-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Auto-Update: 2023-12-26T19:00:24.160512+00:00
- Loading branch information
1 parent
f23ab02
commit 07b2224
Showing
22 changed files
with
561 additions
and
197 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,88 @@ | ||
| { | ||
| "id": "CVE-2015-10127", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2023-12-26T17:15:07.923", | ||
| "lastModified": "2023-12-26T17:15:07.923", | ||
| "vulnStatus": "Received", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "A vulnerability was found in PlusCaptcha Plugin up to 2.0.6 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 2.0.14 is able to address this issue. The patch is identified as 1274afc635170daafd38306487b6bb8a01f78ecd. It is recommended to upgrade the affected component. VDB-248954 is the identifier assigned to this vulnerability." | ||
| } | ||
| ], | ||
| "metrics": { | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", | ||
| "attackVector": "NETWORK", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "LOW", | ||
| "userInteraction": "REQUIRED", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "NONE", | ||
| "integrityImpact": "LOW", | ||
| "availabilityImpact": "NONE", | ||
| "baseScore": 3.5, | ||
| "baseSeverity": "LOW" | ||
| }, | ||
| "exploitabilityScore": 2.1, | ||
| "impactScore": 1.4 | ||
| } | ||
| ], | ||
| "cvssMetricV2": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "2.0", | ||
| "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", | ||
| "accessVector": "NETWORK", | ||
| "accessComplexity": "LOW", | ||
| "authentication": "SINGLE", | ||
| "confidentialityImpact": "NONE", | ||
| "integrityImpact": "PARTIAL", | ||
| "availabilityImpact": "NONE", | ||
| "baseScore": 4.0 | ||
| }, | ||
| "baseSeverity": "MEDIUM", | ||
| "exploitabilityScore": 8.0, | ||
| "impactScore": 2.9, | ||
| "acInsufInfo": false, | ||
| "obtainAllPrivilege": false, | ||
| "obtainUserPrivilege": false, | ||
| "obtainOtherPrivilege": false, | ||
| "userInteractionRequired": false | ||
| } | ||
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Primary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-79" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://github.com/wp-plugins/pluscaptcha/commit/1274afc635170daafd38306487b6bb8a01f78ecd", | ||
| "source": "[email protected]" | ||
| }, | ||
| { | ||
| "url": "https://vuldb.com/?ctiid.248954", | ||
| "source": "[email protected]" | ||
| }, | ||
| { | ||
| "url": "https://vuldb.com/?id.248954", | ||
| "source": "[email protected]" | ||
| } | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,79 +2,14 @@ | |
| "id": "CVE-2023-32785", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2023-10-20T22:15:10.497", | ||
| "lastModified": "2023-10-27T21:44:09.590", | ||
| "vulnStatus": "Analyzed", | ||
| "lastModified": "2023-12-26T18:15:07.743", | ||
| "vulnStatus": "Rejected", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "In Langchain through 0.0.155, prompt injection allows execution of arbitrary code against the SQL service provided by the chain." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
| "value": "En Langchain hasta 0.0.155, la inyecci\u00f3n r\u00e1pida permite la ejecuci\u00f3n de c\u00f3digo arbitrario contra el servicio SQL proporcionado por la cadena." | ||
| "value": "Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-36189. Reason: This record is a duplicate of CVE-2023-36189. Notes: All CVE users should reference CVE-2023-36189 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage." | ||
| } | ||
| ], | ||
| "metrics": { | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Primary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", | ||
| "attackVector": "NETWORK", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "NONE", | ||
| "userInteraction": "NONE", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "HIGH", | ||
| "integrityImpact": "HIGH", | ||
| "availabilityImpact": "HIGH", | ||
| "baseScore": 9.8, | ||
| "baseSeverity": "CRITICAL" | ||
| }, | ||
| "exploitabilityScore": 3.9, | ||
| "impactScore": 5.9 | ||
| } | ||
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Primary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-74" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "configurations": [ | ||
| { | ||
| "nodes": [ | ||
| { | ||
| "operator": "OR", | ||
| "negate": false, | ||
| "cpeMatch": [ | ||
| { | ||
| "vulnerable": true, | ||
| "criteria": "cpe:2.3:a:langchain:langchain:*:*:*:*:*:*:*:*", | ||
| "versionEndIncluding": "0.0.155", | ||
| "matchCriteriaId": "02E32772-8A62-461E-A121-F894FD16B540" | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://gist.github.com/rharang/9c58d39db8c01db5b7c888e467c0533f", | ||
| "source": "[email protected]", | ||
| "tags": [ | ||
| "Third Party Advisory" | ||
| ] | ||
| } | ||
| ] | ||
| "metrics": {}, | ||
| "references": [] | ||
| } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,7 +2,7 @@ | |
| "id": "CVE-2023-36189", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2023-07-06T14:15:10.707", | ||
| "lastModified": "2023-12-06T21:15:08.250", | ||
| "lastModified": "2023-12-26T18:15:07.903", | ||
| "vulnStatus": "Modified", | ||
| "descriptions": [ | ||
| { | ||
|
|
@@ -64,6 +64,10 @@ | |
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://gist.github.com/rharang/9c58d39db8c01db5b7c888e467c0533f", | ||
| "source": "[email protected]" | ||
| }, | ||
| { | ||
| "url": "https://github.com/hwchase17/langchain/issues/5923", | ||
| "source": "[email protected]", | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| { | ||
| "id": "CVE-2023-43851", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2023-12-26T18:15:07.987", | ||
| "lastModified": "2023-12-26T18:15:07.987", | ||
| "vulnStatus": "Rejected", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "references": [] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| { | ||
| "id": "CVE-2023-45251", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2023-12-26T18:15:08.030", | ||
| "lastModified": "2023-12-26T18:15:08.030", | ||
| "vulnStatus": "Rejected", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "references": [] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| { | ||
| "id": "CVE-2023-51090", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2023-12-26T18:15:08.073", | ||
| "lastModified": "2023-12-26T18:15:08.073", | ||
| "vulnStatus": "Received", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formGetWeiXinConfig." | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "references": [ | ||
| { | ||
| "url": "https://github.com/GD008/TENDA/blob/main/M3/getWeiXinConfig/M3_getWeiXinConfig.md", | ||
| "source": "[email protected]" | ||
| } | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| { | ||
| "id": "CVE-2023-51091", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2023-12-26T18:15:08.127", | ||
| "lastModified": "2023-12-26T18:15:08.127", | ||
| "vulnStatus": "Received", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function R7WebsSecurityHandler." | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "references": [ | ||
| { | ||
| "url": "https://github.com/GD008/TENDA/blob/main/M3/cookie/M3_cookie.md", | ||
| "source": "[email protected]" | ||
| } | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| { | ||
| "id": "CVE-2023-51092", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2023-12-26T18:15:08.173", | ||
| "lastModified": "2023-12-26T18:15:08.173", | ||
| "vulnStatus": "Received", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function upgrade." | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "references": [ | ||
| { | ||
| "url": "https://github.com/GD008/TENDA/blob/main/M3/upgrade/M3_upgrade.md", | ||
| "source": "[email protected]" | ||
| } | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| { | ||
| "id": "CVE-2023-51093", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2023-12-26T18:15:08.217", | ||
| "lastModified": "2023-12-26T18:15:08.217", | ||
| "vulnStatus": "Received", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function fromSetLocalVlanInfo." | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "references": [ | ||
| { | ||
| "url": "https://github.com/GD008/TENDA/blob/main/M3/setVlanInfo/M3_setVlanInfo.md", | ||
| "source": "[email protected]" | ||
| } | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| { | ||
| "id": "CVE-2023-51094", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2023-12-26T18:15:08.267", | ||
| "lastModified": "2023-12-26T18:15:08.267", | ||
| "vulnStatus": "Received", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "Tenda M3 V1.0.0.12(4856) was discovered to contain a Command Execution vulnerability via the function TendaTelnet." | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "references": [ | ||
| { | ||
| "url": "https://github.com/GD008/TENDA/blob/main/M3/telnet/M3_telnet.md", | ||
| "source": "[email protected]" | ||
| } | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| { | ||
| "id": "CVE-2023-51095", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2023-12-26T17:15:08.293", | ||
| "lastModified": "2023-12-26T17:15:08.293", | ||
| "vulnStatus": "Received", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formDelWlRfPolicy." | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "references": [ | ||
| { | ||
| "url": "https://github.com/GD008/TENDA/blob/main/M3/delWlPolicyData/M3_delWlPolicyData.md", | ||
| "source": "[email protected]" | ||
| } | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| { | ||
| "id": "CVE-2023-51097", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2023-12-26T18:15:08.317", | ||
| "lastModified": "2023-12-26T18:15:08.317", | ||
| "vulnStatus": "Received", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formSetAutoPing." | ||
| } | ||
| ], | ||
| "metrics": {}, | ||
| "references": [ | ||
| { | ||
| "url": "https://github.com/GD008/TENDA/blob/main/W9/W9_setAutoPing/W9_setAutoPing.md", | ||
| "source": "[email protected]" | ||
| } | ||
| ] | ||
| } |
Oops, something went wrong.