From b84871fc9ab1a345f64affcfcd6619c42617f35a Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sat, 2 Sep 2023 00:05:54 +0000 Subject: [PATCH] generated content from 2023-09-02 --- mapping.csv | 79 +++++++++++++++++++ ...-0141a9cf-be44-45e2-bfe9-ffc66134b902.json | 22 ++++++ ...-033166c3-c2b8-4e84-ab4f-0ef85d9fc497.json | 22 ++++++ ...-075a18ac-7f8a-47b5-bfff-0be1a9f1ab8e.json | 22 ++++++ ...-0af5d330-3222-4c31-aaeb-2ff5e78a0d23.json | 22 ++++++ ...-12f60047-1f4d-4a20-b1e9-38d5b2772d5c.json | 22 ++++++ ...-14be966a-8edf-4803-806f-ecff86293665.json | 22 ++++++ ...-167b4326-4ad8-428c-9144-ae8eba0eb5db.json | 22 ++++++ ...-16f0e723-8925-4d2e-97df-da60304699c7.json | 22 ++++++ ...-19621275-8efc-4d69-9614-87b415aa135d.json | 22 ++++++ ...-1f10d38c-0dec-405c-a4db-605fc4470235.json | 22 ++++++ ...-20c8787d-3c14-4cc5-9b6a-bd2c6014a50a.json | 22 ++++++ ...-2cede485-4d30-49f2-9c1c-033854dfbd1e.json | 22 ++++++ ...-2eaf0ad9-6195-44ee-920b-f2b7ea843028.json | 22 ++++++ ...-2edda179-34d6-4e35-a99a-5254fb277c1b.json | 22 ++++++ ...-2f1cd38f-1e84-4c4b-be32-9a7d5f0778b1.json | 22 ++++++ ...-332e1603-8de2-46f2-bf9e-966955e8e040.json | 22 ++++++ ...-3db337b9-1a24-488b-9b0f-6d8e366fce7b.json | 22 ++++++ ...-3db50817-5ed3-4fec-bd61-50e24cb4657a.json | 22 ++++++ ...-40bcb3c4-10e0-49ff-8d6a-534c4e16dda0.json | 22 ++++++ ...-40ccfd08-a9f9-4572-9977-c2210ccb73d3.json | 22 ++++++ ...-44e4b3b0-b663-4a92-9e4c-1f4cb798af90.json | 22 ++++++ ...-45c2c47e-180d-4932-91a1-e5d2dea3ce24.json | 22 ++++++ ...-467bf023-1654-49dc-bfed-06173181b05d.json | 22 ++++++ ...-4bc9e828-fece-4473-9bec-43f7fae15d0a.json | 22 ++++++ ...-4c5f69e6-b928-4158-a52b-99a8f97f74a0.json | 22 ++++++ ...-4de2393b-6c99-4e84-ad17-a6cb77479360.json | 22 ++++++ ...-4df4e10d-a0dc-40c3-8f6a-397a4d7e18fc.json | 22 ++++++ ...-5104591f-da91-4468-ad01-932c230d05d6.json | 22 ++++++ ...-53d7382e-aed3-413a-bcc9-d27b4e2f00ab.json | 22 ++++++ ...-540ebb35-89eb-496e-a267-6b2ed9c0a91f.json | 22 ++++++ ...-5554d532-7d51-4f4d-8d3a-10651e5ccb8b.json | 22 ++++++ ...-694d9716-dc52-4f6c-8ecc-27664428a02e.json | 22 ++++++ ...-6c57c392-8382-40a5-8bd0-f3e5f99ef827.json | 22 ++++++ ...-700a9597-6689-425e-986d-613289c06b3a.json | 22 ++++++ ...-704acf38-9d37-466c-af42-d4b6976a61ee.json | 22 ++++++ ...-714cfaaa-fe99-4652-b672-f04938c6d9ae.json | 22 ++++++ ...-71d402ab-ec48-4f66-b1d8-5337ceb78823.json | 22 ++++++ ...-737807d4-ec13-42cb-9708-7a34e16084b2.json | 22 ++++++ ...-74cad8e8-881a-444c-8020-8c77c54a85f4.json | 22 ++++++ ...-789682c7-38eb-4880-8196-406ce15af1f1.json | 22 ++++++ ...-78b0d7e0-5cd0-4394-861a-f3054cfb0e2c.json | 22 ++++++ ...-7a12a991-9a3c-4c5d-9f1c-cf5f94f1ada1.json | 22 ++++++ ...-7d3e8d9e-677d-4537-b805-dc6f7babaa37.json | 22 ++++++ ...-7d42a22b-5a89-4846-942f-84c3c0983f45.json | 22 ++++++ ...-7d54f386-6398-4d74-9f59-bc74af19ad89.json | 22 ++++++ ...-830b5706-2265-439b-b9e2-91ca0cf8c30f.json | 22 ++++++ ...-8dfca7d3-a09b-4157-8fbc-73eac99a3f66.json | 22 ++++++ ...-93be119a-c567-4a67-81c2-1cc3d0c7d09e.json | 22 ++++++ ...-94c08bee-452a-416e-83ca-d7426b82249d.json | 22 ++++++ ...-98dfb570-c0a3-4098-9525-c3168eab5f68.json | 22 ++++++ ...-994879ae-e4cb-4fa6-9f79-9e6bbf792b7f.json | 22 ++++++ ...-9cca07fd-b5fe-4c3c-941d-3cb8feac1a4b.json | 22 ++++++ ...-9d46c3b4-00a4-417d-88cc-989a257e1643.json | 22 ++++++ ...-9f9be1c7-4736-4cc1-8175-210cdaa5b99f.json | 22 ++++++ ...-a4a608c9-e746-4f87-8d4c-c06f9ebdfce0.json | 22 ++++++ ...-a5a2e563-5f26-4b24-9ab9-ec943402a447.json | 22 ++++++ ...-a5a4e792-b9eb-4d59-9c9d-86eeb95c5ddb.json | 22 ++++++ ...-ab288444-a0c5-441f-918e-c8ebd9e4eb27.json | 22 ++++++ ...-b4535fc0-0393-4ee5-a75a-f50afcc5c41c.json | 22 ++++++ ...-b85c2712-4330-4912-be4e-dc0ced48b956.json | 22 ++++++ ...-bf334d5b-4f2e-437d-a0e2-cdbd48dc5614.json | 22 ++++++ ...-c0449620-2440-4715-9a2f-c49026404524.json | 22 ++++++ ...-c0724848-d67f-4c1f-9c5d-46f1c6a98428.json | 22 ++++++ ...-c89f06ff-36a9-4d93-8e80-e6b668c3285a.json | 22 ++++++ ...-cb5fd30b-e04b-41ee-9685-799054015651.json | 22 ++++++ ...-ce0f4059-f629-4743-9eb4-457eb00be4b3.json | 22 ++++++ ...-d61b79f2-9b49-42a3-8c35-0d1834c9d644.json | 22 ++++++ ...-d90656f3-b94f-4fd6-8ef1-2c6d8f25f52a.json | 22 ++++++ ...-d9f6e3a4-0251-4271-9fec-7cd28c9a71c8.json | 22 ++++++ ...-da68b485-37ff-4da9-bc13-86251b3623e6.json | 22 ++++++ ...-ddc63b35-537b-44c0-9234-643c30e19b90.json | 22 ++++++ ...-e4eef4f5-46db-4cc3-8db4-725a9574eb2f.json | 22 ++++++ ...-e8ab44f3-df93-4f8d-bf31-18f576455bd2.json | 22 ++++++ ...-ea667a12-cee7-4977-b0b4-fc0523f5c6b0.json | 22 ++++++ ...-eb391cc6-a471-491b-9922-5a041744c6cd.json | 22 ++++++ ...-ec92aec5-f098-436b-bdf3-9d38941a2614.json | 22 ++++++ ...-fa9a9144-c7c8-4586-a17f-160729555083.json | 22 ++++++ ...-fbbd2b36-7775-4cb1-904a-ce7c96d3b349.json | 22 ++++++ ...-fc6b2bc7-2e1c-4985-bd8c-f9d29687358b.json | 22 ++++++ 80 files changed, 1817 insertions(+) create mode 100644 objects/vulnerability/vulnerability--0141a9cf-be44-45e2-bfe9-ffc66134b902.json create mode 100644 objects/vulnerability/vulnerability--033166c3-c2b8-4e84-ab4f-0ef85d9fc497.json create mode 100644 objects/vulnerability/vulnerability--075a18ac-7f8a-47b5-bfff-0be1a9f1ab8e.json create mode 100644 objects/vulnerability/vulnerability--0af5d330-3222-4c31-aaeb-2ff5e78a0d23.json create mode 100644 objects/vulnerability/vulnerability--12f60047-1f4d-4a20-b1e9-38d5b2772d5c.json create mode 100644 objects/vulnerability/vulnerability--14be966a-8edf-4803-806f-ecff86293665.json create mode 100644 objects/vulnerability/vulnerability--167b4326-4ad8-428c-9144-ae8eba0eb5db.json create mode 100644 objects/vulnerability/vulnerability--16f0e723-8925-4d2e-97df-da60304699c7.json create mode 100644 objects/vulnerability/vulnerability--19621275-8efc-4d69-9614-87b415aa135d.json create mode 100644 objects/vulnerability/vulnerability--1f10d38c-0dec-405c-a4db-605fc4470235.json create mode 100644 objects/vulnerability/vulnerability--20c8787d-3c14-4cc5-9b6a-bd2c6014a50a.json create mode 100644 objects/vulnerability/vulnerability--2cede485-4d30-49f2-9c1c-033854dfbd1e.json create mode 100644 objects/vulnerability/vulnerability--2eaf0ad9-6195-44ee-920b-f2b7ea843028.json create mode 100644 objects/vulnerability/vulnerability--2edda179-34d6-4e35-a99a-5254fb277c1b.json create mode 100644 objects/vulnerability/vulnerability--2f1cd38f-1e84-4c4b-be32-9a7d5f0778b1.json create mode 100644 objects/vulnerability/vulnerability--332e1603-8de2-46f2-bf9e-966955e8e040.json create mode 100644 objects/vulnerability/vulnerability--3db337b9-1a24-488b-9b0f-6d8e366fce7b.json create mode 100644 objects/vulnerability/vulnerability--3db50817-5ed3-4fec-bd61-50e24cb4657a.json create mode 100644 objects/vulnerability/vulnerability--40bcb3c4-10e0-49ff-8d6a-534c4e16dda0.json create mode 100644 objects/vulnerability/vulnerability--40ccfd08-a9f9-4572-9977-c2210ccb73d3.json create mode 100644 objects/vulnerability/vulnerability--44e4b3b0-b663-4a92-9e4c-1f4cb798af90.json create mode 100644 objects/vulnerability/vulnerability--45c2c47e-180d-4932-91a1-e5d2dea3ce24.json create mode 100644 objects/vulnerability/vulnerability--467bf023-1654-49dc-bfed-06173181b05d.json create mode 100644 objects/vulnerability/vulnerability--4bc9e828-fece-4473-9bec-43f7fae15d0a.json create mode 100644 objects/vulnerability/vulnerability--4c5f69e6-b928-4158-a52b-99a8f97f74a0.json create mode 100644 objects/vulnerability/vulnerability--4de2393b-6c99-4e84-ad17-a6cb77479360.json create mode 100644 objects/vulnerability/vulnerability--4df4e10d-a0dc-40c3-8f6a-397a4d7e18fc.json create mode 100644 objects/vulnerability/vulnerability--5104591f-da91-4468-ad01-932c230d05d6.json create mode 100644 objects/vulnerability/vulnerability--53d7382e-aed3-413a-bcc9-d27b4e2f00ab.json create mode 100644 objects/vulnerability/vulnerability--540ebb35-89eb-496e-a267-6b2ed9c0a91f.json create mode 100644 objects/vulnerability/vulnerability--5554d532-7d51-4f4d-8d3a-10651e5ccb8b.json create mode 100644 objects/vulnerability/vulnerability--694d9716-dc52-4f6c-8ecc-27664428a02e.json create mode 100644 objects/vulnerability/vulnerability--6c57c392-8382-40a5-8bd0-f3e5f99ef827.json create mode 100644 objects/vulnerability/vulnerability--700a9597-6689-425e-986d-613289c06b3a.json create mode 100644 objects/vulnerability/vulnerability--704acf38-9d37-466c-af42-d4b6976a61ee.json create mode 100644 objects/vulnerability/vulnerability--714cfaaa-fe99-4652-b672-f04938c6d9ae.json create mode 100644 objects/vulnerability/vulnerability--71d402ab-ec48-4f66-b1d8-5337ceb78823.json create mode 100644 objects/vulnerability/vulnerability--737807d4-ec13-42cb-9708-7a34e16084b2.json create mode 100644 objects/vulnerability/vulnerability--74cad8e8-881a-444c-8020-8c77c54a85f4.json create mode 100644 objects/vulnerability/vulnerability--789682c7-38eb-4880-8196-406ce15af1f1.json create mode 100644 objects/vulnerability/vulnerability--78b0d7e0-5cd0-4394-861a-f3054cfb0e2c.json create mode 100644 objects/vulnerability/vulnerability--7a12a991-9a3c-4c5d-9f1c-cf5f94f1ada1.json create mode 100644 objects/vulnerability/vulnerability--7d3e8d9e-677d-4537-b805-dc6f7babaa37.json create mode 100644 objects/vulnerability/vulnerability--7d42a22b-5a89-4846-942f-84c3c0983f45.json create mode 100644 objects/vulnerability/vulnerability--7d54f386-6398-4d74-9f59-bc74af19ad89.json create mode 100644 objects/vulnerability/vulnerability--830b5706-2265-439b-b9e2-91ca0cf8c30f.json create mode 100644 objects/vulnerability/vulnerability--8dfca7d3-a09b-4157-8fbc-73eac99a3f66.json create mode 100644 objects/vulnerability/vulnerability--93be119a-c567-4a67-81c2-1cc3d0c7d09e.json create mode 100644 objects/vulnerability/vulnerability--94c08bee-452a-416e-83ca-d7426b82249d.json create mode 100644 objects/vulnerability/vulnerability--98dfb570-c0a3-4098-9525-c3168eab5f68.json create mode 100644 objects/vulnerability/vulnerability--994879ae-e4cb-4fa6-9f79-9e6bbf792b7f.json create mode 100644 objects/vulnerability/vulnerability--9cca07fd-b5fe-4c3c-941d-3cb8feac1a4b.json create mode 100644 objects/vulnerability/vulnerability--9d46c3b4-00a4-417d-88cc-989a257e1643.json create mode 100644 objects/vulnerability/vulnerability--9f9be1c7-4736-4cc1-8175-210cdaa5b99f.json create mode 100644 objects/vulnerability/vulnerability--a4a608c9-e746-4f87-8d4c-c06f9ebdfce0.json create mode 100644 objects/vulnerability/vulnerability--a5a2e563-5f26-4b24-9ab9-ec943402a447.json create mode 100644 objects/vulnerability/vulnerability--a5a4e792-b9eb-4d59-9c9d-86eeb95c5ddb.json create mode 100644 objects/vulnerability/vulnerability--ab288444-a0c5-441f-918e-c8ebd9e4eb27.json create mode 100644 objects/vulnerability/vulnerability--b4535fc0-0393-4ee5-a75a-f50afcc5c41c.json create mode 100644 objects/vulnerability/vulnerability--b85c2712-4330-4912-be4e-dc0ced48b956.json create mode 100644 objects/vulnerability/vulnerability--bf334d5b-4f2e-437d-a0e2-cdbd48dc5614.json create mode 100644 objects/vulnerability/vulnerability--c0449620-2440-4715-9a2f-c49026404524.json create mode 100644 objects/vulnerability/vulnerability--c0724848-d67f-4c1f-9c5d-46f1c6a98428.json create mode 100644 objects/vulnerability/vulnerability--c89f06ff-36a9-4d93-8e80-e6b668c3285a.json create mode 100644 objects/vulnerability/vulnerability--cb5fd30b-e04b-41ee-9685-799054015651.json create mode 100644 objects/vulnerability/vulnerability--ce0f4059-f629-4743-9eb4-457eb00be4b3.json create mode 100644 objects/vulnerability/vulnerability--d61b79f2-9b49-42a3-8c35-0d1834c9d644.json create mode 100644 objects/vulnerability/vulnerability--d90656f3-b94f-4fd6-8ef1-2c6d8f25f52a.json create mode 100644 objects/vulnerability/vulnerability--d9f6e3a4-0251-4271-9fec-7cd28c9a71c8.json create mode 100644 objects/vulnerability/vulnerability--da68b485-37ff-4da9-bc13-86251b3623e6.json create mode 100644 objects/vulnerability/vulnerability--ddc63b35-537b-44c0-9234-643c30e19b90.json create mode 100644 objects/vulnerability/vulnerability--e4eef4f5-46db-4cc3-8db4-725a9574eb2f.json create mode 100644 objects/vulnerability/vulnerability--e8ab44f3-df93-4f8d-bf31-18f576455bd2.json create mode 100644 objects/vulnerability/vulnerability--ea667a12-cee7-4977-b0b4-fc0523f5c6b0.json create mode 100644 objects/vulnerability/vulnerability--eb391cc6-a471-491b-9922-5a041744c6cd.json create mode 100644 objects/vulnerability/vulnerability--ec92aec5-f098-436b-bdf3-9d38941a2614.json create mode 100644 objects/vulnerability/vulnerability--fa9a9144-c7c8-4586-a17f-160729555083.json create mode 100644 objects/vulnerability/vulnerability--fbbd2b36-7775-4cb1-904a-ce7c96d3b349.json create mode 100644 objects/vulnerability/vulnerability--fc6b2bc7-2e1c-4985-bd8c-f9d29687358b.json diff --git a/mapping.csv b/mapping.csv index e41f9f4cd09..fbfa2a21dc7 100644 --- a/mapping.csv +++ b/mapping.csv @@ -211525,3 +211525,82 @@ vulnerability,CVE-2023-2173,vulnerability--1f8d764a-55ff-4dd4-b2f4-35816f26075f vulnerability,CVE-2022-45451,vulnerability--56ffacc8-62e0-4819-94d2-47560eb52f82 vulnerability,CVE-2022-46868,vulnerability--3dae4ab2-cf9b-44d2-a1ff-eb72a9a2e70c vulnerability,CVE-2022-46869,vulnerability--98fd7fbe-77b3-4d42-be9b-ee12b68416e1 +vulnerability,CVE-2023-40980,vulnerability--98dfb570-c0a3-4098-9525-c3168eab5f68 +vulnerability,CVE-2023-40771,vulnerability--2cede485-4d30-49f2-9c1c-033854dfbd1e +vulnerability,CVE-2023-40969,vulnerability--789682c7-38eb-4880-8196-406ce15af1f1 +vulnerability,CVE-2023-40239,vulnerability--ea667a12-cee7-4977-b0b4-fc0523f5c6b0 +vulnerability,CVE-2023-40970,vulnerability--ddc63b35-537b-44c0-9234-643c30e19b90 +vulnerability,CVE-2023-40968,vulnerability--c0449620-2440-4715-9a2f-c49026404524 +vulnerability,CVE-2023-37829,vulnerability--9f9be1c7-4736-4cc1-8175-210cdaa5b99f +vulnerability,CVE-2023-37893,vulnerability--4bc9e828-fece-4473-9bec-43f7fae15d0a +vulnerability,CVE-2023-37827,vulnerability--78b0d7e0-5cd0-4394-861a-f3054cfb0e2c +vulnerability,CVE-2023-37826,vulnerability--cb5fd30b-e04b-41ee-9685-799054015651 +vulnerability,CVE-2023-37830,vulnerability--d61b79f2-9b49-42a3-8c35-0d1834c9d644 +vulnerability,CVE-2023-37997,vulnerability--6c57c392-8382-40a5-8bd0-f3e5f99ef827 +vulnerability,CVE-2023-37986,vulnerability--7d3e8d9e-677d-4537-b805-dc6f7babaa37 +vulnerability,CVE-2023-37828,vulnerability--7d42a22b-5a89-4846-942f-84c3c0983f45 +vulnerability,CVE-2023-37994,vulnerability--19621275-8efc-4d69-9614-87b415aa135d +vulnerability,CVE-2023-28366,vulnerability--d9f6e3a4-0251-4271-9fec-7cd28c9a71c8 +vulnerability,CVE-2023-3297,vulnerability--994879ae-e4cb-4fa6-9f79-9e6bbf792b7f +vulnerability,CVE-2023-3950,vulnerability--a5a2e563-5f26-4b24-9ab9-ec943402a447 +vulnerability,CVE-2023-3915,vulnerability--7d54f386-6398-4d74-9f59-bc74af19ad89 +vulnerability,CVE-2023-3205,vulnerability--74cad8e8-881a-444c-8020-8c77c54a85f4 +vulnerability,CVE-2023-3210,vulnerability--7a12a991-9a3c-4c5d-9f1c-cf5f94f1ada1 +vulnerability,CVE-2023-39582,vulnerability--467bf023-1654-49dc-bfed-06173181b05d +vulnerability,CVE-2023-39714,vulnerability--ab288444-a0c5-441f-918e-c8ebd9e4eb27 +vulnerability,CVE-2023-39703,vulnerability--a5a4e792-b9eb-4d59-9c9d-86eeb95c5ddb +vulnerability,CVE-2023-39685,vulnerability--c89f06ff-36a9-4d93-8e80-e6b668c3285a +vulnerability,CVE-2023-39710,vulnerability--94c08bee-452a-416e-83ca-d7426b82249d +vulnerability,CVE-2023-39631,vulnerability--16f0e723-8925-4d2e-97df-da60304699c7 +vulnerability,CVE-2023-1279,vulnerability--c0724848-d67f-4c1f-9c5d-46f1c6a98428 +vulnerability,CVE-2023-1523,vulnerability--2eaf0ad9-6195-44ee-920b-f2b7ea843028 +vulnerability,CVE-2023-1555,vulnerability--4de2393b-6c99-4e84-ad17-a6cb77479360 +vulnerability,CVE-2023-23763,vulnerability--ec92aec5-f098-436b-bdf3-9d38941a2614 +vulnerability,CVE-2023-36326,vulnerability--e8ab44f3-df93-4f8d-bf31-18f576455bd2 +vulnerability,CVE-2023-36327,vulnerability--167b4326-4ad8-428c-9144-ae8eba0eb5db +vulnerability,CVE-2023-36100,vulnerability--fc6b2bc7-2e1c-4985-bd8c-f9d29687358b +vulnerability,CVE-2023-36187,vulnerability--e4eef4f5-46db-4cc3-8db4-725a9574eb2f +vulnerability,CVE-2023-36076,vulnerability--075a18ac-7f8a-47b5-bfff-0be1a9f1ab8e +vulnerability,CVE-2023-36088,vulnerability--b85c2712-4330-4912-be4e-dc0ced48b956 +vulnerability,CVE-2023-36328,vulnerability--eb391cc6-a471-491b-9922-5a041744c6cd +vulnerability,CVE-2023-25042,vulnerability--da68b485-37ff-4da9-bc13-86251b3623e6 +vulnerability,CVE-2023-25488,vulnerability--9cca07fd-b5fe-4c3c-941d-3cb8feac1a4b +vulnerability,CVE-2023-25477,vulnerability--b4535fc0-0393-4ee5-a75a-f50afcc5c41c +vulnerability,CVE-2023-25044,vulnerability--53d7382e-aed3-413a-bcc9-d27b4e2f00ab +vulnerability,CVE-2023-34011,vulnerability--700a9597-6689-425e-986d-613289c06b3a +vulnerability,CVE-2023-41364,vulnerability--033166c3-c2b8-4e84-ab4f-0ef85d9fc497 +vulnerability,CVE-2023-41051,vulnerability--704acf38-9d37-466c-af42-d4b6976a61ee +vulnerability,CVE-2023-41628,vulnerability--a4a608c9-e746-4f87-8d4c-c06f9ebdfce0 +vulnerability,CVE-2023-41633,vulnerability--9d46c3b4-00a4-417d-88cc-989a257e1643 +vulnerability,CVE-2023-41049,vulnerability--14be966a-8edf-4803-806f-ecff86293665 +vulnerability,CVE-2023-41627,vulnerability--8dfca7d3-a09b-4157-8fbc-73eac99a3f66 +vulnerability,CVE-2023-41046,vulnerability--44e4b3b0-b663-4a92-9e4c-1f4cb798af90 +vulnerability,CVE-2023-0120,vulnerability--ce0f4059-f629-4743-9eb4-457eb00be4b3 +vulnerability,CVE-2023-24674,vulnerability--bf334d5b-4f2e-437d-a0e2-cdbd48dc5614 +vulnerability,CVE-2023-24675,vulnerability--714cfaaa-fe99-4652-b672-f04938c6d9ae +vulnerability,CVE-2023-24412,vulnerability--71d402ab-ec48-4f66-b1d8-5337ceb78823 +vulnerability,CVE-2023-4708,vulnerability--2edda179-34d6-4e35-a99a-5254fb277c1b +vulnerability,CVE-2023-4697,vulnerability--4df4e10d-a0dc-40c3-8f6a-397a4d7e18fc +vulnerability,CVE-2023-4711,vulnerability--20c8787d-3c14-4cc5-9b6a-bd2c6014a50a +vulnerability,CVE-2023-4714,vulnerability--2f1cd38f-1e84-4c4b-be32-9a7d5f0778b1 +vulnerability,CVE-2023-4713,vulnerability--332e1603-8de2-46f2-bf9e-966955e8e040 +vulnerability,CVE-2023-4710,vulnerability--fa9a9144-c7c8-4586-a17f-160729555083 +vulnerability,CVE-2023-4378,vulnerability--fbbd2b36-7775-4cb1-904a-ce7c96d3b349 +vulnerability,CVE-2023-4647,vulnerability--40ccfd08-a9f9-4572-9977-c2210ccb73d3 +vulnerability,CVE-2023-4707,vulnerability--0141a9cf-be44-45e2-bfe9-ffc66134b902 +vulnerability,CVE-2023-4018,vulnerability--3db337b9-1a24-488b-9b0f-6d8e366fce7b +vulnerability,CVE-2023-4695,vulnerability--737807d4-ec13-42cb-9708-7a34e16084b2 +vulnerability,CVE-2023-4709,vulnerability--694d9716-dc52-4f6c-8ecc-27664428a02e +vulnerability,CVE-2023-4720,vulnerability--540ebb35-89eb-496e-a267-6b2ed9c0a91f +vulnerability,CVE-2023-4704,vulnerability--45c2c47e-180d-4932-91a1-e5d2dea3ce24 +vulnerability,CVE-2023-4712,vulnerability--d90656f3-b94f-4fd6-8ef1-2c6d8f25f52a +vulnerability,CVE-2023-4698,vulnerability--40bcb3c4-10e0-49ff-8d6a-534c4e16dda0 +vulnerability,CVE-2023-4721,vulnerability--93be119a-c567-4a67-81c2-1cc3d0c7d09e +vulnerability,CVE-2023-4696,vulnerability--5554d532-7d51-4f4d-8d3a-10651e5ccb8b +vulnerability,CVE-2023-4722,vulnerability--12f60047-1f4d-4a20-b1e9-38d5b2772d5c +vulnerability,CVE-2020-22612,vulnerability--4c5f69e6-b928-4158-a52b-99a8f97f74a0 +vulnerability,CVE-2022-3407,vulnerability--3db50817-5ed3-4fec-bd61-50e24cb4657a +vulnerability,CVE-2022-46527,vulnerability--5104591f-da91-4468-ad01-932c230d05d6 +vulnerability,CVE-2022-22305,vulnerability--830b5706-2265-439b-b9e2-91ca0cf8c30f +vulnerability,CVE-2022-44349,vulnerability--0af5d330-3222-4c31-aaeb-2ff5e78a0d23 +vulnerability,CVE-2022-4343,vulnerability--1f10d38c-0dec-405c-a4db-605fc4470235 diff --git a/objects/vulnerability/vulnerability--0141a9cf-be44-45e2-bfe9-ffc66134b902.json b/objects/vulnerability/vulnerability--0141a9cf-be44-45e2-bfe9-ffc66134b902.json new file mode 100644 index 00000000000..3700adcef2b --- /dev/null +++ b/objects/vulnerability/vulnerability--0141a9cf-be44-45e2-bfe9-ffc66134b902.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1b7620b9-14fa-4731-8d80-10d86b3a37ee", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0141a9cf-be44-45e2-bfe9-ffc66134b902", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.636346Z", + "modified": "2023-09-02T00:05:25.636346Z", + "name": "CVE-2023-4707", + "description": "A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been declared as problematic. This vulnerability affects unknown code of the file /collection/all. The manipulation of the argument q leads to cross site scripting. The attack can be initiated remotely. VDB-238570 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4707" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--033166c3-c2b8-4e84-ab4f-0ef85d9fc497.json b/objects/vulnerability/vulnerability--033166c3-c2b8-4e84-ab4f-0ef85d9fc497.json new file mode 100644 index 00000000000..8d8e3dd668b --- /dev/null +++ b/objects/vulnerability/vulnerability--033166c3-c2b8-4e84-ab4f-0ef85d9fc497.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--db754683-b726-4990-8252-273ca87a1c27", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--033166c3-c2b8-4e84-ab4f-0ef85d9fc497", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.901428Z", + "modified": "2023-09-02T00:05:24.901428Z", + "name": "CVE-2023-41364", + "description": "In tine through 2023.01.14.325, the sort parameter of the /index.php endpoint allows SQL Injection.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-41364" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--075a18ac-7f8a-47b5-bfff-0be1a9f1ab8e.json b/objects/vulnerability/vulnerability--075a18ac-7f8a-47b5-bfff-0be1a9f1ab8e.json new file mode 100644 index 00000000000..2c4e82178a8 --- /dev/null +++ b/objects/vulnerability/vulnerability--075a18ac-7f8a-47b5-bfff-0be1a9f1ab8e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--85ce1577-2c2c-41b8-ac5e-fa128a5c0957", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--075a18ac-7f8a-47b5-bfff-0be1a9f1ab8e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.256715Z", + "modified": "2023-09-02T00:05:24.256715Z", + "name": "CVE-2023-36076", + "description": "SQL Injection vulnerability in smanga version 3.1.9 and earlier, allows remote attackers to execute arbitrary code and gain sensitive information via mediaId, mangaId, and userId parameters in php/history/add.php.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-36076" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0af5d330-3222-4c31-aaeb-2ff5e78a0d23.json b/objects/vulnerability/vulnerability--0af5d330-3222-4c31-aaeb-2ff5e78a0d23.json new file mode 100644 index 00000000000..4e9d32acc8d --- /dev/null +++ b/objects/vulnerability/vulnerability--0af5d330-3222-4c31-aaeb-2ff5e78a0d23.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ac42a42d-a8c6-4144-b3f5-84a023fadcfc", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0af5d330-3222-4c31-aaeb-2ff5e78a0d23", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:39.429457Z", + "modified": "2023-09-02T00:05:39.429457Z", + "name": "CVE-2022-44349", + "description": "NAVBLUE S.A.S N-Ops & Crew 22.5-rc.50 is vulnerable to Cross Site Scripting (XSS).", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-44349" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--12f60047-1f4d-4a20-b1e9-38d5b2772d5c.json b/objects/vulnerability/vulnerability--12f60047-1f4d-4a20-b1e9-38d5b2772d5c.json new file mode 100644 index 00000000000..879cc3d4c7e --- /dev/null +++ b/objects/vulnerability/vulnerability--12f60047-1f4d-4a20-b1e9-38d5b2772d5c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--65d123c5-a481-4cc6-9bd3-98072a88b41e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--12f60047-1f4d-4a20-b1e9-38d5b2772d5c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.699165Z", + "modified": "2023-09-02T00:05:25.699165Z", + "name": "CVE-2023-4722", + "description": "Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.3-DEV.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4722" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--14be966a-8edf-4803-806f-ecff86293665.json b/objects/vulnerability/vulnerability--14be966a-8edf-4803-806f-ecff86293665.json new file mode 100644 index 00000000000..66abe820b8b --- /dev/null +++ b/objects/vulnerability/vulnerability--14be966a-8edf-4803-806f-ecff86293665.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--681e6ca9-b5d5-4aad-9f56-13a729e0441a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--14be966a-8edf-4803-806f-ecff86293665", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.941107Z", + "modified": "2023-09-02T00:05:24.941107Z", + "name": "CVE-2023-41049", + "description": "@dcl/single-sign-on-client is an open source npm library which deals with single sign on authentication flows. Improper input validation in the `init` function allows arbitrary javascript to be executed using the `javascript:` prefix. This vulnerability has been patched on version `0.1.0`. Users are advised to upgrade. Users unable to upgrade should limit untrusted user input to the `init` function.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-41049" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--167b4326-4ad8-428c-9144-ae8eba0eb5db.json b/objects/vulnerability/vulnerability--167b4326-4ad8-428c-9144-ae8eba0eb5db.json new file mode 100644 index 00000000000..d22a3e4727e --- /dev/null +++ b/objects/vulnerability/vulnerability--167b4326-4ad8-428c-9144-ae8eba0eb5db.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8a887725-a611-4571-b78f-d6445272fac2", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--167b4326-4ad8-428c-9144-ae8eba0eb5db", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.23165Z", + "modified": "2023-09-02T00:05:24.23165Z", + "name": "CVE-2023-36327", + "description": "Integer Overflow vulnerability in RELIC before commit 421f2e91cf2ba42473d4d54daf24e295679e290e, allows attackers to execute arbitrary code and cause a denial of service in pos argument in bn_get_prime function.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-36327" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--16f0e723-8925-4d2e-97df-da60304699c7.json b/objects/vulnerability/vulnerability--16f0e723-8925-4d2e-97df-da60304699c7.json new file mode 100644 index 00000000000..3f86c2ad52a --- /dev/null +++ b/objects/vulnerability/vulnerability--16f0e723-8925-4d2e-97df-da60304699c7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4a41c696-c212-4afe-9787-745844e429c8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--16f0e723-8925-4d2e-97df-da60304699c7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.886649Z", + "modified": "2023-09-02T00:05:23.886649Z", + "name": "CVE-2023-39631", + "description": "An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-39631" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--19621275-8efc-4d69-9614-87b415aa135d.json b/objects/vulnerability/vulnerability--19621275-8efc-4d69-9614-87b415aa135d.json new file mode 100644 index 00000000000..0696fb12d7f --- /dev/null +++ b/objects/vulnerability/vulnerability--19621275-8efc-4d69-9614-87b415aa135d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f7a37d3b-4d44-4d34-851a-4d1f193117b1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--19621275-8efc-4d69-9614-87b415aa135d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.600789Z", + "modified": "2023-09-02T00:05:23.600789Z", + "name": "CVE-2023-37994", + "description": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Artem Abramovich Art Decoration Shortcode plugin <= 1.5.6 versions.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-37994" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1f10d38c-0dec-405c-a4db-605fc4470235.json b/objects/vulnerability/vulnerability--1f10d38c-0dec-405c-a4db-605fc4470235.json new file mode 100644 index 00000000000..4c0b734965a --- /dev/null +++ b/objects/vulnerability/vulnerability--1f10d38c-0dec-405c-a4db-605fc4470235.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--56b73f7a-c832-4619-a70c-2ebe751aff2e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1f10d38c-0dec-405c-a4db-605fc4470235", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:39.781943Z", + "modified": "2023-09-02T00:05:39.781943Z", + "name": "CVE-2022-4343", + "description": "An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which a project member can leak credentials stored in site profile.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-4343" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--20c8787d-3c14-4cc5-9b6a-bd2c6014a50a.json b/objects/vulnerability/vulnerability--20c8787d-3c14-4cc5-9b6a-bd2c6014a50a.json new file mode 100644 index 00000000000..4d1e635a663 --- /dev/null +++ b/objects/vulnerability/vulnerability--20c8787d-3c14-4cc5-9b6a-bd2c6014a50a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8752e168-e7cc-490d-9ab1-19774073f2c5", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--20c8787d-3c14-4cc5-9b6a-bd2c6014a50a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.614151Z", + "modified": "2023-09-02T00:05:25.614151Z", + "name": "CVE-2023-4711", + "description": "A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to os command injection. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. VDB-238574 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4711" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2cede485-4d30-49f2-9c1c-033854dfbd1e.json b/objects/vulnerability/vulnerability--2cede485-4d30-49f2-9c1c-033854dfbd1e.json new file mode 100644 index 00000000000..5356fca7d24 --- /dev/null +++ b/objects/vulnerability/vulnerability--2cede485-4d30-49f2-9c1c-033854dfbd1e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8e61ff5c-1bee-4439-94ba-32b5b4a9f048", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2cede485-4d30-49f2-9c1c-033854dfbd1e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.30001Z", + "modified": "2023-09-02T00:05:23.30001Z", + "name": "CVE-2023-40771", + "description": "SQL injection vulnerability in DataEase v.1.18.9 allows a remote attacker to obtain sensitive information via a crafted string outside of the blacklist function.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-40771" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2eaf0ad9-6195-44ee-920b-f2b7ea843028.json b/objects/vulnerability/vulnerability--2eaf0ad9-6195-44ee-920b-f2b7ea843028.json new file mode 100644 index 00000000000..0877ebca138 --- /dev/null +++ b/objects/vulnerability/vulnerability--2eaf0ad9-6195-44ee-920b-f2b7ea843028.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c192cff6-9158-4e0b-905f-9e63eea297fd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2eaf0ad9-6195-44ee-920b-f2b7ea843028", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.061278Z", + "modified": "2023-09-02T00:05:24.061278Z", + "name": "CVE-2023-1523", + "description": "Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. Graphical terminal emulators like xterm, gnome-terminal and others are not affected - this can only be exploited when snaps are run on a virtual console.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-1523" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2edda179-34d6-4e35-a99a-5254fb277c1b.json b/objects/vulnerability/vulnerability--2edda179-34d6-4e35-a99a-5254fb277c1b.json new file mode 100644 index 00000000000..1b01bba3ea8 --- /dev/null +++ b/objects/vulnerability/vulnerability--2edda179-34d6-4e35-a99a-5254fb277c1b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ef2450db-e046-40f9-8d99-23e6551702ce", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2edda179-34d6-4e35-a99a-5254fb277c1b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.603722Z", + "modified": "2023-09-02T00:05:25.603722Z", + "name": "CVE-2023-4708", + "description": "A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been rated as critical. This issue affects some unknown processing of the file /collection/all of the component GET Parameter Handler. The manipulation of the argument tag leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-238571. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4708" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2f1cd38f-1e84-4c4b-be32-9a7d5f0778b1.json b/objects/vulnerability/vulnerability--2f1cd38f-1e84-4c4b-be32-9a7d5f0778b1.json new file mode 100644 index 00000000000..dc1c8327486 --- /dev/null +++ b/objects/vulnerability/vulnerability--2f1cd38f-1e84-4c4b-be32-9a7d5f0778b1.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a102949e-83f7-43a8-82f2-2570425dbd4a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2f1cd38f-1e84-4c4b-be32-9a7d5f0778b1", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.619401Z", + "modified": "2023-09-02T00:05:25.619401Z", + "name": "CVE-2023-4714", + "description": "A vulnerability was found in PlayTube 3.0.1 and classified as problematic. This issue affects some unknown processing of the component Redirect Handler. The manipulation leads to information disclosure. The attack may be initiated remotely. The identifier VDB-238577 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4714" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--332e1603-8de2-46f2-bf9e-966955e8e040.json b/objects/vulnerability/vulnerability--332e1603-8de2-46f2-bf9e-966955e8e040.json new file mode 100644 index 00000000000..b4f84efbbc0 --- /dev/null +++ b/objects/vulnerability/vulnerability--332e1603-8de2-46f2-bf9e-966955e8e040.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3deb5f8e-3596-478a-8a82-0b63c525da15", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--332e1603-8de2-46f2-bf9e-966955e8e040", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.624817Z", + "modified": "2023-09-02T00:05:25.624817Z", + "name": "CVE-2023-4713", + "description": "A vulnerability has been found in IBOS OA 4.5.5 and classified as critical. This vulnerability affects the function addComment of the file ?r=weibo/comment/addcomment. The manipulation of the argument touid leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238576. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4713" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3db337b9-1a24-488b-9b0f-6d8e366fce7b.json b/objects/vulnerability/vulnerability--3db337b9-1a24-488b-9b0f-6d8e366fce7b.json new file mode 100644 index 00000000000..8e92906292b --- /dev/null +++ b/objects/vulnerability/vulnerability--3db337b9-1a24-488b-9b0f-6d8e366fce7b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--58f9dddc-7386-476b-95a1-2ed2222e9a05", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3db337b9-1a24-488b-9b0f-6d8e366fce7b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.639509Z", + "modified": "2023-09-02T00:05:25.639509Z", + "name": "CVE-2023-4018", + "description": "An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. Due to improper permission validation it was possible to create model experiments in public projects.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4018" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3db50817-5ed3-4fec-bd61-50e24cb4657a.json b/objects/vulnerability/vulnerability--3db50817-5ed3-4fec-bd61-50e24cb4657a.json new file mode 100644 index 00000000000..5d7464e05dc --- /dev/null +++ b/objects/vulnerability/vulnerability--3db50817-5ed3-4fec-bd61-50e24cb4657a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1caec161-ff09-4416-8d28-51ff4c35d831", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3db50817-5ed3-4fec-bd61-50e24cb4657a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:37.619972Z", + "modified": "2023-09-02T00:05:37.619972Z", + "name": "CVE-2022-3407", + "description": "I some cases, when the device is USB-tethered to a host PC, and the device is sharing its mobile network connection with the host PC, if the user originates a call on the device, then the device's modem may reset and cause the phone call to not succeed. This may block the user from dialing emergency services. This patch resolves the device's modem reset issue.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-3407" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--40bcb3c4-10e0-49ff-8d6a-534c4e16dda0.json b/objects/vulnerability/vulnerability--40bcb3c4-10e0-49ff-8d6a-534c4e16dda0.json new file mode 100644 index 00000000000..a92e303156e --- /dev/null +++ b/objects/vulnerability/vulnerability--40bcb3c4-10e0-49ff-8d6a-534c4e16dda0.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--14992449-a6f5-45cd-af87-81626169ceb5", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--40bcb3c4-10e0-49ff-8d6a-534c4e16dda0", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.68832Z", + "modified": "2023-09-02T00:05:25.68832Z", + "name": "CVE-2023-4698", + "description": "Improper Input Validation in GitHub repository usememos/memos prior to 0.13.2.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4698" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--40ccfd08-a9f9-4572-9977-c2210ccb73d3.json b/objects/vulnerability/vulnerability--40ccfd08-a9f9-4572-9977-c2210ccb73d3.json new file mode 100644 index 00000000000..bedc924dbd4 --- /dev/null +++ b/objects/vulnerability/vulnerability--40ccfd08-a9f9-4572-9977-c2210ccb73d3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0c8fc943-e0a5-4874-a65b-8db0a7f5e7a0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--40ccfd08-a9f9-4572-9977-c2210ccb73d3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.633845Z", + "modified": "2023-09-02T00:05:25.633845Z", + "name": "CVE-2023-4647", + "description": "An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which the projects API pagination can be skipped, potentially leading to DoS on certain instances.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4647" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--44e4b3b0-b663-4a92-9e4c-1f4cb798af90.json b/objects/vulnerability/vulnerability--44e4b3b0-b663-4a92-9e4c-1f4cb798af90.json new file mode 100644 index 00000000000..8de801199ff --- /dev/null +++ b/objects/vulnerability/vulnerability--44e4b3b0-b663-4a92-9e4c-1f4cb798af90.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f2fd9e92-6425-4972-b3a0-499fb1cd386d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--44e4b3b0-b663-4a92-9e4c-1f4cb798af90", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.957845Z", + "modified": "2023-09-02T00:05:24.957845Z", + "name": "CVE-2023-41046", + "description": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is possible in XWiki to execute Velocity code without having script right by creating an XClass with a property of type \"TextArea\" and content type \"VelocityCode\" or \"VelocityWiki\". For the former, the syntax of the document needs to be set the `xwiki/1.0` (this syntax doesn't need to be installed). In both cases, when adding the property to an object, the Velocity code is executed regardless of the rights of the author of the property (edit right is still required, though). In both cases, the code is executed with the correct context author so no privileged APIs can be accessed. However, Velocity still grants access to otherwise inaccessible data and APIs that could allow further privilege escalation. At least for \"VelocityCode\", this behavior is most likely very old but only since XWiki 7.2, script right is a separate right, before that version all users were allowed to execute Velocity and thus this was expected and not a security issue. This has been patched in XWiki 14.10.10 and 15.4 RC1. Users are advised to upgrade. There are no known workarounds.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-41046" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--45c2c47e-180d-4932-91a1-e5d2dea3ce24.json b/objects/vulnerability/vulnerability--45c2c47e-180d-4932-91a1-e5d2dea3ce24.json new file mode 100644 index 00000000000..95c0e3eea7c --- /dev/null +++ b/objects/vulnerability/vulnerability--45c2c47e-180d-4932-91a1-e5d2dea3ce24.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ccf5a8bd-2622-4dbb-b582-9ea2aefb08db", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--45c2c47e-180d-4932-91a1-e5d2dea3ce24", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.6782Z", + "modified": "2023-09-02T00:05:25.6782Z", + "name": "CVE-2023-4704", + "description": "External Control of System or Configuration Setting in GitHub repository instantsoft/icms2 prior to 2.16.1-git.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4704" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--467bf023-1654-49dc-bfed-06173181b05d.json b/objects/vulnerability/vulnerability--467bf023-1654-49dc-bfed-06173181b05d.json new file mode 100644 index 00000000000..a41d33f3752 --- /dev/null +++ b/objects/vulnerability/vulnerability--467bf023-1654-49dc-bfed-06173181b05d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e46efa26-9221-42fd-8e84-d061d1ad81b6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--467bf023-1654-49dc-bfed-06173181b05d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.835408Z", + "modified": "2023-09-02T00:05:23.835408Z", + "name": "CVE-2023-39582", + "description": "SQL Injection vulnerability in Chamilo LMS v.1.11 thru v.1.11.20 allows a remote privileged attacker to obtain sensitive information via the import sessions functions.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-39582" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4bc9e828-fece-4473-9bec-43f7fae15d0a.json b/objects/vulnerability/vulnerability--4bc9e828-fece-4473-9bec-43f7fae15d0a.json new file mode 100644 index 00000000000..c5776861344 --- /dev/null +++ b/objects/vulnerability/vulnerability--4bc9e828-fece-4473-9bec-43f7fae15d0a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f7f87e02-2690-441d-a602-b5dd269ed0b2", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4bc9e828-fece-4473-9bec-43f7fae15d0a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.513946Z", + "modified": "2023-09-02T00:05:23.513946Z", + "name": "CVE-2023-37893", + "description": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Chop-Chop Coming Soon Chop Chop plugin <= 2.2.4 versions.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-37893" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4c5f69e6-b928-4158-a52b-99a8f97f74a0.json b/objects/vulnerability/vulnerability--4c5f69e6-b928-4158-a52b-99a8f97f74a0.json new file mode 100644 index 00000000000..9bf0ca7231e --- /dev/null +++ b/objects/vulnerability/vulnerability--4c5f69e6-b928-4158-a52b-99a8f97f74a0.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6d896dc4-f356-4937-a94b-0b38e5d7fda6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4c5f69e6-b928-4158-a52b-99a8f97f74a0", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:31.142993Z", + "modified": "2023-09-02T00:05:31.142993Z", + "name": "CVE-2020-22612", + "description": "Installer RCE on settings file write in MyBB before 1.8.22.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2020-22612" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4de2393b-6c99-4e84-ad17-a6cb77479360.json b/objects/vulnerability/vulnerability--4de2393b-6c99-4e84-ad17-a6cb77479360.json new file mode 100644 index 00000000000..78363e69625 --- /dev/null +++ b/objects/vulnerability/vulnerability--4de2393b-6c99-4e84-ad17-a6cb77479360.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4b6016f0-906b-47ee-94dc-2dc81958e357", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4de2393b-6c99-4e84-ad17-a6cb77479360", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.090225Z", + "modified": "2023-09-02T00:05:24.090225Z", + "name": "CVE-2023-1555", + "description": "An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. A namespace-level banned user can access the API.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-1555" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4df4e10d-a0dc-40c3-8f6a-397a4d7e18fc.json b/objects/vulnerability/vulnerability--4df4e10d-a0dc-40c3-8f6a-397a4d7e18fc.json new file mode 100644 index 00000000000..e98cf5cef02 --- /dev/null +++ b/objects/vulnerability/vulnerability--4df4e10d-a0dc-40c3-8f6a-397a4d7e18fc.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0bea7207-c0e1-409f-b8a3-7347fe799df4", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4df4e10d-a0dc-40c3-8f6a-397a4d7e18fc", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.610347Z", + "modified": "2023-09-02T00:05:25.610347Z", + "name": "CVE-2023-4697", + "description": "Improper Privilege Management in GitHub repository usememos/memos prior to 0.13.2.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4697" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5104591f-da91-4468-ad01-932c230d05d6.json b/objects/vulnerability/vulnerability--5104591f-da91-4468-ad01-932c230d05d6.json new file mode 100644 index 00000000000..6b7ec6bf104 --- /dev/null +++ b/objects/vulnerability/vulnerability--5104591f-da91-4468-ad01-932c230d05d6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d47518f9-8c0f-42ff-8a4d-3f1b7f036837", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5104591f-da91-4468-ad01-932c230d05d6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:38.535593Z", + "modified": "2023-09-02T00:05:38.535593Z", + "name": "CVE-2022-46527", + "description": "ELSYS ERS 1.5 Sound v2.3.8 was discovered to contain a buffer overflow via the NFC data parser.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-46527" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--53d7382e-aed3-413a-bcc9-d27b4e2f00ab.json b/objects/vulnerability/vulnerability--53d7382e-aed3-413a-bcc9-d27b4e2f00ab.json new file mode 100644 index 00000000000..30521d00b63 --- /dev/null +++ b/objects/vulnerability/vulnerability--53d7382e-aed3-413a-bcc9-d27b4e2f00ab.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2b5f9402-8ced-48b6-942f-6f3aac46ff57", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--53d7382e-aed3-413a-bcc9-d27b4e2f00ab", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.578021Z", + "modified": "2023-09-02T00:05:24.578021Z", + "name": "CVE-2023-25044", + "description": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sumo Social Share Boost plugin <= 4.4 versions.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-25044" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--540ebb35-89eb-496e-a267-6b2ed9c0a91f.json b/objects/vulnerability/vulnerability--540ebb35-89eb-496e-a267-6b2ed9c0a91f.json new file mode 100644 index 00000000000..9362367dd78 --- /dev/null +++ b/objects/vulnerability/vulnerability--540ebb35-89eb-496e-a267-6b2ed9c0a91f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--dbc702ba-dff0-4275-9858-13d997da0065", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--540ebb35-89eb-496e-a267-6b2ed9c0a91f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.672705Z", + "modified": "2023-09-02T00:05:25.672705Z", + "name": "CVE-2023-4720", + "description": "Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4720" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5554d532-7d51-4f4d-8d3a-10651e5ccb8b.json b/objects/vulnerability/vulnerability--5554d532-7d51-4f4d-8d3a-10651e5ccb8b.json new file mode 100644 index 00000000000..1c179274ce6 --- /dev/null +++ b/objects/vulnerability/vulnerability--5554d532-7d51-4f4d-8d3a-10651e5ccb8b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a6572ffb-4e96-4890-a45c-f0987f0fb0a0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5554d532-7d51-4f4d-8d3a-10651e5ccb8b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.696708Z", + "modified": "2023-09-02T00:05:25.696708Z", + "name": "CVE-2023-4696", + "description": "Improper Access Control in GitHub repository usememos/memos prior to 0.13.2.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4696" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--694d9716-dc52-4f6c-8ecc-27664428a02e.json b/objects/vulnerability/vulnerability--694d9716-dc52-4f6c-8ecc-27664428a02e.json new file mode 100644 index 00000000000..1791333fa72 --- /dev/null +++ b/objects/vulnerability/vulnerability--694d9716-dc52-4f6c-8ecc-27664428a02e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d5a6e472-82a8-413b-a168-f5fce6d2f233", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--694d9716-dc52-4f6c-8ecc-27664428a02e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.652094Z", + "modified": "2023-09-02T00:05:25.652094Z", + "name": "CVE-2023-4709", + "description": "A vulnerability classified as problematic has been found in TOTVS RM 12.1. Affected is an unknown function of the file Login.aspx of the component Portal. The manipulation of the argument VIEWSTATE leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-238572. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4709" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--6c57c392-8382-40a5-8bd0-f3e5f99ef827.json b/objects/vulnerability/vulnerability--6c57c392-8382-40a5-8bd0-f3e5f99ef827.json new file mode 100644 index 00000000000..1483cfa39af --- /dev/null +++ b/objects/vulnerability/vulnerability--6c57c392-8382-40a5-8bd0-f3e5f99ef827.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6b80b59a-a5ea-47f7-8907-7d73389727e8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--6c57c392-8382-40a5-8bd0-f3e5f99ef827", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.54419Z", + "modified": "2023-09-02T00:05:23.54419Z", + "name": "CVE-2023-37997", + "description": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dharmesh Patel Post List With Featured Image plugin <= 1.2 versions.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-37997" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--700a9597-6689-425e-986d-613289c06b3a.json b/objects/vulnerability/vulnerability--700a9597-6689-425e-986d-613289c06b3a.json new file mode 100644 index 00000000000..17a89bc0b95 --- /dev/null +++ b/objects/vulnerability/vulnerability--700a9597-6689-425e-986d-613289c06b3a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--bdc5cd79-a8a1-4a44-8c46-3b2ded0dcfcb", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--700a9597-6689-425e-986d-613289c06b3a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.796767Z", + "modified": "2023-09-02T00:05:24.796767Z", + "name": "CVE-2023-34011", + "description": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ShopConstruct plugin <= 1.1.2 versions.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-34011" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--704acf38-9d37-466c-af42-d4b6976a61ee.json b/objects/vulnerability/vulnerability--704acf38-9d37-466c-af42-d4b6976a61ee.json new file mode 100644 index 00000000000..78597489581 --- /dev/null +++ b/objects/vulnerability/vulnerability--704acf38-9d37-466c-af42-d4b6976a61ee.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ea210937-1cc7-41f3-acf7-67930fb3d0a4", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--704acf38-9d37-466c-af42-d4b6976a61ee", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.911419Z", + "modified": "2023-09-02T00:05:24.911419Z", + "name": "CVE-2023-41051", + "description": "In a typical Virtual Machine Monitor (VMM) there are several components, such as boot loader, virtual device drivers, virtio backend drivers and vhost drivers, that need to access the VM physical memory. The vm-memory rust crate provides a set of traits to decouple VM memory consumers from VM memory providers. An issue was discovered in the default implementations of the `VolatileMemory::{get_atomic_ref, aligned_as_ref, aligned_as_mut, get_ref, get_array_ref}` trait functions, which allows out-of-bounds memory access if the `VolatileMemory::get_slice` function returns a `VolatileSlice` whose length is less than the function’s `count` argument. No implementations of `get_slice` provided in `vm_memory` are affected. Users of custom `VolatileMemory` implementations may be impacted if the custom implementation does not adhere to `get_slice`'s documentation. The issue started in version 0.1.0 but was fixed in version 0.12.2 by inserting a check that verifies that the `VolatileSlice` returned by `get_slice` is of the correct length. Users are advised to upgrade. There are no known workarounds for this issue.\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-41051" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--714cfaaa-fe99-4652-b672-f04938c6d9ae.json b/objects/vulnerability/vulnerability--714cfaaa-fe99-4652-b672-f04938c6d9ae.json new file mode 100644 index 00000000000..97fc56409b0 --- /dev/null +++ b/objects/vulnerability/vulnerability--714cfaaa-fe99-4652-b672-f04938c6d9ae.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1cdbd899-5295-47f7-84e5-af1ac36984df", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--714cfaaa-fe99-4652-b672-f04938c6d9ae", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.534304Z", + "modified": "2023-09-02T00:05:25.534304Z", + "name": "CVE-2023-24675", + "description": "Cross Site Scripting Vulnerability in BluditCMS v.3.14.1 allows attackers to execute arbitrary code via the Categories Friendly URL.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-24675" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--71d402ab-ec48-4f66-b1d8-5337ceb78823.json b/objects/vulnerability/vulnerability--71d402ab-ec48-4f66-b1d8-5337ceb78823.json new file mode 100644 index 00000000000..2be02ab93ef --- /dev/null +++ b/objects/vulnerability/vulnerability--71d402ab-ec48-4f66-b1d8-5337ceb78823.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ea327c4f-7e33-464c-b1e2-6c3cd2871c22", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--71d402ab-ec48-4f66-b1d8-5337ceb78823", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.576533Z", + "modified": "2023-09-02T00:05:25.576533Z", + "name": "CVE-2023-24412", + "description": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Web-Settler Image Social Feed plugin <= 1.7.6 versions.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-24412" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--737807d4-ec13-42cb-9708-7a34e16084b2.json b/objects/vulnerability/vulnerability--737807d4-ec13-42cb-9708-7a34e16084b2.json new file mode 100644 index 00000000000..2ab99a4f30c --- /dev/null +++ b/objects/vulnerability/vulnerability--737807d4-ec13-42cb-9708-7a34e16084b2.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e519cce6-7469-48a6-b85c-1c000199ebad", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--737807d4-ec13-42cb-9708-7a34e16084b2", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.650311Z", + "modified": "2023-09-02T00:05:25.650311Z", + "name": "CVE-2023-4695", + "description": "Use of Predictable Algorithm in Random Number Generator in GitHub repository pkp/pkp-lib prior to 3.3.0-16.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4695" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--74cad8e8-881a-444c-8020-8c77c54a85f4.json b/objects/vulnerability/vulnerability--74cad8e8-881a-444c-8020-8c77c54a85f4.json new file mode 100644 index 00000000000..f75966897ec --- /dev/null +++ b/objects/vulnerability/vulnerability--74cad8e8-881a-444c-8020-8c77c54a85f4.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a47a9e65-1bb6-4b54-9c52-56ac9caca337", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--74cad8e8-881a-444c-8020-8c77c54a85f4", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.769132Z", + "modified": "2023-09-02T00:05:23.769132Z", + "name": "CVE-2023-3205", + "description": "An issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. An authenticated user could trigger a denial of service when importing or cloning malicious content.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-3205" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--789682c7-38eb-4880-8196-406ce15af1f1.json b/objects/vulnerability/vulnerability--789682c7-38eb-4880-8196-406ce15af1f1.json new file mode 100644 index 00000000000..053d838d3ed --- /dev/null +++ b/objects/vulnerability/vulnerability--789682c7-38eb-4880-8196-406ce15af1f1.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--642f2e28-c71e-4bbe-a255-04d3c4cfc4a8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--789682c7-38eb-4880-8196-406ce15af1f1", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.308909Z", + "modified": "2023-09-02T00:05:23.308909Z", + "name": "CVE-2023-40969", + "description": "Senayan Library Management Systems SLIMS 9 Bulian v9.6.1 is vulnerable to Server Side Request Forgery (SSRF) via admin/modules/bibliography/pop_p2p.php.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-40969" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--78b0d7e0-5cd0-4394-861a-f3054cfb0e2c.json b/objects/vulnerability/vulnerability--78b0d7e0-5cd0-4394-861a-f3054cfb0e2c.json new file mode 100644 index 00000000000..c16ce07c60e --- /dev/null +++ b/objects/vulnerability/vulnerability--78b0d7e0-5cd0-4394-861a-f3054cfb0e2c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c7f65a03-369e-4e54-8850-a1af8e87d26b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--78b0d7e0-5cd0-4394-861a-f3054cfb0e2c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.538712Z", + "modified": "2023-09-02T00:05:23.538712Z", + "name": "CVE-2023-37827", + "description": "A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the executionBlockName parameter.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-37827" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7a12a991-9a3c-4c5d-9f1c-cf5f94f1ada1.json b/objects/vulnerability/vulnerability--7a12a991-9a3c-4c5d-9f1c-cf5f94f1ada1.json new file mode 100644 index 00000000000..6d34717ae7c --- /dev/null +++ b/objects/vulnerability/vulnerability--7a12a991-9a3c-4c5d-9f1c-cf5f94f1ada1.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--fed7e6c3-eb23-49c2-964e-7838e5492197", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7a12a991-9a3c-4c5d-9f1c-cf5f94f1ada1", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.779816Z", + "modified": "2023-09-02T00:05:23.779816Z", + "name": "CVE-2023-3210", + "description": "An issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. An authenticated user could trigger a denial of service when importing or cloning malicious content.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-3210" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7d3e8d9e-677d-4537-b805-dc6f7babaa37.json b/objects/vulnerability/vulnerability--7d3e8d9e-677d-4537-b805-dc6f7babaa37.json new file mode 100644 index 00000000000..8ce2146ca18 --- /dev/null +++ b/objects/vulnerability/vulnerability--7d3e8d9e-677d-4537-b805-dc6f7babaa37.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9b6c31bc-6e58-42c0-a406-ea42325375fe", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7d3e8d9e-677d-4537-b805-dc6f7babaa37", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.55545Z", + "modified": "2023-09-02T00:05:23.55545Z", + "name": "CVE-2023-37986", + "description": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in miniOrange YourMembership Single Sign On – YM SSO Login plugin <= 1.1.3 versions.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-37986" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7d42a22b-5a89-4846-942f-84c3c0983f45.json b/objects/vulnerability/vulnerability--7d42a22b-5a89-4846-942f-84c3c0983f45.json new file mode 100644 index 00000000000..7b15f3c61f2 --- /dev/null +++ b/objects/vulnerability/vulnerability--7d42a22b-5a89-4846-942f-84c3c0983f45.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--afd20b63-a181-4142-babd-82cf1d4b6e47", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7d42a22b-5a89-4846-942f-84c3c0983f45", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.585986Z", + "modified": "2023-09-02T00:05:23.585986Z", + "name": "CVE-2023-37828", + "description": "A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tasktyp parameter.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-37828" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7d54f386-6398-4d74-9f59-bc74af19ad89.json b/objects/vulnerability/vulnerability--7d54f386-6398-4d74-9f59-bc74af19ad89.json new file mode 100644 index 00000000000..b75c7af98c9 --- /dev/null +++ b/objects/vulnerability/vulnerability--7d54f386-6398-4d74-9f59-bc74af19ad89.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3a926fba-def8-490f-a2a1-b51366a42893", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7d54f386-6398-4d74-9f59-bc74af19ad89", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.761099Z", + "modified": "2023-09-02T00:05:23.761099Z", + "name": "CVE-2023-3915", + "description": "An issue has been discovered in GitLab EE affecting all versions starting from 16.1 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. If an external user is given an owner role on any group, that external user may escalate their privileges on the instance by creating a service account in that group. This service account is not classified as external and may be used to access internal projects.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-3915" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--830b5706-2265-439b-b9e2-91ca0cf8c30f.json b/objects/vulnerability/vulnerability--830b5706-2265-439b-b9e2-91ca0cf8c30f.json new file mode 100644 index 00000000000..fc29d14c822 --- /dev/null +++ b/objects/vulnerability/vulnerability--830b5706-2265-439b-b9e2-91ca0cf8c30f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9aefa4d6-085a-44ed-8950-261be78fe6bf", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--830b5706-2265-439b-b9e2-91ca0cf8c30f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:38.60487Z", + "modified": "2023-09-02T00:05:38.60487Z", + "name": "CVE-2022-22305", + "description": "An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6 and below; FortiAnalyzer 7.0.2 and below, 6.4.7 and below; FortiOS 6.2.x and 6.0.x; FortiSandbox 4.0.x, 3.2.x and 3.1.x may allow a network adjacent and unauthenticated attacker to man-in-the-middle the communication between the listed products and some external peers.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-22305" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8dfca7d3-a09b-4157-8fbc-73eac99a3f66.json b/objects/vulnerability/vulnerability--8dfca7d3-a09b-4157-8fbc-73eac99a3f66.json new file mode 100644 index 00000000000..2fdb686d9f2 --- /dev/null +++ b/objects/vulnerability/vulnerability--8dfca7d3-a09b-4157-8fbc-73eac99a3f66.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5558fd8a-aaef-447c-81a0-09cdcf978770", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8dfca7d3-a09b-4157-8fbc-73eac99a3f66", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.950747Z", + "modified": "2023-09-02T00:05:24.950747Z", + "name": "CVE-2023-41627", + "description": "O-RAN Software Community ric-plt-lib-rmr v4.9.0 does not validate the source of the routing tables it receives, potentially allowing attackers to send forged routing tables to the device.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-41627" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--93be119a-c567-4a67-81c2-1cc3d0c7d09e.json b/objects/vulnerability/vulnerability--93be119a-c567-4a67-81c2-1cc3d0c7d09e.json new file mode 100644 index 00000000000..d7b31e2e9eb --- /dev/null +++ b/objects/vulnerability/vulnerability--93be119a-c567-4a67-81c2-1cc3d0c7d09e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--80a1b8da-8a64-4f59-a5cb-708381e98bb7", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--93be119a-c567-4a67-81c2-1cc3d0c7d09e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.69044Z", + "modified": "2023-09-02T00:05:25.69044Z", + "name": "CVE-2023-4721", + "description": "Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4721" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--94c08bee-452a-416e-83ca-d7426b82249d.json b/objects/vulnerability/vulnerability--94c08bee-452a-416e-83ca-d7426b82249d.json new file mode 100644 index 00000000000..b1ec270ba08 --- /dev/null +++ b/objects/vulnerability/vulnerability--94c08bee-452a-416e-83ca-d7426b82249d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--fbf0227d-50f4-4d1c-b405-d03fac753985", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--94c08bee-452a-416e-83ca-d7426b82249d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.877143Z", + "modified": "2023-09-02T00:05:23.877143Z", + "name": "CVE-2023-39710", + "description": "Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Customer section.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-39710" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--98dfb570-c0a3-4098-9525-c3168eab5f68.json b/objects/vulnerability/vulnerability--98dfb570-c0a3-4098-9525-c3168eab5f68.json new file mode 100644 index 00000000000..b6153e1e7db --- /dev/null +++ b/objects/vulnerability/vulnerability--98dfb570-c0a3-4098-9525-c3168eab5f68.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--cad2388f-43fa-43c0-a70b-71bc21cb5225", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--98dfb570-c0a3-4098-9525-c3168eab5f68", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.265542Z", + "modified": "2023-09-02T00:05:23.265542Z", + "name": "CVE-2023-40980", + "description": "File Upload vulnerability in DWSurvey DWSurvey-OSS v.3.2.0 and before allows a remote attacker to execute arbitrary code via the saveimage method and savveFile in the action/UploadAction.java file.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-40980" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--994879ae-e4cb-4fa6-9f79-9e6bbf792b7f.json b/objects/vulnerability/vulnerability--994879ae-e4cb-4fa6-9f79-9e6bbf792b7f.json new file mode 100644 index 00000000000..9e8249e1c04 --- /dev/null +++ b/objects/vulnerability/vulnerability--994879ae-e4cb-4fa6-9f79-9e6bbf792b7f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0842be7e-0fae-452d-a7df-c5e000d9e64e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--994879ae-e4cb-4fa6-9f79-9e6bbf792b7f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.712076Z", + "modified": "2023-09-02T00:05:23.712076Z", + "name": "CVE-2023-3297", + "description": "In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-3297" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9cca07fd-b5fe-4c3c-941d-3cb8feac1a4b.json b/objects/vulnerability/vulnerability--9cca07fd-b5fe-4c3c-941d-3cb8feac1a4b.json new file mode 100644 index 00000000000..fed20277451 --- /dev/null +++ b/objects/vulnerability/vulnerability--9cca07fd-b5fe-4c3c-941d-3cb8feac1a4b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1acc09e3-f423-40f6-aaa5-6a84d1e9d088", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9cca07fd-b5fe-4c3c-941d-3cb8feac1a4b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.541778Z", + "modified": "2023-09-02T00:05:24.541778Z", + "name": "CVE-2023-25488", + "description": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Duc Bui Quang WP Default Feature Image plugin <= 1.0.1.1 versions.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-25488" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9d46c3b4-00a4-417d-88cc-989a257e1643.json b/objects/vulnerability/vulnerability--9d46c3b4-00a4-417d-88cc-989a257e1643.json new file mode 100644 index 00000000000..080c95bb5e6 --- /dev/null +++ b/objects/vulnerability/vulnerability--9d46c3b4-00a4-417d-88cc-989a257e1643.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c045d304-521c-47a6-b557-06cecad3981b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9d46c3b4-00a4-417d-88cc-989a257e1643", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.930099Z", + "modified": "2023-09-02T00:05:24.930099Z", + "name": "CVE-2023-41633", + "description": "Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/fileutil.c.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-41633" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9f9be1c7-4736-4cc1-8175-210cdaa5b99f.json b/objects/vulnerability/vulnerability--9f9be1c7-4736-4cc1-8175-210cdaa5b99f.json new file mode 100644 index 00000000000..8e969adae41 --- /dev/null +++ b/objects/vulnerability/vulnerability--9f9be1c7-4736-4cc1-8175-210cdaa5b99f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b341ce4a-a816-44cb-8377-84b2d7f47e7b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9f9be1c7-4736-4cc1-8175-210cdaa5b99f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.510073Z", + "modified": "2023-09-02T00:05:23.510073Z", + "name": "CVE-2023-37829", + "description": "A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the notification.message parameter.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-37829" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a4a608c9-e746-4f87-8d4c-c06f9ebdfce0.json b/objects/vulnerability/vulnerability--a4a608c9-e746-4f87-8d4c-c06f9ebdfce0.json new file mode 100644 index 00000000000..4e30a82ed82 --- /dev/null +++ b/objects/vulnerability/vulnerability--a4a608c9-e746-4f87-8d4c-c06f9ebdfce0.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--35a0f636-6aa1-43c5-b4e6-248f4d119a43", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a4a608c9-e746-4f87-8d4c-c06f9ebdfce0", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.920412Z", + "modified": "2023-09-02T00:05:24.920412Z", + "name": "CVE-2023-41628", + "description": "An issue in O-RAN Software Community E2 G-Release allows attackers to cause a Denial of Service (DoS) by incorrectly initiating the messaging procedure between the E2Node and E2Term components.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-41628" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a5a2e563-5f26-4b24-9ab9-ec943402a447.json b/objects/vulnerability/vulnerability--a5a2e563-5f26-4b24-9ab9-ec943402a447.json new file mode 100644 index 00000000000..a2c16fbf426 --- /dev/null +++ b/objects/vulnerability/vulnerability--a5a2e563-5f26-4b24-9ab9-ec943402a447.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9cf37d74-ebe9-45e1-9c51-9453f010c4cd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a5a2e563-5f26-4b24-9ab9-ec943402a447", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.71641Z", + "modified": "2023-09-02T00:05:23.71641Z", + "name": "CVE-2023-3950", + "description": "An information disclosure issue in GitLab EE affecting all versions from 16.2 prior to 16.2.5, and 16.3 prior to 16.3.1 allowed other Group Owners to see the Public Key for a Google Cloud Logging audit event streaming destination, if configured. Owners can now only write the key, not read it.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-3950" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a5a4e792-b9eb-4d59-9c9d-86eeb95c5ddb.json b/objects/vulnerability/vulnerability--a5a4e792-b9eb-4d59-9c9d-86eeb95c5ddb.json new file mode 100644 index 00000000000..0c0248c7f06 --- /dev/null +++ b/objects/vulnerability/vulnerability--a5a4e792-b9eb-4d59-9c9d-86eeb95c5ddb.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f8dee44c-8d80-4792-a3bf-cc8735208b1d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a5a4e792-b9eb-4d59-9c9d-86eeb95c5ddb", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.84317Z", + "modified": "2023-09-02T00:05:23.84317Z", + "name": "CVE-2023-39703", + "description": "A cross site scripting (XSS) vulnerability in the Markdown Editor component of Typora v1.6.7 allows attackers to execute arbitrary code via uploading a crafted Markdown file.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-39703" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ab288444-a0c5-441f-918e-c8ebd9e4eb27.json b/objects/vulnerability/vulnerability--ab288444-a0c5-441f-918e-c8ebd9e4eb27.json new file mode 100644 index 00000000000..1d7fcd1df11 --- /dev/null +++ b/objects/vulnerability/vulnerability--ab288444-a0c5-441f-918e-c8ebd9e4eb27.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--55a96883-245a-4edb-a2be-9ad958d4ffc1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ab288444-a0c5-441f-918e-c8ebd9e4eb27", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.83796Z", + "modified": "2023-09-02T00:05:23.83796Z", + "name": "CVE-2023-39714", + "description": "Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Member section.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-39714" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b4535fc0-0393-4ee5-a75a-f50afcc5c41c.json b/objects/vulnerability/vulnerability--b4535fc0-0393-4ee5-a75a-f50afcc5c41c.json new file mode 100644 index 00000000000..0b827fd9080 --- /dev/null +++ b/objects/vulnerability/vulnerability--b4535fc0-0393-4ee5-a75a-f50afcc5c41c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0dd616fa-ffb9-4968-9684-594c5828f74d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b4535fc0-0393-4ee5-a75a-f50afcc5c41c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.566084Z", + "modified": "2023-09-02T00:05:24.566084Z", + "name": "CVE-2023-25477", + "description": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Yotuwp Video Gallery plugin <= 1.3.12 versions.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-25477" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b85c2712-4330-4912-be4e-dc0ced48b956.json b/objects/vulnerability/vulnerability--b85c2712-4330-4912-be4e-dc0ced48b956.json new file mode 100644 index 00000000000..9518c538cda --- /dev/null +++ b/objects/vulnerability/vulnerability--b85c2712-4330-4912-be4e-dc0ced48b956.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--335a5760-de8c-44f3-83b6-50cd9aeaa56c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b85c2712-4330-4912-be4e-dc0ced48b956", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.272251Z", + "modified": "2023-09-02T00:05:24.272251Z", + "name": "CVE-2023-36088", + "description": "Server Side Request Forgery (SSRF) vulnerability in NebulaGraph Studio version 3.7.0, allows remote attackers to gain sensitive information.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-36088" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--bf334d5b-4f2e-437d-a0e2-cdbd48dc5614.json b/objects/vulnerability/vulnerability--bf334d5b-4f2e-437d-a0e2-cdbd48dc5614.json new file mode 100644 index 00000000000..aa4ac3f7fe5 --- /dev/null +++ b/objects/vulnerability/vulnerability--bf334d5b-4f2e-437d-a0e2-cdbd48dc5614.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--86dc46c7-0755-4239-9ed1-4d5b21153bfe", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--bf334d5b-4f2e-437d-a0e2-cdbd48dc5614", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.502829Z", + "modified": "2023-09-02T00:05:25.502829Z", + "name": "CVE-2023-24674", + "description": "Permissions vulnerability found in Bludit CMS v.4.0.0 allows local attackers to escalate privileges via the role:admin parameter.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-24674" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c0449620-2440-4715-9a2f-c49026404524.json b/objects/vulnerability/vulnerability--c0449620-2440-4715-9a2f-c49026404524.json new file mode 100644 index 00000000000..7400c55fa8a --- /dev/null +++ b/objects/vulnerability/vulnerability--c0449620-2440-4715-9a2f-c49026404524.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ecd4b76f-1eb5-456f-8aad-8a98d292a07b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c0449620-2440-4715-9a2f-c49026404524", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.33573Z", + "modified": "2023-09-02T00:05:23.33573Z", + "name": "CVE-2023-40968", + "description": "Buffer Overflow vulnerability in hzeller timg v.1.5.2 and before allows a remote attacker to cause a denial of service via the 0x61200000045c address.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-40968" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c0724848-d67f-4c1f-9c5d-46f1c6a98428.json b/objects/vulnerability/vulnerability--c0724848-d67f-4c1f-9c5d-46f1c6a98428.json new file mode 100644 index 00000000000..32a789df4bc --- /dev/null +++ b/objects/vulnerability/vulnerability--c0724848-d67f-4c1f-9c5d-46f1c6a98428.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1a710156-b171-4383-b621-0a4739e9a257", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c0724848-d67f-4c1f-9c5d-46f1c6a98428", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.041988Z", + "modified": "2023-09-02T00:05:24.041988Z", + "name": "CVE-2023-1279", + "description": "An issue has been discovered in GitLab affecting all versions starting from 4.1 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 where it was possible to create a URL that would redirect to a different project.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-1279" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c89f06ff-36a9-4d93-8e80-e6b668c3285a.json b/objects/vulnerability/vulnerability--c89f06ff-36a9-4d93-8e80-e6b668c3285a.json new file mode 100644 index 00000000000..669a56d30c9 --- /dev/null +++ b/objects/vulnerability/vulnerability--c89f06ff-36a9-4d93-8e80-e6b668c3285a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c993dcf8-10cb-4087-8a73-4987125b3ce6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c89f06ff-36a9-4d93-8e80-e6b668c3285a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.868559Z", + "modified": "2023-09-02T00:05:23.868559Z", + "name": "CVE-2023-39685", + "description": "An issue in hjson-java up to v3.0.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted JSON string.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-39685" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--cb5fd30b-e04b-41ee-9685-799054015651.json b/objects/vulnerability/vulnerability--cb5fd30b-e04b-41ee-9685-799054015651.json new file mode 100644 index 00000000000..994a167753d --- /dev/null +++ b/objects/vulnerability/vulnerability--cb5fd30b-e04b-41ee-9685-799054015651.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--fd3e02f1-3ee6-443a-8ebb-c523f8acc58c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--cb5fd30b-e04b-41ee-9685-799054015651", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.540707Z", + "modified": "2023-09-02T00:05:23.540707Z", + "name": "CVE-2023-37826", + "description": "A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fieldname parameter.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-37826" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ce0f4059-f629-4743-9eb4-457eb00be4b3.json b/objects/vulnerability/vulnerability--ce0f4059-f629-4743-9eb4-457eb00be4b3.json new file mode 100644 index 00000000000..a9ad66ad88a --- /dev/null +++ b/objects/vulnerability/vulnerability--ce0f4059-f629-4743-9eb4-457eb00be4b3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e8f1a997-9102-45d6-a365-73dc035f0a8a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ce0f4059-f629-4743-9eb4-457eb00be4b3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.356569Z", + "modified": "2023-09-02T00:05:25.356569Z", + "name": "CVE-2023-0120", + "description": "An issue has been discovered in GitLab affecting all versions starting from 10.0 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. Due to improper permission validation it was possible to edit labels description by an unauthorised user.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-0120" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d61b79f2-9b49-42a3-8c35-0d1834c9d644.json b/objects/vulnerability/vulnerability--d61b79f2-9b49-42a3-8c35-0d1834c9d644.json new file mode 100644 index 00000000000..f8a413f1283 --- /dev/null +++ b/objects/vulnerability/vulnerability--d61b79f2-9b49-42a3-8c35-0d1834c9d644.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--24d2a49d-8e93-4725-a45f-4f2fedb2498b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d61b79f2-9b49-42a3-8c35-0d1834c9d644", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.542693Z", + "modified": "2023-09-02T00:05:23.542693Z", + "name": "CVE-2023-37830", + "description": "A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-37830" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d90656f3-b94f-4fd6-8ef1-2c6d8f25f52a.json b/objects/vulnerability/vulnerability--d90656f3-b94f-4fd6-8ef1-2c6d8f25f52a.json new file mode 100644 index 00000000000..6f4e3437f63 --- /dev/null +++ b/objects/vulnerability/vulnerability--d90656f3-b94f-4fd6-8ef1-2c6d8f25f52a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b6062eca-e681-4b46-9890-dbb9a83a0436", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d90656f3-b94f-4fd6-8ef1-2c6d8f25f52a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.680247Z", + "modified": "2023-09-02T00:05:25.680247Z", + "name": "CVE-2023-4712", + "description": "A vulnerability, which was classified as critical, was found in Xintian Smart Table Integrated Management System 5.6.9. This affects an unknown part of the file /SysManage/AddUpdateRole.aspx. The manipulation of the argument txtRoleName leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-238575. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4712" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d9f6e3a4-0251-4271-9fec-7cd28c9a71c8.json b/objects/vulnerability/vulnerability--d9f6e3a4-0251-4271-9fec-7cd28c9a71c8.json new file mode 100644 index 00000000000..c2417438dd5 --- /dev/null +++ b/objects/vulnerability/vulnerability--d9f6e3a4-0251-4271-9fec-7cd28c9a71c8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--44e78f5d-b965-4fcc-87e1-63058d446d90", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d9f6e3a4-0251-4271-9fec-7cd28c9a71c8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.614939Z", + "modified": "2023-09-02T00:05:23.614939Z", + "name": "CVE-2023-28366", + "description": "The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-28366" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--da68b485-37ff-4da9-bc13-86251b3623e6.json b/objects/vulnerability/vulnerability--da68b485-37ff-4da9-bc13-86251b3623e6.json new file mode 100644 index 00000000000..eaebe10d38c --- /dev/null +++ b/objects/vulnerability/vulnerability--da68b485-37ff-4da9-bc13-86251b3623e6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a11be684-b3c0-4276-9bed-ff610433766e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--da68b485-37ff-4da9-bc13-86251b3623e6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.536876Z", + "modified": "2023-09-02T00:05:24.536876Z", + "name": "CVE-2023-25042", + "description": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Liam Gladdy (Storm Consultancy) oAuth Twitter Feed for Developers plugin <= 2.3.0 versions.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-25042" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ddc63b35-537b-44c0-9234-643c30e19b90.json b/objects/vulnerability/vulnerability--ddc63b35-537b-44c0-9234-643c30e19b90.json new file mode 100644 index 00000000000..94d59c2d8fe --- /dev/null +++ b/objects/vulnerability/vulnerability--ddc63b35-537b-44c0-9234-643c30e19b90.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0f492016-ba4f-4042-92f5-add8c16beb6d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ddc63b35-537b-44c0-9234-643c30e19b90", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.322982Z", + "modified": "2023-09-02T00:05:23.322982Z", + "name": "CVE-2023-40970", + "description": "Senayan Library Management Systems SLIMS 9 Bulian v 9.6.1 is vulnerable to SQL Injection via admin/modules/circulation/loan_rules.php.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-40970" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e4eef4f5-46db-4cc3-8db4-725a9574eb2f.json b/objects/vulnerability/vulnerability--e4eef4f5-46db-4cc3-8db4-725a9574eb2f.json new file mode 100644 index 00000000000..2f5f7887f4e --- /dev/null +++ b/objects/vulnerability/vulnerability--e4eef4f5-46db-4cc3-8db4-725a9574eb2f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--82287880-cf6c-476c-9fe7-d0e80a099d77", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e4eef4f5-46db-4cc3-8db4-725a9574eb2f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.251311Z", + "modified": "2023-09-02T00:05:24.251311Z", + "name": "CVE-2023-36187", + "description": "Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-36187" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e8ab44f3-df93-4f8d-bf31-18f576455bd2.json b/objects/vulnerability/vulnerability--e8ab44f3-df93-4f8d-bf31-18f576455bd2.json new file mode 100644 index 00000000000..30fa416f5c3 --- /dev/null +++ b/objects/vulnerability/vulnerability--e8ab44f3-df93-4f8d-bf31-18f576455bd2.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a12083e2-6964-47f7-9020-4925ee471d64", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e8ab44f3-df93-4f8d-bf31-18f576455bd2", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.212557Z", + "modified": "2023-09-02T00:05:24.212557Z", + "name": "CVE-2023-36326", + "description": "Integer Overflow vulnerability in RELIC before commit 34580d840469361ba9b5f001361cad659687b9ab, allows attackers to execute arbitrary code, cause a denial of service, and escalate privileges when calling realloc function in bn_grow function.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-36326" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ea667a12-cee7-4977-b0b4-fc0523f5c6b0.json b/objects/vulnerability/vulnerability--ea667a12-cee7-4977-b0b4-fc0523f5c6b0.json new file mode 100644 index 00000000000..b844096a461 --- /dev/null +++ b/objects/vulnerability/vulnerability--ea667a12-cee7-4977-b0b4-fc0523f5c6b0.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--454ee0d1-b4da-4998-845f-9d478d243486", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ea667a12-cee7-4977-b0b4-fc0523f5c6b0", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:23.312733Z", + "modified": "2023-09-02T00:05:23.312733Z", + "name": "CVE-2023-40239", + "description": "Certain Lexmark devices (such as CS310) before 2023-08-25 allow XXE attacks, leading to information disclosure. The fixed firmware version is LW80.*.P246, i.e., '*' indicates that the full version specification varies across product model family, but firmware level P246 (or higher) is required to remediate the vulnerability.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-40239" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--eb391cc6-a471-491b-9922-5a041744c6cd.json b/objects/vulnerability/vulnerability--eb391cc6-a471-491b-9922-5a041744c6cd.json new file mode 100644 index 00000000000..403872f0505 --- /dev/null +++ b/objects/vulnerability/vulnerability--eb391cc6-a471-491b-9922-5a041744c6cd.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--cb028655-bc0c-410a-a7b4-358b6f9503eb", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--eb391cc6-a471-491b-9922-5a041744c6cd", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.288881Z", + "modified": "2023-09-02T00:05:24.288881Z", + "name": "CVE-2023-36328", + "description": "Integer Overflow vulnerability in mp_grow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service (DoS).", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-36328" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ec92aec5-f098-436b-bdf3-9d38941a2614.json b/objects/vulnerability/vulnerability--ec92aec5-f098-436b-bdf3-9d38941a2614.json new file mode 100644 index 00000000000..26214de42ee --- /dev/null +++ b/objects/vulnerability/vulnerability--ec92aec5-f098-436b-bdf3-9d38941a2614.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d1612094-db43-4ae6-8c67-50ab919b9d0b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ec92aec5-f098-436b-bdf3-9d38941a2614", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.153487Z", + "modified": "2023-09-02T00:05:24.153487Z", + "name": "CVE-2023-23763", + "description": "An authorization/sensitive information disclosure vulnerability was identified in GitHub Enterprise Server that allowed a fork to retain read access to an upstream repository after its visibility was changed to private. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.10.0 and was fixed in versions 3.9.4, 3.8.9, 3.7.16 and 3.6.18. This vulnerability was reported via the GitHub Bug Bounty program.\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-23763" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--fa9a9144-c7c8-4586-a17f-160729555083.json b/objects/vulnerability/vulnerability--fa9a9144-c7c8-4586-a17f-160729555083.json new file mode 100644 index 00000000000..cceb7f17b9a --- /dev/null +++ b/objects/vulnerability/vulnerability--fa9a9144-c7c8-4586-a17f-160729555083.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--29f56ec5-d4f6-47c5-bb6e-d00f83a8ceef", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--fa9a9144-c7c8-4586-a17f-160729555083", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.626483Z", + "modified": "2023-09-02T00:05:25.626483Z", + "name": "CVE-2023-4710", + "description": "A vulnerability classified as problematic was found in TOTVS RM 12.1. Affected by this vulnerability is an unknown functionality of the component Portal. The manipulation of the argument d leads to cross site scripting. The attack can be launched remotely. The identifier VDB-238573 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4710" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--fbbd2b36-7775-4cb1-904a-ce7c96d3b349.json b/objects/vulnerability/vulnerability--fbbd2b36-7775-4cb1-904a-ce7c96d3b349.json new file mode 100644 index 00000000000..d7f84d8bd7d --- /dev/null +++ b/objects/vulnerability/vulnerability--fbbd2b36-7775-4cb1-904a-ce7c96d3b349.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ca02f139-fc4f-4970-9d13-427c4ae9fa22", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--fbbd2b36-7775-4cb1-904a-ce7c96d3b349", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:25.629584Z", + "modified": "2023-09-02T00:05:25.629584Z", + "name": "CVE-2023-4378", + "description": "An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. A malicious Maintainer can, under specific circumstances, leak the sentry token by changing the configured URL in the Sentry error tracking settings page. This was as a result of an incomplete fix for CVE-2022-4365.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4378" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--fc6b2bc7-2e1c-4985-bd8c-f9d29687358b.json b/objects/vulnerability/vulnerability--fc6b2bc7-2e1c-4985-bd8c-f9d29687358b.json new file mode 100644 index 00000000000..e46ff2d6116 --- /dev/null +++ b/objects/vulnerability/vulnerability--fc6b2bc7-2e1c-4985-bd8c-f9d29687358b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b03580e7-8872-47d2-9fb0-fcae7d91be85", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--fc6b2bc7-2e1c-4985-bd8c-f9d29687358b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-09-02T00:05:24.246277Z", + "modified": "2023-09-02T00:05:24.246277Z", + "name": "CVE-2023-36100", + "description": "An issue was discovered in IceCMS version 2.0.1, allows attackers to escalate privileges and gain sensitive information via UserID parameter in api/User/ChangeUser.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-36100" + } + ] + } + ] +} \ No newline at end of file