diff --git a/CVE-2020/CVE-2020-360xx/CVE-2020-36023.json b/CVE-2020/CVE-2020-360xx/CVE-2020-36023.json index bafc62f21b8..76282f64498 100644 --- a/CVE-2020/CVE-2020-360xx/CVE-2020-36023.json +++ b/CVE-2020/CVE-2020-360xx/CVE-2020-36023.json @@ -2,8 +2,8 @@ "id": "CVE-2020-36023", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-11T14:15:11.513", - "lastModified": "2023-08-11T15:18:06.983", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-14T15:15:10.117", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", @@ -15,6 +15,10 @@ { "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1013", "source": "cve@mitre.org" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-360xx/CVE-2020-36024.json b/CVE-2020/CVE-2020-360xx/CVE-2020-36024.json index c0e015bf6fd..5a7fbadff77 100644 --- a/CVE-2020/CVE-2020-360xx/CVE-2020-36024.json +++ b/CVE-2020/CVE-2020-360xx/CVE-2020-36024.json @@ -2,8 +2,8 @@ "id": "CVE-2020-36024", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-11T14:15:11.577", - "lastModified": "2023-08-11T15:18:06.983", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-14T15:15:10.463", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", @@ -15,6 +15,10 @@ { "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1016", "source": "cve@mitre.org" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-287xx/CVE-2022-28773.json b/CVE-2022/CVE-2022-287xx/CVE-2022-28773.json index c683d8ad12c..6c888813c24 100644 --- a/CVE-2022/CVE-2022-287xx/CVE-2022-28773.json +++ b/CVE-2022/CVE-2022-287xx/CVE-2022-28773.json @@ -2,12 +2,12 @@ "id": "CVE-2022-28773", "sourceIdentifier": "cna@sap.com", "published": "2022-04-12T17:15:10.883", - "lastModified": "2023-07-21T16:43:07.077", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-14T14:15:09.747", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the application may crash, leading to denial of service, but can be restarted automatically." + "value": "Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the application may crash, leading to denial of service, but can be restarted automatically.\n\n" }, { "lang": "es", @@ -65,7 +65,7 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "cna@sap.com", "type": "Primary", "description": [ { @@ -75,12 +75,12 @@ ] }, { - "source": "cna@sap.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-789" + "value": "CWE-674" } ] } diff --git a/CVE-2022/CVE-2022-315xx/CVE-2022-31595.json b/CVE-2022/CVE-2022-315xx/CVE-2022-31595.json index da96c599276..fb56ece3343 100644 --- a/CVE-2022/CVE-2022-315xx/CVE-2022-31595.json +++ b/CVE-2022/CVE-2022-315xx/CVE-2022-31595.json @@ -2,12 +2,12 @@ "id": "CVE-2022-31595", "sourceIdentifier": "cna@sap.com", "published": "2022-06-14T19:15:07.807", - "lastModified": "2023-07-24T13:30:41.917", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-14T14:15:09.910", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "SAP Financial Consolidation - version 1010,?does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges." + "value": "SAP Financial Consolidation - version 1010,?does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.\n\n" }, { "lang": "es", @@ -65,7 +65,7 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "cna@sap.com", "type": "Primary", "description": [ { @@ -75,12 +75,12 @@ ] }, { - "source": "cna@sap.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-863" + "value": "CWE-862" } ] } diff --git a/CVE-2023/CVE-2023-11xx/CVE-2023-1119.json b/CVE-2023/CVE-2023-11xx/CVE-2023-1119.json index f372eb72dc2..5f6a966539f 100644 --- a/CVE-2023/CVE-2023-11xx/CVE-2023-1119.json +++ b/CVE-2023/CVE-2023-11xx/CVE-2023-1119.json @@ -2,12 +2,12 @@ "id": "CVE-2023-1119", "sourceIdentifier": "contact@wpscan.com", "published": "2023-07-10T16:15:48.720", - "lastModified": "2023-07-17T18:00:01.033", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-14T14:15:10.057", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The WP-Optimize WordPress plugin before 3.2.13, SrbTransLatin WordPress plugin through 2.4 use a third-party library that removes the escaping on some HTML characters, leading to a Cross-Site Scripting vulnerability." + "value": "The WP-Optimize WordPress plugin before 3.2.13, SrbTransLatin WordPress plugin before 2.4.1 use a third-party library that removes the escaping on some HTML characters, leading to a cross-site scripting vulnerability." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-269xx/CVE-2023-26961.json b/CVE-2023/CVE-2023-269xx/CVE-2023-26961.json index d39f6dd6538..655b4c9df58 100644 --- a/CVE-2023/CVE-2023-269xx/CVE-2023-26961.json +++ b/CVE-2023/CVE-2023-269xx/CVE-2023-26961.json @@ -2,23 +2,82 @@ "id": "CVE-2023-26961", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-08T20:15:10.080", - "lastModified": "2023-08-08T20:39:01.517", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-14T14:19:59.293", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Alteryx Server 2022.1.1.42590 does not employ file type verification for uploaded files. This vulnerability allows attackers to upload arbitrary files by changing the extension of the uploaded file." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:alteryx:alteryx_server:2022.1.1.42590:*:*:*:*:*:*:*", + "matchCriteriaId": "7E2E8988-A4F4-4C56-9274-0A7F2DA1BD51" + } + ] + } + ] + } + ], "references": [ { "url": "http://alteryx.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://gist.github.com/DylanGrl/4269ae834c5d0ec77c9b928ad35d3be3", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-285xx/CVE-2023-28535.json b/CVE-2023/CVE-2023-285xx/CVE-2023-28535.json new file mode 100644 index 00000000000..4c0e71d9db3 --- /dev/null +++ b/CVE-2023/CVE-2023-285xx/CVE-2023-28535.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-28535", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-08-14T15:15:10.807", + "lastModified": "2023-08-14T15:58:29.657", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Paytm Paytm Payment Donation plugin <=\u00a02.2.0 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/paytm-donation/wordpress-paytm-payment-donation-plugin-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-290xx/CVE-2023-29097.json b/CVE-2023/CVE-2023-290xx/CVE-2023-29097.json new file mode 100644 index 00000000000..f546785ad1b --- /dev/null +++ b/CVE-2023/CVE-2023-290xx/CVE-2023-29097.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-29097", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-08-14T14:15:10.170", + "lastModified": "2023-08-14T15:58:29.657", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in a3rev Software a3 Portfolio plugin <=\u00a03.1.0 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/a3-portfolio/wordpress-a3-portfolio-plugin-3-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-304xx/CVE-2023-30475.json b/CVE-2023/CVE-2023-304xx/CVE-2023-30475.json new file mode 100644 index 00000000000..0d46fc073df --- /dev/null +++ b/CVE-2023/CVE-2023-304xx/CVE-2023-30475.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-30475", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-08-14T14:15:10.277", + "lastModified": "2023-08-14T15:58:29.657", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Elliot Sowersby, RelyWP WooCommerce Affiliate Plugin \u2013 Coupon Affiliates plugin <=\u00a05.4.5 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/woo-coupon-usage/wordpress-coupon-affiliates-plugin-5-4-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-304xx/CVE-2023-30477.json b/CVE-2023/CVE-2023-304xx/CVE-2023-30477.json new file mode 100644 index 00000000000..cb392a0ad02 --- /dev/null +++ b/CVE-2023/CVE-2023-304xx/CVE-2023-30477.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-30477", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-08-14T14:15:10.383", + "lastModified": "2023-08-14T15:58:29.657", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Essitco AFFILIATE Solution plugin <=\u00a01.0 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/affiliate-solution/wordpress-affiliate-solution-plugin-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-304xx/CVE-2023-30483.json b/CVE-2023/CVE-2023-304xx/CVE-2023-30483.json new file mode 100644 index 00000000000..7e1a4f0668e --- /dev/null +++ b/CVE-2023/CVE-2023-304xx/CVE-2023-30483.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-30483", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-08-14T14:15:10.487", + "lastModified": "2023-08-14T15:58:29.657", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Watu Quiz plugin <=\u00a03.3.9.2 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/watu/wordpress-watu-quiz-plugin-3-3-9-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-304xx/CVE-2023-30489.json b/CVE-2023/CVE-2023-304xx/CVE-2023-30489.json new file mode 100644 index 00000000000..7ea2532e2f0 --- /dev/null +++ b/CVE-2023/CVE-2023-304xx/CVE-2023-30489.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-30489", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-08-14T15:15:11.117", + "lastModified": "2023-08-14T15:58:29.657", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Email Subscription Popup plugin <=\u00a01.2.16 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/email-subscribe/wordpress-email-subscription-popup-plugin-1-2-16-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-306xx/CVE-2023-30679.json b/CVE-2023/CVE-2023-306xx/CVE-2023-30679.json index 60719c18532..4ae6c30e82e 100644 --- a/CVE-2023/CVE-2023-306xx/CVE-2023-30679.json +++ b/CVE-2023/CVE-2023-306xx/CVE-2023-30679.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30679", "sourceIdentifier": "mobile.security@samsung.com", "published": "2023-08-10T02:15:10.610", - "lastModified": "2023-08-10T12:43:50.693", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-14T15:52:31.787", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -46,10 +76,355 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:-:*:*:*:*:*:*", + "matchCriteriaId": "DA3806E2-A780-4BB5-B4DC-D015D841E4C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "8D2D0083-0A85-47F7-A42D-2040A3BEC132" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "0332BF16-0F1F-4733-ABCE-A1EA1366A5D9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "D7120696-2440-44EC-B3A4-6FCBB4A60A12" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "A3658A42-BCA9-4188-8B36-3C6599BBF83C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "D0E55E09-C2C9-43D1-8A1A-6D02F544E34A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*", + "matchCriteriaId": "C26195A5-31BE-4116-8F31-9F25BE57AB52" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "4C6114C5-C175-45E7-821E-6BA218F923DE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "58BA232B-8D39-473A-91D0-D3AC03FDE8FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "AF2EADA0-5976-4711-A7A5-61594F3E2FEB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "6B59145B-5506-477C-8F9C-ABB0CE2CF631" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "655BEA94-9A83-4A56-8DDE-79ADC821C707" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "B894D0C1-E66E-44B0-8FCA-2EE4290C4173" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "2B088DE9-31F1-4737-8BC8-CC406F208ACB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "899F6BD2-47AF-4ADA-935D-90AB069E9BA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "60281652-A1DF-4EA4-8CD3-6DCA43F6162F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "C2592B14-B3B7-4C85-88E8-5E12F6F50ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "40A783AA-91E7-426B-8A78-4EBE5D69A602" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "4F46F8F7-0EBA-4D2F-AC53-4BB5956D7B87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "BA51F5D5-D18D-426C-B09F-EE12CE11E9FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "53968A3C-6E71-42B8-8671-6730D8C85603" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "FFB0F9B9-C60D-40CC-AC7D-FDB288EB2264" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "6C946853-D56D-457C-A1CB-AD1A5BD56C41" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "B35EB1D3-2F29-4A5C-AC9A-6ED72A2E22D2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "1DD6CFD3-5341-4069-B4FC-A5E07F13A63F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "9BD8E899-427B-47D2-9168-446B0249868F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "E923AF0F-34BA-40FE-AA20-B01366263B97" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "78B14D1F-C536-4816-A076-B074E41EB0A9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "AF2D00F4-B521-4D8F-84F8-DCE45B6349A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "548BCC15-C6D8-4AE7-B167-4DD74382097B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "9C2B6E53-CC07-4590-ADFA-CEF7DB0F4EB7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*", + "matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*", + "matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12" + } + ] + } + ] + } + ], "references": [ { "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=08", - "source": "mobile.security@samsung.com" + "source": "mobile.security@samsung.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-306xx/CVE-2023-30680.json b/CVE-2023/CVE-2023-306xx/CVE-2023-30680.json index 5a02e1548a5..2ad15073bba 100644 --- a/CVE-2023/CVE-2023-306xx/CVE-2023-30680.json +++ b/CVE-2023/CVE-2023-306xx/CVE-2023-30680.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30680", "sourceIdentifier": "mobile.security@samsung.com", "published": "2023-08-10T02:15:10.713", - "lastModified": "2023-08-10T12:43:50.693", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-14T15:53:53.710", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -46,10 +76,190 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*", + "matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*", + "matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12" + } + ] + } + ] + } + ], "references": [ { "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=08", - "source": "mobile.security@samsung.com" + "source": "mobile.security@samsung.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-306xx/CVE-2023-30688.json b/CVE-2023/CVE-2023-306xx/CVE-2023-30688.json index 1c10ca9e3d9..2893c74fca3 100644 --- a/CVE-2023/CVE-2023-306xx/CVE-2023-30688.json +++ b/CVE-2023/CVE-2023-306xx/CVE-2023-30688.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30688", "sourceIdentifier": "mobile.security@samsung.com", "published": "2023-08-10T02:15:11.457", - "lastModified": "2023-08-10T12:43:50.693", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-14T15:58:58.917", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -46,10 +76,355 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:-:*:*:*:*:*:*", + "matchCriteriaId": "DA3806E2-A780-4BB5-B4DC-D015D841E4C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "8D2D0083-0A85-47F7-A42D-2040A3BEC132" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "0332BF16-0F1F-4733-ABCE-A1EA1366A5D9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "D7120696-2440-44EC-B3A4-6FCBB4A60A12" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "A3658A42-BCA9-4188-8B36-3C6599BBF83C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "D0E55E09-C2C9-43D1-8A1A-6D02F544E34A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*", + "matchCriteriaId": "C26195A5-31BE-4116-8F31-9F25BE57AB52" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "4C6114C5-C175-45E7-821E-6BA218F923DE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "58BA232B-8D39-473A-91D0-D3AC03FDE8FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "AF2EADA0-5976-4711-A7A5-61594F3E2FEB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "6B59145B-5506-477C-8F9C-ABB0CE2CF631" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "655BEA94-9A83-4A56-8DDE-79ADC821C707" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "B894D0C1-E66E-44B0-8FCA-2EE4290C4173" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "2B088DE9-31F1-4737-8BC8-CC406F208ACB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "899F6BD2-47AF-4ADA-935D-90AB069E9BA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "60281652-A1DF-4EA4-8CD3-6DCA43F6162F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "C2592B14-B3B7-4C85-88E8-5E12F6F50ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "40A783AA-91E7-426B-8A78-4EBE5D69A602" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "4F46F8F7-0EBA-4D2F-AC53-4BB5956D7B87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "BA51F5D5-D18D-426C-B09F-EE12CE11E9FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "53968A3C-6E71-42B8-8671-6730D8C85603" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "FFB0F9B9-C60D-40CC-AC7D-FDB288EB2264" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "6C946853-D56D-457C-A1CB-AD1A5BD56C41" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "B35EB1D3-2F29-4A5C-AC9A-6ED72A2E22D2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "1DD6CFD3-5341-4069-B4FC-A5E07F13A63F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "9BD8E899-427B-47D2-9168-446B0249868F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "E923AF0F-34BA-40FE-AA20-B01366263B97" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "78B14D1F-C536-4816-A076-B074E41EB0A9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "AF2D00F4-B521-4D8F-84F8-DCE45B6349A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "548BCC15-C6D8-4AE7-B167-4DD74382097B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "9C2B6E53-CC07-4590-ADFA-CEF7DB0F4EB7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*", + "matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*", + "matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*", + "matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*", + "matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*", + "matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12" + } + ] + } + ] + } + ], "references": [ { "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=08", - "source": "mobile.security@samsung.com" + "source": "mobile.security@samsung.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-307xx/CVE-2023-30749.json b/CVE-2023/CVE-2023-307xx/CVE-2023-30749.json new file mode 100644 index 00000000000..7c5fc177c12 --- /dev/null +++ b/CVE-2023/CVE-2023-307xx/CVE-2023-30749.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-30749", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-08-14T15:15:11.367", + "lastModified": "2023-08-14T15:58:29.657", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ihomefinder Optima Express + MarketBoost IDX Plugin plugin <=\u00a07.3.0 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/optima-express/wordpress-optima-express-marketboost-idx-plugin-plugin-7-3-0-cross-site-scripting-xss?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-307xx/CVE-2023-30751.json b/CVE-2023/CVE-2023-307xx/CVE-2023-30751.json new file mode 100644 index 00000000000..5dea50d6166 --- /dev/null +++ b/CVE-2023/CVE-2023-307xx/CVE-2023-30751.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-30751", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-08-14T15:15:11.627", + "lastModified": "2023-08-14T15:58:29.657", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in iControlWP Article Directory Redux plugin <=\u00a01.0.2 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/article-directory-redux/wordpress-article-directory-redux-plugin-1-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-307xx/CVE-2023-30752.json b/CVE-2023/CVE-2023-307xx/CVE-2023-30752.json new file mode 100644 index 00000000000..74de34c5d08 --- /dev/null +++ b/CVE-2023/CVE-2023-307xx/CVE-2023-30752.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-30752", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-08-14T15:15:11.827", + "lastModified": "2023-08-14T15:58:29.657", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Silvia Pfeiffer and Andrew Nimmo External Videos plugin <=\u00a02.0.1 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/external-videos/wordpress-external-videos-plugin-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-307xx/CVE-2023-30754.json b/CVE-2023/CVE-2023-307xx/CVE-2023-30754.json new file mode 100644 index 00000000000..42aabe02c0d --- /dev/null +++ b/CVE-2023/CVE-2023-307xx/CVE-2023-30754.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-30754", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-08-14T15:15:12.123", + "lastModified": "2023-08-14T15:58:29.657", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in AdFoxly AdFoxly \u2013 Ad Manager, AdSense Ads & Ads.Txt plugin <=\u00a01.8.5 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/adfoxly/wordpress-adfoxly-ad-manager-adsense-ads-ads-txt-plugin-1-8-4-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-310xx/CVE-2023-31041.json b/CVE-2023/CVE-2023-310xx/CVE-2023-31041.json new file mode 100644 index 00000000000..df29e4fa1d8 --- /dev/null +++ b/CVE-2023/CVE-2023-310xx/CVE-2023-31041.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-31041", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-14T15:15:12.237", + "lastModified": "2023-08-14T15:58:29.657", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in SysPasswordDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. System password information could optionally be stored in cleartext, which might lead to possible information disclosure." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.insyde.com/security-pledge/SA-2023047", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33250.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33250.json index 91f86828180..98cf057df64 100644 --- a/CVE-2023/CVE-2023-332xx/CVE-2023-33250.json +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33250.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33250", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-21T21:15:08.737", - "lastModified": "2023-06-22T15:15:13.313", - "vulnStatus": "Modified", + "lastModified": "2023-08-14T15:39:54.390", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -17,20 +17,20 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "attackVector": "NETWORK", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", "attackComplexity": "LOW", - "privilegesRequired": "NONE", + "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" + "baseScore": 4.4, + "baseSeverity": "MEDIUM" }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 + "exploitabilityScore": 0.8, + "impactScore": 3.6 } ] }, @@ -48,6 +48,7 @@ ], "configurations": [ { + "operator": "AND", "nodes": [ { "operator": "OR", @@ -61,6 +62,114 @@ ] } ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098" + } + ] + } + ] } ], "references": [ @@ -81,7 +190,10 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20230622-0006/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35871.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35871.json index ccf966aeb29..dadee283622 100644 --- a/CVE-2023/CVE-2023-358xx/CVE-2023-35871.json +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35871.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35871", "sourceIdentifier": "cna@sap.com", "published": "2023-07-11T03:15:09.867", - "lastModified": "2023-07-18T18:20:09.497", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-14T14:15:10.587", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -56,7 +56,7 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "cna@sap.com", "type": "Primary", "description": [ { @@ -66,12 +66,12 @@ ] }, { - "source": "cna@sap.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-119" + "value": "CWE-787" } ] } diff --git a/CVE-2023/CVE-2023-363xx/CVE-2023-36344.json b/CVE-2023/CVE-2023-363xx/CVE-2023-36344.json index de67450258a..ed572838706 100644 --- a/CVE-2023/CVE-2023-363xx/CVE-2023-36344.json +++ b/CVE-2023/CVE-2023-363xx/CVE-2023-36344.json @@ -2,23 +2,83 @@ "id": "CVE-2023-36344", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-08T20:15:10.170", - "lastModified": "2023-08-08T20:39:01.517", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-14T14:26:15.637", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue in Diebold Nixdorf Vynamic View Console v.5.3.1 and before allows a local attacker to execute arbitrary code via not restricting the search path for required DLLs and not verifying the signature." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-427" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dieboldnixdorf:vynamic_view:*:*:*:*:*:*:*:*", + "versionEndIncluding": "5.3.1", + "matchCriteriaId": "9BC9426A-ACC6-4AF7-9626-7D3530568B07" + } + ] + } + ] + } + ], "references": [ { "url": "https://packetstormsecurity.com/files/173990/Diebold-Nixdorf-Vynamic-View-Console-5.3.1-DLL-Hijacking.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://www.dieboldnixdorf.com/en-us/banking/portfolio/software/view/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-377xx/CVE-2023-37728.json b/CVE-2023/CVE-2023-377xx/CVE-2023-37728.json index e88ce4d84e1..855d468c3f6 100644 --- a/CVE-2023/CVE-2023-377xx/CVE-2023-37728.json +++ b/CVE-2023/CVE-2023-377xx/CVE-2023-37728.json @@ -2,12 +2,12 @@ "id": "CVE-2023-37728", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-20T18:15:12.110", - "lastModified": "2023-07-27T23:36:54.710", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-14T14:15:10.727", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Icewarp Icearp v10.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the color parameter." + "value": "IceWarp v10.2.1 was discovered to contain cross-site scripting (XSS) vulnerability via the color parameter." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-382xx/CVE-2023-38211.json b/CVE-2023/CVE-2023-382xx/CVE-2023-38211.json index efc954f38f9..af66b9c28c1 100644 --- a/CVE-2023/CVE-2023-382xx/CVE-2023-38211.json +++ b/CVE-2023/CVE-2023-382xx/CVE-2023-38211.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38211", "sourceIdentifier": "psirt@adobe.com", "published": "2023-08-09T09:15:13.957", - "lastModified": "2023-08-09T12:46:39.727", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-14T15:43:46.457", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -31,6 +31,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ] }, @@ -46,10 +66,49 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:dimension:*:*:*:*:*:*:*:*", + "versionEndIncluding": "3.4.9", + "matchCriteriaId": "8E21E09A-2318-43F6-9847-2242EEA2B39B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/dimension/apsb23-44.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-382xx/CVE-2023-38212.json b/CVE-2023/CVE-2023-382xx/CVE-2023-38212.json index 46f134cb43a..16c77f87b00 100644 --- a/CVE-2023/CVE-2023-382xx/CVE-2023-38212.json +++ b/CVE-2023/CVE-2023-382xx/CVE-2023-38212.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38212", "sourceIdentifier": "psirt@adobe.com", "published": "2023-08-09T09:15:14.077", - "lastModified": "2023-08-09T12:46:39.727", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-14T15:45:21.187", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -31,6 +31,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ] }, @@ -46,10 +66,49 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:dimension:*:*:*:*:*:*:*:*", + "versionEndIncluding": "3.4.9", + "matchCriteriaId": "8E21E09A-2318-43F6-9847-2242EEA2B39B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/dimension/apsb23-44.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-390xx/CVE-2023-39006.json b/CVE-2023/CVE-2023-390xx/CVE-2023-39006.json index b6e714af554..2c27304753f 100644 --- a/CVE-2023/CVE-2023-390xx/CVE-2023-39006.json +++ b/CVE-2023/CVE-2023-390xx/CVE-2023-39006.json @@ -2,23 +2,84 @@ "id": "CVE-2023-39006", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-09T19:15:15.140", - "lastModified": "2023-08-09T20:12:10.860", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-14T14:13:35.830", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Crash Reporter (crash_reporter.php) component of OPNsense before 23.7 mishandles input sanitization." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:opnsense:opnsense:*:*:*:*:*:*:*:*", + "versionEndExcluding": "23.7", + "matchCriteriaId": "E4C1BDFF-B6E1-4F82-9957-1FFA069E2EDC" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/opnsense/core/commit/1c05a19d9d52c7bfa4ac52114935d9fe76d5d181", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://logicaltrust.net/blog/2023/08/opnsense.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Mitigation", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-390xx/CVE-2023-39008.json b/CVE-2023/CVE-2023-390xx/CVE-2023-39008.json index 35ad2e604a0..6651f80d4a5 100644 --- a/CVE-2023/CVE-2023-390xx/CVE-2023-39008.json +++ b/CVE-2023/CVE-2023-390xx/CVE-2023-39008.json @@ -2,23 +2,84 @@ "id": "CVE-2023-39008", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-09T19:15:15.270", - "lastModified": "2023-08-09T20:12:10.860", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-14T14:13:44.650", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A command injection vulnerability in the component /api/cron/settings/setJob/ of OPNsense before 23.7 allows attackers to execute arbitrary system commands." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:opnsense:opnsense:*:*:*:*:*:*:*:*", + "versionEndExcluding": "23.7", + "matchCriteriaId": "E4C1BDFF-B6E1-4F82-9957-1FFA069E2EDC" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/opnsense/core/commit/e800097d0c287bb665f0751a98a67c75ef7b45e5", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://logicaltrust.net/blog/2023/08/opnsense.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Mitigation", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-42xx/CVE-2023-4219.json b/CVE-2023/CVE-2023-42xx/CVE-2023-4219.json index 5c9c150721e..d31ba5440a6 100644 --- a/CVE-2023/CVE-2023-42xx/CVE-2023-4219.json +++ b/CVE-2023/CVE-2023-42xx/CVE-2023-4219.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4219", "sourceIdentifier": "cna@vuldb.com", "published": "2023-08-08T13:15:12.633", - "lastModified": "2023-08-08T13:57:34.073", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-14T14:22:21.333", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:doctors_appointment_system_project:doctors_appointment_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D080F4CA-E377-4642-8AB8-779DB6C86267" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Yesec/-Doctor-s-Appointment-System/blob/main/SQL%20Injection%20in%20login.php/vuln.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.236365", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.236365", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-42xx/CVE-2023-4242.json b/CVE-2023/CVE-2023-42xx/CVE-2023-4242.json index ffd1b962367..aa969651acf 100644 --- a/CVE-2023/CVE-2023-42xx/CVE-2023-4242.json +++ b/CVE-2023/CVE-2023-42xx/CVE-2023-4242.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4242", "sourceIdentifier": "security@wordfence.com", "published": "2023-08-09T04:15:10.657", - "lastModified": "2023-08-09T12:46:53.387", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-14T15:27:47.553", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -36,8 +36,18 @@ }, "weaknesses": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,14 +56,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:full:full_-_customer:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.2.3", + "matchCriteriaId": "B5008888-E915-410F-A4BA-4C159F5C677E" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/full-customer/tags/1.1.0/app/api/Health.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a77d0fb5-8829-407d-a40a-169cf0c5f837?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-42xx/CVE-2023-4243.json b/CVE-2023/CVE-2023-42xx/CVE-2023-4243.json index 02810e242db..954821caab8 100644 --- a/CVE-2023/CVE-2023-42xx/CVE-2023-4243.json +++ b/CVE-2023/CVE-2023-42xx/CVE-2023-4243.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4243", "sourceIdentifier": "security@wordfence.com", "published": "2023-08-09T04:15:10.807", - "lastModified": "2023-08-09T12:46:53.387", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-14T15:36:35.827", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -36,8 +36,18 @@ }, "weaknesses": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,18 +56,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:full:full_-_customer:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.2.3", + "matchCriteriaId": "B5008888-E915-410F-A4BA-4C159F5C677E" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/full-customer/tags/1.1.0/app/api/Plugin.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/full-customer/tags/2.2.1/app/api/PluginInstallation.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9799df3f-e34e-42a7-8a72-fa57682f7014?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 6d5881e16db..e0a86b23b12 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-08-14T14:00:31.955652+00:00 +2023-08-14T16:00:29.026658+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-08-14T13:53:28.250000+00:00 +2023-08-14T15:58:58.917000+00:00 ``` ### Last Data Feed Release @@ -29,49 +29,50 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -222561 +222572 ``` ### CVEs added in the last Commit -Recently added CVEs: `5` +Recently added CVEs: `11` -* [CVE-2023-37847](CVE-2023/CVE-2023-378xx/CVE-2023-37847.json) (`2023-08-14T12:15:09.593`) -* [CVE-2023-30186](CVE-2023/CVE-2023-301xx/CVE-2023-30186.json) (`2023-08-14T13:15:10.420`) -* [CVE-2023-30187](CVE-2023/CVE-2023-301xx/CVE-2023-30187.json) (`2023-08-14T13:15:10.527`) -* [CVE-2023-30188](CVE-2023/CVE-2023-301xx/CVE-2023-30188.json) (`2023-08-14T13:15:10.720`) -* [CVE-2023-37070](CVE-2023/CVE-2023-370xx/CVE-2023-37070.json) (`2023-08-14T13:15:10.900`) +* [CVE-2023-29097](CVE-2023/CVE-2023-290xx/CVE-2023-29097.json) (`2023-08-14T14:15:10.170`) +* [CVE-2023-30475](CVE-2023/CVE-2023-304xx/CVE-2023-30475.json) (`2023-08-14T14:15:10.277`) +* [CVE-2023-30477](CVE-2023/CVE-2023-304xx/CVE-2023-30477.json) (`2023-08-14T14:15:10.383`) +* [CVE-2023-30483](CVE-2023/CVE-2023-304xx/CVE-2023-30483.json) (`2023-08-14T14:15:10.487`) +* [CVE-2023-28535](CVE-2023/CVE-2023-285xx/CVE-2023-28535.json) (`2023-08-14T15:15:10.807`) +* [CVE-2023-30489](CVE-2023/CVE-2023-304xx/CVE-2023-30489.json) (`2023-08-14T15:15:11.117`) +* [CVE-2023-30749](CVE-2023/CVE-2023-307xx/CVE-2023-30749.json) (`2023-08-14T15:15:11.367`) +* [CVE-2023-30751](CVE-2023/CVE-2023-307xx/CVE-2023-30751.json) (`2023-08-14T15:15:11.627`) +* [CVE-2023-30752](CVE-2023/CVE-2023-307xx/CVE-2023-30752.json) (`2023-08-14T15:15:11.827`) +* [CVE-2023-30754](CVE-2023/CVE-2023-307xx/CVE-2023-30754.json) (`2023-08-14T15:15:12.123`) +* [CVE-2023-31041](CVE-2023/CVE-2023-310xx/CVE-2023-31041.json) (`2023-08-14T15:15:12.237`) ### CVEs modified in the last Commit -Recently modified CVEs: `29` +Recently modified CVEs: `20` -* [CVE-2023-3260](CVE-2023/CVE-2023-32xx/CVE-2023-3260.json) (`2023-08-14T13:06:15.630`) -* [CVE-2023-3261](CVE-2023/CVE-2023-32xx/CVE-2023-3261.json) (`2023-08-14T13:06:15.630`) -* [CVE-2023-3262](CVE-2023/CVE-2023-32xx/CVE-2023-3262.json) (`2023-08-14T13:06:15.630`) -* [CVE-2023-40291](CVE-2023/CVE-2023-402xx/CVE-2023-40291.json) (`2023-08-14T13:06:15.630`) -* [CVE-2023-40292](CVE-2023/CVE-2023-402xx/CVE-2023-40292.json) (`2023-08-14T13:06:15.630`) -* [CVE-2023-40293](CVE-2023/CVE-2023-402xx/CVE-2023-40293.json) (`2023-08-14T13:06:15.630`) -* [CVE-2023-40294](CVE-2023/CVE-2023-402xx/CVE-2023-40294.json) (`2023-08-14T13:06:15.630`) -* [CVE-2023-40295](CVE-2023/CVE-2023-402xx/CVE-2023-40295.json) (`2023-08-14T13:06:15.630`) -* [CVE-2023-40296](CVE-2023/CVE-2023-402xx/CVE-2023-40296.json) (`2023-08-14T13:06:15.630`) -* [CVE-2023-3263](CVE-2023/CVE-2023-32xx/CVE-2023-3263.json) (`2023-08-14T13:06:15.630`) -* [CVE-2023-3264](CVE-2023/CVE-2023-32xx/CVE-2023-3264.json) (`2023-08-14T13:06:15.630`) -* [CVE-2023-3265](CVE-2023/CVE-2023-32xx/CVE-2023-3265.json) (`2023-08-14T13:06:15.630`) -* [CVE-2023-3266](CVE-2023/CVE-2023-32xx/CVE-2023-3266.json) (`2023-08-14T13:06:15.630`) -* [CVE-2023-3267](CVE-2023/CVE-2023-32xx/CVE-2023-3267.json) (`2023-08-14T13:06:15.630`) -* [CVE-2023-40303](CVE-2023/CVE-2023-403xx/CVE-2023-40303.json) (`2023-08-14T13:06:15.630`) -* [CVE-2023-40305](CVE-2023/CVE-2023-403xx/CVE-2023-40305.json) (`2023-08-14T13:06:15.630`) -* [CVE-2023-3160](CVE-2023/CVE-2023-31xx/CVE-2023-3160.json) (`2023-08-14T13:06:15.630`) -* [CVE-2023-4321](CVE-2023/CVE-2023-43xx/CVE-2023-4321.json) (`2023-08-14T13:06:15.630`) -* [CVE-2023-40274](CVE-2023/CVE-2023-402xx/CVE-2023-40274.json) (`2023-08-14T13:06:21.347`) -* [CVE-2023-40283](CVE-2023/CVE-2023-402xx/CVE-2023-40283.json) (`2023-08-14T13:06:21.347`) -* [CVE-2023-20556](CVE-2023/CVE-2023-205xx/CVE-2023-20556.json) (`2023-08-14T13:22:28.320`) -* [CVE-2023-20561](CVE-2023/CVE-2023-205xx/CVE-2023-20561.json) (`2023-08-14T13:29:37.757`) -* [CVE-2023-20562](CVE-2023/CVE-2023-205xx/CVE-2023-20562.json) (`2023-08-14T13:34:06.770`) -* [CVE-2023-26310](CVE-2023/CVE-2023-263xx/CVE-2023-26310.json) (`2023-08-14T13:38:48.893`) -* [CVE-2023-38213](CVE-2023/CVE-2023-382xx/CVE-2023-38213.json) (`2023-08-14T13:53:28.250`) +* [CVE-2020-36023](CVE-2020/CVE-2020-360xx/CVE-2020-36023.json) (`2023-08-14T15:15:10.117`) +* [CVE-2020-36024](CVE-2020/CVE-2020-360xx/CVE-2020-36024.json) (`2023-08-14T15:15:10.463`) +* [CVE-2022-28773](CVE-2022/CVE-2022-287xx/CVE-2022-28773.json) (`2023-08-14T14:15:09.747`) +* [CVE-2022-31595](CVE-2022/CVE-2022-315xx/CVE-2022-31595.json) (`2023-08-14T14:15:09.910`) +* [CVE-2023-39006](CVE-2023/CVE-2023-390xx/CVE-2023-39006.json) (`2023-08-14T14:13:35.830`) +* [CVE-2023-39008](CVE-2023/CVE-2023-390xx/CVE-2023-39008.json) (`2023-08-14T14:13:44.650`) +* [CVE-2023-1119](CVE-2023/CVE-2023-11xx/CVE-2023-1119.json) (`2023-08-14T14:15:10.057`) +* [CVE-2023-35871](CVE-2023/CVE-2023-358xx/CVE-2023-35871.json) (`2023-08-14T14:15:10.587`) +* [CVE-2023-37728](CVE-2023/CVE-2023-377xx/CVE-2023-37728.json) (`2023-08-14T14:15:10.727`) +* [CVE-2023-26961](CVE-2023/CVE-2023-269xx/CVE-2023-26961.json) (`2023-08-14T14:19:59.293`) +* [CVE-2023-4219](CVE-2023/CVE-2023-42xx/CVE-2023-4219.json) (`2023-08-14T14:22:21.333`) +* [CVE-2023-36344](CVE-2023/CVE-2023-363xx/CVE-2023-36344.json) (`2023-08-14T14:26:15.637`) +* [CVE-2023-4242](CVE-2023/CVE-2023-42xx/CVE-2023-4242.json) (`2023-08-14T15:27:47.553`) +* [CVE-2023-4243](CVE-2023/CVE-2023-42xx/CVE-2023-4243.json) (`2023-08-14T15:36:35.827`) +* [CVE-2023-33250](CVE-2023/CVE-2023-332xx/CVE-2023-33250.json) (`2023-08-14T15:39:54.390`) +* [CVE-2023-38211](CVE-2023/CVE-2023-382xx/CVE-2023-38211.json) (`2023-08-14T15:43:46.457`) +* [CVE-2023-38212](CVE-2023/CVE-2023-382xx/CVE-2023-38212.json) (`2023-08-14T15:45:21.187`) +* [CVE-2023-30679](CVE-2023/CVE-2023-306xx/CVE-2023-30679.json) (`2023-08-14T15:52:31.787`) +* [CVE-2023-30680](CVE-2023/CVE-2023-306xx/CVE-2023-30680.json) (`2023-08-14T15:53:53.710`) +* [CVE-2023-30688](CVE-2023/CVE-2023-306xx/CVE-2023-30688.json) (`2023-08-14T15:58:58.917`) ## Download and Usage