admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-09-26T22:00:25.743477+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-09-26 22:00:29 +00:00
parent 8b7ef78b69
commit fd999b3e65
9 changed files with 1010 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
CVE-2013/CVE-2013-30xx/CVE-2013-3061.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2013-3061",
"sourceIdentifier": "cve@mitre.org",
"published": "2013-05-01T12:00:10.893",
"lastModified": "2013-11-19T04:48:08.763",
"vulnStatus": "Modified",
"lastModified": "2023-09-26T20:09:48.957",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -62,8 +62,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:erp_cental_component:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF3CDA2-57CD-4E75-B2C4-591CC0CB9475"
"criteria": "cpe:2.3:a:sap:erp_central_component:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBBC8C91-2857-4337-8E29-A403E34074FB"
},
{
"vulnerable": true,
@ -78,19 +78,31 @@
"references": [
{
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0176.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://scn.sap.com/docs/DOC-8218",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.esnc.de/sap-security-audit-and-scan-services/security-advisories/36-privilege-escalation-in-sap-is-healthcare",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://service.sap.com/sap/support/notes/1691744",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
]
}
]
}

21
CVE-2015/CVE-2015-88xx/CVE-2015-8856.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-8856",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-01-23T21:59:00.563",
"lastModified": "2017-03-02T02:59:00.647",
"vulnStatus": "Modified",
"lastModified": "2023-09-26T20:10:04.947",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.6.2",
"matchCriteriaId": "3D08A9B2-48D9-429D-91DA-37A403B627EE"
"criteria": "cpe:2.3:a:openjsf:serve-index:*:*:*:*:node.js:*:*:*",
"versionEndExcluding": "1.6.3",
"matchCriteriaId": "3467E168-8F8E-4CA5-8CDA-288F002F648A"
}
]
}
@ -104,7 +104,10 @@
},
{
"url": "http://www.securityfocus.com/bid/96392",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://nodesecurity.io/advisories/34",

7
CVE-2020/CVE-2020-62xx/CVE-2020-6205.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-6205",
"sourceIdentifier": "cna@sap.com",
"published": "2020-03-10T21:15:14.620",
"lastModified": "2020-03-12T15:01:43.950",
"lastModified": "2023-09-26T20:09:05.387",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -168,11 +168,6 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages:7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "07A358CC-0FE7-4665-B595-169F784A5AC1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_as_abap_business_server_pages_:7.73:*:*:*:*:*:*:*",
"matchCriteriaId": "26A2020B-1A68-4471-9647-E78C46A20CD2"
}
]
}

225
CVE-2022/CVE-2022-43xx/CVE-2022-4318.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-4318",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-09-25T20:15:10.590",
"lastModified": "2023-09-26T12:45:48.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-26T20:51:13.893",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -38,22 +58,215 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-913"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kubernetes:cri-o:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A283D260-73A3-481A-9E98-4C4604020B83"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E52D8667-D64B-4E4D-972F-089A2D834C34"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5E9340-DD85-4B10-9A1D-9021C95229A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "2127E592-F973-4244-9793-680736EC5313"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform_ibm_z_systems:4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "608FBE62-5A35-4C7A-BBC7-E0D05E09008B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E52D8667-D64B-4E4D-972F-089A2D834C34"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5E9340-DD85-4B10-9A1D-9021C95229A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "2127E592-F973-4244-9793-680736EC5313"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform_ibm_z_systems:4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "608FBE62-5A35-4C7A-BBC7-E0D05E09008B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB176AC3-3CDA-4DDA-9089-C67B2F73AA62"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DC4AA4-6C52-42A4-A314-7E2F4D5AB620"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6E34F566-0753-43D5-AC76-E47C738C9DD4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6B2EF9F6-CE0A-48FA-87E5-77F94363B540"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform_ibm_z_systems:4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "22DFC1BF-2EC4-4102-97D0-BC9F75C94F71"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:1033",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:1503",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2022-4318",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152703",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-42xx/CVE-2023-4259.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4259",
"sourceIdentifier": "vulnerabilities@zephyrproject.org",
"published": "2023-09-26T00:15:11.397",
"lastModified": "2023-09-26T12:45:48.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-26T21:04:17.860",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "vulnerabilities@zephyrproject.org",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
},
{
"source": "vulnerabilities@zephyrproject.org",
"type": "Secondary",
@ -54,10 +84,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.4.0",
"matchCriteriaId": "51CECB97-3A81-4A54-AA0A-DB2A1DE18CF2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gghm-c696-f4j4",
"source": "vulnerabilities@zephyrproject.org"
"source": "vulnerabilities@zephyrproject.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

487
CVE-2023/CVE-2023-51xx/CVE-2023-5142.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5142",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-24T22:15:10.087",
"lastModified": "2023-09-25T01:35:47.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-26T20:55:43.920",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-240238 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Una vulnerabilidad clasificada como problem\u00e1tica fue encontrada en H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2 , ER3260G2, ER5100G2, ER5200G2 y ER6300G2 hasta 20230908. Esta vulnerabilidad afecta a c\u00f3digo desconocido del archivo /userLogin.asp del componente Config File Handler. La manipulaci\u00f3n conduce al recorrido del camino. El ataque se puede iniciar de forma remota. La complejidad de un ataque es bastante alta. La explotaci\u00f3n parece dif\u00edcil. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. VDB-240238 es el identificador asignado a esta vulnerabilidad. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -61,7 +87,7 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -69,24 +95,471 @@
"value": "CWE-22"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:gr-1100-p_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20230908",
"matchCriteriaId": "D840020D-2C49-4208-BA79-9BF9C4EBA4D9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:gr-1100-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA2A23D8-5DF5-4647-AB32-AF86E117789F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:gr-1108-p_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20230908",
"matchCriteriaId": "A33D38D0-144E-4576-96F5-D184485EF455"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:gr-1108-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E432A5DB-5D0F-464F-8235-EB9543E3F06A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:gr-1200w_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20230908",
"matchCriteriaId": "94126EC2-0D0B-46F3-8CF6-3E1C42D7D100"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:gr-1200w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4ECDCE3-0655-43A0-A6C5-658E7C4F5470"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:gr-1800ax_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20230908",
"matchCriteriaId": "19B18747-B268-45AB-A254-64DCB72C109B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:gr-1800ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "435BF35B-1867-48E5-BC8C-3F868E9B419B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:gr-2200_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20230908",
"matchCriteriaId": "75F33539-7670-4732-B470-4AB11816E549"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:gr-2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8543B702-DF8C-435F-A39E-56C8043E4321"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:gr-3200_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20230908",
"matchCriteriaId": "D94AFA76-7869-4B48-B22B-AAC0AE7D7960"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:gr-3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "945172AA-02BE-4538-952C-3F2EF9749810"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:gr-5200_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20230908",
"matchCriteriaId": "0D61370D-1950-4AA3-A6A2-CFE9A199CAE8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:gr-5200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55A3F347-7936-4966-9C0B-D61CC92BA85A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:gr-8300_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20230908",
"matchCriteriaId": "A545124C-076D-46E7-96B2-4B8CFF2BEFB8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:gr-8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB46F02-E18F-4E67-A941-FE24C06C2CFC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:er3260g2_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20230908",
"matchCriteriaId": "60B2DE7C-598B-4002-BB42-EC2D7E129FBF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:er3260g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6504103-D36F-499D-A6CE-1E952477B00F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:er5200g2_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20230908",
"matchCriteriaId": "39FEFC0A-4816-419E-830C-7D2AE5C95EEF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:er5200g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC97A451-6C13-4805-BF52-9C424B898636"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:er3200g2_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20230908",
"matchCriteriaId": "88AC8D91-BA03-49AC-9FC7-2D3DA30E9D4D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:er3200g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3126DFD1-B3D2-4F01-BDB6-D22E681E3228"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:er2100n_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20230908",
"matchCriteriaId": "28BE8148-9573-4708-B5DE-6ED69AED6993"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:er2100n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "803C9117-16A7-4812-A530-82AE6B331147"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:er6300g2_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20230908",
"matchCriteriaId": "0A6F28D8-BA6D-497E-95AA-D35052FFBF6F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:er6300g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E9CE23F-9941-471E-82CE-0EE150608E04"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:er5100g2_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20230908",
"matchCriteriaId": "DFDDB7BA-795A-4853-B3C6-3894DA11E69E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:er5100g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11594FE2-E591-4F06-9856-751DCF3F8949"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:h3c:er2200g2_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20230908",
"matchCriteriaId": "51A4E096-5A31-468B-B84B-9DDA123BEE2F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:h3c:er2200g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB4A4EC-8E98-4F3B-B116-925B15A9E5C1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/CJCniubi666/H3C-ER/blob/main/README.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/yinsel/CVE-H3C-Report",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.240238",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.240238",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

116
CVE-2023/CVE-2023-51xx/CVE-2023-5144.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5144",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-24T23:15:10.587",
"lastModified": "2023-09-25T01:35:47.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-26T20:13:26.273",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DAR-7000 and DAR-8000 up to 20151231. Affected is an unknown function of the file /sysmanage/updateos.php. The manipulation of the argument file_upload leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240240. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced."
},
{
"lang": "es",
"value": "** NO SOPORTADO CUANDO EST\u00c1 ASIGNADO ** ** NO SOPORTADO CUANDO EST\u00c1 ASIGNADO ** Una vulnerabilidad clasificada como cr\u00edtica fue encontrada en D-Link DAR-7000 y DAR-8000 hasta 20151231. Una funci\u00f3n desconocida del archivo /sysmanage es afectada por esta vulnerabilidad. /actualizaciones.php. La manipulaci\u00f3n del argumento file_upload conduce a una carga sin restricciones. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-240240. NOTA: Esta vulnerabilidad solo afecta a productos que ya no son compatibles con el mantenedor. NOTA: Se contact\u00f3 primeramente con el proveedor y se confirm\u00f3 que el producto ha llegado al final de su vida \u00fatil. Deber\u00eda retirarse y reemplazarse."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,26 +97,102 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dar-7000_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20151231",
"matchCriteriaId": "4836497D-D886-4025-B250-F70132145453"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dar-7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1500AB3C-D11B-4683-86AC-FEB6AF6AD69F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dar-8000_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20151231",
"matchCriteriaId": "A16E2C03-B169-4CAD-BAC7-951E0C1C62AD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dar-8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E74A904C-319A-4DC0-A0E2-2247272C68DE"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/llixixi/cve/blob/main/D-LINK-DAR-7000_upload_%20changelogo.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/llixixi/cve/blob/main/D-LINK-DAR-8000-10_upload_%20updateos.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10354",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.240240",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.240240",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

109
CVE-2023/CVE-2023-51xx/CVE-2023-5145.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5145",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-25T00:15:10.217",
"lastModified": "2023-09-25T01:35:47.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-26T20:37:43.787",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Link DAR-7000 up to 20151231 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /sysmanage/licence.php. The manipulation of the argument file_upload leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240241 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced."
},
{
"lang": "es",
"value": "** NO SOPORTADO CUANDO EST\u00c1 ASIGNADO ** ** NO SOPORTADO CUANDO EST\u00c1 ASIGNADO ** Se encontr\u00f3 una vulnerabilidad en D-Link DAR-7000 hasta 20151231 y se clasific\u00f3 como cr\u00edtica. Una funci\u00f3n desconocida del archivo /sysmanage/licence.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento file_upload conduce a una carga sin restricciones. El ataque se puede lanzar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-240241. NOTA: Esta vulnerabilidad solo afecta a productos que ya no son compatibles con el mantenedor. NOTA: Se contact\u00f3 primeramente con el proveedor y se confirm\u00f3 de inmediato que el producto ha llegado al final de su vida \u00fatil. Deber\u00eda retirarse y reemplazarse."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,22 +97,93 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dar-7000_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20151231",
"matchCriteriaId": "4836497D-D886-4025-B250-F70132145453"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dar-7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1500AB3C-D11B-4683-86AC-FEB6AF6AD69F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dar-8000_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20151231",
"matchCriteriaId": "A16E2C03-B169-4CAD-BAC7-951E0C1C62AD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dar-8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E74A904C-319A-4DC0-A0E2-2247272C68DE"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/llixixi/cve/blob/main/D-LINK-DAR-7000_upload_%20licence.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10354",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.240241",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.240241",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

27
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-09-26T20:00:25.309564+00:00
2023-09-26T22:00:25.743477+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-09-26T19:54:11.657000+00:00
2023-09-26T21:04:17.860000+00:00
```
### Last Data Feed Release
@ -40,21 +40,16 @@ Recently added CVEs: `0`
### CVEs modified in the last Commit
Recently modified CVEs: `13`
Recently modified CVEs: `8`
* [CVE-2015-6964](CVE-2015/CVE-2015-69xx/CVE-2015-6964.json) (`2023-09-26T18:26:06.317`)
* [CVE-2021-33642](CVE-2021/CVE-2021-336xx/CVE-2021-33642.json) (`2023-09-26T19:53:42.067`)
* [CVE-2021-33641](CVE-2021/CVE-2021-336xx/CVE-2021-33641.json) (`2023-09-26T19:53:49.097`)
* [CVE-2022-48605](CVE-2022/CVE-2022-486xx/CVE-2022-48605.json) (`2023-09-26T18:53:26.107`)
* [CVE-2023-5143](CVE-2023/CVE-2023-51xx/CVE-2023-5143.json) (`2023-09-26T18:19:16.740`)
* [CVE-2023-41048](CVE-2023/CVE-2023-410xx/CVE-2023-41048.json) (`2023-09-26T18:44:34.487`)
* [CVE-2023-4892](CVE-2023/CVE-2023-48xx/CVE-2023-4892.json) (`2023-09-26T18:59:31.087`)
* [CVE-2023-43131](CVE-2023/CVE-2023-431xx/CVE-2023-43131.json) (`2023-09-26T19:08:13.463`)
* [CVE-2023-39640](CVE-2023/CVE-2023-396xx/CVE-2023-39640.json) (`2023-09-26T19:31:58.313`)
* [CVE-2023-4156](CVE-2023/CVE-2023-41xx/CVE-2023-4156.json) (`2023-09-26T19:39:17.100`)
* [CVE-2023-41295](CVE-2023/CVE-2023-412xx/CVE-2023-41295.json) (`2023-09-26T19:50:32.080`)
* [CVE-2023-26916](CVE-2023/CVE-2023-269xx/CVE-2023-26916.json) (`2023-09-26T19:52:52.603`)
* [CVE-2023-4806](CVE-2023/CVE-2023-48xx/CVE-2023-4806.json) (`2023-09-26T19:54:11.657`)
* [CVE-2013-3061](CVE-2013/CVE-2013-30xx/CVE-2013-3061.json) (`2023-09-26T20:09:48.957`)
* [CVE-2015-8856](CVE-2015/CVE-2015-88xx/CVE-2015-8856.json) (`2023-09-26T20:10:04.947`)
* [CVE-2020-6205](CVE-2020/CVE-2020-62xx/CVE-2020-6205.json) (`2023-09-26T20:09:05.387`)
* [CVE-2022-4318](CVE-2022/CVE-2022-43xx/CVE-2022-4318.json) (`2023-09-26T20:51:13.893`)
* [CVE-2023-5144](CVE-2023/CVE-2023-51xx/CVE-2023-5144.json) (`2023-09-26T20:13:26.273`)
* [CVE-2023-5145](CVE-2023/CVE-2023-51xx/CVE-2023-5145.json) (`2023-09-26T20:37:43.787`)
* [CVE-2023-5142](CVE-2023/CVE-2023-51xx/CVE-2023-5142.json) (`2023-09-26T20:55:43.920`)
* [CVE-2023-4259](CVE-2023/CVE-2023-42xx/CVE-2023-4259.json) (`2023-09-26T21:04:17.860`)
## Download and Usage