Auto-Update: 2024-08-27T22:00:17.482108+00:00

fkie-cad · Aug 27, 2024 · b1c6a37 · b1c6a37
1 parent 37a7ba5
commit b1c6a37
Show file tree

Hide file tree

Showing 66 changed files with 3,155 additions and 340 deletions.
diff --git a/CVE-2018/CVE-2018-163xx/CVE-2018-16310.json b/CVE-2018/CVE-2018-163xx/CVE-2018-16310.json
@@ -2,7 +2,7 @@
   "id": "CVE-2018-16310",
   "sourceIdentifier": "[email protected]",
   "published": "2018-09-06T23:29:01.350",
-  "lastModified": "2024-08-05T11:15:27.340",
+  "lastModified": "2024-08-27T21:35:00.747",
   "vulnStatus": "Modified",
   "cveTags": [
     {
@@ -23,28 +23,6 @@
     }
   ],
   "metrics": {
-    "cvssMetricV31": [
-      {
-        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
-        "type": "Secondary",
-        "cvssData": {
-          "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
-          "attackVector": "NETWORK",
-          "attackComplexity": "LOW",
-          "privilegesRequired": "HIGH",
-          "userInteraction": "NONE",
-          "scope": "UNCHANGED",
-          "confidentialityImpact": "NONE",
-          "integrityImpact": "NONE",
-          "availabilityImpact": "HIGH",
-          "baseScore": 4.9,
-          "baseSeverity": "MEDIUM"
-        },
-        "exploitabilityScore": 1.2,
-        "impactScore": 3.6
-      }
-    ],
     "cvssMetricV30": [
       {
         "source": "[email protected]",

diff --git a/CVE-2022/CVE-2022-399xx/CVE-2022-39996.json b/CVE-2022/CVE-2022-399xx/CVE-2022-39996.json
@@ -2,7 +2,7 @@
   "id": "CVE-2022-39996",
   "sourceIdentifier": "[email protected]",
   "published": "2024-08-27T18:15:13.197",
-  "lastModified": "2024-08-27T19:35:01.613",
+  "lastModified": "2024-08-27T21:35:01.140",
   "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
@@ -18,19 +18,19 @@
         "type": "Secondary",
         "cvssData": {
           "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
-          "attackVector": "NETWORK",
+          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
+          "attackVector": "ADJACENT_NETWORK",
           "attackComplexity": "LOW",
           "privilegesRequired": "LOW",
           "userInteraction": "REQUIRED",
           "scope": "CHANGED",
           "confidentialityImpact": "LOW",
           "integrityImpact": "LOW",
           "availabilityImpact": "NONE",
-          "baseScore": 5.4,
+          "baseScore": 4.8,
           "baseSeverity": "MEDIUM"
         },
-        "exploitabilityScore": 2.3,
+        "exploitabilityScore": 1.7,
         "impactScore": 2.7
       }
     ]

diff --git a/CVE-2023/CVE-2023-415xx/CVE-2023-41506.json b/CVE-2023/CVE-2023-415xx/CVE-2023-41506.json
@@ -2,7 +2,7 @@
   "id": "CVE-2023-41506",
   "sourceIdentifier": "[email protected]",
   "published": "2024-02-27T02:15:06.267",
-  "lastModified": "2024-02-27T14:20:06.637",
+  "lastModified": "2024-08-27T20:35:01.473",
   "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
@@ -15,7 +15,42 @@
       "value": "Una vulnerabilidad de carga de archivos arbitrarios en la funci\u00f3n Actualizar/Editar imagen de perfil del estudiante de Student Enrollment In PHP v1.0 permite a los atacantes ejecutar c\u00f3digo arbitrario cargando un archivo PHP manipulado."
     }
   ],
-  "metrics": {},
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-434"
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://github.com/ASR511-OO7/CVE-2023-41506/blob/main/CVE-23",

diff --git a/CVE-2023/CVE-2023-429xx/CVE-2023-42954.json b/CVE-2023/CVE-2023-429xx/CVE-2023-42954.json
@@ -2,7 +2,7 @@
   "id": "CVE-2023-42954",
   "sourceIdentifier": "[email protected]",
   "published": "2024-03-21T23:15:09.517",
-  "lastModified": "2024-03-22T12:45:36.130",
+  "lastModified": "2024-08-27T20:35:05.607",
   "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
@@ -15,7 +15,42 @@
       "value": "Exist\u00eda un problema de escalada de privilegios en FileMaker Server, que potencialmente expon\u00eda informaci\u00f3n confidencial a sitios web front-end al iniciar sesi\u00f3n en la Consola de administraci\u00f3n con una funci\u00f3n de administrador. Este problema se solucion\u00f3 en FileMaker Server 20.3.1 reduciendo la informaci\u00f3n enviada en las solicitudes."
     }
   ],
-  "metrics": {},
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 6.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 5.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-250"
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://support.claris.com/s/answerview?anum=000041424&language=en_US",

diff --git a/CVE-2023/CVE-2023-471xx/CVE-2023-47132.json b/CVE-2023/CVE-2023-471xx/CVE-2023-47132.json
@@ -2,8 +2,8 @@
   "id": "CVE-2023-47132",
   "sourceIdentifier": "[email protected]",
   "published": "2024-02-08T23:15:09.877",
-  "lastModified": "2024-02-15T17:07:31.827",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-08-27T21:35:02.060",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -49,6 +49,16 @@
           "value": "NVD-CWE-Other"
         }
       ]
+    },
+    {
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-269"
+        }
+      ]
     }
   ],
   "configurations": [

diff --git a/CVE-2023/CVE-2023-509xx/CVE-2023-50967.json b/CVE-2023/CVE-2023-509xx/CVE-2023-50967.json
@@ -2,7 +2,7 @@
   "id": "CVE-2023-50967",
   "sourceIdentifier": "[email protected]",
   "published": "2024-03-20T16:15:07.570",
-  "lastModified": "2024-04-19T23:15:09.330",
+  "lastModified": "2024-08-27T21:35:03.017",
   "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
@@ -15,7 +15,42 @@
       "value": "Latchset jose hasta la versi\u00f3n 11 permite a los atacantes provocar una denegaci\u00f3n de servicio (consumo de CPU) a trav\u00e9s de un valor grande de p2c (tambi\u00e9n conocido como PBES2 Count)."
     }
   ],
-  "metrics": {},
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.5,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-400"
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://github.com/P3ngu1nW/CVE_Request/blob/main/latch-jose.md",

diff --git a/CVE-2023/CVE-2023-509xx/CVE-2023-50969.json b/CVE-2023/CVE-2023-509xx/CVE-2023-50969.json
@@ -2,7 +2,7 @@
   "id": "CVE-2023-50969",
   "sourceIdentifier": "[email protected]",
   "published": "2024-03-28T23:15:46.137",
-  "lastModified": "2024-03-29T12:45:02.937",
+  "lastModified": "2024-08-27T20:35:06.427",
   "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
@@ -15,7 +15,30 @@
       "value": "Thales Imperva SecureSphere WAF 14.7.0.40 permite a atacantes remotos eludir las reglas WAF mediante una solicitud POST manipulada, una vulnerabilidad diferente a CVE-2021-45468."
     }
   ],
-  "metrics": {},
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ]
+  },
   "references": [
     {
       "url": "https://docs.imperva.com/bundle/v14.7-waf-administration-guide/page/9282.htm",

diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51015.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51015.json
@@ -2,8 +2,8 @@
   "id": "CVE-2023-51015",
   "sourceIdentifier": "[email protected]",
   "published": "2023-12-22T19:15:09.450",
-  "lastModified": "2023-12-27T21:10:05.557",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-08-27T20:35:06.640",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -49,6 +49,16 @@
           "value": "NVD-CWE-noinfo"
         }
       ]
+    },
+    {
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-94"
+        }
+      ]
     }
   ],
   "configurations": [

diff --git a/CVE-2023/CVE-2023-510xx/CVE-2023-51026.json b/CVE-2023/CVE-2023-510xx/CVE-2023-51026.json
@@ -2,8 +2,8 @@
   "id": "CVE-2023-51026",
   "sourceIdentifier": "[email protected]",
   "published": "2023-12-22T18:15:07.907",
-  "lastModified": "2023-12-27T21:10:48.950",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-08-27T21:35:04.070",
+  "vulnStatus": "Modified",
   "cveTags": [],
   "descriptions": [
     {
@@ -49,6 +49,16 @@
           "value": "NVD-CWE-noinfo"
         }
       ]
+    },
+    {
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-94"
+        }
+      ]
     }
   ],
   "configurations": [