diff --git a/CVE-2012/CVE-2012-100xx/CVE-2012-10017.json b/CVE-2012/CVE-2012-100xx/CVE-2012-10017.json index 181e28742d8..ba2c153669b 100644 --- a/CVE-2012/CVE-2012-100xx/CVE-2012-10017.json +++ b/CVE-2012/CVE-2012-100xx/CVE-2012-10017.json @@ -2,12 +2,16 @@ "id": "CVE-2012-10017", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-26T10:15:07.483", - "lastModified": "2023-12-26T10:15:07.483", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in BestWebSoft Portfolio Plugin up to 2.04 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 2.06 is able to address this issue. The patch is named 68af950330c3202a706f0ae9bbb52ceaa17dda9d. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-248955." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad en BestWebSoft Portfolio Plugin hasta 2.04 en WordPress. Ha sido clasificada como problem\u00e1tica. Esto afecta a una parte desconocida. La manipulaci\u00f3n conduce a cross-site request forgery. Es posible iniciar el ataque de forma remota. La actualizaci\u00f3n a la versi\u00f3n 2.06 puede solucionar este problema. El parche se llama 68af950330c3202a706f0ae9bbb52ceaa17dda9d. Se recomienda actualizar el componente afectado. El identificador asociado de esta vulnerabilidad es VDB-248955." } ], "metrics": { diff --git a/CVE-2014/CVE-2014-1251xx/CVE-2014-125109.json b/CVE-2014/CVE-2014-1251xx/CVE-2014-125109.json index 04adfca9e72..ad28b4093f3 100644 --- a/CVE-2014/CVE-2014-1251xx/CVE-2014-125109.json +++ b/CVE-2014/CVE-2014-1251xx/CVE-2014-125109.json @@ -2,8 +2,8 @@ "id": "CVE-2014-125109", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-26T15:15:08.010", - "lastModified": "2023-12-26T15:15:08.010", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2015/CVE-2015-101xx/CVE-2015-10127.json b/CVE-2015/CVE-2015-101xx/CVE-2015-10127.json index acf8bd7faf0..5f447f37a55 100644 --- a/CVE-2015/CVE-2015-101xx/CVE-2015-10127.json +++ b/CVE-2015/CVE-2015-101xx/CVE-2015-10127.json @@ -2,8 +2,8 @@ "id": "CVE-2015-10127", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-26T17:15:07.923", - "lastModified": "2023-12-26T17:15:07.923", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2016/CVE-2016-108xx/CVE-2016-10890.json b/CVE-2016/CVE-2016-108xx/CVE-2016-10890.json index dd0630d11ee..c32fe93dbc3 100644 --- a/CVE-2016/CVE-2016-108xx/CVE-2016-10890.json +++ b/CVE-2016/CVE-2016-108xx/CVE-2016-10890.json @@ -2,7 +2,7 @@ "id": "CVE-2016-10890", "sourceIdentifier": "cve@mitre.org", "published": "2019-08-21T19:15:12.340", - "lastModified": "2019-08-22T18:30:11.313", + "lastModified": "2023-12-26T19:56:27.157", "vulnStatus": "Analyzed", "descriptions": [ { @@ -84,9 +84,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:activity_log_project:activity_log:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:pojo:activity_log:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "2.3.2", - "matchCriteriaId": "BAF29181-D6BC-4EF5-B88A-D94FCD5E1589" + "matchCriteriaId": "B5F3A5EB-032F-4CEE-8011-BEBD4E5921B7" } ] } diff --git a/CVE-2016/CVE-2016-108xx/CVE-2016-10891.json b/CVE-2016/CVE-2016-108xx/CVE-2016-10891.json index 786720e6aa1..22468b658c0 100644 --- a/CVE-2016/CVE-2016-108xx/CVE-2016-10891.json +++ b/CVE-2016/CVE-2016-108xx/CVE-2016-10891.json @@ -2,7 +2,7 @@ "id": "CVE-2016-10891", "sourceIdentifier": "cve@mitre.org", "published": "2019-08-21T19:15:12.403", - "lastModified": "2019-08-22T18:30:26.830", + "lastModified": "2023-12-26T19:56:27.157", "vulnStatus": "Analyzed", "descriptions": [ { @@ -84,9 +84,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:activity_log_project:activity_log:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:pojo:activity_log:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "2.3.3", - "matchCriteriaId": "984EC9CF-049B-4E26-8EAC-75B6217B5607" + "matchCriteriaId": "A87B55B8-2D37-4A3C-9B59-529EFD0EC923" } ] } diff --git a/CVE-2018/CVE-2018-87xx/CVE-2018-8729.json b/CVE-2018/CVE-2018-87xx/CVE-2018-8729.json index e301f1c4cce..031c715a9f6 100644 --- a/CVE-2018/CVE-2018-87xx/CVE-2018-8729.json +++ b/CVE-2018/CVE-2018-87xx/CVE-2018-8729.json @@ -2,7 +2,7 @@ "id": "CVE-2018-8729", "sourceIdentifier": "cve@mitre.org", "published": "2018-03-15T17:29:00.210", - "lastModified": "2019-02-28T13:25:58.307", + "lastModified": "2023-12-26T19:56:27.157", "vulnStatus": "Analyzed", "descriptions": [ { @@ -84,9 +84,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:activity_log_project:activity_log:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:pojo:activity_log:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "2.4.1", - "matchCriteriaId": "DEC9B0E5-48E9-47E4-8A8E-452B771F507C" + "matchCriteriaId": "315028FB-E4B7-4F9F-A37A-85B7C0314EDC" } ] } diff --git a/CVE-2020/CVE-2020-71xx/CVE-2020-7121.json b/CVE-2020/CVE-2020-71xx/CVE-2020-7121.json index c0e3f66a04d..e8ec9c91e4f 100644 --- a/CVE-2020/CVE-2020-71xx/CVE-2020-7121.json +++ b/CVE-2020/CVE-2020-71xx/CVE-2020-7121.json @@ -2,7 +2,7 @@ "id": "CVE-2020-7121", "sourceIdentifier": "security-alert@hpe.com", "published": "2020-09-23T13:15:16.030", - "lastModified": "2021-07-21T11:39:23.747", + "lastModified": "2023-12-26T19:56:27.157", "vulnStatus": "Analyzed", "descriptions": [ { @@ -85,9 +85,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:aruba:cx_6200f_firmware:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:o:arubanetworks:cx_6200f_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "10.04.3021", - "matchCriteriaId": "10FA7A45-DCD7-4FD6-AF8F-3F673E14F504" + "matchCriteriaId": "A77C7E5B-3EAB-4A52-99CF-D2C07B1EA823" } ] }, @@ -113,9 +113,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:aruba:cx_6300_firmware:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:o:arubanetworks:cx_6300_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "10.04.3021", - "matchCriteriaId": "BAF1CE95-3E01-47F6-9784-F0F14758862E" + "matchCriteriaId": "81F5C8F4-D85F-42C9-96F7-CD91DAA94FF0" } ] }, @@ -141,9 +141,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:aruba:cx_6400_firmware:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:o:arubanetworks:cx_6400_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "10.04.3021", - "matchCriteriaId": "12A59D68-3905-4ECB-9C9D-F8B53B6C58C3" + "matchCriteriaId": "C4BC17A7-2155-4A01-837B-05992EABD0D1" } ] }, @@ -169,9 +169,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:aruba:cx_8320_firmware:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:o:arubanetworks:cx_8320_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "10.04.3021", - "matchCriteriaId": "D17E4F12-F8AF-4257-A66F-3D637FD778A4" + "matchCriteriaId": "0123075E-D9A9-46F4-B857-A05ABBED38B5" } ] }, @@ -197,9 +197,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:aruba:cx_8325_firmware:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:o:arubanetworks:cx_8325_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "10.04.3021", - "matchCriteriaId": "60913FA8-2459-4531-9BDA-23CBBD35FF4C" + "matchCriteriaId": "D88D164C-70ED-48F4-BF0D-595A27F81B12" } ] }, @@ -225,9 +225,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:aruba:cx_8400_firmware:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:o:arubanetworks:cx_8400_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "10.04.3021", - "matchCriteriaId": "F25AA559-8957-4A91-9B66-8AEEFE99B9BD" + "matchCriteriaId": "0504A5A3-A49A-4DEA-9B26-85CD6545932B" } ] }, diff --git a/CVE-2020/CVE-2020-71xx/CVE-2020-7122.json b/CVE-2020/CVE-2020-71xx/CVE-2020-7122.json index 7956d826c4f..34a10edfbf9 100644 --- a/CVE-2020/CVE-2020-71xx/CVE-2020-7122.json +++ b/CVE-2020/CVE-2020-71xx/CVE-2020-7122.json @@ -2,7 +2,7 @@ "id": "CVE-2020-7122", "sourceIdentifier": "security-alert@hpe.com", "published": "2020-09-23T13:15:16.093", - "lastModified": "2021-07-21T11:39:23.747", + "lastModified": "2023-12-26T19:56:27.157", "vulnStatus": "Analyzed", "descriptions": [ { @@ -85,9 +85,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:aruba:cx_6200f_firmware:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:o:arubanetworks:cx_6200f_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "10.04.1000", - "matchCriteriaId": "8AAAB31C-A0A1-4D15-841C-05FC8B990DC3" + "matchCriteriaId": "A132767A-E9B9-477E-BAAF-A831694F1FC4" } ] }, @@ -113,9 +113,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:aruba:cx_6300_firmware:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:o:arubanetworks:cx_6300_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "10.04.1000", - "matchCriteriaId": "0B235A1B-2E4D-4E53-BFC2-4837E47F2D50" + "matchCriteriaId": "36CB053C-FA12-4065-BC40-FFE6E0B25B00" } ] }, @@ -141,9 +141,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:aruba:cx_6400_firmware:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:o:arubanetworks:cx_6400_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "10.04.1000", - "matchCriteriaId": "13DEA0B1-4F1E-4CE4-8E9E-30ABE93FDD78" + "matchCriteriaId": "270EC51F-3CEC-45C1-9E0F-5D38EB550106" } ] }, @@ -169,9 +169,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:aruba:cx_8320_firmware:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:o:arubanetworks:cx_8320_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "10.04.1000", - "matchCriteriaId": "5F999F3F-596E-4C70-9CC6-757870D1C42A" + "matchCriteriaId": "CE87AAEE-644E-4699-B639-B4CE94D503A5" } ] }, @@ -197,9 +197,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:aruba:cx_8325_firmware:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:o:arubanetworks:cx_8325_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "10.04.1000", - "matchCriteriaId": "07866896-5774-489B-9760-7E0BA19BE2B8" + "matchCriteriaId": "9A5483EC-74BF-4C0D-A751-23C9ED42E29A" } ] }, @@ -225,9 +225,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:o:aruba:cx_8400_firmware:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:o:arubanetworks:cx_8400_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "10.04.1000", - "matchCriteriaId": "CBB5C3C1-CEE4-4292-BD22-1F7627250057" + "matchCriteriaId": "B2BFEE7A-D4CC-45BF-B277-8C9849A7F616" } ] }, diff --git a/CVE-2021/CVE-2021-389xx/CVE-2021-38927.json b/CVE-2021/CVE-2021-389xx/CVE-2021-38927.json index 7a22b827aad..ffd3de3012b 100644 --- a/CVE-2021/CVE-2021-389xx/CVE-2021-38927.json +++ b/CVE-2021/CVE-2021-389xx/CVE-2021-38927.json @@ -2,12 +2,16 @@ "id": "CVE-2021-38927", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-12-25T03:15:07.943", - "lastModified": "2023-12-25T03:15:07.943", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "IBM Aspera Console 3.4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 210322." + }, + { + "lang": "es", + "value": "IBM Aspera Console 3.4.0 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar c\u00f3digo JavaScript arbitrario en la interfaz de usuario web, alterando as\u00ed la funcionalidad prevista, lo que podr\u00eda conducir a la divulgaci\u00f3n de credenciales dentro de una sesi\u00f3n confiable. ID de IBM X-Force: 210322." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-342xx/CVE-2022-34267.json b/CVE-2022/CVE-2022-342xx/CVE-2022-34267.json index 2f8490631e1..bb73d781374 100644 --- a/CVE-2022/CVE-2022-342xx/CVE-2022-34267.json +++ b/CVE-2022/CVE-2022-342xx/CVE-2022-34267.json @@ -2,12 +2,16 @@ "id": "CVE-2022-34267", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T08:15:07.200", - "lastModified": "2023-12-25T08:15:07.200", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue was discovered in RWS WorldServer before 11.7.3. Adding a token parameter with the value of 02 bypasses all authentication requirements. Arbitrary Java code can be uploaded and executed via a .jar archive to the ws-api/v2/customizations/api endpoint." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en RWS WorldServer antes de la versi\u00f3n 11.7.3. Agregar un par\u00e1metro de token con el valor 02 omite todos los requisitos de autenticaci\u00f3n. Se puede cargar y ejecutar c\u00f3digo Java arbitrario a trav\u00e9s de un archivo .jar en el punto final ws-api/v2/customizations/api." } ], "metrics": {}, diff --git a/CVE-2022/CVE-2022-342xx/CVE-2022-34268.json b/CVE-2022/CVE-2022-342xx/CVE-2022-34268.json index cbae73913e2..b16b4a93e00 100644 --- a/CVE-2022/CVE-2022-342xx/CVE-2022-34268.json +++ b/CVE-2022/CVE-2022-342xx/CVE-2022-34268.json @@ -2,12 +2,16 @@ "id": "CVE-2022-34268", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T08:15:07.353", - "lastModified": "2023-12-25T08:15:07.353", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue was discovered in RWS WorldServer before 11.7.3. /clientLogin deserializes Java objects without authentication, leading to command execution on the host." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en RWS WorldServer antes de la versi\u00f3n 11.7.3. /clientLogin deserializa los objetos Java sin autenticaci\u00f3n, lo que lleva a ejecuci\u00f3n de comandos en el host." } ], "metrics": {}, diff --git a/CVE-2022/CVE-2022-34xx/CVE-2022-3458.json b/CVE-2022/CVE-2022-34xx/CVE-2022-3458.json index bc0037127e6..19d167e8b93 100644 --- a/CVE-2022/CVE-2022-34xx/CVE-2022-3458.json +++ b/CVE-2022/CVE-2022-34xx/CVE-2022-3458.json @@ -2,7 +2,7 @@ "id": "CVE-2022-3458", "sourceIdentifier": "cna@vuldb.com", "published": "2022-10-12T07:15:08.947", - "lastModified": "2023-11-07T03:51:16.703", + "lastModified": "2023-12-26T19:56:27.157", "vulnStatus": "Modified", "descriptions": [ { @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -60,7 +60,7 @@ }, "weaknesses": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Primary", "description": [ { @@ -79,8 +79,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:human_resource_management_system_project:human_resource_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F568F825-03F3-4EA1-8140-AD0DCA462881" + "criteria": "cpe:2.3:a:oretnom23:human_resource_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DB20CFC6-02D1-4450-93F7-8C2BF9847907" } ] } diff --git a/CVE-2022/CVE-2022-34xx/CVE-2022-3470.json b/CVE-2022/CVE-2022-34xx/CVE-2022-3470.json index ffdcdd3aae2..c9ba10e89be 100644 --- a/CVE-2022/CVE-2022-34xx/CVE-2022-3470.json +++ b/CVE-2022/CVE-2022-34xx/CVE-2022-3470.json @@ -2,7 +2,7 @@ "id": "CVE-2022-3470", "sourceIdentifier": "cna@vuldb.com", "published": "2022-10-13T04:15:10.663", - "lastModified": "2023-11-07T03:51:17.760", + "lastModified": "2023-12-26T19:56:27.157", "vulnStatus": "Modified", "descriptions": [ { @@ -37,7 +37,7 @@ "impactScore": 3.6 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -60,7 +60,7 @@ }, "weaknesses": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Primary", "description": [ { @@ -79,8 +79,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:human_resource_management_system_project:human_resource_management_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C5C133F-B37C-426F-AD4A-AB08AE877278" + "criteria": "cpe:2.3:a:oretnom23:human_resource_management_system:-:*:*:*:*:*:*:*", + "matchCriteriaId": "81ABE38B-3546-42D5-AE86-792E08CD3472" } ] } diff --git a/CVE-2022/CVE-2022-34xx/CVE-2022-3472.json b/CVE-2022/CVE-2022-34xx/CVE-2022-3472.json index fc7d7a15dcc..ab73aeaad51 100644 --- a/CVE-2022/CVE-2022-34xx/CVE-2022-3472.json +++ b/CVE-2022/CVE-2022-34xx/CVE-2022-3472.json @@ -2,7 +2,7 @@ "id": "CVE-2022-3472", "sourceIdentifier": "cna@vuldb.com", "published": "2022-10-13T04:15:10.853", - "lastModified": "2023-11-07T03:51:18.063", + "lastModified": "2023-12-26T19:56:27.157", "vulnStatus": "Modified", "descriptions": [ { @@ -37,7 +37,7 @@ "impactScore": 3.6 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -60,7 +60,7 @@ }, "weaknesses": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Primary", "description": [ { @@ -79,8 +79,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:human_resource_management_system_project:human_resource_management_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C5C133F-B37C-426F-AD4A-AB08AE877278" + "criteria": "cpe:2.3:a:oretnom23:human_resource_management_system:-:*:*:*:*:*:*:*", + "matchCriteriaId": "81ABE38B-3546-42D5-AE86-792E08CD3472" } ] } diff --git a/CVE-2022/CVE-2022-34xx/CVE-2022-3473.json b/CVE-2022/CVE-2022-34xx/CVE-2022-3473.json index ec3b79db146..3f0e705bc4a 100644 --- a/CVE-2022/CVE-2022-34xx/CVE-2022-3473.json +++ b/CVE-2022/CVE-2022-34xx/CVE-2022-3473.json @@ -2,7 +2,7 @@ "id": "CVE-2022-3473", "sourceIdentifier": "cna@vuldb.com", "published": "2022-10-13T04:15:10.943", - "lastModified": "2023-11-07T03:51:18.203", + "lastModified": "2023-12-26T19:56:27.157", "vulnStatus": "Modified", "descriptions": [ { @@ -37,7 +37,7 @@ "impactScore": 3.6 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -60,7 +60,7 @@ }, "weaknesses": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Primary", "description": [ { @@ -79,8 +79,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:human_resource_management_system_project:human_resource_management_system:-:*:*:*:*:*:*:*", - "matchCriteriaId": "0C5C133F-B37C-426F-AD4A-AB08AE877278" + "criteria": "cpe:2.3:a:oretnom23:human_resource_management_system:-:*:*:*:*:*:*:*", + "matchCriteriaId": "81ABE38B-3546-42D5-AE86-792E08CD3472" } ] } diff --git a/CVE-2022/CVE-2022-34xx/CVE-2022-3492.json b/CVE-2022/CVE-2022-34xx/CVE-2022-3492.json index 27770cd7109..d45dfbf12a3 100644 --- a/CVE-2022/CVE-2022-34xx/CVE-2022-3492.json +++ b/CVE-2022/CVE-2022-34xx/CVE-2022-3492.json @@ -2,7 +2,7 @@ "id": "CVE-2022-3492", "sourceIdentifier": "cna@vuldb.com", "published": "2022-10-13T16:15:09.470", - "lastModified": "2023-11-07T03:51:19.453", + "lastModified": "2023-12-26T19:56:27.157", "vulnStatus": "Modified", "descriptions": [ { @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -60,7 +60,7 @@ }, "weaknesses": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Primary", "description": [ { @@ -79,8 +79,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:human_resource_management_system_project:human_resource_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F568F825-03F3-4EA1-8140-AD0DCA462881" + "criteria": "cpe:2.3:a:oretnom23:human_resource_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DB20CFC6-02D1-4450-93F7-8C2BF9847907" } ] } diff --git a/CVE-2022/CVE-2022-34xx/CVE-2022-3493.json b/CVE-2022/CVE-2022-34xx/CVE-2022-3493.json index c39469e4baa..352bf815fa4 100644 --- a/CVE-2022/CVE-2022-34xx/CVE-2022-3493.json +++ b/CVE-2022/CVE-2022-34xx/CVE-2022-3493.json @@ -2,7 +2,7 @@ "id": "CVE-2022-3493", "sourceIdentifier": "cna@vuldb.com", "published": "2022-10-13T16:15:09.560", - "lastModified": "2023-11-07T03:51:19.600", + "lastModified": "2023-12-26T19:56:27.157", "vulnStatus": "Modified", "descriptions": [ { @@ -37,7 +37,7 @@ "impactScore": 2.7 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -60,7 +60,7 @@ }, "weaknesses": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Primary", "description": [ { @@ -79,8 +79,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:human_resource_management_system_project:human_resource_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F568F825-03F3-4EA1-8140-AD0DCA462881" + "criteria": "cpe:2.3:a:oretnom23:human_resource_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DB20CFC6-02D1-4450-93F7-8C2BF9847907" } ] } diff --git a/CVE-2022/CVE-2022-34xx/CVE-2022-3496.json b/CVE-2022/CVE-2022-34xx/CVE-2022-3496.json index c610e6849e7..c3c2a4599b8 100644 --- a/CVE-2022/CVE-2022-34xx/CVE-2022-3496.json +++ b/CVE-2022/CVE-2022-34xx/CVE-2022-3496.json @@ -2,7 +2,7 @@ "id": "CVE-2022-3496", "sourceIdentifier": "cna@vuldb.com", "published": "2022-10-14T07:15:09.277", - "lastModified": "2023-11-07T03:51:19.863", + "lastModified": "2023-12-26T19:56:27.157", "vulnStatus": "Modified", "descriptions": [ { @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -70,7 +70,7 @@ ] }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "description": [ { @@ -89,8 +89,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:human_resource_management_system_project:human_resource_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F568F825-03F3-4EA1-8140-AD0DCA462881" + "criteria": "cpe:2.3:a:oretnom23:human_resource_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DB20CFC6-02D1-4450-93F7-8C2BF9847907" } ] } diff --git a/CVE-2022/CVE-2022-35xx/CVE-2022-3502.json b/CVE-2022/CVE-2022-35xx/CVE-2022-3502.json index f87d5a3e525..ab57f022733 100644 --- a/CVE-2022/CVE-2022-35xx/CVE-2022-3502.json +++ b/CVE-2022/CVE-2022-35xx/CVE-2022-3502.json @@ -2,7 +2,7 @@ "id": "CVE-2022-3502", "sourceIdentifier": "cna@vuldb.com", "published": "2022-10-14T11:15:09.693", - "lastModified": "2023-11-07T03:51:20.303", + "lastModified": "2023-12-26T19:56:27.157", "vulnStatus": "Modified", "descriptions": [ { @@ -37,7 +37,7 @@ "impactScore": 2.7 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -60,7 +60,7 @@ }, "weaknesses": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Primary", "description": [ { @@ -79,8 +79,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:human_resource_management_system_project:human_resource_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F568F825-03F3-4EA1-8140-AD0DCA462881" + "criteria": "cpe:2.3:a:oretnom23:human_resource_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DB20CFC6-02D1-4450-93F7-8C2BF9847907" } ] } diff --git a/CVE-2022/CVE-2022-398xx/CVE-2022-39818.json b/CVE-2022/CVE-2022-398xx/CVE-2022-39818.json index 5e7008ba3c1..c0b860e4bc0 100644 --- a/CVE-2022/CVE-2022-398xx/CVE-2022-39818.json +++ b/CVE-2022/CVE-2022-398xx/CVE-2022-39818.json @@ -2,12 +2,16 @@ "id": "CVE-2022-39818", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T06:15:07.880", - "lastModified": "2023-12-25T06:15:07.880", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In NOKIA NFM-T R19.9, an OS Command Injection vulnerability occurs in /cgi-bin/R19.9/log.pl of the VM Manager WebUI via the cmd HTTP GET parameter. This allows authenticated users to execute commands, with root privileges, on the operating system." + }, + { + "lang": "es", + "value": "En NOKIA NFM-T R19.9, se produce una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en /cgi-bin/R19.9/log.pl de la interfaz web de VM Manager a trav\u00e9s del par\u00e1metro cmd HTTP GET. Esto permite a los usuarios autenticados ejecutar comandos, con privilegios de root, en el sistema operativo." } ], "metrics": {}, diff --git a/CVE-2022/CVE-2022-398xx/CVE-2022-39820.json b/CVE-2022/CVE-2022-398xx/CVE-2022-39820.json index 2c5f1a1f79b..d69a240f261 100644 --- a/CVE-2022/CVE-2022-398xx/CVE-2022-39820.json +++ b/CVE-2022/CVE-2022-398xx/CVE-2022-39820.json @@ -2,12 +2,16 @@ "id": "CVE-2022-39820", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T06:15:08.013", - "lastModified": "2023-12-25T06:15:08.013", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In Network Element Manager in NOKIA NFM-T R19.9, an Unprotected Storage of Credentials vulnerability occurs under /root/RestUploadManager.xml.DRC and /DEPOT/KECustom_199/OTNE_DRC/RestUploadManager.xml. A remote user, authenticated to the operating system, with access privileges to the directory /root or /DEPOT, is able to read cleartext credentials to access the web portal NFM-T and control all the PPS Network elements." + }, + { + "lang": "es", + "value": "En Network Element Manager en NOKIA NFM-T R19.9, se produce una vulnerabilidad de almacenamiento de credenciales desprotegidas en /root/RestUploadManager.xml.DRC y /DEPOT/KECustom_199/OTNE_DRC/RestUploadManager.xml. Un usuario remoto, autenticado en el sistema operativo, con privilegios de acceso al directorio /root o /DEPOT, puede leer credenciales en texto plano para acceder al portal web NFM-T y controlar todos los elementos de la red PPS." } ], "metrics": {}, diff --git a/CVE-2022/CVE-2022-398xx/CVE-2022-39822.json b/CVE-2022/CVE-2022-398xx/CVE-2022-39822.json index 6cbe8d507ef..db581352c42 100644 --- a/CVE-2022/CVE-2022-398xx/CVE-2022-39822.json +++ b/CVE-2022/CVE-2022-398xx/CVE-2022-39822.json @@ -2,12 +2,16 @@ "id": "CVE-2022-39822", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T06:15:08.060", - "lastModified": "2023-12-25T06:15:08.060", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In NOKIA NFM-T R19.9, a SQL Injection vulnerability occurs in /cgi-bin/R19.9/easy1350.pl of the VM Manager WebUI via the id or host HTTP GET parameter. An authenticated attacker is required for exploitation." + }, + { + "lang": "es", + "value": "En NOKIA NFM-T R19.9, se produce una vulnerabilidad de inyecci\u00f3n SQL en /cgi-bin/R19.9/easy1350.pl de la interfaz web de VM Manager a trav\u00e9s del par\u00e1metro GET HTTP id o host. Se requiere un atacante autenticado para la explotaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2022/CVE-2022-417xx/CVE-2022-41760.json b/CVE-2022/CVE-2022-417xx/CVE-2022-41760.json index 1f4f862918f..0ef7c8d9488 100644 --- a/CVE-2022/CVE-2022-417xx/CVE-2022-41760.json +++ b/CVE-2022/CVE-2022-417xx/CVE-2022-41760.json @@ -2,12 +2,16 @@ "id": "CVE-2022-41760", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T06:15:08.110", - "lastModified": "2023-12-25T06:15:08.110", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue was discovered in NOKIA NFM-T R19.9. Relative Path Traversal can occur under /oms1350/data/cpb/log of the Network Element Manager via the filename parameter, allowing a remote authenticated attacker to read arbitrary files." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en NOKIA NFM-T R19.9. El Path Traversal relativo puede ocurrir en /oms1350/data/cpb/log de Network Element Manager a trav\u00e9s del par\u00e1metro filename, lo que permite a un atacante remoto autenticado leer archivos arbitrarios." } ], "metrics": {}, diff --git a/CVE-2022/CVE-2022-417xx/CVE-2022-41761.json b/CVE-2022/CVE-2022-417xx/CVE-2022-41761.json index 4cf957af1d9..1caceef0e14 100644 --- a/CVE-2022/CVE-2022-417xx/CVE-2022-41761.json +++ b/CVE-2022/CVE-2022-417xx/CVE-2022-41761.json @@ -2,12 +2,16 @@ "id": "CVE-2022-41761", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T06:15:08.157", - "lastModified": "2023-12-25T06:15:08.157", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue was discovered in NOKIA NFM-T R19.9. An Absolute Path Traversal vulnerability exists under /cgi-bin/R19.9/viewlog.pl of the VM Manager WebUI via the logfile parameter, allowing a remote authenticated attacker to read arbitrary files." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en NOKIA NFM-T R19.9. Existe una vulnerabilidad Absolute Path Traversal en /cgi-bin/R19.9/viewlog.pl de VM Manager WebUI a trav\u00e9s del par\u00e1metro logfile, lo que permite a un atacante remoto autenticado leer archivos arbitrarios." } ], "metrics": {}, diff --git a/CVE-2022/CVE-2022-417xx/CVE-2022-41762.json b/CVE-2022/CVE-2022-417xx/CVE-2022-41762.json index af9e9f4b88e..eb2bd16ff12 100644 --- a/CVE-2022/CVE-2022-417xx/CVE-2022-41762.json +++ b/CVE-2022/CVE-2022-417xx/CVE-2022-41762.json @@ -2,12 +2,16 @@ "id": "CVE-2022-41762", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T06:15:08.203", - "lastModified": "2023-12-25T06:15:08.203", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue was discovered in NOKIA NFM-T R19.9. Multiple Reflected XSS vulnerabilities exist in the Network Element Manager via any parameter to log.pl, the bench or pid parameter to top.pl, or the id parameter to easy1350.pl." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en NOKIA NFM-T R19.9. Existen m\u00faltiples vulnerabilidades de XSS reflejado en Network Element Manager a trav\u00e9s de cualquier par\u00e1metro de log.pl, el par\u00e1metro bench o pid de top.pl o el par\u00e1metro id de easy1350.pl." } ], "metrics": {}, diff --git a/CVE-2022/CVE-2022-42xx/CVE-2022-4273.json b/CVE-2022/CVE-2022-42xx/CVE-2022-4273.json index 2d89bc187ae..3c64a4ec0ac 100644 --- a/CVE-2022/CVE-2022-42xx/CVE-2022-4273.json +++ b/CVE-2022/CVE-2022-42xx/CVE-2022-4273.json @@ -2,7 +2,7 @@ "id": "CVE-2022-4273", "sourceIdentifier": "cna@vuldb.com", "published": "2022-12-03T09:15:10.207", - "lastModified": "2023-11-07T03:57:22.470", + "lastModified": "2023-12-26T19:56:27.157", "vulnStatus": "Modified", "descriptions": [ { @@ -33,7 +33,7 @@ "impactScore": 5.9 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -66,7 +66,7 @@ ] }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "description": [ { @@ -85,8 +85,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:human_resource_management_system_project:human_resource_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F568F825-03F3-4EA1-8140-AD0DCA462881" + "criteria": "cpe:2.3:a:oretnom23:human_resource_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DB20CFC6-02D1-4450-93F7-8C2BF9847907" } ] } diff --git a/CVE-2022/CVE-2022-42xx/CVE-2022-4278.json b/CVE-2022/CVE-2022-42xx/CVE-2022-4278.json index 17a4283179d..7850b8172ab 100644 --- a/CVE-2022/CVE-2022-42xx/CVE-2022-4278.json +++ b/CVE-2022/CVE-2022-42xx/CVE-2022-4278.json @@ -2,7 +2,7 @@ "id": "CVE-2022-4278", "sourceIdentifier": "cna@vuldb.com", "published": "2022-12-03T18:15:10.083", - "lastModified": "2023-11-07T03:57:23.883", + "lastModified": "2023-12-26T19:56:27.157", "vulnStatus": "Modified", "descriptions": [ { @@ -33,7 +33,7 @@ "impactScore": 5.9 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -66,7 +66,7 @@ ] }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "description": [ { @@ -85,8 +85,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:human_resource_management_system_project:human_resource_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F568F825-03F3-4EA1-8140-AD0DCA462881" + "criteria": "cpe:2.3:a:oretnom23:human_resource_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DB20CFC6-02D1-4450-93F7-8C2BF9847907" } ] } diff --git a/CVE-2022/CVE-2022-42xx/CVE-2022-4279.json b/CVE-2022/CVE-2022-42xx/CVE-2022-4279.json index 463501fe97e..00b8863a98a 100644 --- a/CVE-2022/CVE-2022-42xx/CVE-2022-4279.json +++ b/CVE-2022/CVE-2022-42xx/CVE-2022-4279.json @@ -2,7 +2,7 @@ "id": "CVE-2022-4279", "sourceIdentifier": "cna@vuldb.com", "published": "2022-12-03T18:15:10.163", - "lastModified": "2023-11-07T03:57:24.133", + "lastModified": "2023-12-26T19:56:27.157", "vulnStatus": "Modified", "descriptions": [ { @@ -33,7 +33,7 @@ "impactScore": 2.7 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -66,7 +66,7 @@ ] }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "description": [ { @@ -85,8 +85,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:human_resource_management_system_project:human_resource_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F568F825-03F3-4EA1-8140-AD0DCA462881" + "criteria": "cpe:2.3:a:oretnom23:human_resource_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DB20CFC6-02D1-4450-93F7-8C2BF9847907" } ] } diff --git a/CVE-2022/CVE-2022-432xx/CVE-2022-43262.json b/CVE-2022/CVE-2022-432xx/CVE-2022-43262.json index bd6e37d3c31..bfb789ea37d 100644 --- a/CVE-2022/CVE-2022-432xx/CVE-2022-43262.json +++ b/CVE-2022/CVE-2022-432xx/CVE-2022-43262.json @@ -2,12 +2,16 @@ "id": "CVE-2022-43262", "sourceIdentifier": "cve@mitre.org", "published": "2022-11-16T15:15:16.440", - "lastModified": "2022-11-16T19:40:45.003", + "lastModified": "2023-12-26T19:56:27.157", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Human Resource Management System v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /hrm/controller/login.php." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Human Resource Management System v1.0 conten\u00eda una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro de contrase\u00f1a en /hrm/controller/login.php." } ], "metrics": { @@ -55,8 +59,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:human_resource_management_system_project:human_resource_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F568F825-03F3-4EA1-8140-AD0DCA462881" + "criteria": "cpe:2.3:a:oretnom23:human_resource_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DB20CFC6-02D1-4450-93F7-8C2BF9847907" } ] } diff --git a/CVE-2022/CVE-2022-433xx/CVE-2022-43317.json b/CVE-2022/CVE-2022-433xx/CVE-2022-43317.json index 25e631356a2..4a8cb53a58a 100644 --- a/CVE-2022/CVE-2022-433xx/CVE-2022-43317.json +++ b/CVE-2022/CVE-2022-433xx/CVE-2022-43317.json @@ -2,12 +2,16 @@ "id": "CVE-2022-43317", "sourceIdentifier": "cve@mitre.org", "published": "2022-11-07T15:15:10.887", - "lastModified": "2022-11-08T16:38:18.897", + "lastModified": "2023-12-26T19:56:27.157", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A cross-site scripting (XSS) vulnerability in /hrm/index.php?msg of Human Resource Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de cross-site scripting (XSS) en /hrm/index.php?msg de Human Resource Management System v1.0 permite a los atacantes ejecutar scripts web o HTML de su elecci\u00f3n a trav\u00e9s de un payload manipulado." } ], "metrics": { @@ -55,8 +59,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:human_resource_management_system_project:human_resource_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F568F825-03F3-4EA1-8140-AD0DCA462881" + "criteria": "cpe:2.3:a:oretnom23:human_resource_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DB20CFC6-02D1-4450-93F7-8C2BF9847907" } ] } diff --git a/CVE-2022/CVE-2022-433xx/CVE-2022-43318.json b/CVE-2022/CVE-2022-433xx/CVE-2022-43318.json index 4cdb8914ece..831a5a5a19a 100644 --- a/CVE-2022/CVE-2022-433xx/CVE-2022-43318.json +++ b/CVE-2022/CVE-2022-433xx/CVE-2022-43318.json @@ -2,12 +2,16 @@ "id": "CVE-2022-43318", "sourceIdentifier": "cve@mitre.org", "published": "2022-11-07T15:15:10.950", - "lastModified": "2022-11-08T16:32:43.253", + "lastModified": "2023-12-26T19:56:27.157", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Human Resource Management System v1.0 was discovered to contain a SQL injection vulnerability via the stateedit parameter at /hrm/state.php." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Human Resource Management System v1.0 conten\u00eda una vulnerabilidad de inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro stateedit en /hrm/state.php." } ], "metrics": { @@ -55,8 +59,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:human_resource_management_system_project:human_resource_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F568F825-03F3-4EA1-8140-AD0DCA462881" + "criteria": "cpe:2.3:a:oretnom23:human_resource_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DB20CFC6-02D1-4450-93F7-8C2BF9847907" } ] } diff --git a/CVE-2022/CVE-2022-436xx/CVE-2022-43675.json b/CVE-2022/CVE-2022-436xx/CVE-2022-43675.json index 1f750bbc532..09906527b5d 100644 --- a/CVE-2022/CVE-2022-436xx/CVE-2022-43675.json +++ b/CVE-2022/CVE-2022-436xx/CVE-2022-43675.json @@ -2,12 +2,16 @@ "id": "CVE-2022-43675", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T06:15:08.253", - "lastModified": "2023-12-25T06:15:08.253", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue was discovered in NOKIA NFM-T R19.9. Reflected XSS in the Network Element Manager exists via /oms1350/pages/otn/cpbLogDisplay via the filename parameter, under /oms1350/pages/otn/connection/E2ERoutingDisplayWithOverLay via the id parameter, and under /oms1350/pages/otn/mainOtn via all parameters." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en NOKIA NFM-T R19.9. El XSS reflejado en Network Element Manager existe a trav\u00e9s de /oms1350/pages/otn/cpbLogDisplay a trav\u00e9s del par\u00e1metro filename, en /oms1350/pages/otn/connection/E2ERoutingDisplayWithOverLay a trav\u00e9s del par\u00e1metro id y en /oms1350/pages/otn/mainOtn a trav\u00e9s de todos los par\u00e1metros." } ], "metrics": {}, diff --git a/CVE-2022/CVE-2022-452xx/CVE-2022-45218.json b/CVE-2022/CVE-2022-452xx/CVE-2022-45218.json index 4abb4158d71..0344a191090 100644 --- a/CVE-2022/CVE-2022-452xx/CVE-2022-45218.json +++ b/CVE-2022/CVE-2022-452xx/CVE-2022-45218.json @@ -2,12 +2,16 @@ "id": "CVE-2022-45218", "sourceIdentifier": "cve@mitre.org", "published": "2022-11-25T17:15:11.287", - "lastModified": "2022-11-29T22:02:25.527", + "lastModified": "2023-12-26T19:56:27.157", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Human Resource Management System v1.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability. This vulnerability is triggered via a crafted payload injected into an authentication error message." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Human Resource Management System v1.0.0 conten\u00eda una vulnerabilidad de cross-site scripting (XSS). Esta vulnerabilidad se activa mediante un payload manipulado que se inyecta en un mensaje de error de autenticaci\u00f3n." } ], "metrics": { @@ -55,8 +59,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:human_resource_management_system_project:human_resource_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F568F825-03F3-4EA1-8140-AD0DCA462881" + "criteria": "cpe:2.3:a:oretnom23:human_resource_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DB20CFC6-02D1-4450-93F7-8C2BF9847907" } ] } diff --git a/CVE-2023/CVE-2023-271xx/CVE-2023-27150.json b/CVE-2023/CVE-2023-271xx/CVE-2023-27150.json index f9a85becb98..bcc2972ca20 100644 --- a/CVE-2023/CVE-2023-271xx/CVE-2023-27150.json +++ b/CVE-2023/CVE-2023-271xx/CVE-2023-27150.json @@ -2,12 +2,16 @@ "id": "CVE-2023-27150", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T04:15:07.713", - "lastModified": "2023-12-26T04:15:07.713", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "openCRX 5.2.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Name field after creation of a Tracker in Manage Activity." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que openCRX 5.2.0 contiene una vulnerabilidad de cross-site scripting (XSS) a trav\u00e9s del campo Name despu\u00e9s de la creaci\u00f3n de un Tracker en Manage Activity." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-286xx/CVE-2023-28616.json b/CVE-2023/CVE-2023-286xx/CVE-2023-28616.json index 390752b5e99..5dbe9d273df 100644 --- a/CVE-2023/CVE-2023-286xx/CVE-2023-28616.json +++ b/CVE-2023/CVE-2023-286xx/CVE-2023-28616.json @@ -2,12 +2,16 @@ "id": "CVE-2023-28616", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T04:15:07.790", - "lastModified": "2023-12-26T04:15:07.790", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue was discovered in Stormshield Network Security (SNS) before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.7.1. It affects user accounts for which the password has an equals sign or space character. The serverd process logs such passwords in cleartext, and potentially sends these logs to the Syslog component." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Stormshield Network Security (SNS) anterior a 4.3.17, 4.4.x a 4.6.x anterior a 4.6.4 y 4.7.x anterior a 4.7.1. Afecta a las cuentas de usuario cuya contrase\u00f1a tiene un signo igual o un espacio. El proceso serverd registra dichas contrase\u00f1as en texto plano y potencialmente env\u00eda estos registros al componente Syslog." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-288xx/CVE-2023-28872.json b/CVE-2023/CVE-2023-288xx/CVE-2023-28872.json index 56360b505a1..059d2a55680 100644 --- a/CVE-2023/CVE-2023-288xx/CVE-2023-28872.json +++ b/CVE-2023/CVE-2023-288xx/CVE-2023-28872.json @@ -2,12 +2,16 @@ "id": "CVE-2023-28872", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T07:15:07.893", - "lastModified": "2023-12-25T07:15:07.893", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Support Assistant in NCP Secure Enterprise Client before 13.10 allows attackers to execute DLL files with SYSTEM privileges by creating a symbolic link from a %LOCALAPPDATA%\\Temp\\NcpSupport* location." + }, + { + "lang": "es", + "value": "Support Assistant en NCP Secure Enterprise Client anterior a 13.10 permite a los atacantes ejecutar archivos DLL con privilegios de SYSTEM creando un enlace simb\u00f3lico desde una ubicaci\u00f3n %LOCALAPPDATA%\\Temp\\NcpSupport*." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-304xx/CVE-2023-30451.json b/CVE-2023/CVE-2023-304xx/CVE-2023-30451.json index f8ca22f6a07..ec69e671f76 100644 --- a/CVE-2023/CVE-2023-304xx/CVE-2023-30451.json +++ b/CVE-2023/CVE-2023-304xx/CVE-2023-30451.json @@ -2,12 +2,16 @@ "id": "CVE-2023-30451", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T05:15:08.553", - "lastModified": "2023-12-25T05:15:08.553", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In TYPO3 11.5.24, the filelist component allows attackers (who have access to the administrator panel) to read arbitrary files via directory traversal in the baseuri field, as demonstrated by POST /typo3/record/edit with ../../../ in data[sys_file_storage]*[data][sDEF][lDEF][basePath][vDEF]." + }, + { + "lang": "es", + "value": "En TYPO3 11.5.24, el componente filelist permite a los atacantes (que tienen acceso al panel de administrador) leer archivos arbitrarios a trav\u00e9s del directory traversal en el campo baseuri, como lo demuestra POST /typo3/record/edit con ../../. ./ en datos[sys_file_storage]*[datos][sDEF][lDEF][basePath][vDEF]." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-312xx/CVE-2023-31224.json b/CVE-2023/CVE-2023-312xx/CVE-2023-31224.json index 5e41526f6b9..216a1e510b8 100644 --- a/CVE-2023/CVE-2023-312xx/CVE-2023-31224.json +++ b/CVE-2023/CVE-2023-312xx/CVE-2023-31224.json @@ -2,12 +2,16 @@ "id": "CVE-2023-31224", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T08:15:07.430", - "lastModified": "2023-12-25T08:15:07.430", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "There is broken access control during authentication in Jamf Pro Server before 10.46.1." + }, + { + "lang": "es", + "value": "Hay un control de acceso roto durante la autenticaci\u00f3n en Jamf Pro Server anterior a 10.46.1." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-312xx/CVE-2023-31289.json b/CVE-2023/CVE-2023-312xx/CVE-2023-31289.json index 199c4160874..bcb98343f54 100644 --- a/CVE-2023/CVE-2023-312xx/CVE-2023-31289.json +++ b/CVE-2023/CVE-2023-312xx/CVE-2023-31289.json @@ -2,12 +2,16 @@ "id": "CVE-2023-31289", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T06:15:08.303", - "lastModified": "2023-12-25T06:15:08.303", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort." + }, + { + "lang": "es", + "value": "Pexip Infinity anterior a 31.2 tiene una validaci\u00f3n de entrada inadecuada para la se\u00f1alizaci\u00f3n, lo que permite a atacantes remotos activar un aborto." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-312xx/CVE-2023-31297.json b/CVE-2023/CVE-2023-312xx/CVE-2023-31297.json index 8c84b389e34..c7ad1397987 100644 --- a/CVE-2023/CVE-2023-312xx/CVE-2023-31297.json +++ b/CVE-2023/CVE-2023-312xx/CVE-2023-31297.json @@ -2,12 +2,16 @@ "id": "CVE-2023-31297", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T07:15:08.593", - "lastModified": "2023-12-25T07:15:08.593", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue was discovered in SESAMI planfocus CPTO (Cash Point & Transport Optimizer) 6.3.8.6 718. There is XSS via the Name field when modifying a client." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en SESAMI planfocus CPTO (Cash Point & Transport Optimizer) 6.3.8.6 718. Hay XSS a trav\u00e9s del campo Name al modificar un cliente." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-314xx/CVE-2023-31455.json b/CVE-2023/CVE-2023-314xx/CVE-2023-31455.json index e27cb54c137..38815e52b3e 100644 --- a/CVE-2023/CVE-2023-314xx/CVE-2023-31455.json +++ b/CVE-2023/CVE-2023-314xx/CVE-2023-31455.json @@ -2,12 +2,16 @@ "id": "CVE-2023-31455", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T06:15:08.350", - "lastModified": "2023-12-25T06:15:08.350", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Pexip Infinity before 31.2 has Improper Input Validation for RTCP, allowing remote attackers to trigger an abort." + }, + { + "lang": "es", + "value": "Pexip Infinity anterior a 31.2 tiene una validaci\u00f3n de entrada incorrecta para RTCP, lo que permite a atacantes remotos provocar una interrupci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-33xx/CVE-2023-3391.json b/CVE-2023/CVE-2023-33xx/CVE-2023-3391.json index 0f20aa9e9ca..2b8201697de 100644 --- a/CVE-2023/CVE-2023-33xx/CVE-2023-3391.json +++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3391.json @@ -2,7 +2,7 @@ "id": "CVE-2023-3391", "sourceIdentifier": "cna@vuldb.com", "published": "2023-06-23T16:15:09.693", - "lastModified": "2023-11-07T04:18:40.070", + "lastModified": "2023-12-26T19:56:27.157", "vulnStatus": "Modified", "descriptions": [ { @@ -33,7 +33,7 @@ "impactScore": 5.9 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -55,7 +55,7 @@ ], "cvssMetricV2": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "2.0", @@ -81,7 +81,7 @@ }, "weaknesses": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Primary", "description": [ { @@ -100,8 +100,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:human_resource_management_system_project:human_resource_management_system:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "F568F825-03F3-4EA1-8140-AD0DCA462881" + "criteria": "cpe:2.3:a:oretnom23:human_resource_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DB20CFC6-02D1-4450-93F7-8C2BF9847907" } ] } diff --git a/CVE-2023/CVE-2023-364xx/CVE-2023-36485.json b/CVE-2023/CVE-2023-364xx/CVE-2023-36485.json index 74b8c33e78e..d9ed2069ddc 100644 --- a/CVE-2023/CVE-2023-364xx/CVE-2023-36485.json +++ b/CVE-2023/CVE-2023-364xx/CVE-2023-36485.json @@ -2,12 +2,16 @@ "id": "CVE-2023-36485", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T08:15:07.497", - "lastModified": "2023-12-25T08:15:07.497", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "The workflow-engine of ILIAS before 7.23 and 8 before 8.3 allows remote authenticated users to run arbitrary system commands on the application server as the application user via a malicious BPMN2 workflow definition file." + }, + { + "lang": "es", + "value": "El motor de workflow de ILIAS anterior a 7.23 y 8 anterior a 8.3 permite a usuarios remotos autenticados ejecutar comandos arbitrarios del sistema en el servidor de aplicaciones como usuario de la aplicaci\u00f3n a trav\u00e9s de un archivo de definici\u00f3n de workflow BPMN2 malicioso." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-364xx/CVE-2023-36486.json b/CVE-2023/CVE-2023-364xx/CVE-2023-36486.json index 3367c56204b..88b956bc312 100644 --- a/CVE-2023/CVE-2023-364xx/CVE-2023-36486.json +++ b/CVE-2023/CVE-2023-364xx/CVE-2023-36486.json @@ -2,12 +2,16 @@ "id": "CVE-2023-36486", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T08:15:07.560", - "lastModified": "2023-12-25T08:15:07.560", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "The workflow-engine of ILIAS before 7.23 and 8 before 8.3 allows remote authenticated users to run arbitrary system commands on the application server as the application user by uploading a workflow definition file with a malicious filename." + }, + { + "lang": "es", + "value": "El motor de workflow de ILIAS anterior a 7.23 y 8 anterior a 8.3 permite a usuarios remotos autenticados ejecutar comandos arbitrarios del sistema en el servidor de aplicaciones como usuario de la aplicaci\u00f3n cargando un archivo de definici\u00f3n de workflow con un nombre de archivo malicioso." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-371xx/CVE-2023-37185.json b/CVE-2023/CVE-2023-371xx/CVE-2023-37185.json index 5d55d43adf5..139bc0dbd8f 100644 --- a/CVE-2023/CVE-2023-371xx/CVE-2023-37185.json +++ b/CVE-2023/CVE-2023-371xx/CVE-2023-37185.json @@ -2,12 +2,16 @@ "id": "CVE-2023-37185", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T07:15:08.793", - "lastModified": "2023-12-25T07:15:08.793", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the function zfp_prec_decompress at zfp/blosc2-zfp.c." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que C-blosc2 anterior a 2.9.3 conten\u00eda una desreferencia de puntero NULL mediante la funci\u00f3n zfp_prec_decompress en zfp/blosc2-zfp.c." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-371xx/CVE-2023-37186.json b/CVE-2023/CVE-2023-371xx/CVE-2023-37186.json index 2e8b3a136bc..d0d2ee087ba 100644 --- a/CVE-2023/CVE-2023-371xx/CVE-2023-37186.json +++ b/CVE-2023/CVE-2023-371xx/CVE-2023-37186.json @@ -2,12 +2,16 @@ "id": "CVE-2023-37186", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T07:15:08.980", - "lastModified": "2023-12-25T07:15:08.980", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference in ndlz/ndlz8x8.c via a NULL pointer to memset." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que C-blosc2 anterior a 2.9.3 conten\u00eda una desreferencia de puntero NULL en ndlz/ndlz8x8.c a trav\u00e9s de un puntero NULL a memset." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-371xx/CVE-2023-37187.json b/CVE-2023/CVE-2023-371xx/CVE-2023-37187.json index 252c21c072c..4198e9b68ae 100644 --- a/CVE-2023/CVE-2023-371xx/CVE-2023-37187.json +++ b/CVE-2023/CVE-2023-371xx/CVE-2023-37187.json @@ -2,12 +2,16 @@ "id": "CVE-2023-37187", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T07:15:09.183", - "lastModified": "2023-12-25T07:15:09.183", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the zfp/blosc2-zfp.c zfp_acc_decompress. function." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que C-blosc2 anterior a 2.9.3 conten\u00eda una desreferencia de puntero NULL mediante la funci\u00f3n zfp/blosc2-zfp.c zfp_acc_decompress." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-371xx/CVE-2023-37188.json b/CVE-2023/CVE-2023-371xx/CVE-2023-37188.json index 8c400efc243..3f14a84a8ea 100644 --- a/CVE-2023/CVE-2023-371xx/CVE-2023-37188.json +++ b/CVE-2023/CVE-2023-371xx/CVE-2023-37188.json @@ -2,12 +2,16 @@ "id": "CVE-2023-37188", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T07:15:09.347", - "lastModified": "2023-12-25T07:15:09.347", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the function zfp_rate_decompress at zfp/blosc2-zfp.c." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que C-blosc2 anterior a 2.9.3 conten\u00eda una desreferencia de puntero NULL mediante la funci\u00f3n zfp_rate_decompress en zfp/blosc2-zfp.c." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-372xx/CVE-2023-37225.json b/CVE-2023/CVE-2023-372xx/CVE-2023-37225.json index af03e106096..c2eb1cc27f4 100644 --- a/CVE-2023/CVE-2023-372xx/CVE-2023-37225.json +++ b/CVE-2023/CVE-2023-372xx/CVE-2023-37225.json @@ -2,12 +2,16 @@ "id": "CVE-2023-37225", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T06:15:08.393", - "lastModified": "2023-12-25T06:15:08.393", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Pexip Infinity before 32 allows Webapp1 XSS via preconfigured links." + }, + { + "lang": "es", + "value": "Pexip Infinity anterior a 32 permite Webapp1 XSS a trav\u00e9s de enlaces preconfigurados." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-383xx/CVE-2023-38321.json b/CVE-2023/CVE-2023-383xx/CVE-2023-38321.json index d3701584e35..62fcb551d3a 100644 --- a/CVE-2023/CVE-2023-383xx/CVE-2023-38321.json +++ b/CVE-2023/CVE-2023-383xx/CVE-2023-38321.json @@ -2,12 +2,16 @@ "id": "CVE-2023-38321", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T09:15:07.223", - "lastModified": "2023-12-25T09:15:07.223", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference, daemon crash, and Captive Portal outage) via a GET request to /opennds_auth/ that lacks a custom query string parameter and client-token." + }, + { + "lang": "es", + "value": "OpenNDS, tal como se usa en Sierra Wireless ALEOS anteriores a 4.17.0.12 y otros productos, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (desreferencia de puntero NULL, ca\u00edda del daemon e interrupci\u00f3n de Captive Portal) a trav\u00e9s de una solicitud GET a /opennds_auth/ que carece de una configuraci\u00f3n personalizada. par\u00e1metro de cadena de consulta y token de cliente." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-388xx/CVE-2023-38826.json b/CVE-2023/CVE-2023-388xx/CVE-2023-38826.json index dd47bb40569..675fcad4cae 100644 --- a/CVE-2023/CVE-2023-388xx/CVE-2023-38826.json +++ b/CVE-2023/CVE-2023-388xx/CVE-2023-38826.json @@ -2,12 +2,16 @@ "id": "CVE-2023-38826", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T08:15:07.630", - "lastModified": "2023-12-25T08:15:07.630", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A Cross Site Scripting (XSS) vulnerability exists in Follet Learning Solutions Destiny through 20.0_1U. via the handlewpesearchform.do. searchString." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de Cross Site Scripting (XSS) en Follet Learning Solutions Destiny hasta 20.0_1U. a trav\u00e9s de handlewpesearchform.do. searchString." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-402xx/CVE-2023-40236.json b/CVE-2023/CVE-2023-402xx/CVE-2023-40236.json index cc48155b936..f9df0fefd8f 100644 --- a/CVE-2023/CVE-2023-402xx/CVE-2023-40236.json +++ b/CVE-2023/CVE-2023-402xx/CVE-2023-40236.json @@ -2,12 +2,16 @@ "id": "CVE-2023-40236", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T06:15:08.440", - "lastModified": "2023-12-25T06:15:08.440", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In Pexip VMR self-service portal before 3, the same SSH host key is used across different customers' installations, which allows authentication bypass." + }, + { + "lang": "es", + "value": "En el portal de autoservicio de Pexip VMR anterior a 3, se utiliza la misma clave de host SSH en las instalaciones de diferentes clientes, lo que permite omitir la autenticaci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-424xx/CVE-2023-42436.json b/CVE-2023/CVE-2023-424xx/CVE-2023-42436.json index 9916fa3f498..3612d36c130 100644 --- a/CVE-2023/CVE-2023-424xx/CVE-2023-42436.json +++ b/CVE-2023/CVE-2023-424xx/CVE-2023-42436.json @@ -2,12 +2,16 @@ "id": "CVE-2023-42436", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-12-26T08:15:09.637", - "lastModified": "2023-12-26T08:15:09.637", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Stored cross-site scripting vulnerability exists in the presentation feature of GROWI versions prior to v3.4.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de cross-site scripting almacenado en la funci\u00f3n de presentaci\u00f3n de las versiones de GROWI anteriores a la v3.4.0. Si se explota esta vulnerabilidad, se puede ejecutar un script arbitrario en el navegador web del usuario que accedi\u00f3 al sitio utilizando el producto." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-430xx/CVE-2023-43064.json b/CVE-2023/CVE-2023-430xx/CVE-2023-43064.json index c9d04fe12d9..925f413abdd 100644 --- a/CVE-2023/CVE-2023-430xx/CVE-2023-43064.json +++ b/CVE-2023/CVE-2023-430xx/CVE-2023-43064.json @@ -2,12 +2,16 @@ "id": "CVE-2023-43064", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-12-25T03:15:08.210", - "lastModified": "2023-12-25T03:15:08.210", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Facsimile Support for IBM i 7.2, 7.3, 7.4, and 7.5 could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause arbitrary code to run with the privilege of the user invoking the facsimile support. IBM X-Force ID: 267689." + }, + { + "lang": "es", + "value": "Facsimile Support para IBM i 7.2, 7.3, 7.4 y 7.5 podr\u00eda permitir que un usuario local obtenga privilegios elevados debido a una llamada de librer\u00eda no calificada. Un actor malintencionado podr\u00eda provocar que se ejecutara c\u00f3digo arbitrario con el privilegio del usuario que invoca el soporte de fax. ID de IBM X-Force: 267689." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-457xx/CVE-2023-45737.json b/CVE-2023/CVE-2023-457xx/CVE-2023-45737.json index 204ebfb163b..5ab0bbcd300 100644 --- a/CVE-2023/CVE-2023-457xx/CVE-2023-45737.json +++ b/CVE-2023/CVE-2023-457xx/CVE-2023-45737.json @@ -2,12 +2,16 @@ "id": "CVE-2023-45737", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-12-26T08:15:09.907", - "lastModified": "2023-12-26T08:15:09.907", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Stored cross-site scripting vulnerability exists in the App Settings (/admin/app) page and the Markdown Settings (/admin/markdown) page of GROWI versions prior to v3.5.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de cross-site scripting almacenado en la p\u00e1gina App Settings (/admin/app) y en la p\u00e1gina Markdown Settings (/admin/markdown) de las versiones de GROWI anteriores a la v3.5.0. Si se explota esta vulnerabilidad, se puede ejecutar un script arbitrario en el navegador web del usuario que accedi\u00f3 al sitio utilizando el producto." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-457xx/CVE-2023-45740.json b/CVE-2023/CVE-2023-457xx/CVE-2023-45740.json index 0a562145f43..f6d544800a3 100644 --- a/CVE-2023/CVE-2023-457xx/CVE-2023-45740.json +++ b/CVE-2023/CVE-2023-457xx/CVE-2023-45740.json @@ -2,12 +2,16 @@ "id": "CVE-2023-45740", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-12-26T08:15:10.010", - "lastModified": "2023-12-26T08:15:10.010", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Stored cross-site scripting vulnerability when processing profile images exists in GROWI versions prior to v4.1.3. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product." + }, + { + "lang": "es", + "value": "La vulnerabilidad de cross-site scripting almacenado al procesar im\u00e1genes de perfil existe en las versiones de GROWI anteriores a la v4.1.3. Si se explota esta vulnerabilidad, se puede ejecutar un script arbitrario en el navegador web del usuario que accedi\u00f3 al sitio utilizando el producto." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-457xx/CVE-2023-45741.json b/CVE-2023/CVE-2023-457xx/CVE-2023-45741.json index 5be862dd7aa..f11bb5a220d 100644 --- a/CVE-2023/CVE-2023-457xx/CVE-2023-45741.json +++ b/CVE-2023/CVE-2023-457xx/CVE-2023-45741.json @@ -2,12 +2,16 @@ "id": "CVE-2023-45741", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-12-26T08:15:10.107", - "lastModified": "2023-12-26T08:15:10.107", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "VR-S1000 firmware Ver. 2.37 and earlier allows an attacker with access to the product's web management page to execute arbitrary OS commands." + }, + { + "lang": "es", + "value": "Versi\u00f3n del firmware VR-S1000. 2.37 y anteriores permiten a un atacante con acceso a la p\u00e1gina de administraci\u00f3n web del producto ejecutar comandos arbitrarios del sistema operativo." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46681.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46681.json index facb0bd697e..a56ac3784fd 100644 --- a/CVE-2023/CVE-2023-466xx/CVE-2023-46681.json +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46681.json @@ -2,12 +2,16 @@ "id": "CVE-2023-46681", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-12-26T08:15:10.247", - "lastModified": "2023-12-26T08:15:10.247", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in VR-S1000 firmware Ver. 2.37 and earlier allows an authenticated attacker who can access to the product's command line interface to execute an arbitrary command." + }, + { + "lang": "es", + "value": "La neutralizaci\u00f3n incorrecta de delimitadores de argumentos en una vulnerabilidad de comando ('Inyecci\u00f3n de argumentos') en la versi\u00f3n del firmware VR-S1000. 2.37 y anteriores permiten que un atacante autenticado que pueda acceder a la interfaz de l\u00ednea de comandos del producto ejecute un comando arbitrario." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46699.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46699.json index 7f73c309c97..9c3e5aaec6f 100644 --- a/CVE-2023/CVE-2023-466xx/CVE-2023-46699.json +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46699.json @@ -2,12 +2,16 @@ "id": "CVE-2023-46699", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-12-26T08:15:10.407", - "lastModified": "2023-12-26T08:15:10.407", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability exists in the User settings (/me) page of GROWI versions prior to v6.0.0. If a user views a malicious page while logging in, settings may be changed without the user's intention." + }, + { + "lang": "es", + "value": "La vulnerabilidad de Cross-site request forgery (CSRF) existe en la p\u00e1gina User settings (/me) de las versiones de GROWI anteriores a la v6.0.0. Si un usuario ve una p\u00e1gina maliciosa mientras inicia sesi\u00f3n, la configuraci\u00f3n puede cambiarse sin la intenci\u00f3n del usuario." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-467xx/CVE-2023-46711.json b/CVE-2023/CVE-2023-467xx/CVE-2023-46711.json index 09aa427352d..2bc8933cd27 100644 --- a/CVE-2023/CVE-2023-467xx/CVE-2023-46711.json +++ b/CVE-2023/CVE-2023-467xx/CVE-2023-46711.json @@ -2,12 +2,16 @@ "id": "CVE-2023-46711", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-12-26T08:15:10.530", - "lastModified": "2023-12-26T08:15:10.530", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "VR-S1000 firmware Ver. 2.37 and earlier uses a hard-coded cryptographic key which may allow an attacker to analyze the password of a specific product user." + }, + { + "lang": "es", + "value": "La versi\u00f3n del firmware VR-S1000. 2.37 y anteriores utilizan una clave criptogr\u00e1fica codificada que puede permitir a un atacante analizar la contrase\u00f1a de un usuario de producto espec\u00edfico." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47091.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47091.json index 7607e698f78..82cccee86b1 100644 --- a/CVE-2023/CVE-2023-470xx/CVE-2023-47091.json +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47091.json @@ -2,12 +2,16 @@ "id": "CVE-2023-47091", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T07:15:09.537", - "lastModified": "2023-12-25T07:15:09.537", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue was discovered in Stormshield Network Security (SNS) SNS 4.3.13 through 4.3.22 before 4.3.23, SNS 4.6.0 through 4.6.9 before 4.6.10, and SNS 4.7.0 through 4.7.1 before 4.7.2. An attacker can overflow the cookie threshold, making an IPsec connection impossible." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Stormshield Network Security (SNS), SNS 4.3.13 a 4.3.22 antes de 4.3.23, SNS 4.6.0 a 4.6.9 antes de 4.6.10 y SNS 4.7.0 a 4.7.1 antes de 4.7.2. . Un atacante puede sobrepasar el umbral de cookies, haciendo imposible una conexi\u00f3n IPsec." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-472xx/CVE-2023-47215.json b/CVE-2023/CVE-2023-472xx/CVE-2023-47215.json index 0694c42e32d..08e89d60da5 100644 --- a/CVE-2023/CVE-2023-472xx/CVE-2023-47215.json +++ b/CVE-2023/CVE-2023-472xx/CVE-2023-47215.json @@ -2,12 +2,16 @@ "id": "CVE-2023-47215", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-12-26T08:15:10.643", - "lastModified": "2023-12-26T08:15:10.643", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Stored cross-site scripting vulnerability which is exploiting a behavior of the XSS Filter exists in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product." + }, + { + "lang": "es", + "value": "La vulnerabilidad de cross-site scripting almacenado que explota un comportamiento del filtro XSS existe en las versiones de GROWI anteriores a la v6.0.0. Si se explota esta vulnerabilidad, se puede ejecutar un script arbitrario en el navegador web del us" } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-472xx/CVE-2023-47247.json b/CVE-2023/CVE-2023-472xx/CVE-2023-47247.json index 70912f829fc..c52f50350fc 100644 --- a/CVE-2023/CVE-2023-472xx/CVE-2023-47247.json +++ b/CVE-2023/CVE-2023-472xx/CVE-2023-47247.json @@ -2,12 +2,16 @@ "id": "CVE-2023-47247", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T07:15:09.683", - "lastModified": "2023-12-25T07:15:09.683", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In SysAid On-Premise before 23.3.34, there is an edge case in which an end user is able to delete a Knowledge Base article, aka bug 15102." + }, + { + "lang": "es", + "value": "En SysAid On-Premise anterior al 23.3.34, hay un caso extremo en el que un usuario final puede eliminar un art\u00edculo de la base de conocimientos, tambi\u00e9n conocido como error 15102." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-486xx/CVE-2023-48652.json b/CVE-2023/CVE-2023-486xx/CVE-2023-48652.json index b7fc046f9d3..5527bea34eb 100644 --- a/CVE-2023/CVE-2023-486xx/CVE-2023-48652.json +++ b/CVE-2023/CVE-2023-486xx/CVE-2023-48652.json @@ -2,12 +2,16 @@ "id": "CVE-2023-48652", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T08:15:07.697", - "lastModified": "2023-12-25T08:15:07.697", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Concrete CMS 9 before 9.2.3 is vulnerable to Cross Site Request Forgery (CSRF) via /ccm/system/dialogs/logs/delete_all/submit. An attacker can force an admin user to delete server report logs on a web application to which they are currently authenticated." + }, + { + "lang": "es", + "value": "Concrete CMS 9 anterior a 9.2.3 es vulnerable a Cross Site Request Forgery (CSRF) a trav\u00e9s de /ccm/system/dialogs/logs/delete_all/submit. Un atacante puede obligar a un usuario administrador a eliminar los registros de informes del servidor en una aplicaci\u00f3n web en la que est\u00e1 actualmente autenticado." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-486xx/CVE-2023-48654.json b/CVE-2023/CVE-2023-486xx/CVE-2023-48654.json index 1aaf63e66d1..e032af66fa4 100644 --- a/CVE-2023/CVE-2023-486xx/CVE-2023-48654.json +++ b/CVE-2023/CVE-2023-486xx/CVE-2023-48654.json @@ -2,12 +2,16 @@ "id": "CVE-2023-48654", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T06:15:08.483", - "lastModified": "2023-12-25T06:15:08.483", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: go to the Google ReCAPTCHA section, click on the Privacy link, observe that there is a new browser window, navigate to any website that offers file upload, navigate to cmd.exe from the file explorer window, and launch cmd.exe as NT AUTHORITY\\SYSTEM." + }, + { + "lang": "es", + "value": "One Identity Password Manager anterior a 5.13.1 permite Kiosk Escape. Este producto permite a los usuarios restablecer sus contrase\u00f1as de Active Directory en la pantalla de inicio de sesi\u00f3n de un cliente de Windows. Inicia un navegador basado en Chromium en modo quiosco para proporcionar la funcionalidad de reinicio. La secuencia de escape es: vaya a la secci\u00f3n Google ReCAPTCHA, haga clic en el enlace Privacidad, observe que hay una nueva ventana del navegador, navegue a cualquier sitio web que ofrezca carga de archivos, navegue a cmd.exe desde la ventana del explorador de archivos e inicie cmd. .exe como NT AUTHORITY\\SYSTEM." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-491xx/CVE-2023-49117.json b/CVE-2023/CVE-2023-491xx/CVE-2023-49117.json index dee0bd5c339..d21a15d009d 100644 --- a/CVE-2023/CVE-2023-491xx/CVE-2023-49117.json +++ b/CVE-2023/CVE-2023-491xx/CVE-2023-49117.json @@ -2,12 +2,16 @@ "id": "CVE-2023-49117", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-12-26T06:15:07.260", - "lastModified": "2023-12-26T06:15:07.260", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "PowerCMS (6 Series, 5 Series, and 4 Series) contains a stored cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user's web browser. Note that all versions of PowerCMS 3 Series and earlier which are unsupported (End-of-Life, EOL) are also affected by this vulnerability." + }, + { + "lang": "es", + "value": "PowerCMS (Serie 6, Serie 5 y Serie 4) contiene una vulnerabilidad de cross-site scripting almacenado. Si se explota esta vulnerabilidad, se puede ejecutar un script arbitrario en el navegador web de un usuario que haya iniciado sesi\u00f3n. Tenga en cuenta que todas las versiones de PowerCMS Serie 3 y anteriores que no son compatibles (End-of-Life, EOL) tambi\u00e9n se ven afectadas por esta vulnerabilidad." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-491xx/CVE-2023-49119.json b/CVE-2023/CVE-2023-491xx/CVE-2023-49119.json index 81aac37bd22..02e1d3c9af8 100644 --- a/CVE-2023/CVE-2023-491xx/CVE-2023-49119.json +++ b/CVE-2023/CVE-2023-491xx/CVE-2023-49119.json @@ -2,12 +2,16 @@ "id": "CVE-2023-49119", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-12-26T08:15:10.793", - "lastModified": "2023-12-26T08:15:10.793", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Stored cross-site scripting vulnerability via the img tags exists in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product." + }, + { + "lang": "es", + "value": "La vulnerabilidad de cross-site scripting almacenado a trav\u00e9s de las etiquetas img existe en las versiones de GROWI anteriores a la v6.0.0. Si se explota esta vulnerabilidad, se puede ejecutar un script arbitrario en el navegador web del usuario que accedi\u00f3 al sitio utilizando el producto." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-492xx/CVE-2023-49226.json b/CVE-2023/CVE-2023-492xx/CVE-2023-49226.json index 7bde8ed8c2b..f7c7b9d8616 100644 --- a/CVE-2023/CVE-2023-492xx/CVE-2023-49226.json +++ b/CVE-2023/CVE-2023-492xx/CVE-2023-49226.json @@ -2,12 +2,16 @@ "id": "CVE-2023-49226", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T08:15:07.760", - "lastModified": "2023-12-25T08:15:07.760", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue was discovered in Peplink Balance Two before 8.4.0. Command injection in the traceroute feature of the administration console allows users with admin privileges to execute arbitrary commands as root." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Peplink Balance Two antes de 8.4.0. La inyecci\u00f3n de comandos en la funci\u00f3n traceroute de la consola de administraci\u00f3n permite a los usuarios con privilegios de administrador ejecutar comandos arbitrarios como root." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-493xx/CVE-2023-49328.json b/CVE-2023/CVE-2023-493xx/CVE-2023-49328.json index 00577644991..6c8c7435f62 100644 --- a/CVE-2023/CVE-2023-493xx/CVE-2023-49328.json +++ b/CVE-2023/CVE-2023-493xx/CVE-2023-49328.json @@ -2,12 +2,16 @@ "id": "CVE-2023-49328", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T06:15:08.530", - "lastModified": "2023-12-25T06:15:08.530", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "On a Wolters Kluwer B.POINT 23.70.00 server running Linux on premises, during the authentication phase, a validated system user can achieve remote code execution via Argument Injection in the server-to-server module." + }, + { + "lang": "es", + "value": "En un servidor Wolters Kluwer B.POINT 23.70.00 que ejecuta Linux localmente, durante la fase de autenticaci\u00f3n, un usuario del sistema validado puede lograr la ejecuci\u00f3n remota de c\u00f3digo mediante la inyecci\u00f3n de argumentos en el m\u00f3dulo de servidor a servidor." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-495xx/CVE-2023-49598.json b/CVE-2023/CVE-2023-495xx/CVE-2023-49598.json index 53a47939a0a..52c39365bde 100644 --- a/CVE-2023/CVE-2023-495xx/CVE-2023-49598.json +++ b/CVE-2023/CVE-2023-495xx/CVE-2023-49598.json @@ -2,12 +2,16 @@ "id": "CVE-2023-49598", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-12-26T08:15:10.930", - "lastModified": "2023-12-26T08:15:10.930", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Stored cross-site scripting vulnerability exists in the event handlers of the pre tags in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de cross-site scripting almacenado en los controladores de eventos de las etiquetas previas en las versiones de GROWI anteriores a la v6.0.0. Si se explota esta vulnerabilidad, se puede ejecutar un script arbitrario en el navegador web del usuario que accedi\u00f3 al sitio utilizando el producto." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-497xx/CVE-2023-49779.json b/CVE-2023/CVE-2023-497xx/CVE-2023-49779.json index dbfd89d4602..3368872e8f6 100644 --- a/CVE-2023/CVE-2023-497xx/CVE-2023-49779.json +++ b/CVE-2023/CVE-2023-497xx/CVE-2023-49779.json @@ -2,12 +2,16 @@ "id": "CVE-2023-49779", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-12-26T08:15:11.017", - "lastModified": "2023-12-26T08:15:11.017", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Stored cross-site scripting vulnerability exists in the anchor tag of GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de cross-site scripting almacenado en la etiqueta de anclaje de las versiones de GROWI anteriores a la v6.0.0. Si se explota esta vulnerabilidad, se puede ejecutar un script arbitrario en el navegador web del usuario que accedi\u00f3 al sitio utilizando el producto." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-498xx/CVE-2023-49807.json b/CVE-2023/CVE-2023-498xx/CVE-2023-49807.json index 0fc5857e763..69273a7f33b 100644 --- a/CVE-2023/CVE-2023-498xx/CVE-2023-49807.json +++ b/CVE-2023/CVE-2023-498xx/CVE-2023-49807.json @@ -2,12 +2,16 @@ "id": "CVE-2023-49807", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-12-26T08:15:11.113", - "lastModified": "2023-12-26T08:15:11.113", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Stored cross-site scripting vulnerability when processing the MathJax exists in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product." + }, + { + "lang": "es", + "value": "La vulnerabilidad de cross-site scripting almacenado al procesar MathJax existe en las versiones de GROWI anteriores a la v6.0.0. Si se explota esta vulnerabilidad, se puede ejecutar un script arbitrario en el navegador web del usuario que accedi\u00f3 al sitio utilizando el producto." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-498xx/CVE-2023-49880.json b/CVE-2023/CVE-2023-498xx/CVE-2023-49880.json index 796bec84f7a..157f4b9e6e8 100644 --- a/CVE-2023/CVE-2023-498xx/CVE-2023-49880.json +++ b/CVE-2023/CVE-2023-498xx/CVE-2023-49880.json @@ -2,12 +2,16 @@ "id": "CVE-2023-49880", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-12-25T03:15:08.430", - "lastModified": "2023-12-25T03:15:08.430", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In the Message Entry and Repair (MER) facility of IBM Financial Transaction Manager for SWIFT Services 3.2.4 the sending address and the message type of FIN messages are assumed to be immutable. However, an attacker might modify these elements of a business transaction. IBM X-Force ID: 273183." + }, + { + "lang": "es", + "value": "En la funci\u00f3n Message Entry and Repair (MER) de IBM Financial Transaction Manager para SWIFT Services 3.2.4, se supone que la direcci\u00f3n de env\u00edo y el tipo de mensaje de los mensajes FIN son inmutables. Sin embargo, un atacante podr\u00eda modificar estos elementos de una transacci\u00f3n comercial. ID de IBM X-Force: 273183." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-499xx/CVE-2023-49944.json b/CVE-2023/CVE-2023-499xx/CVE-2023-49944.json index c7dddb2bc54..be6de773ca4 100644 --- a/CVE-2023/CVE-2023-499xx/CVE-2023-49944.json +++ b/CVE-2023/CVE-2023-499xx/CVE-2023-49944.json @@ -2,12 +2,16 @@ "id": "CVE-2023-49944", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T08:15:07.833", - "lastModified": "2023-12-25T08:15:07.833", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "The Challenge Response feature of BeyondTrust Privilege Management for Windows (PMfW) before 2023-07-14 allows local administrators to bypass this feature by decrypting the shared key, or by locating the decrypted shared key in process memory. The threat is mitigated by the Agent Protection feature." + }, + { + "lang": "es", + "value": "La funci\u00f3n Challenge Response de BeyondTrust Privilege Management para Windows (PMfW) antes del 14 de julio de 2023 permite a los administradores locales omitir esta funci\u00f3n descifrando la clave compartida o localizando la clave compartida descifrada en la memoria de proceso. La amenaza se mitiga mediante la funci\u00f3n Agent Protection." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-499xx/CVE-2023-49949.json b/CVE-2023/CVE-2023-499xx/CVE-2023-49949.json index b7dced7e969..d251053e244 100644 --- a/CVE-2023/CVE-2023-499xx/CVE-2023-49949.json +++ b/CVE-2023/CVE-2023-499xx/CVE-2023-49949.json @@ -2,12 +2,16 @@ "id": "CVE-2023-49949", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T14:15:07.277", - "lastModified": "2023-12-26T14:15:07.277", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Passwork before 6.2.0 allows remote authenticated users to bypass 2FA by sending all one million of the possible 6-digit codes." + }, + { + "lang": "es", + "value": "Passwork anterior a 6.2.0 permite a los usuarios autenticados remotamente omitir 2FA enviando un mill\u00f3n de c\u00f3digos de 6 d\u00edgitos posibles." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-499xx/CVE-2023-49954.json b/CVE-2023/CVE-2023-499xx/CVE-2023-49954.json index ad165abddf9..d00ff4e1a3f 100644 --- a/CVE-2023/CVE-2023-499xx/CVE-2023-49954.json +++ b/CVE-2023/CVE-2023-499xx/CVE-2023-49954.json @@ -2,12 +2,16 @@ "id": "CVE-2023-49954", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T08:15:07.933", - "lastModified": "2023-12-25T08:15:07.933", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "The CRM Integration in 3CX before 18.0.9.23 and 20 before 20.0.0.1494 allows SQL Injection via a first name, search string, or email address." + }, + { + "lang": "es", + "value": "La integraci\u00f3n de CRM en 3CX anterior a 18.0.9.23 y 20 anterior a 20.0.0.1494 permite la inyecci\u00f3n SQL a trav\u00e9s de un nombre, cadena de b\u00fasqueda o direcci\u00f3n de correo electr\u00f3nico." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-501xx/CVE-2023-50175.json b/CVE-2023/CVE-2023-501xx/CVE-2023-50175.json index 2b60627501d..152641db01d 100644 --- a/CVE-2023/CVE-2023-501xx/CVE-2023-50175.json +++ b/CVE-2023/CVE-2023-501xx/CVE-2023-50175.json @@ -2,12 +2,16 @@ "id": "CVE-2023-50175", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-12-26T08:15:11.290", - "lastModified": "2023-12-26T08:15:11.290", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Stored cross-site scripting vulnerability exists in the App Settings (/admin/app) page, the Markdown Settings (/admin/markdown) page, and the Customize (/admin/customize) page of GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product." + }, + { + "lang": "es", + "value": "La vulnerabilidad de cross-site scripting almacenado existe en la p\u00e1gina App Settings (/admin/app), la p\u00e1gina Markdown Settings (/admin/markdown) y la p\u00e1gina Customize (/admin/customize) de las versiones de GROWI anteriores a la v6.0.0. Si se explota esta vulnerabilidad, se puede ejecutar un script arbitrario en el navegador web del usuario que accedi\u00f3 al sitio utilizando el producto." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-502xx/CVE-2023-50294.json b/CVE-2023/CVE-2023-502xx/CVE-2023-50294.json index bdb8157ba60..c95dc56e023 100644 --- a/CVE-2023/CVE-2023-502xx/CVE-2023-50294.json +++ b/CVE-2023/CVE-2023-502xx/CVE-2023-50294.json @@ -2,12 +2,16 @@ "id": "CVE-2023-50294", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-12-26T08:15:11.427", - "lastModified": "2023-12-26T08:15:11.427", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "The App Settings (/admin/app) page in GROWI versions prior to v6.0.6 stores sensitive information in cleartext form. As a result, the Secret access key for external service may be obtained by an attacker who can access the App Settings page." + }, + { + "lang": "es", + "value": "La p\u00e1gina App Settings (/admin/app) en las versiones de GROWI anteriores a la v6.0.6 almacena informaci\u00f3n confidencial en forma de texto plano. Como resultado, un atacante que pueda acceder a la p\u00e1gina de configuraci\u00f3n de la aplicaci\u00f3n puede obtener la clave de acceso secreta para el servicio externo." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-502xx/CVE-2023-50297.json b/CVE-2023/CVE-2023-502xx/CVE-2023-50297.json index 8f3c583796b..8a9e240827b 100644 --- a/CVE-2023/CVE-2023-502xx/CVE-2023-50297.json +++ b/CVE-2023/CVE-2023-502xx/CVE-2023-50297.json @@ -2,12 +2,16 @@ "id": "CVE-2023-50297", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-12-26T06:15:07.473", - "lastModified": "2023-12-26T06:15:07.473", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Open redirect vulnerability in PowerCMS (6 Series, 5 Series, and 4 Series) allows a remote unauthenticated attacker to redirect users to arbitrary web sites via a specially crafted URL. Note that all versions of PowerCMS 3 Series and earlier which are unsupported (End-of-Life, EOL) are also affected by this vulnerability." + }, + { + "lang": "es", + "value": "Vulnerabilidad de redireccionamiento abierto en PowerCMS (Series 6, 5 Series y 4 Series) permite que un atacante remoto no autenticado redirija a los usuarios a sitios web arbitrarios a trav\u00e9s de una URL especialmente manipulada. Tenga en cuenta que todas las versiones de PowerCMS Serie 3 y anteriores que no son compatibles (End-of-Life, EOL) tambi\u00e9n se ven afectadas por esta vulnerabilidad." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-503xx/CVE-2023-50332.json b/CVE-2023/CVE-2023-503xx/CVE-2023-50332.json index 7a9741c77e7..bbcf20e9d39 100644 --- a/CVE-2023/CVE-2023-503xx/CVE-2023-50332.json +++ b/CVE-2023/CVE-2023-503xx/CVE-2023-50332.json @@ -2,12 +2,16 @@ "id": "CVE-2023-50332", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-12-26T08:15:11.570", - "lastModified": "2023-12-26T08:15:11.570", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Improper authorization vulnerability exists in the User Management (/admin/users) page of GROWI versions prior to v6.0.6. If this vulnerability is exploited, a user may delete or suspend its own account without the user's intention.\r\n" + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de autorizaci\u00f3n incorrecta en la p\u00e1gina User Management (/admin/users) de las versiones de GROWI anteriores a la v6.0.6. Si se explota esta vulnerabilidad, un usuario puede eliminar o suspender su propia cuenta sin su intenci\u00f3n." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-503xx/CVE-2023-50339.json b/CVE-2023/CVE-2023-503xx/CVE-2023-50339.json index 829d46e42e4..4c896460576 100644 --- a/CVE-2023/CVE-2023-503xx/CVE-2023-50339.json +++ b/CVE-2023/CVE-2023-503xx/CVE-2023-50339.json @@ -2,12 +2,16 @@ "id": "CVE-2023-50339", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-12-26T08:15:11.657", - "lastModified": "2023-12-26T08:15:11.657", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Stored cross-site scripting vulnerability exists in the User Management (/admin/users) page of GROWI versions prior to v6.1.11. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product." + }, + { + "lang": "es", + "value": "Existe una vulnerabilidad de cross-site scripting almacenado en la p\u00e1gina User Management (/admin/users) de las versiones de GROWI anteriores a la v6.1.11. Si se explota esta vulnerabilidad, se puede ejecutar un script arbitrario en el navegador web del usuario que accedi\u00f3 al sitio utilizando el producto." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-509xx/CVE-2023-50968.json b/CVE-2023/CVE-2023-509xx/CVE-2023-50968.json index 1e3d9a4bf21..b647d738c5e 100644 --- a/CVE-2023/CVE-2023-509xx/CVE-2023-50968.json +++ b/CVE-2023/CVE-2023-509xx/CVE-2023-50968.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50968", "sourceIdentifier": "security@apache.org", "published": "2023-12-26T12:15:07.287", - "lastModified": "2023-12-26T15:15:08.560", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51090.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51090.json index 9fa5f5af712..043682e8c9e 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51090.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51090.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51090", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:08.073", - "lastModified": "2023-12-26T18:15:08.073", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51091.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51091.json index 387f88ffa53..2ec34500106 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51091.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51091.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51091", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:08.127", - "lastModified": "2023-12-26T18:15:08.127", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51092.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51092.json index 57cceda98e1..33a26d2b0cb 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51092.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51092.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51092", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:08.173", - "lastModified": "2023-12-26T18:15:08.173", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51093.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51093.json index 3dbdf350235..d774ee4cdc8 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51093.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51093.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51093", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:08.217", - "lastModified": "2023-12-26T18:15:08.217", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51094.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51094.json index 9baa165a46d..c9e22b8ef6c 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51094.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51094.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51094", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:08.267", - "lastModified": "2023-12-26T18:15:08.267", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51095.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51095.json index 43621d075ab..2dbb2fa40d8 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51095.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51095.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51095", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T17:15:08.293", - "lastModified": "2023-12-26T17:15:08.293", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51097.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51097.json index 50b26000235..c3f58440a8d 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51097.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51097.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51097", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:08.317", - "lastModified": "2023-12-26T18:15:08.317", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51098.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51098.json index a96a856c1ee..3842fd50ac5 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51098.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51098.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51098", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:08.367", - "lastModified": "2023-12-26T18:15:08.367", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51099.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51099.json index f49420c8b5f..1db0ee94105 100644 --- a/CVE-2023/CVE-2023-510xx/CVE-2023-51099.json +++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51099.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51099", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:08.413", - "lastModified": "2023-12-26T18:15:08.413", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-511xx/CVE-2023-51100.json b/CVE-2023/CVE-2023-511xx/CVE-2023-51100.json index 03b3a5e24d9..a4f5d9e1133 100644 --- a/CVE-2023/CVE-2023-511xx/CVE-2023-51100.json +++ b/CVE-2023/CVE-2023-511xx/CVE-2023-51100.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51100", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:08.460", - "lastModified": "2023-12-26T18:15:08.460", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-511xx/CVE-2023-51101.json b/CVE-2023/CVE-2023-511xx/CVE-2023-51101.json index ddd968af3b0..0e249b8ba3e 100644 --- a/CVE-2023/CVE-2023-511xx/CVE-2023-51101.json +++ b/CVE-2023/CVE-2023-511xx/CVE-2023-51101.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51101", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:08.510", - "lastModified": "2023-12-26T18:15:08.510", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-511xx/CVE-2023-51102.json b/CVE-2023/CVE-2023-511xx/CVE-2023-51102.json index 17db0a42c7e..5ebc6a45029 100644 --- a/CVE-2023/CVE-2023-511xx/CVE-2023-51102.json +++ b/CVE-2023/CVE-2023-511xx/CVE-2023-51102.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51102", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:08.657", - "lastModified": "2023-12-26T18:15:08.657", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-511xx/CVE-2023-51103.json b/CVE-2023/CVE-2023-511xx/CVE-2023-51103.json index b3ec71c10f7..291459e791d 100644 --- a/CVE-2023/CVE-2023-511xx/CVE-2023-51103.json +++ b/CVE-2023/CVE-2023-511xx/CVE-2023-51103.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51103", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T15:15:08.630", - "lastModified": "2023-12-26T15:15:08.630", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-511xx/CVE-2023-51104.json b/CVE-2023/CVE-2023-511xx/CVE-2023-51104.json index 71c8c289bcd..ca7e59b090b 100644 --- a/CVE-2023/CVE-2023-511xx/CVE-2023-51104.json +++ b/CVE-2023/CVE-2023-511xx/CVE-2023-51104.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51104", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T15:15:08.670", - "lastModified": "2023-12-26T15:15:08.670", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-511xx/CVE-2023-51105.json b/CVE-2023/CVE-2023-511xx/CVE-2023-51105.json index 3baa2b113bd..a70d55c0128 100644 --- a/CVE-2023/CVE-2023-511xx/CVE-2023-51105.json +++ b/CVE-2023/CVE-2023-511xx/CVE-2023-51105.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51105", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T15:15:08.720", - "lastModified": "2023-12-26T15:15:08.720", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-511xx/CVE-2023-51106.json b/CVE-2023/CVE-2023-511xx/CVE-2023-51106.json index a004f2edae9..f33a5cffa61 100644 --- a/CVE-2023/CVE-2023-511xx/CVE-2023-51106.json +++ b/CVE-2023/CVE-2023-511xx/CVE-2023-51106.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51106", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T15:15:08.760", - "lastModified": "2023-12-26T15:15:08.760", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-511xx/CVE-2023-51107.json b/CVE-2023/CVE-2023-511xx/CVE-2023-51107.json index f5bcfe17cf2..18199a59a47 100644 --- a/CVE-2023/CVE-2023-511xx/CVE-2023-51107.json +++ b/CVE-2023/CVE-2023-511xx/CVE-2023-51107.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51107", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T15:15:08.807", - "lastModified": "2023-12-26T15:15:08.807", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-513xx/CVE-2023-51363.json b/CVE-2023/CVE-2023-513xx/CVE-2023-51363.json index ca122f42da2..ff9f74e5039 100644 --- a/CVE-2023/CVE-2023-513xx/CVE-2023-51363.json +++ b/CVE-2023/CVE-2023-513xx/CVE-2023-51363.json @@ -2,12 +2,16 @@ "id": "CVE-2023-51363", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-12-26T08:15:11.760", - "lastModified": "2023-12-26T08:15:11.760", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "VR-S1000 firmware Ver. 2.37 and earlier allows a network-adjacent unauthenticated attacker who can access the product's web management page to obtain sensitive information." + }, + { + "lang": "es", + "value": "Versi\u00f3n del firmware VR-S1000. 2.37 y anteriores permiten que un atacante no autenticado adyacente a la red pueda acceder a la p\u00e1gina de administraci\u00f3n web del producto para obtener informaci\u00f3n confidencial." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-514xx/CVE-2023-51467.json b/CVE-2023/CVE-2023-514xx/CVE-2023-51467.json index 6c9499aa3ad..3f299509b3b 100644 --- a/CVE-2023/CVE-2023-514xx/CVE-2023-51467.json +++ b/CVE-2023/CVE-2023-514xx/CVE-2023-51467.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51467", "sourceIdentifier": "security@apache.org", "published": "2023-12-26T15:15:08.853", - "lastModified": "2023-12-26T15:15:08.853", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-516xx/CVE-2023-51654.json b/CVE-2023/CVE-2023-516xx/CVE-2023-51654.json index 2e8ea40154c..9375226675d 100644 --- a/CVE-2023/CVE-2023-516xx/CVE-2023-51654.json +++ b/CVE-2023/CVE-2023-516xx/CVE-2023-51654.json @@ -2,12 +2,16 @@ "id": "CVE-2023-51654", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-12-26T06:15:07.530", - "lastModified": "2023-12-26T06:15:07.530", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "Improper link resolution before file access ('Link Following') issue exists in iPrint&Scan Desktop for Windows versions 11.0.0 and earlier. A symlink attack by a malicious user may cause a Denial-of-service (DoS) condition on the PC." + }, + { + "lang": "es", + "value": "Existe un problema de resoluci\u00f3n de enlace incorrecta antes del acceso al archivo (\"Seguimiento de enlace\") en iPrint&Scan Desktop for Windows para las versiones 11.0.0 y anteriores. Un ataque de enlace simb\u00f3lico por parte de un usuario malintencionado puede provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en la PC." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-517xx/CVE-2023-51771.json b/CVE-2023/CVE-2023-517xx/CVE-2023-51771.json index 84620aad7a4..b27feedb383 100644 --- a/CVE-2023/CVE-2023-517xx/CVE-2023-51771.json +++ b/CVE-2023/CVE-2023-517xx/CVE-2023-51771.json @@ -2,12 +2,16 @@ "id": "CVE-2023-51771", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T05:15:08.730", - "lastModified": "2023-12-25T05:15:08.730", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "In MicroHttpServer (aka Micro HTTP Server) through a8ab029, _ParseHeader in lib/server.c allows a one-byte recv buffer overflow via a long URI." + }, + { + "lang": "es", + "value": "En MicroHttpServer (tambi\u00e9n conocido como Micro HTTP Server) hasta a8ab029, _ParseHeader en lib/server.c permite un desbordamiento de b\u00fafer de recepci\u00f3n de un byte a trav\u00e9s de un URI largo." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-517xx/CVE-2023-51772.json b/CVE-2023/CVE-2023-517xx/CVE-2023-51772.json index ea453387d8c..2f3ff0dbdb1 100644 --- a/CVE-2023/CVE-2023-517xx/CVE-2023-51772.json +++ b/CVE-2023/CVE-2023-517xx/CVE-2023-51772.json @@ -2,12 +2,16 @@ "id": "CVE-2023-51772", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T06:15:08.580", - "lastModified": "2023-12-25T06:15:08.580", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: wait for a session timeout, click on the Help icon, observe that there is a browser window for the One Identity website, navigate to any website that offers file upload, navigate to cmd.exe from the file explorer window, and launch cmd.exe as NT AUTHORITY\\SYSTEM." + }, + { + "lang": "es", + "value": "One Identity Password Manager anterior a 5.13.1 permite Kiosk Escape. Este producto permite a los usuarios restablecer sus contrase\u00f1as de Active Directory en la pantalla de inicio de sesi\u00f3n de un cliente de Windows. Inicia un navegador basado en Chromium en modo quiosco para proporcionar la funcionalidad de reinicio. La secuencia de escape es: espere a que se agote el tiempo de espera de la sesi\u00f3n, haga clic en el \u00edcono de Ayuda, observe que hay una ventana del navegador para el sitio web de One Identity, navegue a cualquier sitio web que ofrezca carga de archivos, navegue a cmd.exe desde la ventana del explorador de archivos, e inicie cmd.exe como NT AUTHORITY\\SYSTEM." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-51xx/CVE-2023-5180.json b/CVE-2023/CVE-2023-51xx/CVE-2023-5180.json index 1c2e1644269..9fb581b6a0e 100644 --- a/CVE-2023/CVE-2023-51xx/CVE-2023-5180.json +++ b/CVE-2023/CVE-2023-51xx/CVE-2023-5180.json @@ -2,12 +2,16 @@ "id": "CVE-2023-5180", "sourceIdentifier": "8a9629cb-c5e7-4d2a-a894-111e8039b7ea", "published": "2023-12-26T09:15:07.197", - "lastModified": "2023-12-26T09:15:07.197", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "An issue was discovered in Open Design Alliance\nDrawings SDK before 2024.12. A corrupted value of number\nof sectors used by the Fat structure in a crafted DGN file leads to an\nout-of-bounds write. An attacker can leverage this vulnerability to execute\ncode in the context of the current process." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Open Design Alliance Drawings SDK antes del 2024.12. Un valor corrupto del n\u00famero de sectores utilizados por la estructura Fat en un archivo DGN dise\u00f1ado provoca una escritura fuera de los l\u00edmites. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-520xx/CVE-2023-52086.json b/CVE-2023/CVE-2023-520xx/CVE-2023-52086.json index d75cd9a40d2..160e8e57c22 100644 --- a/CVE-2023/CVE-2023-520xx/CVE-2023-52086.json +++ b/CVE-2023/CVE-2023-520xx/CVE-2023-52086.json @@ -2,8 +2,8 @@ "id": "CVE-2023-52086", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T18:15:09.030", - "lastModified": "2023-12-26T18:15:09.030", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-52xx/CVE-2023-5203.json b/CVE-2023/CVE-2023-52xx/CVE-2023-5203.json new file mode 100644 index 00000000000..efa013cdc3a --- /dev/null +++ b/CVE-2023/CVE-2023-52xx/CVE-2023-5203.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-5203", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-26T19:15:07.770", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The WP Sessions Time Monitoring Full Automatic WordPress plugin before 1.0.9 does not sanitize the request URL or query parameters before using them in an SQL query, allowing unauthenticated attackers to extract sensitive data from the database via blind time based SQL injection techniques, or in some cases an error/union based technique." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/7f4f505b-2667-4e0f-9841-9c1cd0831932", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-56xx/CVE-2023-5644.json b/CVE-2023/CVE-2023-56xx/CVE-2023-5644.json new file mode 100644 index 00000000000..c0aa51da9fe --- /dev/null +++ b/CVE-2023/CVE-2023-56xx/CVE-2023-5644.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-5644", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-26T19:15:07.843", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The WP Mail Log WordPress plugin before 1.1.3 does not correctly authorize its REST API endpoints, allowing users with the Contributor role to view and delete data that should only be accessible to Admin users." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/08f1d623-0453-4103-a9aa-2d0ddb6eb69e", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-56xx/CVE-2023-5645.json b/CVE-2023/CVE-2023-56xx/CVE-2023-5645.json new file mode 100644 index 00000000000..0aa849a0c4b --- /dev/null +++ b/CVE-2023/CVE-2023-56xx/CVE-2023-5645.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-5645", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-26T19:15:07.890", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/e392fb53-66e9-4c43-9e4f-f4ea7c561551", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-56xx/CVE-2023-5672.json b/CVE-2023/CVE-2023-56xx/CVE-2023-5672.json new file mode 100644 index 00000000000..51257788794 --- /dev/null +++ b/CVE-2023/CVE-2023-56xx/CVE-2023-5672.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-5672", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-26T19:15:07.937", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file path parameters when attaching files to emails, leading to local file inclusion, and allowing an attacker to leak the contents of arbitrary files." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/7c1dff5b-bed3-49f8-96cc-1bc9abe78749", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-56xx/CVE-2023-5673.json b/CVE-2023/CVE-2023-56xx/CVE-2023-5673.json new file mode 100644 index 00000000000..7edf89a484b --- /dev/null +++ b/CVE-2023/CVE-2023-56xx/CVE-2023-5673.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-5673", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-26T19:15:07.980", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file extensions uploading files to attach to emails, allowing attackers to upload PHP files, leading to remote code execution." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/231f72bf-9ad0-417e-b7a0-3555875749e9", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-56xx/CVE-2023-5674.json b/CVE-2023/CVE-2023-56xx/CVE-2023-5674.json new file mode 100644 index 00000000000..21c8e6c3549 --- /dev/null +++ b/CVE-2023/CVE-2023-56xx/CVE-2023-5674.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-5674", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-26T19:15:08.023", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/32a23d0d-7ece-4870-a99d-f3f344be2d67", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-59xx/CVE-2023-5931.json b/CVE-2023/CVE-2023-59xx/CVE-2023-5931.json new file mode 100644 index 00000000000..ed8f50c9479 --- /dev/null +++ b/CVE-2023/CVE-2023-59xx/CVE-2023-5931.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-5931", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-26T19:15:08.077", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 does not validate files to be uploaded, which could allow attackers with a low-privilege account (e.g. subscribers) to upload arbitrary files such as PHP on the server" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/3d6889e3-a01b-4e7f-868f-af7cc8c7531a", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-59xx/CVE-2023-5939.json b/CVE-2023/CVE-2023-59xx/CVE-2023-5939.json new file mode 100644 index 00000000000..0283297536d --- /dev/null +++ b/CVE-2023/CVE-2023-59xx/CVE-2023-5939.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-5939", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-26T19:15:08.120", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 loads the contents of the import file in an unsafe manner, leading to remote code execution by privileged users." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/db5d41fc-bcd3-414f-aa99-54d5537007bc", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-59xx/CVE-2023-5980.json b/CVE-2023/CVE-2023-59xx/CVE-2023-5980.json new file mode 100644 index 00000000000..f3a1f7fbf91 --- /dev/null +++ b/CVE-2023/CVE-2023-59xx/CVE-2023-5980.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-5980", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-26T19:15:08.167", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The BSK Forms Blacklist WordPress plugin before 3.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/b621261b-ae18-4853-9ace-7b773810529a", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-59xx/CVE-2023-5991.json b/CVE-2023/CVE-2023-59xx/CVE-2023-5991.json new file mode 100644 index 00000000000..a82c845ffc9 --- /dev/null +++ b/CVE-2023/CVE-2023-59xx/CVE-2023-5991.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-5991", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-26T19:15:08.213", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The Hotel Booking Lite WordPress plugin before 4.8.5 does not validate file paths provided via user input, as well as does not have proper CSRF and authorisation checks, allowing unauthenticated users to download and delete arbitrary files on the server" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/e9d35e36-1e60-4483-b8b3-5cbf08fcd49e", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-61xx/CVE-2023-6114.json b/CVE-2023/CVE-2023-61xx/CVE-2023-6114.json new file mode 100644 index 00000000000..754e7728927 --- /dev/null +++ b/CVE-2023/CVE-2023-61xx/CVE-2023-6114.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-6114", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-26T19:15:08.260", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The Duplicator WordPress plugin before 1.5.7.1, Duplicator Pro WordPress plugin before 4.5.14.2 does not disallow listing the `backups-dup-lite/tmp` directory (or the `backups-dup-pro/tmp` directory in the Pro version), which temporarily stores files containing sensitive data. When directory listing is enabled in the web server, this allows unauthenticated attackers to discover and access these sensitive files, which include a full database dump and a zip archive of the site." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://drive.google.com/file/d/1mpapFCqfZLv__EAM7uivrrl2h55rpi1V/view?usp=sharing", + "source": "contact@wpscan.com" + }, + { + "url": "https://wpscan.com/vulnerability/5c5d41b9-1463-4a9b-862f-e9ee600ef8e1", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-61xx/CVE-2023-6155.json b/CVE-2023/CVE-2023-61xx/CVE-2023-6155.json new file mode 100644 index 00000000000..36a58bb2e27 --- /dev/null +++ b/CVE-2023/CVE-2023-61xx/CVE-2023-6155.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-6155", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-26T19:15:08.307", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The Quiz Maker WordPress plugin before 6.4.9.5 does not adequately authorize the `ays_quiz_author_user_search` AJAX action, allowing an unauthenticated attacker to perform a search for users of the system, ultimately leaking user email addresses." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/c62be802-e91a-4bcf-990d-8fd8ef7c9a28", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-61xx/CVE-2023-6166.json b/CVE-2023/CVE-2023-61xx/CVE-2023-6166.json new file mode 100644 index 00000000000..96fab82d772 --- /dev/null +++ b/CVE-2023/CVE-2023-61xx/CVE-2023-6166.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-6166", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-26T19:15:08.350", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The Quiz Maker WordPress plugin before 6.4.9.5 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/e6155d9b-f6bb-4607-ad64-1976a8afe907", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-62xx/CVE-2023-6250.json b/CVE-2023/CVE-2023-62xx/CVE-2023-6250.json new file mode 100644 index 00000000000..d15ddca883a --- /dev/null +++ b/CVE-2023/CVE-2023-62xx/CVE-2023-6250.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-6250", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-26T19:15:08.403", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The BestWebSoft's Like & Share WordPress plugin before 2.74 discloses the content of password protected posts to unauthenticated users via a meta tag" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/6cad602b-7414-4867-8ae2-f0b846c4c8f0", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-62xx/CVE-2023-6268.json b/CVE-2023/CVE-2023-62xx/CVE-2023-6268.json new file mode 100644 index 00000000000..fbbb68af0bb --- /dev/null +++ b/CVE-2023/CVE-2023-62xx/CVE-2023-6268.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-6268", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-12-26T19:15:08.450", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The JSON Content Importer WordPress plugin before 1.5.4 does not sanitise and escape the tab parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://wpscan.com/vulnerability/15b9ab48-c038-4f2e-b823-1e374baae985", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7099.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7099.json index 484b1e1d8b2..2f710623379 100644 --- a/CVE-2023/CVE-2023-70xx/CVE-2023-7099.json +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7099.json @@ -2,12 +2,16 @@ "id": "CVE-2023-7099", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-25T03:15:08.620", - "lastModified": "2023-12-25T03:15:08.620", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This issue affects some unknown processing of the file bwdates-report-result.php. The manipulation of the argument fromdate leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-248951." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en PHPGurukul Nipah Virus Testing Management System 1.0 y clasificada como cr\u00edtica. Este problema afecta un procesamiento desconocido del archivo bwdates-report-result.php. La manipulaci\u00f3n del argumento fromdate conduce a la inyecci\u00f3n de SQL. El ataque puede iniciarse de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-248951." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-71xx/CVE-2023-7100.json b/CVE-2023/CVE-2023-71xx/CVE-2023-7100.json index 137d6db2e65..2bd5e50d58f 100644 --- a/CVE-2023/CVE-2023-71xx/CVE-2023-7100.json +++ b/CVE-2023/CVE-2023-71xx/CVE-2023-7100.json @@ -2,12 +2,16 @@ "id": "CVE-2023-7100", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-25T03:15:08.840", - "lastModified": "2023-12-25T08:15:08.013", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, was found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file /admin/bwdates-report-details.php. The manipulation of the argument fdate leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248952." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en PHPGurukul Restaurant Table Booking System 1.0 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo /admin/bwdates-report-details.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento fdate conduce a la inyecci\u00f3n de SQL. Es posible lanzar el ataque de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-248952." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-71xx/CVE-2023-7111.json b/CVE-2023/CVE-2023-71xx/CVE-2023-7111.json index ae56074eca5..a9c3c448235 100644 --- a/CVE-2023/CVE-2023-71xx/CVE-2023-7111.json +++ b/CVE-2023/CVE-2023-71xx/CVE-2023-7111.json @@ -2,12 +2,16 @@ "id": "CVE-2023-7111", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-26T03:15:09.040", - "lastModified": "2023-12-26T03:15:09.040", - "vulnStatus": "Received", + "lastModified": "2023-12-26T20:34:16.103", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", "value": "A vulnerability, which was classified as critical, was found in code-projects Library Management System 2.0. Affected is an unknown function of the file index.php. The manipulation of the argument category leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249006 is the identifier assigned to this vulnerability." + }, + { + "lang": "es", + "value": "Una vulnerabilidad fue encontrada en code-projects Library Management System 2.0 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo index.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n de la categor\u00eda de argumento conduce a la inyecci\u00f3n de SQL. Es posible lanzar el ataque de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. VDB-249006 es el identificador asignado a esta vulnerabilidad." } ], "metrics": { diff --git a/README.md b/README.md index d43f5442afe..29bed2c3ba5 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-12-26T19:00:24.160512+00:00 +2023-12-26T21:00:25.506229+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-12-26T18:15:09.030000+00:00 +2023-12-26T20:34:16.103000+00:00 ``` ### Last Data Feed Release @@ -29,40 +29,59 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -234256 +234271 ``` ### CVEs added in the last Commit -Recently added CVEs: `16` - -* [CVE-2015-10127](CVE-2015/CVE-2015-101xx/CVE-2015-10127.json) (`2023-12-26T17:15:07.923`) -* [CVE-2023-51095](CVE-2023/CVE-2023-510xx/CVE-2023-51095.json) (`2023-12-26T17:15:08.293`) -* [CVE-2023-43851](CVE-2023/CVE-2023-438xx/CVE-2023-43851.json) (`2023-12-26T18:15:07.987`) -* [CVE-2023-45251](CVE-2023/CVE-2023-452xx/CVE-2023-45251.json) (`2023-12-26T18:15:08.030`) -* [CVE-2023-51090](CVE-2023/CVE-2023-510xx/CVE-2023-51090.json) (`2023-12-26T18:15:08.073`) -* [CVE-2023-51091](CVE-2023/CVE-2023-510xx/CVE-2023-51091.json) (`2023-12-26T18:15:08.127`) -* [CVE-2023-51092](CVE-2023/CVE-2023-510xx/CVE-2023-51092.json) (`2023-12-26T18:15:08.173`) -* [CVE-2023-51093](CVE-2023/CVE-2023-510xx/CVE-2023-51093.json) (`2023-12-26T18:15:08.217`) -* [CVE-2023-51094](CVE-2023/CVE-2023-510xx/CVE-2023-51094.json) (`2023-12-26T18:15:08.267`) -* [CVE-2023-51097](CVE-2023/CVE-2023-510xx/CVE-2023-51097.json) (`2023-12-26T18:15:08.317`) -* [CVE-2023-51098](CVE-2023/CVE-2023-510xx/CVE-2023-51098.json) (`2023-12-26T18:15:08.367`) -* [CVE-2023-51099](CVE-2023/CVE-2023-510xx/CVE-2023-51099.json) (`2023-12-26T18:15:08.413`) -* [CVE-2023-51100](CVE-2023/CVE-2023-511xx/CVE-2023-51100.json) (`2023-12-26T18:15:08.460`) -* [CVE-2023-51101](CVE-2023/CVE-2023-511xx/CVE-2023-51101.json) (`2023-12-26T18:15:08.510`) -* [CVE-2023-51102](CVE-2023/CVE-2023-511xx/CVE-2023-51102.json) (`2023-12-26T18:15:08.657`) -* [CVE-2023-52086](CVE-2023/CVE-2023-520xx/CVE-2023-52086.json) (`2023-12-26T18:15:09.030`) +Recently added CVEs: `15` + +* [CVE-2023-5203](CVE-2023/CVE-2023-52xx/CVE-2023-5203.json) (`2023-12-26T19:15:07.770`) +* [CVE-2023-5644](CVE-2023/CVE-2023-56xx/CVE-2023-5644.json) (`2023-12-26T19:15:07.843`) +* [CVE-2023-5645](CVE-2023/CVE-2023-56xx/CVE-2023-5645.json) (`2023-12-26T19:15:07.890`) +* [CVE-2023-5672](CVE-2023/CVE-2023-56xx/CVE-2023-5672.json) (`2023-12-26T19:15:07.937`) +* [CVE-2023-5673](CVE-2023/CVE-2023-56xx/CVE-2023-5673.json) (`2023-12-26T19:15:07.980`) +* [CVE-2023-5674](CVE-2023/CVE-2023-56xx/CVE-2023-5674.json) (`2023-12-26T19:15:08.023`) +* [CVE-2023-5931](CVE-2023/CVE-2023-59xx/CVE-2023-5931.json) (`2023-12-26T19:15:08.077`) +* [CVE-2023-5939](CVE-2023/CVE-2023-59xx/CVE-2023-5939.json) (`2023-12-26T19:15:08.120`) +* [CVE-2023-5980](CVE-2023/CVE-2023-59xx/CVE-2023-5980.json) (`2023-12-26T19:15:08.167`) +* [CVE-2023-5991](CVE-2023/CVE-2023-59xx/CVE-2023-5991.json) (`2023-12-26T19:15:08.213`) +* [CVE-2023-6114](CVE-2023/CVE-2023-61xx/CVE-2023-6114.json) (`2023-12-26T19:15:08.260`) +* [CVE-2023-6155](CVE-2023/CVE-2023-61xx/CVE-2023-6155.json) (`2023-12-26T19:15:08.307`) +* [CVE-2023-6166](CVE-2023/CVE-2023-61xx/CVE-2023-6166.json) (`2023-12-26T19:15:08.350`) +* [CVE-2023-6250](CVE-2023/CVE-2023-62xx/CVE-2023-6250.json) (`2023-12-26T19:15:08.403`) +* [CVE-2023-6268](CVE-2023/CVE-2023-62xx/CVE-2023-6268.json) (`2023-12-26T19:15:08.450`) ### CVEs modified in the last Commit -Recently modified CVEs: `5` - -* [CVE-2012-6527](CVE-2012/CVE-2012-65xx/CVE-2012-6527.json) (`2023-12-26T17:03:55.613`) -* [CVE-2023-51767](CVE-2023/CVE-2023-517xx/CVE-2023-51767.json) (`2023-12-26T17:15:08.337`) -* [CVE-2023-32785](CVE-2023/CVE-2023-327xx/CVE-2023-32785.json) (`2023-12-26T18:15:07.743`) -* [CVE-2023-36189](CVE-2023/CVE-2023-361xx/CVE-2023-36189.json) (`2023-12-26T18:15:07.903`) -* [CVE-2023-51385](CVE-2023/CVE-2023-513xx/CVE-2023-51385.json) (`2023-12-26T18:15:08.817`) +Recently modified CVEs: `109` + +* [CVE-2023-50332](CVE-2023/CVE-2023-503xx/CVE-2023-50332.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-50339](CVE-2023/CVE-2023-503xx/CVE-2023-50339.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-51363](CVE-2023/CVE-2023-513xx/CVE-2023-51363.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-5180](CVE-2023/CVE-2023-51xx/CVE-2023-5180.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-50968](CVE-2023/CVE-2023-509xx/CVE-2023-50968.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-49949](CVE-2023/CVE-2023-499xx/CVE-2023-49949.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-51103](CVE-2023/CVE-2023-511xx/CVE-2023-51103.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-51104](CVE-2023/CVE-2023-511xx/CVE-2023-51104.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-51105](CVE-2023/CVE-2023-511xx/CVE-2023-51105.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-51106](CVE-2023/CVE-2023-511xx/CVE-2023-51106.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-51107](CVE-2023/CVE-2023-511xx/CVE-2023-51107.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-51467](CVE-2023/CVE-2023-514xx/CVE-2023-51467.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-51095](CVE-2023/CVE-2023-510xx/CVE-2023-51095.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-51090](CVE-2023/CVE-2023-510xx/CVE-2023-51090.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-51091](CVE-2023/CVE-2023-510xx/CVE-2023-51091.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-51092](CVE-2023/CVE-2023-510xx/CVE-2023-51092.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-51093](CVE-2023/CVE-2023-510xx/CVE-2023-51093.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-51094](CVE-2023/CVE-2023-510xx/CVE-2023-51094.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-51097](CVE-2023/CVE-2023-510xx/CVE-2023-51097.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-51098](CVE-2023/CVE-2023-510xx/CVE-2023-51098.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-51099](CVE-2023/CVE-2023-510xx/CVE-2023-51099.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-51100](CVE-2023/CVE-2023-511xx/CVE-2023-51100.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-51101](CVE-2023/CVE-2023-511xx/CVE-2023-51101.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-51102](CVE-2023/CVE-2023-511xx/CVE-2023-51102.json) (`2023-12-26T20:34:16.103`) +* [CVE-2023-52086](CVE-2023/CVE-2023-520xx/CVE-2023-52086.json) (`2023-12-26T20:34:16.103`) ## Download and Usage