:*:*:*:iphone_os:*:*", + "versionStartIncluding": "8.4.0", + "versionEndIncluding": "8.5.0", + "matchCriteriaId": "730ABEDB-A45B-487D-90E5-58188F33021E" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:moonlight-stream:moonlight:*:*:*:*:*:tvos:*:*", + "versionStartIncluding": "8.4.0", + "versionEndIncluding": "8.5.0", + "matchCriteriaId": "F8DC3BA3-941C-40D2-AD1B-AF7971D99672" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:moonlight-stream:moonlight:*:*:*:*:*:android:*:*", + "versionStartIncluding": "10.10", + "versionEndIncluding": "11.0", + "matchCriteriaId": "6D8BB0A6-B219-4AFF-BE01-BC0546DAAF91" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:moonlight-stream:moonlight:0.10.22:*:*:*:*:chrome:*:*", + "matchCriteriaId": "E50A8A78-8606-49DD-8D95-3AE7DFBA3E87" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:moonlight-stream:moonlight_embedded:2.6.0:*:*:*:*:*:*:*", + "matchCriteriaId": "9E1F448D-0CFE-4DAE-A119-8AF4F8FD48EF" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:moonlight-stream:moonlight_xbox:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.12.0", + "versionEndIncluding": "1.14.40", + "matchCriteriaId": "BFE72448-E647-43F9-A72C-F86118596EE3" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:moonlight-stream:moonlight_tv:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.5.4", + "versionEndIncluding": "1.5.27", + "matchCriteriaId": "38BDA766-E56D-496D-BC16-AD2026E04A7F" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:moonlight-stream:moonlight_switch:*:*:*:*:*:*:*:*", + "versionStartIncluding": "0.13", + "versionEndIncluding": "0.13.3", + "matchCriteriaId": "5FFADEE0-F587-4444-AE6F-323E20808042" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:moonlight-stream:moonlight_vita:*:*:*:*:*:*:*:*", + "versionStartIncluding": "0.9.2", + "versionEndIncluding": "0.9.3", + "matchCriteriaId": "EFAF4088-233D-46FA-A031-ACCF0D7FF78F" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/moonlight-stream/moonlight-common-c/blob/2bb026c763fc18807d7e4a93f918054c488f84e1/src/RtspConnection.c#L796", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Product" + ] }, { "url": "https://github.com/moonlight-stream/moonlight-common-c/commit/24750d4b748fefa03d09fcfd6d45056faca354e0", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/moonlight-stream/moonlight-common-c/commit/50c0a51b10ecc5b3415ea78c21d96d679e2288f9", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/moonlight-stream/moonlight-common-c/security/advisories/GHSA-4927-23jw-rq62", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-42xx/CVE-2023-4255.json b/CVE-2023/CVE-2023-42xx/CVE-2023-4255.json index 0c562c8e3ce..c23eb93cdb3 100644 --- a/CVE-2023/CVE-2023-42xx/CVE-2023-4255.json +++ b/CVE-2023/CVE-2023-42xx/CVE-2023-4255.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4255", "sourceIdentifier": "secalert@redhat.com", "published": "2023-12-21T16:15:10.017", - "lastModified": "2023-12-21T16:15:10.017", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:28.593", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-42xx/CVE-2023-4256.json b/CVE-2023/CVE-2023-42xx/CVE-2023-4256.json index 9cc72c3a327..80c69bb590b 100644 --- a/CVE-2023/CVE-2023-42xx/CVE-2023-4256.json +++ b/CVE-2023/CVE-2023-42xx/CVE-2023-4256.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4256", "sourceIdentifier": "secalert@redhat.com", "published": "2023-12-21T16:15:10.400", - "lastModified": "2023-12-21T16:15:10.400", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:28.593", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-451xx/CVE-2023-45115.json b/CVE-2023/CVE-2023-451xx/CVE-2023-45115.json index 2c4e12bf4ed..295b6eef5b1 100644 --- a/CVE-2023/CVE-2023-451xx/CVE-2023-45115.json +++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45115.json @@ -2,8 +2,8 @@ "id": "CVE-2023-45115", "sourceIdentifier": "help@fluidattacks.com", "published": "2023-12-21T16:15:07.517", - "lastModified": "2023-12-21T16:15:07.517", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:38.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-451xx/CVE-2023-45116.json b/CVE-2023/CVE-2023-451xx/CVE-2023-45116.json index 346883f5910..d0b3a609e54 100644 --- a/CVE-2023/CVE-2023-451xx/CVE-2023-45116.json +++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45116.json @@ -2,8 +2,8 @@ "id": "CVE-2023-45116", "sourceIdentifier": "help@fluidattacks.com", "published": "2023-12-21T16:15:08.040", - "lastModified": "2023-12-21T16:15:08.040", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:38.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-451xx/CVE-2023-45117.json b/CVE-2023/CVE-2023-451xx/CVE-2023-45117.json index 667f26e8188..7e1fcef5d9c 100644 --- a/CVE-2023/CVE-2023-451xx/CVE-2023-45117.json +++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45117.json @@ -2,8 +2,8 @@ "id": "CVE-2023-45117", "sourceIdentifier": "help@fluidattacks.com", "published": "2023-12-21T16:15:08.380", - "lastModified": "2023-12-21T16:15:08.380", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:38.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-451xx/CVE-2023-45118.json b/CVE-2023/CVE-2023-451xx/CVE-2023-45118.json index 09c74a9273c..3122ff43f5e 100644 --- a/CVE-2023/CVE-2023-451xx/CVE-2023-45118.json +++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45118.json @@ -2,8 +2,8 @@ "id": "CVE-2023-45118", "sourceIdentifier": "help@fluidattacks.com", "published": "2023-12-21T16:15:08.750", - "lastModified": "2023-12-21T16:15:08.750", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:38.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-451xx/CVE-2023-45119.json b/CVE-2023/CVE-2023-451xx/CVE-2023-45119.json index 8eab9777402..dc6c9f8038a 100644 --- a/CVE-2023/CVE-2023-451xx/CVE-2023-45119.json +++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45119.json @@ -2,8 +2,8 @@ "id": "CVE-2023-45119", "sourceIdentifier": "help@fluidattacks.com", "published": "2023-12-21T16:15:09.197", - "lastModified": "2023-12-21T16:15:09.197", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:38.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-451xx/CVE-2023-45120.json b/CVE-2023/CVE-2023-451xx/CVE-2023-45120.json new file mode 100644 index 00000000000..3fb3e4a0da7 --- /dev/null +++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45120.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-45120", + "sourceIdentifier": "help@fluidattacks.com", + "published": "2023-12-21T17:15:08.153", + "lastModified": "2023-12-21T18:15:28.593", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities.\u00a0The 'qid' parameter of the update.php resource\u00a0does not validate the characters received and they\u00a0are sent unfiltered to the database.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "help@fluidattacks.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "help@fluidattacks.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://fluidattacks.com/advisories/argerich/", + "source": "help@fluidattacks.com" + }, + { + "url": "https://projectworlds.in/", + "source": "help@fluidattacks.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-451xx/CVE-2023-45121.json b/CVE-2023/CVE-2023-451xx/CVE-2023-45121.json new file mode 100644 index 00000000000..93b0e5127eb --- /dev/null +++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45121.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-45121", + "sourceIdentifier": "help@fluidattacks.com", + "published": "2023-12-21T17:15:08.440", + "lastModified": "2023-12-21T18:15:28.593", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities.\u00a0The 'desc' parameter of the update.php resource\u00a0does not validate the characters received and they\u00a0are sent unfiltered to the database.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "help@fluidattacks.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "help@fluidattacks.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://fluidattacks.com/advisories/argerich/", + "source": "help@fluidattacks.com" + }, + { + "url": "https://projectworlds.in/", + "source": "help@fluidattacks.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-451xx/CVE-2023-45122.json b/CVE-2023/CVE-2023-451xx/CVE-2023-45122.json new file mode 100644 index 00000000000..0593170c848 --- /dev/null +++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45122.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-45122", + "sourceIdentifier": "help@fluidattacks.com", + "published": "2023-12-21T17:15:08.723", + "lastModified": "2023-12-21T18:15:28.593", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities.\u00a0The 'name' parameter of the update.php resource\u00a0does not validate the characters received and they\u00a0are sent unfiltered to the database.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "help@fluidattacks.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "help@fluidattacks.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://fluidattacks.com/advisories/argerich/", + "source": "help@fluidattacks.com" + }, + { + "url": "https://projectworlds.in/", + "source": "help@fluidattacks.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-451xx/CVE-2023-45123.json b/CVE-2023/CVE-2023-451xx/CVE-2023-45123.json new file mode 100644 index 00000000000..612e0d89697 --- /dev/null +++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45123.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-45123", + "sourceIdentifier": "help@fluidattacks.com", + "published": "2023-12-21T17:15:09.007", + "lastModified": "2023-12-21T18:15:28.593", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities.\u00a0The 'right' parameter of the update.php resource\u00a0does not validate the characters received and they\u00a0are sent unfiltered to the database.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "help@fluidattacks.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "help@fluidattacks.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://fluidattacks.com/advisories/argerich/", + "source": "help@fluidattacks.com" + }, + { + "url": "https://projectworlds.in/", + "source": "help@fluidattacks.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-461xx/CVE-2023-46141.json b/CVE-2023/CVE-2023-461xx/CVE-2023-46141.json index c6d82f4b29d..d10905203b6 100644 --- a/CVE-2023/CVE-2023-461xx/CVE-2023-46141.json +++ b/CVE-2023/CVE-2023-461xx/CVE-2023-46141.json @@ -2,12 +2,16 @@ "id": "CVE-2023-46141", "sourceIdentifier": "info@cert.vde.com", "published": "2023-12-14T14:15:42.767", - "lastModified": "2023-12-14T14:49:08.357", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-21T17:14:56.770", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the PHOENIX CONTACT classic line allow an remote unauthenticated attacker to gain full access of the affected device." + }, + { + "lang": "es", + "value": "La asignaci\u00f3n de permisos incorrecta para una vulnerabilidad de recursos cr\u00edticos en varios productos de la l\u00ednea cl\u00e1sica de PHOENIX CONTACT permite que un atacante remoto no autenticado obtenga acceso completo al dispositivo afectado." } ], "metrics": { @@ -46,10 +50,441 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phoenixcontact:automationworx_software_suite:*:*:*:*:*:*:*:*", + "matchCriteriaId": "9797B615-825F-4CAA-B36E-5161E37FAF9A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:axc_1050_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "F0D586DC-2274-4A32-AE98-7BE174C230CC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:axc_1050:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5F55C821-DAA6-4098-BB54-80F6D9ED0CD6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:axc_1050_xc_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "332A6164-CDC1-4DBF-9B62-946EC7D7C4B3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:axc_1050_xc:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E03B5234-36FA-4BCE-964D-F55FFFD5CAAC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:axc_3050_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "84066F7B-8306-4743-9F12-75B8F880AD93" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:axc_3050:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CB9699A2-782D-40F3-B8D6-3C315104BA60" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phoenixcontact:config\\+:*:*:*:*:*:*:*:*", + "matchCriteriaId": "A6D8FDB6-6181-49EB-BE6D-236D39A478A1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:fc_350_pci_eth_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "DEB7CA5B-7EEF-4E0E-9A53-83FE28730852" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:fc_350_pci_eth:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F4BB6654-41BB-488E-AC8C-E74C05CA198F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:ilc1x0_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "5AC07A81-D5D6-449C-93F8-93D6E87487DD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:ilc1x0:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AE45F6AF-7286-48F7-B4BE-AFC948884C7C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:ilc1x1_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "8E168AB1-1B81-4990-95E4-56C36275609B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:ilc1x1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9E318A8B-D1D1-4DD5-AF71-DCBFEFCF2C5E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:ilc_3xx_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "65E1A201-E7B1-452B-8BC6-A355A3BF9460" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:ilc_3xx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FF1C58A6-5220-4509-B426-D1ED5ECFAD05" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phoenixcontact:pc_worx:*:*:*:*:*:*:*:*", + "matchCriteriaId": "B975C4E4-83B5-4C98-811B-E6D13687AB85" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phoenixcontact:pc_worx_express:*:*:*:*:*:*:*:*", + "matchCriteriaId": "CE663FFA-4B82-4477-A424-4C9CC83C131E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:pc_worx_rt_basic_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "8693B231-3A5C-47B7-BEA5-53D430BBACF4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:pc_worx_rt_basic:-:*:*:*:*:*:*:*", + "matchCriteriaId": "08B214FC-776F-454B-8DC4-E7F2E6EFB013" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phoenixcontact:pc_worx_srt:*:*:*:*:*:*:*:*", + "matchCriteriaId": "A2A6F462-A12F-4E08-9AA6-1C1AF743A645" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:rfc_430_eth-ib_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "643E47A5-E7AA-4321-99A1-05EEBD9A2B56" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:rfc_430_eth-ib:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1F32F262-519C-41BB-BF31-ECBCAC1ABEA9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:rfc_450_eth-ib_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "A91E019B-F0C5-4DF0-AE4C-E60F3D598F0C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:rfc_450_eth-ib:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C3C2EDF4-2982-4858-A960-7E7564E5B20A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:rfc_460r_pn_3tx_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "302995A9-E9CC-4477-B374-CE10F16A5E10" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:rfc_460r_pn_3tx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F7544E2C-2E63-4C36-AB64-764B4393E377" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:rfc_470s_pn_3tx_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "CCAB2CA6-EEC4-4E0D-B962-FC2C4EF06013" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:rfc_470s_pn_3tx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CD94CBFF-CC25-4122-96FE-2308A4D1659D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:rfc_480s_pn_4tx_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "3B383246-EF0A-466F-89EA-F61AFC447509" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:rfc_480s_pn_4tx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6B043176-58CC-438C-92D9-99F479BB1C58" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.vde.com/en/advisories/VDE-2023-055/", - "source": "info@cert.vde.com" + "source": "info@cert.vde.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-461xx/CVE-2023-46142.json b/CVE-2023/CVE-2023-461xx/CVE-2023-46142.json index e980fa837b3..244566ed223 100644 --- a/CVE-2023/CVE-2023-461xx/CVE-2023-46142.json +++ b/CVE-2023/CVE-2023-461xx/CVE-2023-46142.json @@ -2,12 +2,16 @@ "id": "CVE-2023-46142", "sourceIdentifier": "info@cert.vde.com", "published": "2023-12-14T14:15:42.983", - "lastModified": "2023-12-14T14:49:08.357", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-21T17:15:15.170", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote attacker with low privileges to gain full access on the affected devices." + }, + { + "lang": "es", + "value": "Una asignaci\u00f3n de permiso incorrecta para una vulnerabilidad de recursos cr\u00edticos en los productos PLCnext permite que un atacante remoto con privilegios bajos obtenga acceso completo a los dispositivos afectados." } ], "metrics": { @@ -46,10 +50,255 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:axc_f_1152_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2024.0", + "matchCriteriaId": "9C72F7B2-43D1-43CB-B611-B57487E9AE53" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:axc_f_1152:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2474BD7-C447-4E07-A628-C729E376943D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:axc_f_2152_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2024.0", + "matchCriteriaId": "4EA16E9E-ADBB-4943-AE2D-7C49F882A809" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:axc_f_2152:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AE2E6118-6587-444A-A143-9C3A1E6ED4FD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:axc_f_3152_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2024.0", + "matchCriteriaId": "E28DCF3B-C26E-44BE-BCA1-0AED56326FC3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:axc_f_3152:-:*:*:*:*:*:*:*", + "matchCriteriaId": "57424998-4EAB-4682-BFC4-1D2A621514F4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:bpc_9102s_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2024.0", + "matchCriteriaId": "A97B1250-2830-4EFC-9393-DF96E129E16D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:bpc_9102s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "346E85EB-8800-40C7-A7DA-EA587CF90F08" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:epc_1502_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2024.0", + "matchCriteriaId": "F8E7E962-9BA0-418B-8A43-541C5278C9ED" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:epc_1502:-:*:*:*:*:*:*:*", + "matchCriteriaId": "85AF0A71-02C4-4CFF-A820-5C326F066024" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:epc_1522_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2024.0", + "matchCriteriaId": "E3671BE8-A1DE-444E-9A24-5C86E4F0BBF1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:epc_1522:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CBD531B6-09DA-4B4A-AA7C-C2A54B089C67" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phoenixcontact:plcnext_engineer:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2024.0", + "matchCriteriaId": "C6A5C5E9-4F2C-44BC-8B64-29D25C789643" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:rfc_4072r_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2024.0", + "matchCriteriaId": "FE1D89DD-1717-4E84-8A33-82AA29594E7D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:rfc_4072r:-:*:*:*:*:*:*:*", + "matchCriteriaId": "65D9C540-F273-4EA8-8FF6-95DF46B01D89" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:rfc_4072s_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2024.0", + "matchCriteriaId": "E633B5AB-BD27-461D-8083-20CC1C768D34" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:rfc_4072s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0BF1EAD1-7C19-4A6E-BF87-EF3F7E526BD6" + } + ] + } + ] + } + ], "references": [ { "url": "https://https://cert.vde.com/en/advisories/VDE-2023-056/", - "source": "info@cert.vde.com" + "source": "info@cert.vde.com", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-461xx/CVE-2023-46143.json b/CVE-2023/CVE-2023-461xx/CVE-2023-46143.json index d16c3a5cc24..cc6ad32a157 100644 --- a/CVE-2023/CVE-2023-461xx/CVE-2023-46143.json +++ b/CVE-2023/CVE-2023-461xx/CVE-2023-46143.json @@ -2,12 +2,16 @@ "id": "CVE-2023-46143", "sourceIdentifier": "info@cert.vde.com", "published": "2023-12-14T14:15:43.207", - "lastModified": "2023-12-14T14:49:08.357", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-21T17:15:46.577", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthenticated remote attacker to modify some or all applications on a PLC." + }, + { + "lang": "es", + "value": "La vulnerabilidad de descarga de c\u00f3digo sin verificaci\u00f3n de integridad en los PLC de la l\u00ednea cl\u00e1sica de PHOENIX CONTACT permite que un atacante remoto no autenticado modifique algunas o todas las aplicaciones en un PLC." } ], "metrics": { @@ -46,10 +50,441 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phoenixcontact:automationworx_software_suite:*:*:*:*:*:*:*:*", + "matchCriteriaId": "9797B615-825F-4CAA-B36E-5161E37FAF9A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:axc_1050_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "F0D586DC-2274-4A32-AE98-7BE174C230CC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:axc_1050:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5F55C821-DAA6-4098-BB54-80F6D9ED0CD6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:axc_1050_xc_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "332A6164-CDC1-4DBF-9B62-946EC7D7C4B3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:axc_1050_xc:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E03B5234-36FA-4BCE-964D-F55FFFD5CAAC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:axc_3050_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "84066F7B-8306-4743-9F12-75B8F880AD93" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:axc_3050:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CB9699A2-782D-40F3-B8D6-3C315104BA60" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phoenixcontact:config\\+:*:*:*:*:*:*:*:*", + "matchCriteriaId": "A6D8FDB6-6181-49EB-BE6D-236D39A478A1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:fc_350_pci_eth_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "DEB7CA5B-7EEF-4E0E-9A53-83FE28730852" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:fc_350_pci_eth:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F4BB6654-41BB-488E-AC8C-E74C05CA198F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:ilc1x0_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "5AC07A81-D5D6-449C-93F8-93D6E87487DD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:ilc1x0:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AE45F6AF-7286-48F7-B4BE-AFC948884C7C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:ilc1x1_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "8E168AB1-1B81-4990-95E4-56C36275609B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:ilc1x1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9E318A8B-D1D1-4DD5-AF71-DCBFEFCF2C5E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:ilc_3xx_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "65E1A201-E7B1-452B-8BC6-A355A3BF9460" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:ilc_3xx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FF1C58A6-5220-4509-B426-D1ED5ECFAD05" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phoenixcontact:pc_worx:*:*:*:*:*:*:*:*", + "matchCriteriaId": "B975C4E4-83B5-4C98-811B-E6D13687AB85" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phoenixcontact:pc_worx_express:*:*:*:*:*:*:*:*", + "matchCriteriaId": "CE663FFA-4B82-4477-A424-4C9CC83C131E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:pc_worx_rt_basic_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "8693B231-3A5C-47B7-BEA5-53D430BBACF4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:pc_worx_rt_basic:-:*:*:*:*:*:*:*", + "matchCriteriaId": "08B214FC-776F-454B-8DC4-E7F2E6EFB013" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phoenixcontact:pc_worx_srt:*:*:*:*:*:*:*:*", + "matchCriteriaId": "A2A6F462-A12F-4E08-9AA6-1C1AF743A645" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:rfc_430_eth-ib_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "643E47A5-E7AA-4321-99A1-05EEBD9A2B56" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:rfc_430_eth-ib:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1F32F262-519C-41BB-BF31-ECBCAC1ABEA9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:rfc_450_eth-ib_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "A91E019B-F0C5-4DF0-AE4C-E60F3D598F0C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:rfc_450_eth-ib:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C3C2EDF4-2982-4858-A960-7E7564E5B20A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:rfc_460r_pn_3tx_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "302995A9-E9CC-4477-B374-CE10F16A5E10" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:rfc_460r_pn_3tx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F7544E2C-2E63-4C36-AB64-764B4393E377" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:rfc_470s_pn_3tx_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "CCAB2CA6-EEC4-4E0D-B962-FC2C4EF06013" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:rfc_470s_pn_3tx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CD94CBFF-CC25-4122-96FE-2308A4D1659D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:rfc_480s_pn_4tx_firmware:*:*:*:*:*:*:*:*", + "matchCriteriaId": "3B383246-EF0A-466F-89EA-F61AFC447509" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:rfc_480s_pn_4tx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6B043176-58CC-438C-92D9-99F479BB1C58" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.vde.com/en/advisories/VDE-2023-057/", - "source": "info@cert.vde.com" + "source": "info@cert.vde.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-461xx/CVE-2023-46144.json b/CVE-2023/CVE-2023-461xx/CVE-2023-46144.json index e5c971ad7ad..5212af115b9 100644 --- a/CVE-2023/CVE-2023-461xx/CVE-2023-46144.json +++ b/CVE-2023/CVE-2023-461xx/CVE-2023-46144.json @@ -2,16 +2,40 @@ "id": "CVE-2023-46144", "sourceIdentifier": "info@cert.vde.com", "published": "2023-12-14T14:15:43.447", - "lastModified": "2023-12-14T14:49:08.357", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-21T17:16:11.880", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A download of code without integrity check vulnerability in PLCnext products allows an remote attacker with low privileges to compromise integrity on the affected engineering station and the connected devices." + }, + { + "lang": "es", + "value": "Una descarga de c\u00f3digo sin vulnerabilidad de verificaci\u00f3n de integridad en los productos PLCnext permite que un atacante remoto con privilegios bajos comprometa la integridad de la estaci\u00f3n de ingenier\u00eda afectada y los dispositivos conectados." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "info@cert.vde.com", "type": "Secondary", @@ -46,10 +70,255 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:axc_f_1152_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2024.0", + "matchCriteriaId": "9C72F7B2-43D1-43CB-B611-B57487E9AE53" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:axc_f_1152:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2474BD7-C447-4E07-A628-C729E376943D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:axc_f_2152_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2024.0", + "matchCriteriaId": "4EA16E9E-ADBB-4943-AE2D-7C49F882A809" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:axc_f_2152:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AE2E6118-6587-444A-A143-9C3A1E6ED4FD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:axc_f_3152_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2024.0", + "matchCriteriaId": "E28DCF3B-C26E-44BE-BCA1-0AED56326FC3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:axc_f_3152:-:*:*:*:*:*:*:*", + "matchCriteriaId": "57424998-4EAB-4682-BFC4-1D2A621514F4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:bpc_9102s_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2024.0", + "matchCriteriaId": "A97B1250-2830-4EFC-9393-DF96E129E16D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:bpc_9102s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "346E85EB-8800-40C7-A7DA-EA587CF90F08" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:epc_1502_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2024.0", + "matchCriteriaId": "F8E7E962-9BA0-418B-8A43-541C5278C9ED" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:epc_1502:-:*:*:*:*:*:*:*", + "matchCriteriaId": "85AF0A71-02C4-4CFF-A820-5C326F066024" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:epc_1522_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2024.0", + "matchCriteriaId": "E3671BE8-A1DE-444E-9A24-5C86E4F0BBF1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:epc_1522:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CBD531B6-09DA-4B4A-AA7C-C2A54B089C67" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phoenixcontact:plcnext_engineer:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2024.0", + "matchCriteriaId": "C6A5C5E9-4F2C-44BC-8B64-29D25C789643" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:rfc_4072r_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2024.0", + "matchCriteriaId": "FE1D89DD-1717-4E84-8A33-82AA29594E7D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:rfc_4072r:-:*:*:*:*:*:*:*", + "matchCriteriaId": "65D9C540-F273-4EA8-8FF6-95DF46B01D89" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:phoenixcontact:rfc_4072s_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2024.0", + "matchCriteriaId": "E633B5AB-BD27-461D-8083-20CC1C768D34" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:phoenixcontact:rfc_4072s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0BF1EAD1-7C19-4A6E-BF87-EF3F7E526BD6" + } + ] + } + ] + } + ], "references": [ { "url": "https://https://cert.vde.com/en/advisories/VDE-2023-056/", - "source": "info@cert.vde.com" + "source": "info@cert.vde.com", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-475xx/CVE-2023-47525.json b/CVE-2023/CVE-2023-475xx/CVE-2023-47525.json index 276f511a9e8..4ec63e6d649 100644 --- a/CVE-2023/CVE-2023-475xx/CVE-2023-47525.json +++ b/CVE-2023/CVE-2023-475xx/CVE-2023-47525.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47525", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-21T15:15:09.097", - "lastModified": "2023-12-21T15:15:09.097", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:45.660", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-475xx/CVE-2023-47527.json b/CVE-2023/CVE-2023-475xx/CVE-2023-47527.json index fe0443ace65..2770ed8e659 100644 --- a/CVE-2023/CVE-2023-475xx/CVE-2023-47527.json +++ b/CVE-2023/CVE-2023-475xx/CVE-2023-47527.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47527", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-21T15:15:09.340", - "lastModified": "2023-12-21T15:15:09.340", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:45.660", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-47xx/CVE-2023-4724.json b/CVE-2023/CVE-2023-47xx/CVE-2023-4724.json index d230e85aeef..c0277a9c076 100644 --- a/CVE-2023/CVE-2023-47xx/CVE-2023-4724.json +++ b/CVE-2023/CVE-2023-47xx/CVE-2023-4724.json @@ -2,19 +2,86 @@ "id": "CVE-2023-4724", "sourceIdentifier": "contact@wpscan.com", "published": "2023-12-18T20:15:08.453", - "lastModified": "2023-12-18T20:21:38.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-21T18:41:59.457", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Export any WordPress data to XML/CSV WordPress plugin before 1.4.0, WP All Export Pro WordPress plugin before 1.8.6 does not validate and sanitise the `wp_query` parameter which allows an attacker to run arbitrary command on the remote server" + }, + { + "lang": "es", + "value": "Los complementos Export any WordPress data to XML/CSV de WordPress anterior a 1.4.0 y el complemento WP All Export Pro de WordPress anterior a 1.8.6 no validan ni sanitizan el par\u00e1metro `wp_query` que permite a un atacante ejecutar comandos arbitrarios en el servidor remoto" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:soflyy:export_any_wordpress_data_to_xml\\/csv:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.4.0", + "matchCriteriaId": "9479BFC7-D1DE-4B57-9C59-15AC7BBFCCA5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:soflyy:wp_all_export:*:*:*:*:pro:wordpress:*:*", + "versionEndExcluding": "1.8.6", + "matchCriteriaId": "D5872FA3-45C5-4E05-B8F6-3BFA53456908" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://wpscan.com/vulnerability/48820f1d-45cb-4f1f-990d-d132bfc5536f", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-481xx/CVE-2023-48114.json b/CVE-2023/CVE-2023-481xx/CVE-2023-48114.json index 9204aede01c..2cc176fca6d 100644 --- a/CVE-2023/CVE-2023-481xx/CVE-2023-48114.json +++ b/CVE-2023/CVE-2023-481xx/CVE-2023-48114.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48114", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-21T15:15:09.587", - "lastModified": "2023-12-21T16:15:09.620", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:38.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-481xx/CVE-2023-48115.json b/CVE-2023/CVE-2023-481xx/CVE-2023-48115.json index ebaa3c901e4..56ae3d77ad5 100644 --- a/CVE-2023/CVE-2023-481xx/CVE-2023-48115.json +++ b/CVE-2023/CVE-2023-481xx/CVE-2023-48115.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48115", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-21T15:15:09.637", - "lastModified": "2023-12-21T16:15:09.793", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:38.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-481xx/CVE-2023-48116.json b/CVE-2023/CVE-2023-481xx/CVE-2023-48116.json index fa558c6a8d8..de1badeb77a 100644 --- a/CVE-2023/CVE-2023-481xx/CVE-2023-48116.json +++ b/CVE-2023/CVE-2023-481xx/CVE-2023-48116.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48116", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-21T15:15:09.697", - "lastModified": "2023-12-21T16:15:09.913", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:38.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-482xx/CVE-2023-48288.json b/CVE-2023/CVE-2023-482xx/CVE-2023-48288.json index 5918e64a416..8c532acb8d2 100644 --- a/CVE-2023/CVE-2023-482xx/CVE-2023-48288.json +++ b/CVE-2023/CVE-2023-482xx/CVE-2023-48288.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48288", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-21T14:15:08.293", - "lastModified": "2023-12-21T14:15:08.293", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:45.660", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-491xx/CVE-2023-49162.json b/CVE-2023/CVE-2023-491xx/CVE-2023-49162.json index 7947ab92d53..58d9712e9ce 100644 --- a/CVE-2023/CVE-2023-491xx/CVE-2023-49162.json +++ b/CVE-2023/CVE-2023-491xx/CVE-2023-49162.json @@ -2,8 +2,8 @@ "id": "CVE-2023-49162", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-21T14:15:08.773", - "lastModified": "2023-12-21T14:15:08.773", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:45.660", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-491xx/CVE-2023-49191.json b/CVE-2023/CVE-2023-491xx/CVE-2023-49191.json index 37be359aa36..a0673a5d1bd 100644 --- a/CVE-2023/CVE-2023-491xx/CVE-2023-49191.json +++ b/CVE-2023/CVE-2023-491xx/CVE-2023-49191.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49191", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-15T16:15:44.320", - "lastModified": "2023-12-15T16:53:06.030", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-21T17:20:50.323", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Supsystic GDPR Cookie Consent by Supsystic allows Stored XSS.This issue affects GDPR Cookie Consent by Supsystic: from n/a through 2.1.2.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web (\"Cross-site Scripting\") en Supsystic GDPR Cookie Consent by Supsystic permite almacenar XSS. Este problema afecta a GDPR Cookie Consent by Supsystic: desde n/a hasta 2.1.2." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:supsystic:gdpr_cookie_consent:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.1.2", + "matchCriteriaId": "519FF277-4C7D-4A27-BF10-8D79FFC902B9" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/gdpr-compliance-by-supsystic/wordpress-gdpr-cookie-consent-by-supsystic-plugin-2-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-491xx/CVE-2023-49197.json b/CVE-2023/CVE-2023-491xx/CVE-2023-49197.json index 08a40a19ca2..aa90974d345 100644 --- a/CVE-2023/CVE-2023-491xx/CVE-2023-49197.json +++ b/CVE-2023/CVE-2023-491xx/CVE-2023-49197.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49197", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-15T16:15:44.510", - "lastModified": "2023-12-15T16:53:06.030", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-21T17:26:04.913", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Apasionados, Apasionados del Marketing, NetConsulting DoFollow Case by Case.This issue affects DoFollow Case by Case: from n/a through 3.4.2.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Apasionados, Apasionados del Marketing, NetConsulting DoFollow Case by Case. Este problema afecta a DoFollow Case by Case: desde n/a hasta 3.4.2." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apasionados:dofollow_case_by_case:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.4.2", + "matchCriteriaId": "CF19C86E-A2EC-4BE0-A9D9-009CB00BDCD1" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/dofollow-case-by-case/wordpress-dofollow-case-by-case-plugin-3-4-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-497xx/CVE-2023-49744.json b/CVE-2023/CVE-2023-497xx/CVE-2023-49744.json index a4206bc6749..3aa38781e1f 100644 --- a/CVE-2023/CVE-2023-497xx/CVE-2023-49744.json +++ b/CVE-2023/CVE-2023-497xx/CVE-2023-49744.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49744", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-15T16:15:44.707", - "lastModified": "2023-12-15T16:53:06.030", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-21T17:29:00.677", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Gift Up Gift Up Gift Cards for WordPress and WooCommerce.This issue affects Gift Up Gift Cards for WordPress and WooCommerce: from n/a through 2.21.3.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Gift Up Gift Up Gift Cards para WordPress y WooCommerce. Este problema afecta a Gift Up Gift Cards para WordPress y WooCommerce: desde n/a hasta 2.21.3." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:giftup:gift_up_gift_cards_for_wordpress_and_woocommerce:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.21.3", + "matchCriteriaId": "FADE8501-AA00-4871-BF15-032A9BC7137A" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/gift-up/wordpress-gift-up-gift-cards-for-wordpress-and-woocommerce-plugin-2-21-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-497xx/CVE-2023-49747.json b/CVE-2023/CVE-2023-497xx/CVE-2023-49747.json index f3521f93de7..59f97299cad 100644 --- a/CVE-2023/CVE-2023-497xx/CVE-2023-49747.json +++ b/CVE-2023/CVE-2023-497xx/CVE-2023-49747.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49747", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-15T16:15:44.903", - "lastModified": "2023-12-15T16:53:06.030", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-21T17:35:43.413", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebFactory Ltd Guest Author allows Stored XSS.This issue affects Guest Author: from n/a through 2.3.\n\n" + }, + { + "lang": "es", + "value": "Neutralizaci\u00f3n inadecuada de la entrada durante la vulnerabilidad de generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en WebFactory Ltd Guest Author permite almacenar XSS. Este problema afecta a Guest Author: desde n/a hasta 2.3." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:webfactoryltd:guest_author:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.3", + "matchCriteriaId": "C99E43FA-8FBD-40C0-AAF1-3AE0F4D56FB9" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/guest-author/wordpress-guest-author-plugin-2-3-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-497xx/CVE-2023-49749.json b/CVE-2023/CVE-2023-497xx/CVE-2023-49749.json index 02fe3d3c5de..a74136e9c8e 100644 --- a/CVE-2023/CVE-2023-497xx/CVE-2023-49749.json +++ b/CVE-2023/CVE-2023-497xx/CVE-2023-49749.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49749", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-15T16:15:45.090", - "lastModified": "2023-12-15T16:53:06.030", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-21T17:43:48.513", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in SureTriggers SureTriggers \u2013 Connect All Your Plugins, Apps, Tools & Automate Everything!.This issue affects SureTriggers \u2013 Connect All Your Plugins, Apps, Tools & Automate Everything!: from n/a through 1.0.23.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en SureTriggers SureTriggers \u2013 Connect All Your Plugins, Apps, Tools & Automate Everything!. Este problema afecta a SureTriggers: Connect All Your Plugins, Apps, Tools & Automate Everything!: desde n/a hasta 1.0 .23." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:suretriggers:suretriggers:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.0.23", + "matchCriteriaId": "3597913D-DCA8-4ECB-9DBE-F8B09DE22646" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/suretriggers/wordpress-suretriggers-plugin-1-0-23-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-497xx/CVE-2023-49767.json b/CVE-2023/CVE-2023-497xx/CVE-2023-49767.json index 19e28beb2f4..5909d42b474 100644 --- a/CVE-2023/CVE-2023-497xx/CVE-2023-49767.json +++ b/CVE-2023/CVE-2023-497xx/CVE-2023-49767.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49767", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-15T16:15:45.280", - "lastModified": "2023-12-15T16:53:06.030", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-21T17:45:47.293", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Biteship Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo allows Stored XSS.This issue affects Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo: from n/a through 2.2.24.\n\n" + }, + { + "lang": "es", + "value": "Neutralizaci\u00f3n inadecuada de la entrada durante la vulnerabilidad de generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Biteship Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo permite almacenar XSS. Este problema afecta a Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo: de n/a hasta el 2.2.24." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:biteship:biteship:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.2.24", + "matchCriteriaId": "11463865-C5C6-4BC8-9488-E88D1A522848" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/biteship/wordpress-biteship-plugin-2-2-22-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-498xx/CVE-2023-49823.json b/CVE-2023/CVE-2023-498xx/CVE-2023-49823.json index 4b5ea251f9c..f49fc07b487 100644 --- a/CVE-2023/CVE-2023-498xx/CVE-2023-49823.json +++ b/CVE-2023/CVE-2023-498xx/CVE-2023-49823.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49823", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-15T16:15:45.547", - "lastModified": "2023-12-15T16:53:06.030", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-21T17:48:09.407", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through 4.6.1.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en BoldThemes Bold Page Builder permite almacenar XSS. Este problema afecta a Bold Page Builder: desde n/a hasta 4.6.1." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:bold-themes:bold_page_builder:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "4.6.1", + "matchCriteriaId": "1299BE74-FF1F-4A0C-BBBD-A20D9321B879" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/bold-page-builder/wordpress-bold-page-builder-plugin-4-6-1-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-498xx/CVE-2023-49829.json b/CVE-2023/CVE-2023-498xx/CVE-2023-49829.json index b9772659a11..acf3c4eb944 100644 --- a/CVE-2023/CVE-2023-498xx/CVE-2023-49829.json +++ b/CVE-2023/CVE-2023-498xx/CVE-2023-49829.json @@ -2,16 +2,40 @@ "id": "CVE-2023-49829", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-15T16:15:45.740", - "lastModified": "2023-12-15T16:53:06.030", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-21T17:50:30.280", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum Tutor LMS \u2013 eLearning and online course solution allows Stored XSS.This issue affects Tutor LMS \u2013 eLearning and online course solution: from n/a through 2.2.4.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Themeum Tutor LMS \u2013 eLearning and online course solution permite almacenar XSS. Este problema afecta a Tutor LMS \u2013 eLearning and online course solution: desde n/a hasta 2.2. 4." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.2.4", + "matchCriteriaId": "711155E8-212C-4AEE-A795-97B1DE394CF6" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-2-4-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-499xx/CVE-2023-49937.json b/CVE-2023/CVE-2023-499xx/CVE-2023-49937.json index 9782202b541..77a81edd7f1 100644 --- a/CVE-2023/CVE-2023-499xx/CVE-2023-49937.json +++ b/CVE-2023/CVE-2023-499xx/CVE-2023-49937.json @@ -2,23 +2,105 @@ "id": "CVE-2023-49937", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-14T05:15:11.493", - "lastModified": "2023-12-14T13:52:06.780", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-21T17:17:34.317", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. Because of a double free, attackers can cause a denial of service or possibly execute arbitrary code. The fixed versions are 22.05.11, 23.02.7, and 23.11.1." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en SchedMD Slurm 22.05.x, 23.02.x y 23.11.x. Debido a una doble liberaci\u00f3n, los atacantes pueden provocar una denegaci\u00f3n de servicio o posiblemente ejecutar c\u00f3digo arbitrario. Las versiones fijas son 22.05.11, 23.02.7 y 23.11.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-415" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:schedmd:slurm:*:*:*:*:*:*:*:*", + "versionStartIncluding": "22.05", + "versionEndExcluding": "22.05.12", + "matchCriteriaId": "9F78B348-8518-461F-A411-6E04D00E0DB8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:schedmd:slurm:*:*:*:*:*:*:*:*", + "versionStartIncluding": "23.02", + "versionEndExcluding": "23.02.7", + "matchCriteriaId": "0FD67C27-289A-4071-9380-74059C3A24E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:schedmd:slurm:23.11:-:*:*:*:*:*:*", + "matchCriteriaId": "F7271FE9-7535-4337-8B65-61C533932E4E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:schedmd:slurm:23.11:rc1:*:*:*:*:*:*", + "matchCriteriaId": "1A2835FE-2E57-47FF-BD76-9817978108C5" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://lists.schedmd.com/pipermail/slurm-announce/2023/000103.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Vendor Advisory" + ] }, { "url": "https://www.schedmd.com/security-archive.php", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-503xx/CVE-2023-50377.json b/CVE-2023/CVE-2023-503xx/CVE-2023-50377.json index 4d5f7047e00..a0f34138679 100644 --- a/CVE-2023/CVE-2023-503xx/CVE-2023-50377.json +++ b/CVE-2023/CVE-2023-503xx/CVE-2023-50377.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50377", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-21T15:15:10.290", - "lastModified": "2023-12-21T15:15:10.290", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:38.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-507xx/CVE-2023-50724.json b/CVE-2023/CVE-2023-507xx/CVE-2023-50724.json index e69ec769df0..10311c39958 100644 --- a/CVE-2023/CVE-2023-507xx/CVE-2023-50724.json +++ b/CVE-2023/CVE-2023-507xx/CVE-2023-50724.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50724", "sourceIdentifier": "security-advisories@github.com", "published": "2023-12-21T15:15:10.573", - "lastModified": "2023-12-21T15:15:10.573", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:38.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50822.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50822.json index 76afb0e314d..34af291b088 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50822.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50822.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50822", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-21T15:15:10.927", - "lastModified": "2023-12-21T15:15:10.927", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:38.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50823.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50823.json index 9a9f26bfff3..971b0b269d5 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50823.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50823.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50823", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-21T15:15:11.187", - "lastModified": "2023-12-21T15:15:11.187", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:38.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50824.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50824.json index b6c9f6ddb3d..2d2d0ac6e68 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50824.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50824.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50824", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-21T15:15:11.487", - "lastModified": "2023-12-21T15:15:11.487", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:38.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50825.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50825.json index c8f22c37d1c..5ea66f93efd 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50825.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50825.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50825", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-21T15:15:11.953", - "lastModified": "2023-12-21T15:15:11.953", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:38.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50826.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50826.json index b83e733f796..8e9ad0a5d4e 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50826.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50826.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50826", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-21T15:15:12.213", - "lastModified": "2023-12-21T15:15:12.213", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:38.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50827.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50827.json index 4e3ad6776c7..0fc07b13fca 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50827.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50827.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50827", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-21T15:15:12.497", - "lastModified": "2023-12-21T15:15:12.497", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:38.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50828.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50828.json index 01e41184ceb..efc3a096586 100644 --- a/CVE-2023/CVE-2023-508xx/CVE-2023-50828.json +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50828.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50828", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-21T15:15:12.990", - "lastModified": "2023-12-21T15:15:12.990", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:38.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50829.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50829.json new file mode 100644 index 00000000000..308b4b31b18 --- /dev/null +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50829.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-50829", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-12-21T18:15:07.477", + "lastModified": "2023-12-21T18:15:28.593", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aerin Loan Repayment Calculator and Application Form allows Stored XSS.This issue affects Loan Repayment Calculator and Application Form: from n/a through 2.9.3.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/quick-interest-slider/wordpress-loan-repayment-calculator-and-application-form-plugin-2-9-3-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50830.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50830.json new file mode 100644 index 00000000000..dd3c5d85159 --- /dev/null +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50830.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-50830", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-12-21T18:15:07.797", + "lastModified": "2023-12-21T18:15:28.593", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Seosbg Seos Contact Form allows Stored XSS.This issue affects Seos Contact Form: from n/a through 1.8.0.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/seos-contact-form/wordpress-seos-contact-form-plugin-1-8-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50831.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50831.json new file mode 100644 index 00000000000..50be2a1d4ea --- /dev/null +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50831.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-50831", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-12-21T18:15:08.050", + "lastModified": "2023-12-21T18:15:28.593", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VillaTheme CURCY \u2013 Multi Currency for WooCommerce allows Stored XSS.This issue affects CURCY \u2013 Multi Currency for WooCommerce: from n/a through 2.2.0.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/woo-multi-currency/wordpress-curcy-plugin-2-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50832.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50832.json new file mode 100644 index 00000000000..24c1302a3c2 --- /dev/null +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50832.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-50832", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-12-21T18:15:08.277", + "lastModified": "2023-12-21T18:15:28.593", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mondula GmbH Multi Step Form allows Stored XSS.This issue affects Multi Step Form: from n/a through 1.7.13.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/multi-step-form/wordpress-multi-step-form-plugin-1-7-13-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-508xx/CVE-2023-50833.json b/CVE-2023/CVE-2023-508xx/CVE-2023-50833.json new file mode 100644 index 00000000000..3c41905f931 --- /dev/null +++ b/CVE-2023/CVE-2023-508xx/CVE-2023-50833.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-50833", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-12-21T18:15:08.567", + "lastModified": "2023-12-21T18:15:28.593", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ExtendThemes Colibri Page Builder allows Stored XSS.This issue affects Colibri Page Builder: from n/a through 1.0.239.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/colibri-page-builder/wordpress-colibri-page-builder-plugin-1-0-239-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51048.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51048.json index ab463b97df9..31f0e44d9e8 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51048.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51048.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51048", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-21T16:15:10.797", - "lastModified": "2023-12-21T16:15:10.797", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:28.593", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51049.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51049.json index 813d939696d..a0b8112fdb8 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51049.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51049.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51049", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-21T16:15:10.903", - "lastModified": "2023-12-21T16:15:10.903", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:28.593", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51050.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51050.json index 2d317d0d082..d6d4a917763 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51050.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51050.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51050", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-21T16:15:11.000", - "lastModified": "2023-12-21T16:15:11.000", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:28.593", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51051.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51051.json index 188bc01589c..68bc7d13185 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51051.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51051.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51051", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-21T16:15:11.110", - "lastModified": "2023-12-21T16:15:11.110", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:28.593", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51052.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51052.json index b6db3dc72f4..aea4fb80f7e 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51052.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51052.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51052", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-21T16:15:11.220", - "lastModified": "2023-12-21T16:15:11.220", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:28.593", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-514xx/CVE-2023-51442.json b/CVE-2023/CVE-2023-514xx/CVE-2023-51442.json index c4178783b84..15de21f73e9 100644 --- a/CVE-2023/CVE-2023-514xx/CVE-2023-51442.json +++ b/CVE-2023/CVE-2023-514xx/CVE-2023-51442.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51442", "sourceIdentifier": "security-advisories@github.com", "published": "2023-12-21T15:15:13.397", - "lastModified": "2023-12-21T15:15:13.397", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:38.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-53xx/CVE-2023-5310.json b/CVE-2023/CVE-2023-53xx/CVE-2023-5310.json index a7f8d2e4aa5..f4135933645 100644 --- a/CVE-2023/CVE-2023-53xx/CVE-2023-5310.json +++ b/CVE-2023/CVE-2023-53xx/CVE-2023-5310.json @@ -2,16 +2,40 @@ "id": "CVE-2023-5310", "sourceIdentifier": "product-security@silabs.com", "published": "2023-12-15T16:15:46.117", - "lastModified": "2023-12-15T16:53:06.030", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-21T18:02:21.913", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\nA denial of service vulnerability exists in all Silicon Labs Z-Wave controller and endpoint devices running Z-Wave SDK v7.20.3 (Gecko SDK v4.3.3) and earlier. This attack can be carried out only by devices on the network sending a stream of packets to the device.\n\n" + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de denegaci\u00f3n de servicio en todos los controladores y dispositivos de endpoint Z-Wave de Silicon Labs que ejecutan Z-Wave SDK v7.20.3 (Gecko SDK v4.3.3) y versiones anteriores. Este ataque solo puede ser llevado a cabo por dispositivos en la red que env\u00edan un flujo de paquetes al dispositivo." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "product-security@silabs.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "product-security@silabs.com", "type": "Secondary", @@ -46,14 +80,55 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:silabs:z-wave_software_development_kit:*:*:*:*:*:*:*:*", + "versionEndIncluding": "7.20.2.0", + "matchCriteriaId": "501E0DD5-542E-4338-B10A-8DC9DA158F56" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:silabs:z-wave_long_range_700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "82CF7F87-FBE0-4173-ADA7-BC187486D2A9" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:silabs:z-wave_long_range_800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8CB5B24F-84B1-4738-B9CA-8D1D5EF192F7" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/SiliconLabs/gecko_sdk/releases", - "source": "product-security@silabs.com" + "source": "product-security@silabs.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/069Vm0000005E7EIAU?%20operationContext=S1", - "source": "product-security@silabs.com" + "source": "product-security@silabs.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-55xx/CVE-2023-5592.json b/CVE-2023/CVE-2023-55xx/CVE-2023-5592.json index b4bf9aceb81..abe2a3140b7 100644 --- a/CVE-2023/CVE-2023-55xx/CVE-2023-5592.json +++ b/CVE-2023/CVE-2023-55xx/CVE-2023-5592.json @@ -2,12 +2,16 @@ "id": "CVE-2023-5592", "sourceIdentifier": "info@cert.vde.com", "published": "2023-12-14T14:15:45.427", - "lastModified": "2023-12-14T14:49:08.357", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-21T17:16:30.290", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX CONTACT ProConOS eCLR (SDK) allows an unauthenticated remote attacker to download and execute applications without integrity checks on the device which may result in a complete loss of integrity." + }, + { + "lang": "es", + "value": "Vulnerabilidad de descarga de c\u00f3digo sin verificaci\u00f3n de integridad en PHOENIX CONTACT MULTIPROG, PHOENIX CONTACT ProConOS eCLR (SDK) permite a un atacante remoto no autenticado descargar y ejecutar aplicaciones sin verificaciones de integridad en el dispositivo, lo que puede resultar en una p\u00e9rdida total de integridad." } ], "metrics": { @@ -46,10 +50,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phoenixcontact:multiprog:*:*:*:*:*:*:*:*", + "matchCriteriaId": "42452860-CB53-479D-ADE1-E8166EC834C4" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phoenixcontact:proconos_eclr:*:*:*:*:*:*:*:*", + "matchCriteriaId": "B9A422FD-2C4C-4B77-B619-6747474A3FA7" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.vde.com/en/advisories/VDE-2023-054/", - "source": "info@cert.vde.com" + "source": "info@cert.vde.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-61xx/CVE-2023-6122.json b/CVE-2023/CVE-2023-61xx/CVE-2023-6122.json index 2a610bb0782..75c07e3e811 100644 --- a/CVE-2023/CVE-2023-61xx/CVE-2023-6122.json +++ b/CVE-2023/CVE-2023-61xx/CVE-2023-6122.json @@ -2,12 +2,12 @@ "id": "CVE-2023-6122", "sourceIdentifier": "iletisim@usom.gov.tr", "published": "2023-12-21T14:15:09.063", - "lastModified": "2023-12-21T14:15:09.063", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:45.660", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", - "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in \u0130stanbul Soft Informatics and Consultancy Limited Company Softomi Geli\u015fmi\u015f C2C Pazaryeri Yaz\u0131l\u0131m\u0131 allows Reflected XSS.This issue affects Softomi Geli\u015fmi\u015f C2C Pazaryeri Yaz\u0131l\u0131m\u0131: before 12122023.\n\n" + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ?stanbul Soft Informatics and Consultancy Limited Company Softomi Geli?mi? C2C Pazaryeri Yaz?l?m? allows Reflected XSS.This issue affects Softomi Geli?mi? C2C Pazaryeri Yaz?l?m?: before 12122023.\n\n" } ], "metrics": { diff --git a/CVE-2023/CVE-2023-61xx/CVE-2023-6145.json b/CVE-2023/CVE-2023-61xx/CVE-2023-6145.json index eef90337cfc..836e1d41bcc 100644 --- a/CVE-2023/CVE-2023-61xx/CVE-2023-6145.json +++ b/CVE-2023/CVE-2023-61xx/CVE-2023-6145.json @@ -2,12 +2,12 @@ "id": "CVE-2023-6145", "sourceIdentifier": "iletisim@usom.gov.tr", "published": "2023-12-21T14:15:09.430", - "lastModified": "2023-12-21T14:15:09.430", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:45.660", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", - "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in \u0130stanbul Soft Informatics and Consultancy Limited Company Softomi Advanced C2C Marketplace Software allows SQL Injection.This issue affects Softomi Advanced C2C Marketplace Software: before 12122023.\n\n" + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ?stanbul Soft Informatics and Consultancy Limited Company Softomi Advanced C2C Marketplace Software allows SQL Injection.This issue affects Softomi Advanced C2C Marketplace Software: before 12122023.\n\n" } ], "metrics": { diff --git a/CVE-2023/CVE-2023-63xx/CVE-2023-6377.json b/CVE-2023/CVE-2023-63xx/CVE-2023-6377.json index b014da0007e..11bd65f6c17 100644 --- a/CVE-2023/CVE-2023-63xx/CVE-2023-6377.json +++ b/CVE-2023/CVE-2023-63xx/CVE-2023-6377.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6377", "sourceIdentifier": "secalert@redhat.com", "published": "2023-12-13T07:15:30.030", - "lastModified": "2023-12-20T15:15:10.243", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-21T17:18:05.783", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -50,50 +80,243 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*", + "matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*", + "versionEndExcluding": "21.1.10", + "matchCriteriaId": "E0DB0A6B-1314-4125-8D5B-6C4F9CF22711" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", + "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*", + "versionEndExcluding": "23.2.3", + "matchCriteriaId": "95CD5142-5D27-4DD3-B91C-518D4324DC15" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tigervnc:tigervnc:-:*:*:*:*:*:*:*", + "matchCriteriaId": "79A8316C-BA22-441E-92AF-415AFABCEB76" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", + "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/12/13/1", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2023:7886", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://access.redhat.com/security/cve/CVE-2023-6377", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253291", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/0c1a93d319558fe3ab2d94f51d174b4f93810afd", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Patch" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00008.html", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00013.html", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7PP47YXKM5ETLCYEF6473R3VFCJ6QT2S/", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LJDFWDB7EQVZA45XDP7L5WRSRWS6RVRR/", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://lists.x.org/archives/xorg-announce/2023-December/003435.html", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://www.debian.org/security/2023/dsa-5576", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-64xx/CVE-2023-6478.json b/CVE-2023/CVE-2023-64xx/CVE-2023-6478.json index d563e0e7ce7..5dac97df7c4 100644 --- a/CVE-2023/CVE-2023-64xx/CVE-2023-6478.json +++ b/CVE-2023/CVE-2023-64xx/CVE-2023-6478.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6478", "sourceIdentifier": "secalert@redhat.com", "published": "2023-12-13T07:15:31.213", - "lastModified": "2023-12-20T15:15:10.347", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-12-21T17:21:03.223", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-190" + } + ] + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -50,46 +80,236 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*", + "versionEndExcluding": "21.1.10", + "matchCriteriaId": "E0DB0A6B-1314-4125-8D5B-6C4F9CF22711" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", + "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*", + "versionEndExcluding": "23.2.3", + "matchCriteriaId": "95CD5142-5D27-4DD3-B91C-518D4324DC15" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*", + "matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tigervnc:tigervnc:-:*:*:*:*:*:*:*", + "matchCriteriaId": "79A8316C-BA22-441E-92AF-415AFABCEB76" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", + "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/12/13/1", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2023:7886", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://access.redhat.com/security/cve/CVE-2023-6478", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253298", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/14f480010a93ff962fef66a16412fafff81ad632", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Patch" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00008.html", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7PP47YXKM5ETLCYEF6473R3VFCJ6QT2S/", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LJDFWDB7EQVZA45XDP7L5WRSRWS6RVRR/", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://lists.x.org/archives/xorg-announce/2023-December/003435.html", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.debian.org/security/2023/dsa-5576", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6902.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6902.json index 2bef0eee253..c82963ba482 100644 --- a/CVE-2023/CVE-2023-69xx/CVE-2023-6902.json +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6902.json @@ -2,16 +2,40 @@ "id": "CVE-2023-6902", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-17T16:15:13.037", - "lastModified": "2023-12-18T14:05:22.187", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-21T18:39:09.373", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2.4 and classified as critical. This vulnerability affects unknown code of the file /file-manager/upload.php. The manipulation of the argument file leads to unrestricted upload. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248260." + }, + { + "lang": "es", + "value": "Una vulnerabilidad ha sido encontrada en codelyfe Stupid Simple CMS hasta 1.2.4 y clasificada como cr\u00edtica. Esta vulnerabilidad afecta a un c\u00f3digo desconocido del archivo /file-manager/upload.php. La manipulaci\u00f3n del archivo de argumentos conduce a una carga sin restricciones. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-248260." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -71,18 +95,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codelyfe:stupid_simple_cms:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.2.4", + "matchCriteriaId": "700DA84E-DA65-4B87-B847-E4C61E24F5D1" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/g1an123/POC/blob/main/Unauthorized%20file%20upload%20getshell.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.248260", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.248260", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7035.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7035.json index 55fb9d0688e..3a3ee7717bb 100644 --- a/CVE-2023/CVE-2023-70xx/CVE-2023-7035.json +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7035.json @@ -2,8 +2,8 @@ "id": "CVE-2023-7035", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-21T15:15:13.967", - "lastModified": "2023-12-21T15:15:13.967", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:38.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7036.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7036.json index dd2dadf1f31..293f8220c72 100644 --- a/CVE-2023/CVE-2023-70xx/CVE-2023-7036.json +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7036.json @@ -2,8 +2,8 @@ "id": "CVE-2023-7036", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-21T16:15:11.320", - "lastModified": "2023-12-21T16:15:11.320", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:28.593", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7037.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7037.json new file mode 100644 index 00000000000..b14d0ec55dc --- /dev/null +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7037.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-7037", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-12-21T17:15:09.383", + "lastModified": "2023-12-21T18:15:28.593", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in automad up to 1.10.9. It has been declared as critical. This vulnerability affects the function import of the file FileController.php. The manipulation of the argument importUrl leads to server-side request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-248686 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/screetsec/VDD/tree/main/Automad%20CMS/Authenticated%20Blind%20SSRF", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.248686", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.248686", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7038.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7038.json new file mode 100644 index 00000000000..42973404f5d --- /dev/null +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7038.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-7038", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-12-21T18:15:08.827", + "lastModified": "2023-12-21T18:15:28.593", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in automad up to 1.10.9. It has been rated as problematic. This issue affects some unknown processing of the file /dashboard?controller=UserCollection::createUser of the component User Creation Handler. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-248687. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 5.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 10.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/screetsec/VDD/tree/main/Automad%20CMS/Cross-Site%20Request%20Forgery%20(CSRF)", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.248687", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.248687", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7047.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7047.json index 8a26c3b152d..70765c71263 100644 --- a/CVE-2023/CVE-2023-70xx/CVE-2023-7047.json +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7047.json @@ -2,8 +2,8 @@ "id": "CVE-2023-7047", "sourceIdentifier": "security@devolutions.net", "published": "2023-12-21T15:15:14.427", - "lastModified": "2023-12-21T15:15:14.427", - "vulnStatus": "Received", + "lastModified": "2023-12-21T18:15:38.237", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/README.md b/README.md index 67f4e2b882d..a5c7ac5af96 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-12-21T17:00:24.950171+00:00 +2023-12-21T19:00:24.531153+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-12-21T16:49:34.847000+00:00 +2023-12-21T18:57:33.513000+00:00 ``` ### Last Data Feed Release @@ -29,65 +29,56 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -233977 +233989 ``` ### CVEs added in the last Commit -Recently added CVEs: `32` +Recently added CVEs: `12` -* [CVE-2023-50823](CVE-2023/CVE-2023-508xx/CVE-2023-50823.json) (`2023-12-21T15:15:11.187`) -* [CVE-2023-50824](CVE-2023/CVE-2023-508xx/CVE-2023-50824.json) (`2023-12-21T15:15:11.487`) -* [CVE-2023-50825](CVE-2023/CVE-2023-508xx/CVE-2023-50825.json) (`2023-12-21T15:15:11.953`) -* [CVE-2023-50826](CVE-2023/CVE-2023-508xx/CVE-2023-50826.json) (`2023-12-21T15:15:12.213`) -* [CVE-2023-50827](CVE-2023/CVE-2023-508xx/CVE-2023-50827.json) (`2023-12-21T15:15:12.497`) -* [CVE-2023-50828](CVE-2023/CVE-2023-508xx/CVE-2023-50828.json) (`2023-12-21T15:15:12.990`) -* [CVE-2023-51442](CVE-2023/CVE-2023-514xx/CVE-2023-51442.json) (`2023-12-21T15:15:13.397`) -* [CVE-2023-7035](CVE-2023/CVE-2023-70xx/CVE-2023-7035.json) (`2023-12-21T15:15:13.967`) -* [CVE-2023-7047](CVE-2023/CVE-2023-70xx/CVE-2023-7047.json) (`2023-12-21T15:15:14.427`) -* [CVE-2023-45115](CVE-2023/CVE-2023-451xx/CVE-2023-45115.json) (`2023-12-21T16:15:07.517`) -* [CVE-2023-45116](CVE-2023/CVE-2023-451xx/CVE-2023-45116.json) (`2023-12-21T16:15:08.040`) -* [CVE-2023-45117](CVE-2023/CVE-2023-451xx/CVE-2023-45117.json) (`2023-12-21T16:15:08.380`) -* [CVE-2023-45118](CVE-2023/CVE-2023-451xx/CVE-2023-45118.json) (`2023-12-21T16:15:08.750`) -* [CVE-2023-45119](CVE-2023/CVE-2023-451xx/CVE-2023-45119.json) (`2023-12-21T16:15:09.197`) -* [CVE-2023-48114](CVE-2023/CVE-2023-481xx/CVE-2023-48114.json) (`2023-12-21T15:15:09.587`) -* [CVE-2023-48115](CVE-2023/CVE-2023-481xx/CVE-2023-48115.json) (`2023-12-21T15:15:09.637`) -* [CVE-2023-48116](CVE-2023/CVE-2023-481xx/CVE-2023-48116.json) (`2023-12-21T15:15:09.697`) -* [CVE-2023-4255](CVE-2023/CVE-2023-42xx/CVE-2023-4255.json) (`2023-12-21T16:15:10.017`) -* [CVE-2023-4256](CVE-2023/CVE-2023-42xx/CVE-2023-4256.json) (`2023-12-21T16:15:10.400`) -* [CVE-2023-51048](CVE-2023/CVE-2023-510xx/CVE-2023-51048.json) (`2023-12-21T16:15:10.797`) -* [CVE-2023-51049](CVE-2023/CVE-2023-510xx/CVE-2023-51049.json) (`2023-12-21T16:15:10.903`) -* [CVE-2023-51050](CVE-2023/CVE-2023-510xx/CVE-2023-51050.json) (`2023-12-21T16:15:11.000`) -* [CVE-2023-51051](CVE-2023/CVE-2023-510xx/CVE-2023-51051.json) (`2023-12-21T16:15:11.110`) -* [CVE-2023-51052](CVE-2023/CVE-2023-510xx/CVE-2023-51052.json) (`2023-12-21T16:15:11.220`) -* [CVE-2023-7036](CVE-2023/CVE-2023-70xx/CVE-2023-7036.json) (`2023-12-21T16:15:11.320`) +* [CVE-2023-40058](CVE-2023/CVE-2023-400xx/CVE-2023-40058.json) (`2023-12-21T17:15:07.763`) +* [CVE-2023-45120](CVE-2023/CVE-2023-451xx/CVE-2023-45120.json) (`2023-12-21T17:15:08.153`) +* [CVE-2023-45121](CVE-2023/CVE-2023-451xx/CVE-2023-45121.json) (`2023-12-21T17:15:08.440`) +* [CVE-2023-45122](CVE-2023/CVE-2023-451xx/CVE-2023-45122.json) (`2023-12-21T17:15:08.723`) +* [CVE-2023-45123](CVE-2023/CVE-2023-451xx/CVE-2023-45123.json) (`2023-12-21T17:15:09.007`) +* [CVE-2023-7037](CVE-2023/CVE-2023-70xx/CVE-2023-7037.json) (`2023-12-21T17:15:09.383`) +* [CVE-2023-50829](CVE-2023/CVE-2023-508xx/CVE-2023-50829.json) (`2023-12-21T18:15:07.477`) +* [CVE-2023-50830](CVE-2023/CVE-2023-508xx/CVE-2023-50830.json) (`2023-12-21T18:15:07.797`) +* [CVE-2023-50831](CVE-2023/CVE-2023-508xx/CVE-2023-50831.json) (`2023-12-21T18:15:08.050`) +* [CVE-2023-50832](CVE-2023/CVE-2023-508xx/CVE-2023-50832.json) (`2023-12-21T18:15:08.277`) +* [CVE-2023-50833](CVE-2023/CVE-2023-508xx/CVE-2023-50833.json) (`2023-12-21T18:15:08.567`) +* [CVE-2023-7038](CVE-2023/CVE-2023-70xx/CVE-2023-7038.json) (`2023-12-21T18:15:08.827`) ### CVEs modified in the last Commit -Recently modified CVEs: `21` +Recently modified CVEs: `80` -* [CVE-2023-6831](CVE-2023/CVE-2023-68xx/CVE-2023-6831.json) (`2023-12-21T15:10:23.390`) -* [CVE-2023-0248](CVE-2023/CVE-2023-02xx/CVE-2023-0248.json) (`2023-12-21T15:12:05.170`) -* [CVE-2023-31438](CVE-2023/CVE-2023-314xx/CVE-2023-31438.json) (`2023-12-21T15:15:08.503`) -* [CVE-2023-31439](CVE-2023/CVE-2023-314xx/CVE-2023-31439.json) (`2023-12-21T15:15:08.630`) -* [CVE-2023-42792](CVE-2023/CVE-2023-427xx/CVE-2023-42792.json) (`2023-12-21T15:15:08.710`) -* [CVE-2023-45498](CVE-2023/CVE-2023-454xx/CVE-2023-45498.json) (`2023-12-21T15:15:08.843`) -* [CVE-2023-45499](CVE-2023/CVE-2023-454xx/CVE-2023-45499.json) (`2023-12-21T15:15:08.953`) -* [CVE-2023-47265](CVE-2023/CVE-2023-472xx/CVE-2023-47265.json) (`2023-12-21T15:15:09.020`) -* [CVE-2023-48291](CVE-2023/CVE-2023-482xx/CVE-2023-48291.json) (`2023-12-21T15:15:09.747`) -* [CVE-2023-49920](CVE-2023/CVE-2023-499xx/CVE-2023-49920.json) (`2023-12-21T15:15:09.817`) -* [CVE-2023-4911](CVE-2023/CVE-2023-49xx/CVE-2023-4911.json) (`2023-12-21T15:15:09.890`) -* [CVE-2023-50783](CVE-2023/CVE-2023-507xx/CVE-2023-50783.json) (`2023-12-21T15:15:10.860`) -* [CVE-2023-51656](CVE-2023/CVE-2023-516xx/CVE-2023-51656.json) (`2023-12-21T15:15:13.863`) -* [CVE-2023-48382](CVE-2023/CVE-2023-483xx/CVE-2023-48382.json) (`2023-12-21T15:43:01.890`) -* [CVE-2023-48374](CVE-2023/CVE-2023-483xx/CVE-2023-48374.json) (`2023-12-21T15:46:58.293`) -* [CVE-2023-48379](CVE-2023/CVE-2023-483xx/CVE-2023-48379.json) (`2023-12-21T15:50:53.093`) -* [CVE-2023-48378](CVE-2023/CVE-2023-483xx/CVE-2023-48378.json) (`2023-12-21T15:51:05.667`) -* [CVE-2023-48380](CVE-2023/CVE-2023-483xx/CVE-2023-48380.json) (`2023-12-21T15:58:54.407`) -* [CVE-2023-50784](CVE-2023/CVE-2023-507xx/CVE-2023-50784.json) (`2023-12-21T16:09:40.850`) -* [CVE-2023-49189](CVE-2023/CVE-2023-491xx/CVE-2023-49189.json) (`2023-12-21T16:48:17.663`) -* [CVE-2023-49190](CVE-2023/CVE-2023-491xx/CVE-2023-49190.json) (`2023-12-21T16:49:34.847`) +* [CVE-2023-50824](CVE-2023/CVE-2023-508xx/CVE-2023-50824.json) (`2023-12-21T18:15:38.237`) +* [CVE-2023-50825](CVE-2023/CVE-2023-508xx/CVE-2023-50825.json) (`2023-12-21T18:15:38.237`) +* [CVE-2023-50826](CVE-2023/CVE-2023-508xx/CVE-2023-50826.json) (`2023-12-21T18:15:38.237`) +* [CVE-2023-50827](CVE-2023/CVE-2023-508xx/CVE-2023-50827.json) (`2023-12-21T18:15:38.237`) +* [CVE-2023-50828](CVE-2023/CVE-2023-508xx/CVE-2023-50828.json) (`2023-12-21T18:15:38.237`) +* [CVE-2023-51442](CVE-2023/CVE-2023-514xx/CVE-2023-51442.json) (`2023-12-21T18:15:38.237`) +* [CVE-2023-7035](CVE-2023/CVE-2023-70xx/CVE-2023-7035.json) (`2023-12-21T18:15:38.237`) +* [CVE-2023-7047](CVE-2023/CVE-2023-70xx/CVE-2023-7047.json) (`2023-12-21T18:15:38.237`) +* [CVE-2023-45115](CVE-2023/CVE-2023-451xx/CVE-2023-45115.json) (`2023-12-21T18:15:38.237`) +* [CVE-2023-45116](CVE-2023/CVE-2023-451xx/CVE-2023-45116.json) (`2023-12-21T18:15:38.237`) +* [CVE-2023-45117](CVE-2023/CVE-2023-451xx/CVE-2023-45117.json) (`2023-12-21T18:15:38.237`) +* [CVE-2023-45118](CVE-2023/CVE-2023-451xx/CVE-2023-45118.json) (`2023-12-21T18:15:38.237`) +* [CVE-2023-45119](CVE-2023/CVE-2023-451xx/CVE-2023-45119.json) (`2023-12-21T18:15:38.237`) +* [CVE-2023-28421](CVE-2023/CVE-2023-284xx/CVE-2023-28421.json) (`2023-12-21T18:15:45.660`) +* [CVE-2023-2487](CVE-2023/CVE-2023-24xx/CVE-2023-2487.json) (`2023-12-21T18:15:45.660`) +* [CVE-2023-48288](CVE-2023/CVE-2023-482xx/CVE-2023-48288.json) (`2023-12-21T18:15:45.660`) +* [CVE-2023-49162](CVE-2023/CVE-2023-491xx/CVE-2023-49162.json) (`2023-12-21T18:15:45.660`) +* [CVE-2023-6122](CVE-2023/CVE-2023-61xx/CVE-2023-6122.json) (`2023-12-21T18:15:45.660`) +* [CVE-2023-6145](CVE-2023/CVE-2023-61xx/CVE-2023-6145.json) (`2023-12-21T18:15:45.660`) +* [CVE-2023-22674](CVE-2023/CVE-2023-226xx/CVE-2023-22674.json) (`2023-12-21T18:15:45.660`) +* [CVE-2023-47525](CVE-2023/CVE-2023-475xx/CVE-2023-47525.json) (`2023-12-21T18:15:45.660`) +* [CVE-2023-47527](CVE-2023/CVE-2023-475xx/CVE-2023-47527.json) (`2023-12-21T18:15:45.660`) +* [CVE-2023-6902](CVE-2023/CVE-2023-69xx/CVE-2023-6902.json) (`2023-12-21T18:39:09.373`) +* [CVE-2023-4724](CVE-2023/CVE-2023-47xx/CVE-2023-4724.json) (`2023-12-21T18:41:59.457`) +* [CVE-2023-33214](CVE-2023/CVE-2023-332xx/CVE-2023-33214.json) (`2023-12-21T18:57:33.513`) ## Download and Usage