From 6e1359dd40f1f3bbf0a63f4823cdb9e799dbef19 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 2 Nov 2023 00:16:39 +0000 Subject: [PATCH] generated content from 2023-11-02 --- mapping.csv | 138 ++++++++++++++++++ ...-0681683a-20b4-47ec-b320-8ee6bba3f50c.json | 22 +++ ...-0b0a5af1-523c-4951-8842-0193dc4d1c75.json | 22 +++ ...-0c3c9ee5-282b-4729-979b-ca1190ffb3fa.json | 22 +++ ...-0ce2b285-32aa-465b-ba01-f4d6c247b38d.json | 22 +++ ...-0d015bb2-a60b-410f-b56b-115a4062966d.json | 22 +++ ...-10788453-b099-4e6b-bbd7-5fabd8078377.json | 22 +++ ...-126927a2-5d85-4396-843e-1d19b7c0db92.json | 22 +++ ...-160cf6a2-99ce-418c-b84a-6e7bafc87b33.json | 22 +++ ...-18ce00c0-1445-40b7-ad68-80ee62a90b00.json | 22 +++ ...-1a900fa3-615b-4e26-b0cb-0123d218bd2b.json | 22 +++ ...-1c418be1-18b6-4277-ae16-7d753267bdae.json | 22 +++ ...-1fb6aa6b-4ded-4623-85c2-120e1e562c23.json | 22 +++ ...-20717961-a186-4e21-bb04-8e388a5ab93a.json | 22 +++ ...-222db72d-d58a-4f6f-bed4-ea3e814ab7d2.json | 22 +++ ...-23b8e907-b41b-4bac-af44-39f69a2e6853.json | 22 +++ ...-250cd267-2b65-4503-ac6a-bf7bad68cdb4.json | 22 +++ ...-2af2d652-896a-4e5c-a588-93dde32faa78.json | 22 +++ ...-2e6f37e9-e8f8-43ba-a4e0-0e4810c56dee.json | 22 +++ ...-319a05ac-5e11-4d53-a6a3-855dfb2b659c.json | 22 +++ ...-31a06623-36f5-454c-927c-a91e8153de5b.json | 22 +++ ...-33dd99ba-1913-479c-8349-8d3d81065952.json | 22 +++ ...-34249774-95c3-441e-9e57-7107689f7668.json | 22 +++ ...-35841a25-2c58-4bc1-9827-d24134d5c2d4.json | 22 +++ ...-35ccb9fb-0109-45ab-bcda-4cfbb61e5b48.json | 22 +++ ...-36372f47-4d0e-4114-94ce-bc6bccfaffe0.json | 22 +++ ...-3b80faf2-47c7-4698-9bcd-c885e51c0927.json | 22 +++ ...-3caa1552-c561-4d41-b33e-b04f833cb62b.json | 22 +++ ...-3d15e17e-a044-48e8-bd9d-fcf01e6eb7e6.json | 22 +++ ...-3dbb39a1-e1a8-489a-a39d-e473d9a5359b.json | 22 +++ ...-3efd20bb-d35c-4587-915d-576a95a248a4.json | 22 +++ ...-40d796c6-1674-4e12-b896-0187e21ade1b.json | 22 +++ ...-41fac59b-97f6-4326-8598-6e57b5d145ff.json | 22 +++ ...-447ad6cd-77ed-4cda-852c-e0e5b77e2a9c.json | 22 +++ ...-45ce3d7f-27f3-44fe-a22a-30f6fe974712.json | 22 +++ ...-45dedc80-db72-43f7-873a-6293778d78a4.json | 22 +++ ...-461405ec-1844-4167-b95c-4a44bd85a164.json | 22 +++ ...-47fb6d7e-53ae-45f9-9534-315964af7e38.json | 22 +++ ...-497014be-cd75-4bb3-84a6-149c2426d517.json | 22 +++ ...-49f51de0-65a0-49dc-96fd-8ced911ad1e5.json | 22 +++ ...-4d78540a-2a23-4b94-a595-9876ee85a748.json | 22 +++ ...-4e2d48a0-3461-420b-9941-1c92f1fd4b97.json | 22 +++ ...-4ea1c3b9-9a06-4107-ab42-cd93718b71c0.json | 22 +++ ...-4edc63f2-8894-40c4-bda1-9937167fa70f.json | 22 +++ ...-4fcf5e9f-c0a3-48d1-bd9d-bf6cc287d3c3.json | 22 +++ ...-55815046-82ea-498b-a67d-2d2d19c3a4d8.json | 22 +++ ...-563c983d-8a4d-4314-9a3e-1764bd40f65b.json | 22 +++ ...-58287485-938d-46b0-8c35-62555a49e806.json | 22 +++ ...-5b50ee9a-0f78-48da-8a6d-12341ca138a4.json | 22 +++ ...-5e637879-6cfa-4c2d-8b33-4587f4d48109.json | 22 +++ ...-5f43121c-2fcf-474c-82b4-9adc17545c83.json | 22 +++ ...-6420787f-06ba-4745-bea8-c9ee6323343a.json | 22 +++ ...-64418e6b-3dd6-403f-9aa6-c559cf5e034d.json | 22 +++ ...-67943537-c12f-4e92-99a3-7f6bf0edef54.json | 22 +++ ...-69bf5f10-f2da-4af0-acc8-e1ac3d2b0a70.json | 22 +++ ...-6bccd2a0-bdbd-4d1b-b2ac-8865c3dca617.json | 22 +++ ...-6c3b5444-4610-42ce-acdb-be57a23555e5.json | 22 +++ ...-6d56677c-bb40-4e2e-8dc3-4fc8a72651da.json | 22 +++ ...-72d0db08-b359-4d82-9f0c-fa4aa855b74e.json | 22 +++ ...-72f539ea-383b-4a99-81c4-9d45c51d337c.json | 22 +++ ...-741362b7-d5e0-41b5-bfd1-cd89ce1a3c38.json | 22 +++ ...-74fbabbe-b055-4b01-bb4d-ce44f4c37bab.json | 22 +++ ...-758accdf-af7e-41ec-81fe-ed28c58c9d00.json | 22 +++ ...-78c03108-389b-4d68-8caf-3a69d0b71014.json | 22 +++ ...-7ddf4e29-75f6-46bf-aa6c-54aacb5401b9.json | 22 +++ ...-7e5487f7-694a-4a0f-b0a0-9c66a508b97c.json | 22 +++ ...-7ff9f2f3-0925-408f-b8cc-abea6001dcae.json | 22 +++ ...-84fe25c3-8003-45b6-8e1a-dfb81e35a00e.json | 22 +++ ...-86bd29f8-75a5-4c28-a0a9-7f66d9ccb3c6.json | 22 +++ ...-8865fce3-7f1e-4c62-8ebd-23a079561a23.json | 22 +++ ...-894f915b-188c-4729-b7f3-94c0067510d0.json | 22 +++ ...-89f71f14-2c8d-4890-ae8b-8a69671d4bca.json | 22 +++ ...-8afebc81-e080-4bcb-96fd-3f663db30086.json | 22 +++ ...-8ec4f0ec-d81e-4fed-b5ed-278b7879bd3b.json | 22 +++ ...-91abb75c-848f-4c90-812a-32fe0104712b.json | 22 +++ ...-953d9d3f-c094-4a67-9714-2518d47c91ff.json | 22 +++ ...-97f5de61-191a-4d93-818c-8ad957882fa2.json | 22 +++ ...-9a1418c5-c07d-4e6e-852e-f8d5c57b6951.json | 22 +++ ...-9d587ef0-f1d9-49c8-8553-712fa2b3365a.json | 22 +++ ...-9df4efb4-d31f-4532-8013-1e858603fa9f.json | 22 +++ ...-9e664ba1-0f63-4e83-ac82-ca37b01ee1a5.json | 22 +++ ...-9f6e26ee-5c6d-4da3-b166-f7873a8991d6.json | 22 +++ ...-a0eef01e-cf5c-4084-b4e7-c58346ac064e.json | 22 +++ ...-a1c71c27-c08a-43a8-8917-83ab615ee1bd.json | 22 +++ ...-a2f1c990-6bc4-4282-8efd-1bfb90c36eb4.json | 22 +++ ...-a3142bec-153a-4f23-9b7a-6588587c7578.json | 22 +++ ...-a4bf4546-8d5b-406f-8211-701596111441.json | 22 +++ ...-a7002f07-e866-402e-8b81-73b61d2c8bff.json | 22 +++ ...-a71afe8a-027f-41c6-b4a1-9b7c08911558.json | 22 +++ ...-a962b8e0-4912-4f55-a59b-1bd056d29dcd.json | 22 +++ ...-a98d7349-99d6-4474-80b0-8710b47d7efd.json | 22 +++ ...-aa53e4de-6ea3-4b5a-870f-026a1d881725.json | 22 +++ ...-aa575e20-5452-40a6-91ba-ed6468a15c7f.json | 22 +++ ...-ae7e0c3b-f48a-4dbf-971c-f46953cc342b.json | 22 +++ ...-b1e00c4b-8769-4784-adb2-893514e0bb39.json | 22 +++ ...-b2cb845a-2a9b-43b3-98af-4d116e94a5b1.json | 22 +++ ...-b3612165-64e1-4ae6-80c9-e7257bd341ac.json | 22 +++ ...-b4b47749-2a1d-4f1c-88d2-f7029d4a2d7d.json | 22 +++ ...-b55b3123-b929-4af2-8546-1c7190991842.json | 22 +++ ...-b860506b-a001-40a5-ac81-f8638f94dec9.json | 22 +++ ...-b89a1a44-dce5-48a7-b9ce-e30cdc4a61f7.json | 22 +++ ...-baa37d48-ade8-41f1-91fa-68b458238ed8.json | 22 +++ ...-bd4fc2ea-085f-472e-bcea-cf93b25f09b9.json | 22 +++ ...-bd61dca0-593b-4d04-a2ce-c54fbcce1022.json | 22 +++ ...-bef497e2-ded5-4372-9f31-95c5ec405084.json | 22 +++ ...-bf80f0ab-3c5c-4e6f-88ec-9ed98a6d88e4.json | 22 +++ ...-c2ae4c43-c15e-4737-a74f-f4d3d2798e8c.json | 22 +++ ...-c5760f4a-cd34-407e-8449-01ec3593ea5e.json | 22 +++ ...-c6efb8ff-a68a-4dcb-a59f-a4304eb6da1d.json | 22 +++ ...-cbfb34d2-52cd-4d98-926a-33abb4934743.json | 22 +++ ...-cd33492d-0d83-4e67-a846-ad3cd768fcdd.json | 22 +++ ...-cf2f629d-67b8-407f-9257-d88a673589fe.json | 22 +++ ...-cf4f81a9-7da8-45a3-8ff8-987142d3279f.json | 22 +++ ...-d0db1cd9-6994-4734-aa27-2455c15cd8fe.json | 22 +++ ...-d34a3271-1102-423d-bc22-94b1c36942de.json | 22 +++ ...-d3706840-48d4-45a3-8b37-56e049501313.json | 22 +++ ...-d3b2c125-aece-48d8-b8e8-14e102dcb53b.json | 22 +++ ...-d5a76879-2a51-4d49-bf42-17e2bcfb940f.json | 22 +++ ...-d79f8a33-ba7e-4ebe-a3a8-530ea2665af7.json | 22 +++ ...-d82e5bc2-6d41-492f-b12c-92ffcdc46218.json | 22 +++ ...-ddcf8855-0d86-4eb2-a17b-6346eb7cb643.json | 22 +++ ...-e0a7cace-77db-4c74-91c2-9e038a78d012.json | 22 +++ ...-e1d4ebd8-d1b5-4370-bd60-1310d345b5f3.json | 22 +++ ...-e210a7c2-b910-4f6e-8dcc-81c7e39c7d7c.json | 22 +++ ...-e5271562-19eb-4b3a-a44f-1f593a2c97ac.json | 22 +++ ...-e8a684f0-3b43-4e4d-985f-f193627325e5.json | 22 +++ ...-ea70ed60-2e02-468a-bac8-83f40942d72c.json | 22 +++ ...-ead11e75-bc59-4a13-a8f5-21749c0e90ab.json | 22 +++ ...-ec90af0c-cfcb-4742-8baa-8de526f47b4a.json | 22 +++ ...-ed862b26-e07f-494d-8699-3f161a5bc2bd.json | 22 +++ ...-f0758e8c-954d-426f-aa9b-af652b545b5c.json | 22 +++ ...-f3c55e17-8ee9-4042-9381-2966c7db9200.json | 22 +++ ...-f551a5d2-775a-4fd9-a867-920b9725c047.json | 22 +++ ...-f617a8bc-5de1-4977-9010-99d581f56fa3.json | 22 +++ ...-f8414b70-8e35-49c4-9b60-3b399a5e9a7a.json | 22 +++ ...-fa23f9c0-262e-44a7-a3b1-093cfa8795c8.json | 22 +++ ...-fb462bb7-f3f5-4537-8368-5a87412213ca.json | 22 +++ ...-fbc56b28-cdb3-48c0-adea-31d7e0f09b6a.json | 22 +++ ...-fde63353-2520-48da-8032-ab63deaa5016.json | 22 +++ 139 files changed, 3174 insertions(+) create mode 100644 objects/vulnerability/vulnerability--0681683a-20b4-47ec-b320-8ee6bba3f50c.json create mode 100644 objects/vulnerability/vulnerability--0b0a5af1-523c-4951-8842-0193dc4d1c75.json create mode 100644 objects/vulnerability/vulnerability--0c3c9ee5-282b-4729-979b-ca1190ffb3fa.json create mode 100644 objects/vulnerability/vulnerability--0ce2b285-32aa-465b-ba01-f4d6c247b38d.json create mode 100644 objects/vulnerability/vulnerability--0d015bb2-a60b-410f-b56b-115a4062966d.json create mode 100644 objects/vulnerability/vulnerability--10788453-b099-4e6b-bbd7-5fabd8078377.json create mode 100644 objects/vulnerability/vulnerability--126927a2-5d85-4396-843e-1d19b7c0db92.json create mode 100644 objects/vulnerability/vulnerability--160cf6a2-99ce-418c-b84a-6e7bafc87b33.json create mode 100644 objects/vulnerability/vulnerability--18ce00c0-1445-40b7-ad68-80ee62a90b00.json create mode 100644 objects/vulnerability/vulnerability--1a900fa3-615b-4e26-b0cb-0123d218bd2b.json create mode 100644 objects/vulnerability/vulnerability--1c418be1-18b6-4277-ae16-7d753267bdae.json create mode 100644 objects/vulnerability/vulnerability--1fb6aa6b-4ded-4623-85c2-120e1e562c23.json create mode 100644 objects/vulnerability/vulnerability--20717961-a186-4e21-bb04-8e388a5ab93a.json create mode 100644 objects/vulnerability/vulnerability--222db72d-d58a-4f6f-bed4-ea3e814ab7d2.json create mode 100644 objects/vulnerability/vulnerability--23b8e907-b41b-4bac-af44-39f69a2e6853.json create mode 100644 objects/vulnerability/vulnerability--250cd267-2b65-4503-ac6a-bf7bad68cdb4.json create mode 100644 objects/vulnerability/vulnerability--2af2d652-896a-4e5c-a588-93dde32faa78.json create mode 100644 objects/vulnerability/vulnerability--2e6f37e9-e8f8-43ba-a4e0-0e4810c56dee.json create mode 100644 objects/vulnerability/vulnerability--319a05ac-5e11-4d53-a6a3-855dfb2b659c.json create mode 100644 objects/vulnerability/vulnerability--31a06623-36f5-454c-927c-a91e8153de5b.json create mode 100644 objects/vulnerability/vulnerability--33dd99ba-1913-479c-8349-8d3d81065952.json create mode 100644 objects/vulnerability/vulnerability--34249774-95c3-441e-9e57-7107689f7668.json create mode 100644 objects/vulnerability/vulnerability--35841a25-2c58-4bc1-9827-d24134d5c2d4.json create mode 100644 objects/vulnerability/vulnerability--35ccb9fb-0109-45ab-bcda-4cfbb61e5b48.json create mode 100644 objects/vulnerability/vulnerability--36372f47-4d0e-4114-94ce-bc6bccfaffe0.json create mode 100644 objects/vulnerability/vulnerability--3b80faf2-47c7-4698-9bcd-c885e51c0927.json create mode 100644 objects/vulnerability/vulnerability--3caa1552-c561-4d41-b33e-b04f833cb62b.json create mode 100644 objects/vulnerability/vulnerability--3d15e17e-a044-48e8-bd9d-fcf01e6eb7e6.json create mode 100644 objects/vulnerability/vulnerability--3dbb39a1-e1a8-489a-a39d-e473d9a5359b.json create mode 100644 objects/vulnerability/vulnerability--3efd20bb-d35c-4587-915d-576a95a248a4.json create mode 100644 objects/vulnerability/vulnerability--40d796c6-1674-4e12-b896-0187e21ade1b.json create mode 100644 objects/vulnerability/vulnerability--41fac59b-97f6-4326-8598-6e57b5d145ff.json create mode 100644 objects/vulnerability/vulnerability--447ad6cd-77ed-4cda-852c-e0e5b77e2a9c.json create mode 100644 objects/vulnerability/vulnerability--45ce3d7f-27f3-44fe-a22a-30f6fe974712.json create mode 100644 objects/vulnerability/vulnerability--45dedc80-db72-43f7-873a-6293778d78a4.json create mode 100644 objects/vulnerability/vulnerability--461405ec-1844-4167-b95c-4a44bd85a164.json create mode 100644 objects/vulnerability/vulnerability--47fb6d7e-53ae-45f9-9534-315964af7e38.json create mode 100644 objects/vulnerability/vulnerability--497014be-cd75-4bb3-84a6-149c2426d517.json create mode 100644 objects/vulnerability/vulnerability--49f51de0-65a0-49dc-96fd-8ced911ad1e5.json create mode 100644 objects/vulnerability/vulnerability--4d78540a-2a23-4b94-a595-9876ee85a748.json create mode 100644 objects/vulnerability/vulnerability--4e2d48a0-3461-420b-9941-1c92f1fd4b97.json create mode 100644 objects/vulnerability/vulnerability--4ea1c3b9-9a06-4107-ab42-cd93718b71c0.json create mode 100644 objects/vulnerability/vulnerability--4edc63f2-8894-40c4-bda1-9937167fa70f.json create mode 100644 objects/vulnerability/vulnerability--4fcf5e9f-c0a3-48d1-bd9d-bf6cc287d3c3.json create mode 100644 objects/vulnerability/vulnerability--55815046-82ea-498b-a67d-2d2d19c3a4d8.json create mode 100644 objects/vulnerability/vulnerability--563c983d-8a4d-4314-9a3e-1764bd40f65b.json create mode 100644 objects/vulnerability/vulnerability--58287485-938d-46b0-8c35-62555a49e806.json create mode 100644 objects/vulnerability/vulnerability--5b50ee9a-0f78-48da-8a6d-12341ca138a4.json create mode 100644 objects/vulnerability/vulnerability--5e637879-6cfa-4c2d-8b33-4587f4d48109.json create mode 100644 objects/vulnerability/vulnerability--5f43121c-2fcf-474c-82b4-9adc17545c83.json create mode 100644 objects/vulnerability/vulnerability--6420787f-06ba-4745-bea8-c9ee6323343a.json create mode 100644 objects/vulnerability/vulnerability--64418e6b-3dd6-403f-9aa6-c559cf5e034d.json create mode 100644 objects/vulnerability/vulnerability--67943537-c12f-4e92-99a3-7f6bf0edef54.json create mode 100644 objects/vulnerability/vulnerability--69bf5f10-f2da-4af0-acc8-e1ac3d2b0a70.json create mode 100644 objects/vulnerability/vulnerability--6bccd2a0-bdbd-4d1b-b2ac-8865c3dca617.json create mode 100644 objects/vulnerability/vulnerability--6c3b5444-4610-42ce-acdb-be57a23555e5.json create mode 100644 objects/vulnerability/vulnerability--6d56677c-bb40-4e2e-8dc3-4fc8a72651da.json create mode 100644 objects/vulnerability/vulnerability--72d0db08-b359-4d82-9f0c-fa4aa855b74e.json create mode 100644 objects/vulnerability/vulnerability--72f539ea-383b-4a99-81c4-9d45c51d337c.json create mode 100644 objects/vulnerability/vulnerability--741362b7-d5e0-41b5-bfd1-cd89ce1a3c38.json create mode 100644 objects/vulnerability/vulnerability--74fbabbe-b055-4b01-bb4d-ce44f4c37bab.json create mode 100644 objects/vulnerability/vulnerability--758accdf-af7e-41ec-81fe-ed28c58c9d00.json create mode 100644 objects/vulnerability/vulnerability--78c03108-389b-4d68-8caf-3a69d0b71014.json create mode 100644 objects/vulnerability/vulnerability--7ddf4e29-75f6-46bf-aa6c-54aacb5401b9.json create mode 100644 objects/vulnerability/vulnerability--7e5487f7-694a-4a0f-b0a0-9c66a508b97c.json create mode 100644 objects/vulnerability/vulnerability--7ff9f2f3-0925-408f-b8cc-abea6001dcae.json create mode 100644 objects/vulnerability/vulnerability--84fe25c3-8003-45b6-8e1a-dfb81e35a00e.json create mode 100644 objects/vulnerability/vulnerability--86bd29f8-75a5-4c28-a0a9-7f66d9ccb3c6.json create mode 100644 objects/vulnerability/vulnerability--8865fce3-7f1e-4c62-8ebd-23a079561a23.json create mode 100644 objects/vulnerability/vulnerability--894f915b-188c-4729-b7f3-94c0067510d0.json create mode 100644 objects/vulnerability/vulnerability--89f71f14-2c8d-4890-ae8b-8a69671d4bca.json create mode 100644 objects/vulnerability/vulnerability--8afebc81-e080-4bcb-96fd-3f663db30086.json create mode 100644 objects/vulnerability/vulnerability--8ec4f0ec-d81e-4fed-b5ed-278b7879bd3b.json create mode 100644 objects/vulnerability/vulnerability--91abb75c-848f-4c90-812a-32fe0104712b.json create mode 100644 objects/vulnerability/vulnerability--953d9d3f-c094-4a67-9714-2518d47c91ff.json create mode 100644 objects/vulnerability/vulnerability--97f5de61-191a-4d93-818c-8ad957882fa2.json create mode 100644 objects/vulnerability/vulnerability--9a1418c5-c07d-4e6e-852e-f8d5c57b6951.json create mode 100644 objects/vulnerability/vulnerability--9d587ef0-f1d9-49c8-8553-712fa2b3365a.json create mode 100644 objects/vulnerability/vulnerability--9df4efb4-d31f-4532-8013-1e858603fa9f.json create mode 100644 objects/vulnerability/vulnerability--9e664ba1-0f63-4e83-ac82-ca37b01ee1a5.json create mode 100644 objects/vulnerability/vulnerability--9f6e26ee-5c6d-4da3-b166-f7873a8991d6.json create mode 100644 objects/vulnerability/vulnerability--a0eef01e-cf5c-4084-b4e7-c58346ac064e.json create mode 100644 objects/vulnerability/vulnerability--a1c71c27-c08a-43a8-8917-83ab615ee1bd.json create mode 100644 objects/vulnerability/vulnerability--a2f1c990-6bc4-4282-8efd-1bfb90c36eb4.json create mode 100644 objects/vulnerability/vulnerability--a3142bec-153a-4f23-9b7a-6588587c7578.json create mode 100644 objects/vulnerability/vulnerability--a4bf4546-8d5b-406f-8211-701596111441.json create mode 100644 objects/vulnerability/vulnerability--a7002f07-e866-402e-8b81-73b61d2c8bff.json create mode 100644 objects/vulnerability/vulnerability--a71afe8a-027f-41c6-b4a1-9b7c08911558.json create mode 100644 objects/vulnerability/vulnerability--a962b8e0-4912-4f55-a59b-1bd056d29dcd.json create mode 100644 objects/vulnerability/vulnerability--a98d7349-99d6-4474-80b0-8710b47d7efd.json create mode 100644 objects/vulnerability/vulnerability--aa53e4de-6ea3-4b5a-870f-026a1d881725.json create mode 100644 objects/vulnerability/vulnerability--aa575e20-5452-40a6-91ba-ed6468a15c7f.json create mode 100644 objects/vulnerability/vulnerability--ae7e0c3b-f48a-4dbf-971c-f46953cc342b.json create mode 100644 objects/vulnerability/vulnerability--b1e00c4b-8769-4784-adb2-893514e0bb39.json create mode 100644 objects/vulnerability/vulnerability--b2cb845a-2a9b-43b3-98af-4d116e94a5b1.json create mode 100644 objects/vulnerability/vulnerability--b3612165-64e1-4ae6-80c9-e7257bd341ac.json create mode 100644 objects/vulnerability/vulnerability--b4b47749-2a1d-4f1c-88d2-f7029d4a2d7d.json create mode 100644 objects/vulnerability/vulnerability--b55b3123-b929-4af2-8546-1c7190991842.json create mode 100644 objects/vulnerability/vulnerability--b860506b-a001-40a5-ac81-f8638f94dec9.json create mode 100644 objects/vulnerability/vulnerability--b89a1a44-dce5-48a7-b9ce-e30cdc4a61f7.json create mode 100644 objects/vulnerability/vulnerability--baa37d48-ade8-41f1-91fa-68b458238ed8.json create mode 100644 objects/vulnerability/vulnerability--bd4fc2ea-085f-472e-bcea-cf93b25f09b9.json create mode 100644 objects/vulnerability/vulnerability--bd61dca0-593b-4d04-a2ce-c54fbcce1022.json create mode 100644 objects/vulnerability/vulnerability--bef497e2-ded5-4372-9f31-95c5ec405084.json create mode 100644 objects/vulnerability/vulnerability--bf80f0ab-3c5c-4e6f-88ec-9ed98a6d88e4.json create mode 100644 objects/vulnerability/vulnerability--c2ae4c43-c15e-4737-a74f-f4d3d2798e8c.json create mode 100644 objects/vulnerability/vulnerability--c5760f4a-cd34-407e-8449-01ec3593ea5e.json create mode 100644 objects/vulnerability/vulnerability--c6efb8ff-a68a-4dcb-a59f-a4304eb6da1d.json create mode 100644 objects/vulnerability/vulnerability--cbfb34d2-52cd-4d98-926a-33abb4934743.json create mode 100644 objects/vulnerability/vulnerability--cd33492d-0d83-4e67-a846-ad3cd768fcdd.json create mode 100644 objects/vulnerability/vulnerability--cf2f629d-67b8-407f-9257-d88a673589fe.json create mode 100644 objects/vulnerability/vulnerability--cf4f81a9-7da8-45a3-8ff8-987142d3279f.json create mode 100644 objects/vulnerability/vulnerability--d0db1cd9-6994-4734-aa27-2455c15cd8fe.json create mode 100644 objects/vulnerability/vulnerability--d34a3271-1102-423d-bc22-94b1c36942de.json create mode 100644 objects/vulnerability/vulnerability--d3706840-48d4-45a3-8b37-56e049501313.json create mode 100644 objects/vulnerability/vulnerability--d3b2c125-aece-48d8-b8e8-14e102dcb53b.json create mode 100644 objects/vulnerability/vulnerability--d5a76879-2a51-4d49-bf42-17e2bcfb940f.json create mode 100644 objects/vulnerability/vulnerability--d79f8a33-ba7e-4ebe-a3a8-530ea2665af7.json create mode 100644 objects/vulnerability/vulnerability--d82e5bc2-6d41-492f-b12c-92ffcdc46218.json create mode 100644 objects/vulnerability/vulnerability--ddcf8855-0d86-4eb2-a17b-6346eb7cb643.json create mode 100644 objects/vulnerability/vulnerability--e0a7cace-77db-4c74-91c2-9e038a78d012.json create mode 100644 objects/vulnerability/vulnerability--e1d4ebd8-d1b5-4370-bd60-1310d345b5f3.json create mode 100644 objects/vulnerability/vulnerability--e210a7c2-b910-4f6e-8dcc-81c7e39c7d7c.json create mode 100644 objects/vulnerability/vulnerability--e5271562-19eb-4b3a-a44f-1f593a2c97ac.json create mode 100644 objects/vulnerability/vulnerability--e8a684f0-3b43-4e4d-985f-f193627325e5.json create mode 100644 objects/vulnerability/vulnerability--ea70ed60-2e02-468a-bac8-83f40942d72c.json create mode 100644 objects/vulnerability/vulnerability--ead11e75-bc59-4a13-a8f5-21749c0e90ab.json create mode 100644 objects/vulnerability/vulnerability--ec90af0c-cfcb-4742-8baa-8de526f47b4a.json create mode 100644 objects/vulnerability/vulnerability--ed862b26-e07f-494d-8699-3f161a5bc2bd.json create mode 100644 objects/vulnerability/vulnerability--f0758e8c-954d-426f-aa9b-af652b545b5c.json create mode 100644 objects/vulnerability/vulnerability--f3c55e17-8ee9-4042-9381-2966c7db9200.json create mode 100644 objects/vulnerability/vulnerability--f551a5d2-775a-4fd9-a867-920b9725c047.json create mode 100644 objects/vulnerability/vulnerability--f617a8bc-5de1-4977-9010-99d581f56fa3.json create mode 100644 objects/vulnerability/vulnerability--f8414b70-8e35-49c4-9b60-3b399a5e9a7a.json create mode 100644 objects/vulnerability/vulnerability--fa23f9c0-262e-44a7-a3b1-093cfa8795c8.json create mode 100644 objects/vulnerability/vulnerability--fb462bb7-f3f5-4537-8368-5a87412213ca.json create mode 100644 objects/vulnerability/vulnerability--fbc56b28-cdb3-48c0-adea-31d7e0f09b6a.json create mode 100644 objects/vulnerability/vulnerability--fde63353-2520-48da-8032-ab63deaa5016.json diff --git a/mapping.csv b/mapping.csv index cf8d2d114db..aafe468f3df 100644 --- a/mapping.csv +++ b/mapping.csv @@ -216387,3 +216387,141 @@ vulnerability,CVE-2023-46361,vulnerability--362abe94-6310-4175-a2e0-a4b4ec851566 vulnerability,CVE-2023-46210,vulnerability--4734b7a8-3872-4fb1-94e7-2370833bc099 vulnerability,CVE-2016-1203,vulnerability--af1c3615-66f1-48b6-970c-68d5b85aedc8 vulnerability,CVE-2022-3007,vulnerability--625e5791-6cee-4b47-b374-317fff71935d +vulnerability,CVE-2023-5853,vulnerability--fa23f9c0-262e-44a7-a3b1-093cfa8795c8 +vulnerability,CVE-2023-5896,vulnerability--c6efb8ff-a68a-4dcb-a59f-a4304eb6da1d +vulnerability,CVE-2023-5765,vulnerability--b3612165-64e1-4ae6-80c9-e7257bd341ac +vulnerability,CVE-2023-5178,vulnerability--a962b8e0-4912-4f55-a59b-1bd056d29dcd +vulnerability,CVE-2023-5625,vulnerability--250cd267-2b65-4503-ac6a-bf7bad68cdb4 +vulnerability,CVE-2023-5891,vulnerability--89f71f14-2c8d-4890-ae8b-8a69671d4bca +vulnerability,CVE-2023-5849,vulnerability--4edc63f2-8894-40c4-bda1-9937167fa70f +vulnerability,CVE-2023-5894,vulnerability--cf4f81a9-7da8-45a3-8ff8-987142d3279f +vulnerability,CVE-2023-5851,vulnerability--d82e5bc2-6d41-492f-b12c-92ffcdc46218 +vulnerability,CVE-2023-5892,vulnerability--58287485-938d-46b0-8c35-62555a49e806 +vulnerability,CVE-2023-5856,vulnerability--2af2d652-896a-4e5c-a588-93dde32faa78 +vulnerability,CVE-2023-5889,vulnerability--6c3b5444-4610-42ce-acdb-be57a23555e5 +vulnerability,CVE-2023-5858,vulnerability--d34a3271-1102-423d-bc22-94b1c36942de +vulnerability,CVE-2023-5893,vulnerability--d79f8a33-ba7e-4ebe-a3a8-530ea2665af7 +vulnerability,CVE-2023-5899,vulnerability--f0758e8c-954d-426f-aa9b-af652b545b5c +vulnerability,CVE-2023-5897,vulnerability--5f43121c-2fcf-474c-82b4-9adc17545c83 +vulnerability,CVE-2023-5855,vulnerability--d3706840-48d4-45a3-8b37-56e049501313 +vulnerability,CVE-2023-5854,vulnerability--a7002f07-e866-402e-8b81-73b61d2c8bff +vulnerability,CVE-2023-5515,vulnerability--b860506b-a001-40a5-ac81-f8638f94dec9 +vulnerability,CVE-2023-5480,vulnerability--5b50ee9a-0f78-48da-8a6d-12341ca138a4 +vulnerability,CVE-2023-5859,vulnerability--4d78540a-2a23-4b94-a595-9876ee85a748 +vulnerability,CVE-2023-5514,vulnerability--6bccd2a0-bdbd-4d1b-b2ac-8865c3dca617 +vulnerability,CVE-2023-5895,vulnerability--cf2f629d-67b8-407f-9257-d88a673589fe +vulnerability,CVE-2023-5358,vulnerability--bef497e2-ded5-4372-9f31-95c5ec405084 +vulnerability,CVE-2023-5852,vulnerability--f551a5d2-775a-4fd9-a867-920b9725c047 +vulnerability,CVE-2023-5516,vulnerability--36372f47-4d0e-4114-94ce-bc6bccfaffe0 +vulnerability,CVE-2023-5850,vulnerability--f3c55e17-8ee9-4042-9381-2966c7db9200 +vulnerability,CVE-2023-5847,vulnerability--a4bf4546-8d5b-406f-8211-701596111441 +vulnerability,CVE-2023-5910,vulnerability--aa53e4de-6ea3-4b5a-870f-026a1d881725 +vulnerability,CVE-2023-5898,vulnerability--1fb6aa6b-4ded-4623-85c2-120e1e562c23 +vulnerability,CVE-2023-5890,vulnerability--9e664ba1-0f63-4e83-ac82-ca37b01ee1a5 +vulnerability,CVE-2023-5857,vulnerability--741362b7-d5e0-41b5-bfd1-cd89ce1a3c38 +vulnerability,CVE-2023-5482,vulnerability--bd4fc2ea-085f-472e-bcea-cf93b25f09b9 +vulnerability,CVE-2023-5627,vulnerability--baa37d48-ade8-41f1-91fa-68b458238ed8 +vulnerability,CVE-2023-5766,vulnerability--23b8e907-b41b-4bac-af44-39f69a2e6853 +vulnerability,CVE-2023-33228,vulnerability--72f539ea-383b-4a99-81c4-9d45c51d337c +vulnerability,CVE-2023-33227,vulnerability--40d796c6-1674-4e12-b896-0187e21ade1b +vulnerability,CVE-2023-33226,vulnerability--953d9d3f-c094-4a67-9714-2518d47c91ff +vulnerability,CVE-2023-2622,vulnerability--1c418be1-18b6-4277-ae16-7d753267bdae +vulnerability,CVE-2023-2621,vulnerability--b4b47749-2a1d-4f1c-88d2-f7029d4a2d7d +vulnerability,CVE-2023-40062,vulnerability--78c03108-389b-4d68-8caf-3a69d0b71014 +vulnerability,CVE-2023-40061,vulnerability--0c3c9ee5-282b-4729-979b-ca1190ffb3fa +vulnerability,CVE-2023-3972,vulnerability--222db72d-d58a-4f6f-bed4-ea3e814ab7d2 +vulnerability,CVE-2023-3397,vulnerability--4ea1c3b9-9a06-4107-ab42-cd93718b71c0 +vulnerability,CVE-2023-39281,vulnerability--67943537-c12f-4e92-99a3-7f6bf0edef54 +vulnerability,CVE-2023-42641,vulnerability--7ddf4e29-75f6-46bf-aa6c-54aacb5401b9 +vulnerability,CVE-2023-42638,vulnerability--0d015bb2-a60b-410f-b56b-115a4062966d +vulnerability,CVE-2023-42633,vulnerability--3dbb39a1-e1a8-489a-a39d-e473d9a5359b +vulnerability,CVE-2023-42640,vulnerability--72d0db08-b359-4d82-9f0c-fa4aa855b74e +vulnerability,CVE-2023-42651,vulnerability--8ec4f0ec-d81e-4fed-b5ed-278b7879bd3b +vulnerability,CVE-2023-42632,vulnerability--8865fce3-7f1e-4c62-8ebd-23a079561a23 +vulnerability,CVE-2023-42648,vulnerability--497014be-cd75-4bb3-84a6-149c2426d517 +vulnerability,CVE-2023-42631,vulnerability--7e5487f7-694a-4a0f-b0a0-9c66a508b97c +vulnerability,CVE-2023-42637,vulnerability--64418e6b-3dd6-403f-9aa6-c559cf5e034d +vulnerability,CVE-2023-42634,vulnerability--a0eef01e-cf5c-4084-b4e7-c58346ac064e +vulnerability,CVE-2023-42649,vulnerability--d5a76879-2a51-4d49-bf42-17e2bcfb940f +vulnerability,CVE-2023-42642,vulnerability--758accdf-af7e-41ec-81fe-ed28c58c9d00 +vulnerability,CVE-2023-42646,vulnerability--0681683a-20b4-47ec-b320-8ee6bba3f50c +vulnerability,CVE-2023-42650,vulnerability--10788453-b099-4e6b-bbd7-5fabd8078377 +vulnerability,CVE-2023-42636,vulnerability--e210a7c2-b910-4f6e-8dcc-81c7e39c7d7c +vulnerability,CVE-2023-42644,vulnerability--41fac59b-97f6-4326-8598-6e57b5d145ff +vulnerability,CVE-2023-42635,vulnerability--e1d4ebd8-d1b5-4370-bd60-1310d345b5f3 +vulnerability,CVE-2023-42750,vulnerability--91abb75c-848f-4c90-812a-32fe0104712b +vulnerability,CVE-2023-42655,vulnerability--55815046-82ea-498b-a67d-2d2d19c3a4d8 +vulnerability,CVE-2023-42647,vulnerability--9d587ef0-f1d9-49c8-8553-712fa2b3365a +vulnerability,CVE-2023-42653,vulnerability--3d15e17e-a044-48e8-bd9d-fcf01e6eb7e6 +vulnerability,CVE-2023-42654,vulnerability--3efd20bb-d35c-4587-915d-576a95a248a4 +vulnerability,CVE-2023-42643,vulnerability--bf80f0ab-3c5c-4e6f-88ec-9ed98a6d88e4 +vulnerability,CVE-2023-42652,vulnerability--cd33492d-0d83-4e67-a846-ad3cd768fcdd +vulnerability,CVE-2023-42645,vulnerability--34249774-95c3-441e-9e57-7107689f7668 +vulnerability,CVE-2023-42639,vulnerability--f8414b70-8e35-49c4-9b60-3b399a5e9a7a +vulnerability,CVE-2023-4197,vulnerability--4fcf5e9f-c0a3-48d1-bd9d-bf6cc287d3c3 +vulnerability,CVE-2023-4452,vulnerability--8afebc81-e080-4bcb-96fd-3f663db30086 +vulnerability,CVE-2023-4198,vulnerability--a2f1c990-6bc4-4282-8efd-1bfb90c36eb4 +vulnerability,CVE-2023-44025,vulnerability--35ccb9fb-0109-45ab-bcda-4cfbb61e5b48 +vulnerability,CVE-2023-44954,vulnerability--ddcf8855-0d86-4eb2-a17b-6346eb7cb643 +vulnerability,CVE-2023-1715,vulnerability--447ad6cd-77ed-4cda-852c-e0e5b77e2a9c +vulnerability,CVE-2023-1713,vulnerability--97f5de61-191a-4d93-818c-8ad957882fa2 +vulnerability,CVE-2023-1720,vulnerability--e8a684f0-3b43-4e4d-985f-f193627325e5 +vulnerability,CVE-2023-1716,vulnerability--fb462bb7-f3f5-4537-8368-5a87412213ca +vulnerability,CVE-2023-1193,vulnerability--69bf5f10-f2da-4af0-acc8-e1ac3d2b0a70 +vulnerability,CVE-2023-1714,vulnerability--9a1418c5-c07d-4e6e-852e-f8d5c57b6951 +vulnerability,CVE-2023-1717,vulnerability--47fb6d7e-53ae-45f9-9534-315964af7e38 +vulnerability,CVE-2023-1192,vulnerability--fde63353-2520-48da-8032-ab63deaa5016 +vulnerability,CVE-2023-1718,vulnerability--33dd99ba-1913-479c-8349-8d3d81065952 +vulnerability,CVE-2023-1719,vulnerability--cbfb34d2-52cd-4d98-926a-33abb4934743 +vulnerability,CVE-2023-45201,vulnerability--2e6f37e9-e8f8-43ba-a4e0-0e4810c56dee +vulnerability,CVE-2023-45203,vulnerability--ead11e75-bc59-4a13-a8f5-21749c0e90ab +vulnerability,CVE-2023-45202,vulnerability--b2cb845a-2a9b-43b3-98af-4d116e94a5b1 +vulnerability,CVE-2023-20063,vulnerability--0ce2b285-32aa-465b-ba01-f4d6c247b38d +vulnerability,CVE-2023-20220,vulnerability--894f915b-188c-4729-b7f3-94c0067510d0 +vulnerability,CVE-2023-20086,vulnerability--319a05ac-5e11-4d53-a6a3-855dfb2b659c +vulnerability,CVE-2023-20074,vulnerability--a98d7349-99d6-4474-80b0-8710b47d7efd +vulnerability,CVE-2023-20244,vulnerability--aa575e20-5452-40a6-91ba-ed6468a15c7f +vulnerability,CVE-2023-20031,vulnerability--bd61dca0-593b-4d04-a2ce-c54fbcce1022 +vulnerability,CVE-2023-20155,vulnerability--c2ae4c43-c15e-4737-a74f-f4d3d2798e8c +vulnerability,CVE-2023-20213,vulnerability--a71afe8a-027f-41c6-b4a1-9b7c08911558 +vulnerability,CVE-2023-20206,vulnerability--461405ec-1844-4167-b95c-4a44bd85a164 +vulnerability,CVE-2023-20219,vulnerability--45dedc80-db72-43f7-873a-6293778d78a4 +vulnerability,CVE-2023-20041,vulnerability--ec90af0c-cfcb-4742-8baa-8de526f47b4a +vulnerability,CVE-2023-20246,vulnerability--ed862b26-e07f-494d-8699-3f161a5bc2bd +vulnerability,CVE-2023-20114,vulnerability--45ce3d7f-27f3-44fe-a22a-30f6fe974712 +vulnerability,CVE-2023-20175,vulnerability--b89a1a44-dce5-48a7-b9ce-e30cdc4a61f7 +vulnerability,CVE-2023-20071,vulnerability--ea70ed60-2e02-468a-bac8-83f40942d72c +vulnerability,CVE-2023-20255,vulnerability--e5271562-19eb-4b3a-a44f-1f593a2c97ac +vulnerability,CVE-2023-20042,vulnerability--20717961-a186-4e21-bb04-8e388a5ab93a +vulnerability,CVE-2023-20048,vulnerability--0b0a5af1-523c-4951-8842-0193dc4d1c75 +vulnerability,CVE-2023-20256,vulnerability--a3142bec-153a-4f23-9b7a-6588587c7578 +vulnerability,CVE-2023-20083,vulnerability--74fbabbe-b055-4b01-bb4d-ce44f4c37bab +vulnerability,CVE-2023-20005,vulnerability--b55b3123-b929-4af2-8546-1c7190991842 +vulnerability,CVE-2023-20270,vulnerability--5e637879-6cfa-4c2d-8b33-4587f4d48109 +vulnerability,CVE-2023-20264,vulnerability--d3b2c125-aece-48d8-b8e8-14e102dcb53b +vulnerability,CVE-2023-20070,vulnerability--f617a8bc-5de1-4977-9010-99d581f56fa3 +vulnerability,CVE-2023-20195,vulnerability--d0db1cd9-6994-4734-aa27-2455c15cd8fe +vulnerability,CVE-2023-20196,vulnerability--1a900fa3-615b-4e26-b0cb-0123d218bd2b +vulnerability,CVE-2023-20095,vulnerability--fbc56b28-cdb3-48c0-adea-31d7e0f09b6a +vulnerability,CVE-2023-20170,vulnerability--31a06623-36f5-454c-927c-a91e8153de5b +vulnerability,CVE-2023-20247,vulnerability--9f6e26ee-5c6d-4da3-b166-f7873a8991d6 +vulnerability,CVE-2023-20267,vulnerability--563c983d-8a4d-4314-9a3e-1764bd40f65b +vulnerability,CVE-2023-20177,vulnerability--18ce00c0-1445-40b7-ad68-80ee62a90b00 +vulnerability,CVE-2023-20245,vulnerability--9df4efb4-d31f-4532-8013-1e858603fa9f +vulnerability,CVE-2023-46928,vulnerability--c5760f4a-cd34-407e-8449-01ec3593ea5e +vulnerability,CVE-2023-46930,vulnerability--49f51de0-65a0-49dc-96fd-8ced911ad1e5 +vulnerability,CVE-2023-46428,vulnerability--7ff9f2f3-0925-408f-b8cc-abea6001dcae +vulnerability,CVE-2023-46448,vulnerability--160cf6a2-99ce-418c-b84a-6e7bafc87b33 +vulnerability,CVE-2023-46927,vulnerability--b1e00c4b-8769-4784-adb2-893514e0bb39 +vulnerability,CVE-2023-46724,vulnerability--4e2d48a0-3461-420b-9941-1c92f1fd4b97 +vulnerability,CVE-2023-46931,vulnerability--84fe25c3-8003-45b6-8e1a-dfb81e35a00e +vulnerability,CVE-2023-46911,vulnerability--3b80faf2-47c7-4698-9bcd-c885e51c0927 +vulnerability,CVE-2023-46482,vulnerability--e0a7cace-77db-4c74-91c2-9e038a78d012 +vulnerability,CVE-2022-48459,vulnerability--ae7e0c3b-f48a-4dbf-971c-f46953cc342b +vulnerability,CVE-2022-48458,vulnerability--a1c71c27-c08a-43a8-8917-83ab615ee1bd +vulnerability,CVE-2022-48461,vulnerability--126927a2-5d85-4396-843e-1d19b7c0db92 +vulnerability,CVE-2022-48457,vulnerability--3caa1552-c561-4d41-b33e-b04f833cb62b +vulnerability,CVE-2022-48456,vulnerability--6420787f-06ba-4745-bea8-c9ee6323343a +vulnerability,CVE-2022-48455,vulnerability--86bd29f8-75a5-4c28-a0a9-7f66d9ccb3c6 +vulnerability,CVE-2022-48454,vulnerability--35841a25-2c58-4bc1-9827-d24134d5c2d4 +vulnerability,CVE-2022-48460,vulnerability--6d56677c-bb40-4e2e-8dc3-4fc8a72651da diff --git a/objects/vulnerability/vulnerability--0681683a-20b4-47ec-b320-8ee6bba3f50c.json b/objects/vulnerability/vulnerability--0681683a-20b4-47ec-b320-8ee6bba3f50c.json new file mode 100644 index 00000000000..ad07753bbae --- /dev/null +++ b/objects/vulnerability/vulnerability--0681683a-20b4-47ec-b320-8ee6bba3f50c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--743d7f00-e093-4d43-b914-15556b7969b4", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0681683a-20b4-47ec-b320-8ee6bba3f50c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.902667Z", + "modified": "2023-11-02T00:16:13.902667Z", + "name": "CVE-2023-42646", + "description": "In Ifaa service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42646" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0b0a5af1-523c-4951-8842-0193dc4d1c75.json b/objects/vulnerability/vulnerability--0b0a5af1-523c-4951-8842-0193dc4d1c75.json new file mode 100644 index 00000000000..ac94346a9e3 --- /dev/null +++ b/objects/vulnerability/vulnerability--0b0a5af1-523c-4951-8842-0193dc4d1c75.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d6ba7174-ba76-4966-b5ca-be749a2b1a28", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0b0a5af1-523c-4951-8842-0193dc4d1c75", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.196822Z", + "modified": "2023-11-02T00:16:15.196822Z", + "name": "CVE-2023-20048", + "description": "A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute certain unauthorized configuration commands on a Firepower Threat Defense (FTD) device that is managed by the FMC Software. This vulnerability is due to insufficient authorization of configuration commands that are sent through the web service interface. An attacker could exploit this vulnerability by authenticating to the FMC web services interface and sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute certain configuration commands on the targeted FTD device. To successfully exploit this vulnerability, an attacker would need valid credentials on the FMC Software.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20048" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0c3c9ee5-282b-4729-979b-ca1190ffb3fa.json b/objects/vulnerability/vulnerability--0c3c9ee5-282b-4729-979b-ca1190ffb3fa.json new file mode 100644 index 00000000000..e87a7246806 --- /dev/null +++ b/objects/vulnerability/vulnerability--0c3c9ee5-282b-4729-979b-ca1190ffb3fa.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--fa53bfa5-cdab-47e2-bcf3-d735c547c90f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0c3c9ee5-282b-4729-979b-ca1190ffb3fa", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.435398Z", + "modified": "2023-11-02T00:16:13.435398Z", + "name": "CVE-2023-40061", + "description": " Insecure\njob execution mechanism vulnerability. This\nvulnerability can lead to other attacks as a result.\n\n\n\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-40061" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0ce2b285-32aa-465b-ba01-f4d6c247b38d.json b/objects/vulnerability/vulnerability--0ce2b285-32aa-465b-ba01-f4d6c247b38d.json new file mode 100644 index 00000000000..bda3a942ad4 --- /dev/null +++ b/objects/vulnerability/vulnerability--0ce2b285-32aa-465b-ba01-f4d6c247b38d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--132f909b-827a-425f-8ea9-df11a9aed6e8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0ce2b285-32aa-465b-ba01-f4d6c247b38d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.099749Z", + "modified": "2023-11-02T00:16:15.099749Z", + "name": "CVE-2023-20063", + "description": "A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by accessing the expert mode of an affected device and submitting specific commands to a connected system. A successful exploit could allow the attacker to execute arbitrary code in the context of an FMC device if the attacker has administrative privileges on an associated FTD device. Alternatively, a successful exploit could allow the attacker to execute arbitrary code in the context of an FTD device if the attacker has administrative privileges on an associated FMC device.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20063" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0d015bb2-a60b-410f-b56b-115a4062966d.json b/objects/vulnerability/vulnerability--0d015bb2-a60b-410f-b56b-115a4062966d.json new file mode 100644 index 00000000000..0e26884c1fc --- /dev/null +++ b/objects/vulnerability/vulnerability--0d015bb2-a60b-410f-b56b-115a4062966d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--02266d49-4c6e-4828-9970-51c856f81fb1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0d015bb2-a60b-410f-b56b-115a4062966d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.854275Z", + "modified": "2023-11-02T00:16:13.854275Z", + "name": "CVE-2023-42638", + "description": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42638" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--10788453-b099-4e6b-bbd7-5fabd8078377.json b/objects/vulnerability/vulnerability--10788453-b099-4e6b-bbd7-5fabd8078377.json new file mode 100644 index 00000000000..f955bd219e0 --- /dev/null +++ b/objects/vulnerability/vulnerability--10788453-b099-4e6b-bbd7-5fabd8078377.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d7661a03-d8ac-4627-a1c5-d55682140925", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--10788453-b099-4e6b-bbd7-5fabd8078377", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.91838Z", + "modified": "2023-11-02T00:16:13.91838Z", + "name": "CVE-2023-42650", + "description": "In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42650" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--126927a2-5d85-4396-843e-1d19b7c0db92.json b/objects/vulnerability/vulnerability--126927a2-5d85-4396-843e-1d19b7c0db92.json new file mode 100644 index 00000000000..dfba51eef68 --- /dev/null +++ b/objects/vulnerability/vulnerability--126927a2-5d85-4396-843e-1d19b7c0db92.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--65e9a9cc-df11-4ab7-bbf9-98d978046ccf", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--126927a2-5d85-4396-843e-1d19b7c0db92", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:22.946618Z", + "modified": "2023-11-02T00:16:22.946618Z", + "name": "CVE-2022-48461", + "description": "In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48461" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--160cf6a2-99ce-418c-b84a-6e7bafc87b33.json b/objects/vulnerability/vulnerability--160cf6a2-99ce-418c-b84a-6e7bafc87b33.json new file mode 100644 index 00000000000..4c409aacf1b --- /dev/null +++ b/objects/vulnerability/vulnerability--160cf6a2-99ce-418c-b84a-6e7bafc87b33.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ba6da8b0-00ad-4c20-93f6-91fb3a5ee8ee", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--160cf6a2-99ce-418c-b84a-6e7bafc87b33", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.403676Z", + "modified": "2023-11-02T00:16:15.403676Z", + "name": "CVE-2023-46448", + "description": "Reflected Cross-Site Scripting (XSS) vulnerability in dmpop Mejiro Commit Versions Prior To 3096393 allows attackers to run arbitrary code via crafted string in metadata of uploaded images.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-46448" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--18ce00c0-1445-40b7-ad68-80ee62a90b00.json b/objects/vulnerability/vulnerability--18ce00c0-1445-40b7-ad68-80ee62a90b00.json new file mode 100644 index 00000000000..0e45ffb6093 --- /dev/null +++ b/objects/vulnerability/vulnerability--18ce00c0-1445-40b7-ad68-80ee62a90b00.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--aec82152-bd59-456e-bb53-c065d845a89d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--18ce00c0-1445-40b7-ad68-80ee62a90b00", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.271627Z", + "modified": "2023-11-02T00:16:15.271627Z", + "name": "CVE-2023-20177", + "description": "A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Software that occurs when the SSL/TLS connection is configured with a URL Category and the Snort 3 detection engine could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability exists because a logic error occurs when a Snort 3 detection engine inspects an SSL/TLS connection that has either a URL Category configured on the SSL file policy or a URL Category configured on an access control policy with TLS server identity discovery enabled. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a crafted SSL/TLS connection through an affected device. A successful exploit could allow the attacker to trigger an unexpected reload of the Snort 3 detection engine, resulting in either a bypass or denial of service (DoS) condition, depending on device configuration. The Snort 3 detection engine will restart automatically. No manual intervention is required.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20177" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1a900fa3-615b-4e26-b0cb-0123d218bd2b.json b/objects/vulnerability/vulnerability--1a900fa3-615b-4e26-b0cb-0123d218bd2b.json new file mode 100644 index 00000000000..bcdaa2b25d9 --- /dev/null +++ b/objects/vulnerability/vulnerability--1a900fa3-615b-4e26-b0cb-0123d218bd2b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--67907147-4770-424d-96ee-06cc31c927b1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1a900fa3-615b-4e26-b0cb-0123d218bd2b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.256871Z", + "modified": "2023-11-02T00:16:15.256871Z", + "name": "CVE-2023-20196", + "description": "Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. These vulnerabilities are due to improper validation of files that are uploaded to the web-based management interface. An attacker could exploit these vulnerabilities by uploading a crafted file to an affected device. A successful exploit could allow the attacker to store malicious files in specific directories on the device. The attacker could later use those files to conduct additional attacks, including executing arbitrary code on the affected device with root privileges.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20196" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1c418be1-18b6-4277-ae16-7d753267bdae.json b/objects/vulnerability/vulnerability--1c418be1-18b6-4277-ae16-7d753267bdae.json new file mode 100644 index 00000000000..0283e25996e --- /dev/null +++ b/objects/vulnerability/vulnerability--1c418be1-18b6-4277-ae16-7d753267bdae.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--21d0a7f6-7fa4-4b95-a528-ec714ed43a3f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1c418be1-18b6-4277-ae16-7d753267bdae", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.26729Z", + "modified": "2023-11-02T00:16:13.26729Z", + "name": "CVE-2023-2622", + "description": "\nAuthenticated clients can read arbitrary files on the MAIN Computer\nsystem using the remote procedure call (RPC) of the InspectSetup\nservice endpoint. The low privilege client is then allowed to read arbitrary files that they do not have authorization to read.\n\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-2622" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1fb6aa6b-4ded-4623-85c2-120e1e562c23.json b/objects/vulnerability/vulnerability--1fb6aa6b-4ded-4623-85c2-120e1e562c23.json new file mode 100644 index 00000000000..45eb89cb44e --- /dev/null +++ b/objects/vulnerability/vulnerability--1fb6aa6b-4ded-4623-85c2-120e1e562c23.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ae0cfb4f-100a-464e-9a5d-2cd52e9d7f8c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1fb6aa6b-4ded-4623-85c2-120e1e562c23", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.236754Z", + "modified": "2023-11-02T00:16:12.236754Z", + "name": "CVE-2023-5898", + "description": "Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5898" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--20717961-a186-4e21-bb04-8e388a5ab93a.json b/objects/vulnerability/vulnerability--20717961-a186-4e21-bb04-8e388a5ab93a.json new file mode 100644 index 00000000000..32fc7d4c256 --- /dev/null +++ b/objects/vulnerability/vulnerability--20717961-a186-4e21-bb04-8e388a5ab93a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c5efbd15-0b8a-49c0-8168-3d89cdca023d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--20717961-a186-4e21-bb04-8e388a5ab93a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.190887Z", + "modified": "2023-11-02T00:16:15.190887Z", + "name": "CVE-2023-20042", + "description": "A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an implementation error within the SSL/TLS session handling process that can prevent the release of a session handler under specific conditions. An attacker could exploit this vulnerability by sending crafted SSL/TLS traffic to an affected device, increasing the probability of session handler leaks. A successful exploit could allow the attacker to eventually deplete the available session handler pool, preventing new sessions from being established and causing a DoS condition.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20042" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--222db72d-d58a-4f6f-bed4-ea3e814ab7d2.json b/objects/vulnerability/vulnerability--222db72d-d58a-4f6f-bed4-ea3e814ab7d2.json new file mode 100644 index 00000000000..1f954d41418 --- /dev/null +++ b/objects/vulnerability/vulnerability--222db72d-d58a-4f6f-bed4-ea3e814ab7d2.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--319dcdd9-e6ac-4c86-93ec-08696665cfd0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--222db72d-d58a-4f6f-bed4-ea3e814ab7d2", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.608797Z", + "modified": "2023-11-02T00:16:13.608797Z", + "name": "CVE-2023-3972", + "description": "A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local user or attacker could create the /var/tmp/insights-client directory (owning the directory with read, write, and execute permissions) on the system. After the insights-client is registered by root, an attacker could then control the directory content that insights are using by putting malicious scripts into it and executing arbitrary code as root (trivially bypassing SELinux protections because insights processes are allowed to disable SELinux system-wide).", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-3972" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--23b8e907-b41b-4bac-af44-39f69a2e6853.json b/objects/vulnerability/vulnerability--23b8e907-b41b-4bac-af44-39f69a2e6853.json new file mode 100644 index 00000000000..23f6d9208a5 --- /dev/null +++ b/objects/vulnerability/vulnerability--23b8e907-b41b-4bac-af44-39f69a2e6853.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8c8723ea-853d-4c17-b4ee-750f1f61d337", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--23b8e907-b41b-4bac-af44-39f69a2e6853", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.250009Z", + "modified": "2023-11-02T00:16:12.250009Z", + "name": "CVE-2023-5766", + "description": "\n\nA remote code execution vulnerability in Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to remotely execute code from another windows user session on the same host via a specially crafted TCP packet.\n\n\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5766" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--250cd267-2b65-4503-ac6a-bf7bad68cdb4.json b/objects/vulnerability/vulnerability--250cd267-2b65-4503-ac6a-bf7bad68cdb4.json new file mode 100644 index 00000000000..290f88b03f0 --- /dev/null +++ b/objects/vulnerability/vulnerability--250cd267-2b65-4503-ac6a-bf7bad68cdb4.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7bbe9c2e-c2e0-4ead-8a14-454f3c80c395", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--250cd267-2b65-4503-ac6a-bf7bad68cdb4", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.129097Z", + "modified": "2023-11-02T00:16:12.129097Z", + "name": "CVE-2023-5625", + "description": "A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5625" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2af2d652-896a-4e5c-a588-93dde32faa78.json b/objects/vulnerability/vulnerability--2af2d652-896a-4e5c-a588-93dde32faa78.json new file mode 100644 index 00000000000..6090d023fee --- /dev/null +++ b/objects/vulnerability/vulnerability--2af2d652-896a-4e5c-a588-93dde32faa78.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ec879fe4-d1d0-48b4-8e1f-0aeece6b9407", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2af2d652-896a-4e5c-a588-93dde32faa78", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.173412Z", + "modified": "2023-11-02T00:16:12.173412Z", + "name": "CVE-2023-5856", + "description": "Use after free in Side Panel in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5856" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2e6f37e9-e8f8-43ba-a4e0-0e4810c56dee.json b/objects/vulnerability/vulnerability--2e6f37e9-e8f8-43ba-a4e0-0e4810c56dee.json new file mode 100644 index 00000000000..5d8a6dd664e --- /dev/null +++ b/objects/vulnerability/vulnerability--2e6f37e9-e8f8-43ba-a4e0-0e4810c56dee.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3a1adb1b-ff4b-48be-8a09-da850a2c728c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2e6f37e9-e8f8-43ba-a4e0-0e4810c56dee", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:14.769537Z", + "modified": "2023-11-02T00:16:14.769537Z", + "name": "CVE-2023-45201", + "description": "Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the admin.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL.\n\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-45201" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--319a05ac-5e11-4d53-a6a3-855dfb2b659c.json b/objects/vulnerability/vulnerability--319a05ac-5e11-4d53-a6a3-855dfb2b659c.json new file mode 100644 index 00000000000..95b0ad9da61 --- /dev/null +++ b/objects/vulnerability/vulnerability--319a05ac-5e11-4d53-a6a3-855dfb2b659c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a002f1e0-ce97-4da6-888b-25d1998242d2", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--319a05ac-5e11-4d53-a6a3-855dfb2b659c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.124468Z", + "modified": "2023-11-02T00:16:15.124468Z", + "name": "CVE-2023-20086", + "description": "A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper processing of ICMPv6 messages. An attacker could exploit this vulnerability by sending crafted ICMPv6 messages to a targeted Cisco ASA or FTD system with IPv6 enabled. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20086" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--31a06623-36f5-454c-927c-a91e8153de5b.json b/objects/vulnerability/vulnerability--31a06623-36f5-454c-927c-a91e8153de5b.json new file mode 100644 index 00000000000..cd2c52dd138 --- /dev/null +++ b/objects/vulnerability/vulnerability--31a06623-36f5-454c-927c-a91e8153de5b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4aac6c07-b582-4c9b-a2fa-b77281d2deee", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--31a06623-36f5-454c-927c-a91e8153de5b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.263893Z", + "modified": "2023-11-02T00:16:15.263893Z", + "name": "CVE-2023-20170", + "description": "A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20170" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--33dd99ba-1913-479c-8349-8d3d81065952.json b/objects/vulnerability/vulnerability--33dd99ba-1913-479c-8349-8d3d81065952.json new file mode 100644 index 00000000000..9c917db3e1a --- /dev/null +++ b/objects/vulnerability/vulnerability--33dd99ba-1913-479c-8349-8d3d81065952.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--15961d88-1434-43fc-9ff8-1f898727edf2", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--33dd99ba-1913-479c-8349-8d3d81065952", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:14.724653Z", + "modified": "2023-11-02T00:16:14.724653Z", + "name": "CVE-2023-1718", + "description": "\nImproper file stream access in /desktop_app/file.ajax.php?action=uploadfile in Bitrix24 22.0.300 allows unauthenticated remote attackers to cause denial-of-service via a crafted \"tmp_url\".\n\n\n\n\n\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-1718" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--34249774-95c3-441e-9e57-7107689f7668.json b/objects/vulnerability/vulnerability--34249774-95c3-441e-9e57-7107689f7668.json new file mode 100644 index 00000000000..a17b80acf03 --- /dev/null +++ b/objects/vulnerability/vulnerability--34249774-95c3-441e-9e57-7107689f7668.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b168f6ef-eb09-4b6b-90ce-2e47aed74873", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--34249774-95c3-441e-9e57-7107689f7668", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.967857Z", + "modified": "2023-11-02T00:16:13.967857Z", + "name": "CVE-2023-42645", + "description": "In sim service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42645" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--35841a25-2c58-4bc1-9827-d24134d5c2d4.json b/objects/vulnerability/vulnerability--35841a25-2c58-4bc1-9827-d24134d5c2d4.json new file mode 100644 index 00000000000..b9e2a1a732e --- /dev/null +++ b/objects/vulnerability/vulnerability--35841a25-2c58-4bc1-9827-d24134d5c2d4.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0ce90866-510e-4cfc-b79d-d9be7b2a4afc", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--35841a25-2c58-4bc1-9827-d24134d5c2d4", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:22.977998Z", + "modified": "2023-11-02T00:16:22.977998Z", + "name": "CVE-2022-48454", + "description": "In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48454" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--35ccb9fb-0109-45ab-bcda-4cfbb61e5b48.json b/objects/vulnerability/vulnerability--35ccb9fb-0109-45ab-bcda-4cfbb61e5b48.json new file mode 100644 index 00000000000..2cf5ec3db62 --- /dev/null +++ b/objects/vulnerability/vulnerability--35ccb9fb-0109-45ab-bcda-4cfbb61e5b48.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--482f5b42-a4f8-4e1f-b22f-99c738293ae4", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--35ccb9fb-0109-45ab-bcda-4cfbb61e5b48", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:14.274854Z", + "modified": "2023-11-02T00:16:14.274854Z", + "name": "CVE-2023-44025", + "description": "SQL injection vulnerability in addify Addifyfreegifts v.1.0.2 and before allows a remote attacker to execute arbitrary code via a crafted script to the getrulebyid function in the AddifyfreegiftsModel.php component.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-44025" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--36372f47-4d0e-4114-94ce-bc6bccfaffe0.json b/objects/vulnerability/vulnerability--36372f47-4d0e-4114-94ce-bc6bccfaffe0.json new file mode 100644 index 00000000000..0c3149def3e --- /dev/null +++ b/objects/vulnerability/vulnerability--36372f47-4d0e-4114-94ce-bc6bccfaffe0.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--14005e66-115b-4f00-b731-9924a41a33fe", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--36372f47-4d0e-4114-94ce-bc6bccfaffe0", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.217323Z", + "modified": "2023-11-02T00:16:12.217323Z", + "name": "CVE-2023-5516", + "description": "\nPoorly constructed webap requests and URI components with special characters trigger unhandled errors and exceptions, disclosing\ninformation about the underlying technology and other sensitive information details. The website unintentionally reveals sensitive information including technical details like version Info, endpoints,\nbackend server, Internal IP. etc., which can potentially expose additional attack surface containing other interesting vulnerabilities. \n\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5516" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3b80faf2-47c7-4698-9bcd-c885e51c0927.json b/objects/vulnerability/vulnerability--3b80faf2-47c7-4698-9bcd-c885e51c0927.json new file mode 100644 index 00000000000..26bc045a09d --- /dev/null +++ b/objects/vulnerability/vulnerability--3b80faf2-47c7-4698-9bcd-c885e51c0927.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e851aa9c-8373-414d-af2c-c2887f53446c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3b80faf2-47c7-4698-9bcd-c885e51c0927", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.431188Z", + "modified": "2023-11-02T00:16:15.431188Z", + "name": "CVE-2023-46911", + "description": "There is a Cross Site Scripting (XSS) vulnerability in the choose_style_tree.do interface of Jspxcms v10.2.0 backend.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-46911" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3caa1552-c561-4d41-b33e-b04f833cb62b.json b/objects/vulnerability/vulnerability--3caa1552-c561-4d41-b33e-b04f833cb62b.json new file mode 100644 index 00000000000..f65c5deca46 --- /dev/null +++ b/objects/vulnerability/vulnerability--3caa1552-c561-4d41-b33e-b04f833cb62b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--10e4cd79-ef8e-4a2d-a45d-e50398978db3", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3caa1552-c561-4d41-b33e-b04f833cb62b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:22.949596Z", + "modified": "2023-11-02T00:16:22.949596Z", + "name": "CVE-2022-48457", + "description": "In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48457" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3d15e17e-a044-48e8-bd9d-fcf01e6eb7e6.json b/objects/vulnerability/vulnerability--3d15e17e-a044-48e8-bd9d-fcf01e6eb7e6.json new file mode 100644 index 00000000000..70468cb30cf --- /dev/null +++ b/objects/vulnerability/vulnerability--3d15e17e-a044-48e8-bd9d-fcf01e6eb7e6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--fa563341-e3a8-47d1-935f-a6901da94e34", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3d15e17e-a044-48e8-bd9d-fcf01e6eb7e6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.958931Z", + "modified": "2023-11-02T00:16:13.958931Z", + "name": "CVE-2023-42653", + "description": "In faceid service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42653" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3dbb39a1-e1a8-489a-a39d-e473d9a5359b.json b/objects/vulnerability/vulnerability--3dbb39a1-e1a8-489a-a39d-e473d9a5359b.json new file mode 100644 index 00000000000..ebe68aa6ef2 --- /dev/null +++ b/objects/vulnerability/vulnerability--3dbb39a1-e1a8-489a-a39d-e473d9a5359b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--982fe92b-7a32-4406-8558-212d467b75f0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3dbb39a1-e1a8-489a-a39d-e473d9a5359b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.856248Z", + "modified": "2023-11-02T00:16:13.856248Z", + "name": "CVE-2023-42633", + "description": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42633" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3efd20bb-d35c-4587-915d-576a95a248a4.json b/objects/vulnerability/vulnerability--3efd20bb-d35c-4587-915d-576a95a248a4.json new file mode 100644 index 00000000000..b926d59baeb --- /dev/null +++ b/objects/vulnerability/vulnerability--3efd20bb-d35c-4587-915d-576a95a248a4.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7b7433ac-ac9c-4d7a-a84a-f0790fa282bd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3efd20bb-d35c-4587-915d-576a95a248a4", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.961502Z", + "modified": "2023-11-02T00:16:13.961502Z", + "name": "CVE-2023-42654", + "description": "In dm service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42654" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--40d796c6-1674-4e12-b896-0187e21ade1b.json b/objects/vulnerability/vulnerability--40d796c6-1674-4e12-b896-0187e21ade1b.json new file mode 100644 index 00000000000..2258fe707ce --- /dev/null +++ b/objects/vulnerability/vulnerability--40d796c6-1674-4e12-b896-0187e21ade1b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--551bf2cd-f66d-4434-8272-08cf90860a7a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--40d796c6-1674-4e12-b896-0187e21ade1b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.307836Z", + "modified": "2023-11-02T00:16:12.307836Z", + "name": "CVE-2023-33227", + "description": "The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability This vulnerability allows a low level user to perform the actions with SYSTEM privileges. ", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-33227" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--41fac59b-97f6-4326-8598-6e57b5d145ff.json b/objects/vulnerability/vulnerability--41fac59b-97f6-4326-8598-6e57b5d145ff.json new file mode 100644 index 00000000000..a2a7c4f3332 --- /dev/null +++ b/objects/vulnerability/vulnerability--41fac59b-97f6-4326-8598-6e57b5d145ff.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--428f2d9f-06bf-4db3-a7ed-17028c364f97", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--41fac59b-97f6-4326-8598-6e57b5d145ff", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.940161Z", + "modified": "2023-11-02T00:16:13.940161Z", + "name": "CVE-2023-42644", + "description": "In dm service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42644" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--447ad6cd-77ed-4cda-852c-e0e5b77e2a9c.json b/objects/vulnerability/vulnerability--447ad6cd-77ed-4cda-852c-e0e5b77e2a9c.json new file mode 100644 index 00000000000..5339fbe0a0f --- /dev/null +++ b/objects/vulnerability/vulnerability--447ad6cd-77ed-4cda-852c-e0e5b77e2a9c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5d12b33f-ed9c-45c3-be44-1dec253c706d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--447ad6cd-77ed-4cda-852c-e0e5b77e2a9c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:14.610825Z", + "modified": "2023-11-02T00:16:14.610825Z", + "name": "CVE-2023-1715", + "description": "\nA logic error when using mb_strpos() to check for potential XSS payload in Bitrix24 22.0.300 allows attackers to bypass XSS sanitisation via placing HTML tags at the begining of the payload.\n\n\n\n\n\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-1715" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--45ce3d7f-27f3-44fe-a22a-30f6fe974712.json b/objects/vulnerability/vulnerability--45ce3d7f-27f3-44fe-a22a-30f6fe974712.json new file mode 100644 index 00000000000..4808fa33424 --- /dev/null +++ b/objects/vulnerability/vulnerability--45ce3d7f-27f3-44fe-a22a-30f6fe974712.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3341a842-2a67-4a94-adec-1b94f6270c46", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--45ce3d7f-27f3-44fe-a22a-30f6fe974712", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.176936Z", + "modified": "2023-11-02T00:16:15.176936Z", + "name": "CVE-2023-20114", + "description": "A vulnerability in the file download feature of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to download arbitrary files from an affected system. This vulnerability is due to a lack of input sanitation. An attacker could exploit this vulnerability by sending a crafted HTTPS request. A successful exploit could allow the attacker to download arbitrary files from the affected system.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20114" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--45dedc80-db72-43f7-873a-6293778d78a4.json b/objects/vulnerability/vulnerability--45dedc80-db72-43f7-873a-6293778d78a4.json new file mode 100644 index 00000000000..d592589c2e4 --- /dev/null +++ b/objects/vulnerability/vulnerability--45dedc80-db72-43f7-873a-6293778d78a4.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9a0c7099-4845-48e0-8373-85523a5dd5bc", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--45dedc80-db72-43f7-873a-6293778d78a4", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.156272Z", + "modified": "2023-11-02T00:16:15.156272Z", + "name": "CVE-2023-20219", + "description": "Multiple vulnerabilities in the web management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. The attacker would need valid device credentials but does not require administrator privileges to exploit this vulnerability. These vulnerabilities are due to insufficient validation of user-supplied input for certain configuration options. An attacker could exploit these vulnerabilities by using crafted input within the device configuration GUI. A successful exploit could allow the attacker to execute arbitrary commands on the device including the underlying operating system which could also affect the availability of the device.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20219" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--461405ec-1844-4167-b95c-4a44bd85a164.json b/objects/vulnerability/vulnerability--461405ec-1844-4167-b95c-4a44bd85a164.json new file mode 100644 index 00000000000..b380cd3b337 --- /dev/null +++ b/objects/vulnerability/vulnerability--461405ec-1844-4167-b95c-4a44bd85a164.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4fb5b6bd-4f68-4dd1-baca-9ccdc4b6bb03", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--461405ec-1844-4167-b95c-4a44bd85a164", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.151407Z", + "modified": "2023-11-02T00:16:15.151407Z", + "name": "CVE-2023-20206", + "description": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information. In some cases, it is also possible to cause a temporary availability impact to portions of the FMC Dashboard.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20206" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--47fb6d7e-53ae-45f9-9534-315964af7e38.json b/objects/vulnerability/vulnerability--47fb6d7e-53ae-45f9-9534-315964af7e38.json new file mode 100644 index 00000000000..9e603df518e --- /dev/null +++ b/objects/vulnerability/vulnerability--47fb6d7e-53ae-45f9-9534-315964af7e38.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f113dd62-3966-401f-ab9c-04a1d91b171c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--47fb6d7e-53ae-45f9-9534-315964af7e38", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:14.714872Z", + "modified": "2023-11-02T00:16:14.714872Z", + "name": "CVE-2023-1717", + "description": "\nPrototype pollution in bitrix/templates/bitrix24/components/bitrix/menu/left_vertical/script.js in Bitrix24 22.0.300 allows remote attackers to execute arbitrary JavaScript code in the victim’s browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege, via polluting `__proto__[tag]` and `__proto__[text]`.\n\n\n\n\n\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-1717" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--497014be-cd75-4bb3-84a6-149c2426d517.json b/objects/vulnerability/vulnerability--497014be-cd75-4bb3-84a6-149c2426d517.json new file mode 100644 index 00000000000..8535e71edbf --- /dev/null +++ b/objects/vulnerability/vulnerability--497014be-cd75-4bb3-84a6-149c2426d517.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2ed9570f-6112-47cf-96fd-5a53cc1b2f04", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--497014be-cd75-4bb3-84a6-149c2426d517", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.875784Z", + "modified": "2023-11-02T00:16:13.875784Z", + "name": "CVE-2023-42648", + "description": "In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42648" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--49f51de0-65a0-49dc-96fd-8ced911ad1e5.json b/objects/vulnerability/vulnerability--49f51de0-65a0-49dc-96fd-8ced911ad1e5.json new file mode 100644 index 00000000000..37bd7eb2660 --- /dev/null +++ b/objects/vulnerability/vulnerability--49f51de0-65a0-49dc-96fd-8ced911ad1e5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--37a40a42-b55f-4d85-9636-2c3cc1af0967", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--49f51de0-65a0-49dc-96fd-8ced911ad1e5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.393275Z", + "modified": "2023-11-02T00:16:15.393275Z", + "name": "CVE-2023-46930", + "description": "GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gf_isom_find_od_id_for_track /afltest/gpac/src/isomedia/media_odf.c:522:14.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-46930" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4d78540a-2a23-4b94-a595-9876ee85a748.json b/objects/vulnerability/vulnerability--4d78540a-2a23-4b94-a595-9876ee85a748.json new file mode 100644 index 00000000000..25ee94a8ea4 --- /dev/null +++ b/objects/vulnerability/vulnerability--4d78540a-2a23-4b94-a595-9876ee85a748.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--38b424a5-33e5-4b65-a652-6f6fefcce2cf", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4d78540a-2a23-4b94-a595-9876ee85a748", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.198956Z", + "modified": "2023-11-02T00:16:12.198956Z", + "name": "CVE-2023-5859", + "description": "Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. (Chromium security severity: Low)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5859" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4e2d48a0-3461-420b-9941-1c92f1fd4b97.json b/objects/vulnerability/vulnerability--4e2d48a0-3461-420b-9941-1c92f1fd4b97.json new file mode 100644 index 00000000000..0d768057840 --- /dev/null +++ b/objects/vulnerability/vulnerability--4e2d48a0-3461-420b-9941-1c92f1fd4b97.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--60d5d94c-8198-47f3-b237-5c1875a9f62c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4e2d48a0-3461-420b-9941-1c92f1fd4b97", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.408707Z", + "modified": "2023-11-02T00:16:15.408707Z", + "name": "CVE-2023-46724", + "description": " Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squid Proxy by initiating a TLS Handshake with a specially crafted SSL Certificate in a server certificate chain. This attack is limited to HTTPS and SSL-Bump. This bug is fixed in Squid version 6.4. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. Those who you use a prepackaged version of Squid should refer to the package vendor for availability information on updated packages.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-46724" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4ea1c3b9-9a06-4107-ab42-cd93718b71c0.json b/objects/vulnerability/vulnerability--4ea1c3b9-9a06-4107-ab42-cd93718b71c0.json new file mode 100644 index 00000000000..5610f7fe71c --- /dev/null +++ b/objects/vulnerability/vulnerability--4ea1c3b9-9a06-4107-ab42-cd93718b71c0.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ced47a6e-51df-4f28-8bf5-b353fffe72d9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4ea1c3b9-9a06-4107-ab42-cd93718b71c0", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.63938Z", + "modified": "2023-11-02T00:16:13.63938Z", + "name": "CVE-2023-3397", + "description": "A race condition occurred between the functions lmLogClose and txEnd in JFS, in the Linux Kernel, executed in different threads. This flaw allows a local attacker with normal user privileges to crash the system or leak internal kernel information.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-3397" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4edc63f2-8894-40c4-bda1-9937167fa70f.json b/objects/vulnerability/vulnerability--4edc63f2-8894-40c4-bda1-9937167fa70f.json new file mode 100644 index 00000000000..18e53a3ddd2 --- /dev/null +++ b/objects/vulnerability/vulnerability--4edc63f2-8894-40c4-bda1-9937167fa70f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--98f1e779-b7df-49d8-8c25-fad50da757e4", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4edc63f2-8894-40c4-bda1-9937167fa70f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.139916Z", + "modified": "2023-11-02T00:16:12.139916Z", + "name": "CVE-2023-5849", + "description": "Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5849" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4fcf5e9f-c0a3-48d1-bd9d-bf6cc287d3c3.json b/objects/vulnerability/vulnerability--4fcf5e9f-c0a3-48d1-bd9d-bf6cc287d3c3.json new file mode 100644 index 00000000000..0e14f4c2666 --- /dev/null +++ b/objects/vulnerability/vulnerability--4fcf5e9f-c0a3-48d1-bd9d-bf6cc287d3c3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8a52b1a4-8336-4ea0-a8ec-1ae05ad0aaca", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4fcf5e9f-c0a3-48d1-bd9d-bf6cc287d3c3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:14.054747Z", + "modified": "2023-11-02T00:16:14.054747Z", + "name": "CVE-2023-4197", + "description": "Improper input validation in Dolibarr ERP CRM <= v18.0.1 fails to strip certain PHP code from user-supplied input when creating a Website, allowing an attacker to inject and evaluate arbitrary PHP code.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4197" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--55815046-82ea-498b-a67d-2d2d19c3a4d8.json b/objects/vulnerability/vulnerability--55815046-82ea-498b-a67d-2d2d19c3a4d8.json new file mode 100644 index 00000000000..bc900114bdf --- /dev/null +++ b/objects/vulnerability/vulnerability--55815046-82ea-498b-a67d-2d2d19c3a4d8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--dd923963-4206-4f1d-9a5f-899fe7d24a08", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--55815046-82ea-498b-a67d-2d2d19c3a4d8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.952608Z", + "modified": "2023-11-02T00:16:13.952608Z", + "name": "CVE-2023-42655", + "description": "In sim service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42655" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--563c983d-8a4d-4314-9a3e-1764bd40f65b.json b/objects/vulnerability/vulnerability--563c983d-8a4d-4314-9a3e-1764bd40f65b.json new file mode 100644 index 00000000000..1e06bcee353 --- /dev/null +++ b/objects/vulnerability/vulnerability--563c983d-8a4d-4314-9a3e-1764bd40f65b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--210720f8-448f-4997-8e48-dc3c18b0e5fc", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--563c983d-8a4d-4314-9a3e-1764bd40f65b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.268907Z", + "modified": "2023-11-02T00:16:15.268907Z", + "name": "CVE-2023-20267", + "description": "A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability by spoofing an IP address until they bypass the restriction. A successful exploit could allow the attacker to bypass location-based IP address restrictions.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20267" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--58287485-938d-46b0-8c35-62555a49e806.json b/objects/vulnerability/vulnerability--58287485-938d-46b0-8c35-62555a49e806.json new file mode 100644 index 00000000000..ffdc828da6a --- /dev/null +++ b/objects/vulnerability/vulnerability--58287485-938d-46b0-8c35-62555a49e806.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4a2e1f84-478e-4446-b8fe-ab81f213bb11", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--58287485-938d-46b0-8c35-62555a49e806", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.17122Z", + "modified": "2023-11-02T00:16:12.17122Z", + "name": "CVE-2023-5892", + "description": "Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5892" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5b50ee9a-0f78-48da-8a6d-12341ca138a4.json b/objects/vulnerability/vulnerability--5b50ee9a-0f78-48da-8a6d-12341ca138a4.json new file mode 100644 index 00000000000..2ca401e0db3 --- /dev/null +++ b/objects/vulnerability/vulnerability--5b50ee9a-0f78-48da-8a6d-12341ca138a4.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--684881eb-16b3-4659-bba4-74d39c5d6fdb", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5b50ee9a-0f78-48da-8a6d-12341ca138a4", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.197335Z", + "modified": "2023-11-02T00:16:12.197335Z", + "name": "CVE-2023-5480", + "description": "Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to bypass XSS preventions via a malicious file. (Chromium security severity: High)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5480" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5e637879-6cfa-4c2d-8b33-4587f4d48109.json b/objects/vulnerability/vulnerability--5e637879-6cfa-4c2d-8b33-4587f4d48109.json new file mode 100644 index 00000000000..3b4d1d2ca13 --- /dev/null +++ b/objects/vulnerability/vulnerability--5e637879-6cfa-4c2d-8b33-4587f4d48109.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--053d51b6-015b-4f4d-a4a5-9adcb9e8a3cc", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5e637879-6cfa-4c2d-8b33-4587f4d48109", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.230248Z", + "modified": "2023-11-02T00:16:15.230248Z", + "name": "CVE-2023-20270", + "description": "A vulnerability in the interaction between the Server Message Block (SMB) protocol preprocessor and the Snort 3 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error-checking when the Snort 3 detection engine is processing SMB traffic. An attacker could exploit this vulnerability by sending a crafted SMB packet stream through an affected device. A successful exploit could allow the attacker to cause the Snort process to reload, resulting in a DoS condition.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20270" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5f43121c-2fcf-474c-82b4-9adc17545c83.json b/objects/vulnerability/vulnerability--5f43121c-2fcf-474c-82b4-9adc17545c83.json new file mode 100644 index 00000000000..8a45974f3d3 --- /dev/null +++ b/objects/vulnerability/vulnerability--5f43121c-2fcf-474c-82b4-9adc17545c83.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c8dcbd6a-8bbc-4e7e-867c-eddedc9597e4", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5f43121c-2fcf-474c-82b4-9adc17545c83", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.186545Z", + "modified": "2023-11-02T00:16:12.186545Z", + "name": "CVE-2023-5897", + "description": "Cross-Site Request Forgery (CSRF) in GitHub repository pkp/customLocale prior to 1.2.0-1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5897" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--6420787f-06ba-4745-bea8-c9ee6323343a.json b/objects/vulnerability/vulnerability--6420787f-06ba-4745-bea8-c9ee6323343a.json new file mode 100644 index 00000000000..211a3c5375d --- /dev/null +++ b/objects/vulnerability/vulnerability--6420787f-06ba-4745-bea8-c9ee6323343a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ac7261ee-a511-403a-8c9a-76d2ed0453c4", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--6420787f-06ba-4745-bea8-c9ee6323343a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:22.960415Z", + "modified": "2023-11-02T00:16:22.960415Z", + "name": "CVE-2022-48456", + "description": "In camera driver, there is a possible out of bounds write due to a incorrect bounds check. This could lead to local denial of service with System execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48456" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--64418e6b-3dd6-403f-9aa6-c559cf5e034d.json b/objects/vulnerability/vulnerability--64418e6b-3dd6-403f-9aa6-c559cf5e034d.json new file mode 100644 index 00000000000..6c21edcfe76 --- /dev/null +++ b/objects/vulnerability/vulnerability--64418e6b-3dd6-403f-9aa6-c559cf5e034d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--408997a9-09ff-481c-84b2-463d01be4ef4", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--64418e6b-3dd6-403f-9aa6-c559cf5e034d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.88175Z", + "modified": "2023-11-02T00:16:13.88175Z", + "name": "CVE-2023-42637", + "description": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42637" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--67943537-c12f-4e92-99a3-7f6bf0edef54.json b/objects/vulnerability/vulnerability--67943537-c12f-4e92-99a3-7f6bf0edef54.json new file mode 100644 index 00000000000..8c217a9dd83 --- /dev/null +++ b/objects/vulnerability/vulnerability--67943537-c12f-4e92-99a3-7f6bf0edef54.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9632a7a0-813e-48e5-869e-97b661a0afac", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--67943537-c12f-4e92-99a3-7f6bf0edef54", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.725431Z", + "modified": "2023-11-02T00:16:13.725431Z", + "name": "CVE-2023-39281", + "description": "A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-39281" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--69bf5f10-f2da-4af0-acc8-e1ac3d2b0a70.json b/objects/vulnerability/vulnerability--69bf5f10-f2da-4af0-acc8-e1ac3d2b0a70.json new file mode 100644 index 00000000000..1c25944322f --- /dev/null +++ b/objects/vulnerability/vulnerability--69bf5f10-f2da-4af0-acc8-e1ac3d2b0a70.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8c64e3fc-9b15-42ca-b86e-f2d72a8ed1f2", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--69bf5f10-f2da-4af0-acc8-e1ac3d2b0a70", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:14.690072Z", + "modified": "2023-11-02T00:16:14.690072Z", + "name": "CVE-2023-1193", + "description": "A use-after-free flaw was found in setup_async_work in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. This issue could allow an attacker to crash the system by accessing freed work.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-1193" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--6bccd2a0-bdbd-4d1b-b2ac-8865c3dca617.json b/objects/vulnerability/vulnerability--6bccd2a0-bdbd-4d1b-b2ac-8865c3dca617.json new file mode 100644 index 00000000000..042c8de63f8 --- /dev/null +++ b/objects/vulnerability/vulnerability--6bccd2a0-bdbd-4d1b-b2ac-8865c3dca617.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--78ce26b3-1de7-4868-a1b9-d88188baef02", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--6bccd2a0-bdbd-4d1b-b2ac-8865c3dca617", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.206651Z", + "modified": "2023-11-02T00:16:12.206651Z", + "name": "CVE-2023-5514", + "description": "\nThe response messages received from the eSOMS report generation using certain parameter queries with full file path can be\nabused for enumerating the local file system structure.\n\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5514" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--6c3b5444-4610-42ce-acdb-be57a23555e5.json b/objects/vulnerability/vulnerability--6c3b5444-4610-42ce-acdb-be57a23555e5.json new file mode 100644 index 00000000000..2e00e12f56f --- /dev/null +++ b/objects/vulnerability/vulnerability--6c3b5444-4610-42ce-acdb-be57a23555e5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--92443306-313c-4f63-a270-b26debe9661c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--6c3b5444-4610-42ce-acdb-be57a23555e5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.175089Z", + "modified": "2023-11-02T00:16:12.175089Z", + "name": "CVE-2023-5889", + "description": "Insufficient Session Expiration in GitHub repository pkp/pkp-lib prior to 3.3.0-16.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5889" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--6d56677c-bb40-4e2e-8dc3-4fc8a72651da.json b/objects/vulnerability/vulnerability--6d56677c-bb40-4e2e-8dc3-4fc8a72651da.json new file mode 100644 index 00000000000..677a331b65e --- /dev/null +++ b/objects/vulnerability/vulnerability--6d56677c-bb40-4e2e-8dc3-4fc8a72651da.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2152d6d8-10a7-4659-ba2d-8d986038e5c2", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--6d56677c-bb40-4e2e-8dc3-4fc8a72651da", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:22.981676Z", + "modified": "2023-11-02T00:16:22.981676Z", + "name": "CVE-2022-48460", + "description": "In setting service, there is a possible undefined behavior due to incorrect error handling. This could lead to local denial of service with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48460" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--72d0db08-b359-4d82-9f0c-fa4aa855b74e.json b/objects/vulnerability/vulnerability--72d0db08-b359-4d82-9f0c-fa4aa855b74e.json new file mode 100644 index 00000000000..a3b9fcd905c --- /dev/null +++ b/objects/vulnerability/vulnerability--72d0db08-b359-4d82-9f0c-fa4aa855b74e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d1ca7494-a49e-44d7-8ae5-b4e440efe20e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--72d0db08-b359-4d82-9f0c-fa4aa855b74e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.861098Z", + "modified": "2023-11-02T00:16:13.861098Z", + "name": "CVE-2023-42640", + "description": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42640" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--72f539ea-383b-4a99-81c4-9d45c51d337c.json b/objects/vulnerability/vulnerability--72f539ea-383b-4a99-81c4-9d45c51d337c.json new file mode 100644 index 00000000000..6b5aff53db8 --- /dev/null +++ b/objects/vulnerability/vulnerability--72f539ea-383b-4a99-81c4-9d45c51d337c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b379103a-dbfe-4684-a14e-0913b4bd6848", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--72f539ea-383b-4a99-81c4-9d45c51d337c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.272276Z", + "modified": "2023-11-02T00:16:12.272276Z", + "name": "CVE-2023-33228", + "description": "The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to obtain sensitive information.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-33228" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--741362b7-d5e0-41b5-bfd1-cd89ce1a3c38.json b/objects/vulnerability/vulnerability--741362b7-d5e0-41b5-bfd1-cd89ce1a3c38.json new file mode 100644 index 00000000000..c4152e500c6 --- /dev/null +++ b/objects/vulnerability/vulnerability--741362b7-d5e0-41b5-bfd1-cd89ce1a3c38.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ad8a23ab-461b-4ce6-af73-4a01b90e9958", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--741362b7-d5e0-41b5-bfd1-cd89ce1a3c38", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.244031Z", + "modified": "2023-11-02T00:16:12.244031Z", + "name": "CVE-2023-5857", + "description": "Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially execute arbitrary code via a malicious file. (Chromium security severity: Medium)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5857" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--74fbabbe-b055-4b01-bb4d-ce44f4c37bab.json b/objects/vulnerability/vulnerability--74fbabbe-b055-4b01-bb4d-ce44f4c37bab.json new file mode 100644 index 00000000000..7966cc33a30 --- /dev/null +++ b/objects/vulnerability/vulnerability--74fbabbe-b055-4b01-bb4d-ce44f4c37bab.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e5a040b2-e050-4695-ab00-6309cbbd63ac", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--74fbabbe-b055-4b01-bb4d-ce44f4c37bab", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.22077Z", + "modified": "2023-11-02T00:16:15.22077Z", + "name": "CVE-2023-20083", + "description": "A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the CPU of an affected device to spike to 100 percent, which could stop all traffic processing and result in a denial of service (DoS) condition. FTD management traffic is not affected by this vulnerability. This vulnerability is due to improper error checking when parsing fields within the ICMPv6 header. An attacker could exploit this vulnerability by sending a crafted ICMPv6 packet through an affected device. A successful exploit could allow the attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS condition. Note: To recover from the DoS condition, the Snort 2 Detection Engine or the Cisco FTD device may need to be restarted.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20083" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--758accdf-af7e-41ec-81fe-ed28c58c9d00.json b/objects/vulnerability/vulnerability--758accdf-af7e-41ec-81fe-ed28c58c9d00.json new file mode 100644 index 00000000000..5f0effeba81 --- /dev/null +++ b/objects/vulnerability/vulnerability--758accdf-af7e-41ec-81fe-ed28c58c9d00.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c12e86c4-8472-4c9b-9770-068124109196", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--758accdf-af7e-41ec-81fe-ed28c58c9d00", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.900304Z", + "modified": "2023-11-02T00:16:13.900304Z", + "name": "CVE-2023-42642", + "description": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42642" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--78c03108-389b-4d68-8caf-3a69d0b71014.json b/objects/vulnerability/vulnerability--78c03108-389b-4d68-8caf-3a69d0b71014.json new file mode 100644 index 00000000000..3f0396788c4 --- /dev/null +++ b/objects/vulnerability/vulnerability--78c03108-389b-4d68-8caf-3a69d0b71014.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ba21e973-cae2-4334-8505-fc065cb0b99d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--78c03108-389b-4d68-8caf-3a69d0b71014", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.399424Z", + "modified": "2023-11-02T00:16:13.399424Z", + "name": "CVE-2023-40062", + "description": "SolarWinds Platform Incomplete List of Disallowed Inputs Remote Code Execution Vulnerability. If executed, this vulnerability would allow a low-privileged user to execute commands with SYSTEM privileges.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-40062" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7ddf4e29-75f6-46bf-aa6c-54aacb5401b9.json b/objects/vulnerability/vulnerability--7ddf4e29-75f6-46bf-aa6c-54aacb5401b9.json new file mode 100644 index 00000000000..63693e46866 --- /dev/null +++ b/objects/vulnerability/vulnerability--7ddf4e29-75f6-46bf-aa6c-54aacb5401b9.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6fc70d8b-8ba2-4bc9-bfcb-3bffbf0c4878", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7ddf4e29-75f6-46bf-aa6c-54aacb5401b9", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.852309Z", + "modified": "2023-11-02T00:16:13.852309Z", + "name": "CVE-2023-42641", + "description": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42641" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7e5487f7-694a-4a0f-b0a0-9c66a508b97c.json b/objects/vulnerability/vulnerability--7e5487f7-694a-4a0f-b0a0-9c66a508b97c.json new file mode 100644 index 00000000000..dc4db153e51 --- /dev/null +++ b/objects/vulnerability/vulnerability--7e5487f7-694a-4a0f-b0a0-9c66a508b97c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f8affdad-f173-43e7-8fed-089cb7dbbe8d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7e5487f7-694a-4a0f-b0a0-9c66a508b97c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.87754Z", + "modified": "2023-11-02T00:16:13.87754Z", + "name": "CVE-2023-42631", + "description": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42631" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7ff9f2f3-0925-408f-b8cc-abea6001dcae.json b/objects/vulnerability/vulnerability--7ff9f2f3-0925-408f-b8cc-abea6001dcae.json new file mode 100644 index 00000000000..2b3591be609 --- /dev/null +++ b/objects/vulnerability/vulnerability--7ff9f2f3-0925-408f-b8cc-abea6001dcae.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ca510569-7692-444d-87c1-65891df3d4e4", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7ff9f2f3-0925-408f-b8cc-abea6001dcae", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.399955Z", + "modified": "2023-11-02T00:16:15.399955Z", + "name": "CVE-2023-46428", + "description": "An arbitrary file upload vulnerability in HadSky v7.12.10 allows attackers to execute arbitrary code via a crafted file.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-46428" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--84fe25c3-8003-45b6-8e1a-dfb81e35a00e.json b/objects/vulnerability/vulnerability--84fe25c3-8003-45b6-8e1a-dfb81e35a00e.json new file mode 100644 index 00000000000..1296a2418ac --- /dev/null +++ b/objects/vulnerability/vulnerability--84fe25c3-8003-45b6-8e1a-dfb81e35a00e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3eedd4c8-aa6f-44b3-80a6-2827277de4ab", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--84fe25c3-8003-45b6-8e1a-dfb81e35a00e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.41299Z", + "modified": "2023-11-02T00:16:15.41299Z", + "name": "CVE-2023-46931", + "description": "GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in ffdmx_parse_side_data /afltest/gpac/src/filters/ff_dmx.c:202:14 in gpac/MP4Box.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-46931" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--86bd29f8-75a5-4c28-a0a9-7f66d9ccb3c6.json b/objects/vulnerability/vulnerability--86bd29f8-75a5-4c28-a0a9-7f66d9ccb3c6.json new file mode 100644 index 00000000000..52d40249dcf --- /dev/null +++ b/objects/vulnerability/vulnerability--86bd29f8-75a5-4c28-a0a9-7f66d9ccb3c6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--dbf252ef-87c8-4773-9b7f-b63186dba03f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--86bd29f8-75a5-4c28-a0a9-7f66d9ccb3c6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:22.963943Z", + "modified": "2023-11-02T00:16:22.963943Z", + "name": "CVE-2022-48455", + "description": "In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48455" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8865fce3-7f1e-4c62-8ebd-23a079561a23.json b/objects/vulnerability/vulnerability--8865fce3-7f1e-4c62-8ebd-23a079561a23.json new file mode 100644 index 00000000000..f4594d58779 --- /dev/null +++ b/objects/vulnerability/vulnerability--8865fce3-7f1e-4c62-8ebd-23a079561a23.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f53d7d52-76aa-47e5-b14f-db28f801f860", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8865fce3-7f1e-4c62-8ebd-23a079561a23", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.873488Z", + "modified": "2023-11-02T00:16:13.873488Z", + "name": "CVE-2023-42632", + "description": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42632" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--894f915b-188c-4729-b7f3-94c0067510d0.json b/objects/vulnerability/vulnerability--894f915b-188c-4729-b7f3-94c0067510d0.json new file mode 100644 index 00000000000..2a04ab6558c --- /dev/null +++ b/objects/vulnerability/vulnerability--894f915b-188c-4729-b7f3-94c0067510d0.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d5c22104-0780-4921-a620-385d109ab080", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--894f915b-188c-4729-b7f3-94c0067510d0", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.103256Z", + "modified": "2023-11-02T00:16:15.103256Z", + "name": "CVE-2023-20220", + "description": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. To exploit these vulnerabilities, the attacker must have valid device credentials, but does not need Administrator privileges. These vulnerabilities are due to insufficient validation of user-supplied input for certain configuration options. An attacker could exploit these vulnerabilities by using crafted input within the device configuration GUI. A successful exploit could allow the attacker to execute arbitrary commands on the device, including on the underlying operating system, which could also affect the availability of the device.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20220" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--89f71f14-2c8d-4890-ae8b-8a69671d4bca.json b/objects/vulnerability/vulnerability--89f71f14-2c8d-4890-ae8b-8a69671d4bca.json new file mode 100644 index 00000000000..1bb58c9b5d4 --- /dev/null +++ b/objects/vulnerability/vulnerability--89f71f14-2c8d-4890-ae8b-8a69671d4bca.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2a660c63-ba8e-4b5c-aeba-724634f81af7", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--89f71f14-2c8d-4890-ae8b-8a69671d4bca", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.135898Z", + "modified": "2023-11-02T00:16:12.135898Z", + "name": "CVE-2023-5891", + "description": "Cross-site Scripting (XSS) - Reflected in GitHub repository pkp/pkp-lib prior to 3.3.0-16.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5891" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8afebc81-e080-4bcb-96fd-3f663db30086.json b/objects/vulnerability/vulnerability--8afebc81-e080-4bcb-96fd-3f663db30086.json new file mode 100644 index 00000000000..a6fc8fc463a --- /dev/null +++ b/objects/vulnerability/vulnerability--8afebc81-e080-4bcb-96fd-3f663db30086.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--86bd0b4c-1e6f-4eb0-8f38-cea9aaf2379a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8afebc81-e080-4bcb-96fd-3f663db30086", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:14.064081Z", + "modified": "2023-11-02T00:16:14.064081Z", + "name": "CVE-2023-4452", + "description": "A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service vulnerability. This vulnerability stems from insufficient input validation in the URI, potentially enabling malicious users to trigger the device reboot. \n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4452" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8ec4f0ec-d81e-4fed-b5ed-278b7879bd3b.json b/objects/vulnerability/vulnerability--8ec4f0ec-d81e-4fed-b5ed-278b7879bd3b.json new file mode 100644 index 00000000000..432f84c051c --- /dev/null +++ b/objects/vulnerability/vulnerability--8ec4f0ec-d81e-4fed-b5ed-278b7879bd3b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--bbb99ed7-aee5-4a53-8488-f300a6891eaf", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8ec4f0ec-d81e-4fed-b5ed-278b7879bd3b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.865572Z", + "modified": "2023-11-02T00:16:13.865572Z", + "name": "CVE-2023-42651", + "description": "In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42651" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--91abb75c-848f-4c90-812a-32fe0104712b.json b/objects/vulnerability/vulnerability--91abb75c-848f-4c90-812a-32fe0104712b.json new file mode 100644 index 00000000000..2545e8144bc --- /dev/null +++ b/objects/vulnerability/vulnerability--91abb75c-848f-4c90-812a-32fe0104712b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--52dd626d-e8c1-45b2-92cb-8a6491e9e35c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--91abb75c-848f-4c90-812a-32fe0104712b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.949385Z", + "modified": "2023-11-02T00:16:13.949385Z", + "name": "CVE-2023-42750", + "description": "In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42750" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--953d9d3f-c094-4a67-9714-2518d47c91ff.json b/objects/vulnerability/vulnerability--953d9d3f-c094-4a67-9714-2518d47c91ff.json new file mode 100644 index 00000000000..6ebe16f233b --- /dev/null +++ b/objects/vulnerability/vulnerability--953d9d3f-c094-4a67-9714-2518d47c91ff.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--29869531-281c-4bb4-9110-d31edde52831", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--953d9d3f-c094-4a67-9714-2518d47c91ff", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.336692Z", + "modified": "2023-11-02T00:16:12.336692Z", + "name": "CVE-2023-33226", + "description": "The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. ", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-33226" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--97f5de61-191a-4d93-818c-8ad957882fa2.json b/objects/vulnerability/vulnerability--97f5de61-191a-4d93-818c-8ad957882fa2.json new file mode 100644 index 00000000000..b5d260132d1 --- /dev/null +++ b/objects/vulnerability/vulnerability--97f5de61-191a-4d93-818c-8ad957882fa2.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7f0f4091-9dc9-4246-8483-eeb62ef45b2e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--97f5de61-191a-4d93-818c-8ad957882fa2", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:14.644037Z", + "modified": "2023-11-02T00:16:14.644037Z", + "name": "CVE-2023-1713", + "description": "Insecure temporary file creation in bitrix/modules/crm/lib/order/import/instagram.php in Bitrix24 22.0.300 hosted on Apache HTTP Server allows remote authenticated attackers to execute arbitrary code via uploading a crafted \".htaccess\" file.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-1713" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9a1418c5-c07d-4e6e-852e-f8d5c57b6951.json b/objects/vulnerability/vulnerability--9a1418c5-c07d-4e6e-852e-f8d5c57b6951.json new file mode 100644 index 00000000000..a41644223e2 --- /dev/null +++ b/objects/vulnerability/vulnerability--9a1418c5-c07d-4e6e-852e-f8d5c57b6951.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c6b33409-724f-4236-b5ff-18eb12187291", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9a1418c5-c07d-4e6e-852e-f8d5c57b6951", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:14.701191Z", + "modified": "2023-11-02T00:16:14.701191Z", + "name": "CVE-2023-1714", + "description": "Unsafe variable extraction in bitrix/modules/main/classes/general/user_options.php in Bitrix24 22.0.300 allows remote authenticated attackers to execute arbitrary code via (1) appending arbitrary content to existing PHP files or (2) PHAR deserialization.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-1714" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9d587ef0-f1d9-49c8-8553-712fa2b3365a.json b/objects/vulnerability/vulnerability--9d587ef0-f1d9-49c8-8553-712fa2b3365a.json new file mode 100644 index 00000000000..aa72260cf0a --- /dev/null +++ b/objects/vulnerability/vulnerability--9d587ef0-f1d9-49c8-8553-712fa2b3365a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--75e01e34-bd35-41fb-be28-1452e8669fec", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9d587ef0-f1d9-49c8-8553-712fa2b3365a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.95613Z", + "modified": "2023-11-02T00:16:13.95613Z", + "name": "CVE-2023-42647", + "description": "In Ifaa service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42647" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9df4efb4-d31f-4532-8013-1e858603fa9f.json b/objects/vulnerability/vulnerability--9df4efb4-d31f-4532-8013-1e858603fa9f.json new file mode 100644 index 00000000000..499db73fa79 --- /dev/null +++ b/objects/vulnerability/vulnerability--9df4efb4-d31f-4532-8013-1e858603fa9f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b3617a76-e53e-4081-873f-1ae706d2b3e7", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9df4efb4-d31f-4532-8013-1e858603fa9f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.276048Z", + "modified": "2023-11-02T00:16:15.276048Z", + "name": "CVE-2023-20245", + "description": "Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilities are due to a logic error that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit these vulnerabilities by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to bypass the interface ACL and access resources that would should be protected.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20245" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9e664ba1-0f63-4e83-ac82-ca37b01ee1a5.json b/objects/vulnerability/vulnerability--9e664ba1-0f63-4e83-ac82-ca37b01ee1a5.json new file mode 100644 index 00000000000..a353f07634b --- /dev/null +++ b/objects/vulnerability/vulnerability--9e664ba1-0f63-4e83-ac82-ca37b01ee1a5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--df5cef2a-aa1b-4a9c-a3d0-466d5048a499", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9e664ba1-0f63-4e83-ac82-ca37b01ee1a5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.241895Z", + "modified": "2023-11-02T00:16:12.241895Z", + "name": "CVE-2023-5890", + "description": "Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5890" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9f6e26ee-5c6d-4da3-b166-f7873a8991d6.json b/objects/vulnerability/vulnerability--9f6e26ee-5c6d-4da3-b166-f7873a8991d6.json new file mode 100644 index 00000000000..4788948dda1 --- /dev/null +++ b/objects/vulnerability/vulnerability--9f6e26ee-5c6d-4da3-b166-f7873a8991d6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--df4ddbb3-e2b4-474c-b7c0-95c89e4dbdb6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9f6e26ee-5c6d-4da3-b166-f7873a8991d6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.266274Z", + "modified": "2023-11-02T00:16:15.266274Z", + "name": "CVE-2023-20247", + "description": "A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to bypass a configured multiple certificate authentication policy and connect using only a valid username and password. This vulnerability is due to improper error handling during remote access VPN authentication. An attacker could exploit this vulnerability by sending crafted requests during remote access VPN session establishment. A successful exploit could allow the attacker to bypass the configured multiple certificate authentication policy while retaining the privileges and permissions associated with the original connection profile.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20247" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a0eef01e-cf5c-4084-b4e7-c58346ac064e.json b/objects/vulnerability/vulnerability--a0eef01e-cf5c-4084-b4e7-c58346ac064e.json new file mode 100644 index 00000000000..4b52b81c6f0 --- /dev/null +++ b/objects/vulnerability/vulnerability--a0eef01e-cf5c-4084-b4e7-c58346ac064e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5b18d4ce-7301-49a8-921f-6d19aa868258", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a0eef01e-cf5c-4084-b4e7-c58346ac064e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.888033Z", + "modified": "2023-11-02T00:16:13.888033Z", + "name": "CVE-2023-42634", + "description": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42634" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a1c71c27-c08a-43a8-8917-83ab615ee1bd.json b/objects/vulnerability/vulnerability--a1c71c27-c08a-43a8-8917-83ab615ee1bd.json new file mode 100644 index 00000000000..68bf800c683 --- /dev/null +++ b/objects/vulnerability/vulnerability--a1c71c27-c08a-43a8-8917-83ab615ee1bd.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--177a4bf5-1a1e-444d-a68a-a46242443fd4", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a1c71c27-c08a-43a8-8917-83ab615ee1bd", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:22.91665Z", + "modified": "2023-11-02T00:16:22.91665Z", + "name": "CVE-2022-48458", + "description": "In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48458" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a2f1c990-6bc4-4282-8efd-1bfb90c36eb4.json b/objects/vulnerability/vulnerability--a2f1c990-6bc4-4282-8efd-1bfb90c36eb4.json new file mode 100644 index 00000000000..05a7bd88adc --- /dev/null +++ b/objects/vulnerability/vulnerability--a2f1c990-6bc4-4282-8efd-1bfb90c36eb4.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a8d2b150-b3c7-4fd0-9d0a-b78e7bc0a697", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a2f1c990-6bc4-4282-8efd-1bfb90c36eb4", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:14.066345Z", + "modified": "2023-11-02T00:16:14.066345Z", + "name": "CVE-2023-4198", + "description": "Improper Access Control in Dolibarr ERP CRM <= v17.0.3 allows an unauthorized authenticated user to read a database table containing customer data", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4198" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a3142bec-153a-4f23-9b7a-6588587c7578.json b/objects/vulnerability/vulnerability--a3142bec-153a-4f23-9b7a-6588587c7578.json new file mode 100644 index 00000000000..aa0922661af --- /dev/null +++ b/objects/vulnerability/vulnerability--a3142bec-153a-4f23-9b7a-6588587c7578.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b75a75a1-986e-4ae2-b1c8-2a4dbe2999b7", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a3142bec-153a-4f23-9b7a-6588587c7578", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.199443Z", + "modified": "2023-11-02T00:16:15.199443Z", + "name": "CVE-2023-20256", + "description": "Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilities are due to a logic error that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit these vulnerabilities by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to bypass the interface ACL and access resources that would should be protected.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20256" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a4bf4546-8d5b-406f-8211-701596111441.json b/objects/vulnerability/vulnerability--a4bf4546-8d5b-406f-8211-701596111441.json new file mode 100644 index 00000000000..dbc85e2fb1b --- /dev/null +++ b/objects/vulnerability/vulnerability--a4bf4546-8d5b-406f-8211-701596111441.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--242e6a0b-da70-4aaa-8a85-d0e599caa7a8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a4bf4546-8d5b-406f-8211-701596111441", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.222401Z", + "modified": "2023-11-02T00:16:12.222401Z", + "name": "CVE-2023-5847", + "description": "\nUnder certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5847" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a7002f07-e866-402e-8b81-73b61d2c8bff.json b/objects/vulnerability/vulnerability--a7002f07-e866-402e-8b81-73b61d2c8bff.json new file mode 100644 index 00000000000..8ea43dda35f --- /dev/null +++ b/objects/vulnerability/vulnerability--a7002f07-e866-402e-8b81-73b61d2c8bff.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--cb03c4b6-04b7-4712-aaa0-b25047331b89", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a7002f07-e866-402e-8b81-73b61d2c8bff", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.192017Z", + "modified": "2023-11-02T00:16:12.192017Z", + "name": "CVE-2023-5854", + "description": "Use after free in Profiles in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5854" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a71afe8a-027f-41c6-b4a1-9b7c08911558.json b/objects/vulnerability/vulnerability--a71afe8a-027f-41c6-b4a1-9b7c08911558.json new file mode 100644 index 00000000000..340782b0943 --- /dev/null +++ b/objects/vulnerability/vulnerability--a71afe8a-027f-41c6-b4a1-9b7c08911558.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6ce23990-0d94-4066-ae7b-b837a0d7d8da", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a71afe8a-027f-41c6-b4a1-9b7c08911558", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.148798Z", + "modified": "2023-11-02T00:16:15.148798Z", + "name": "CVE-2023-20213", + "description": "A vulnerability in the CDP processing feature of Cisco ISE could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of the CDP process on an affected device. This vulnerability is due to insufficient bounds checking when an affected device processes CDP traffic. An attacker could exploit this vulnerability by sending crafted CDP traffic to the device. A successful exploit could cause the CDP process to crash, impacting neighbor discovery and the ability of Cisco ISE to determine the reachability of remote devices. After a crash, the CDP process must be manually restarted using the cdp enable command in interface configuration mode.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20213" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a962b8e0-4912-4f55-a59b-1bd056d29dcd.json b/objects/vulnerability/vulnerability--a962b8e0-4912-4f55-a59b-1bd056d29dcd.json new file mode 100644 index 00000000000..a716acfb3b4 --- /dev/null +++ b/objects/vulnerability/vulnerability--a962b8e0-4912-4f55-a59b-1bd056d29dcd.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6247e189-cb21-447f-8c20-caa6c42e6bf4", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a962b8e0-4912-4f55-a59b-1bd056d29dcd", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.126036Z", + "modified": "2023-11-02T00:16:12.126036Z", + "name": "CVE-2023-5178", + "description": "A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation in case that the attacker already has local privileges.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5178" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a98d7349-99d6-4474-80b0-8710b47d7efd.json b/objects/vulnerability/vulnerability--a98d7349-99d6-4474-80b0-8710b47d7efd.json new file mode 100644 index 00000000000..033e4f33377 --- /dev/null +++ b/objects/vulnerability/vulnerability--a98d7349-99d6-4474-80b0-8710b47d7efd.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d8764bb3-6452-4025-a68f-a7cd0cbf4192", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a98d7349-99d6-4474-80b0-8710b47d7efd", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.133003Z", + "modified": "2023-11-02T00:16:15.133003Z", + "name": "CVE-2023-20074", + "description": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information. In some cases, it is also possible to cause a temporary availability impact to portions of the FMC Dashboard.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20074" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--aa53e4de-6ea3-4b5a-870f-026a1d881725.json b/objects/vulnerability/vulnerability--aa53e4de-6ea3-4b5a-870f-026a1d881725.json new file mode 100644 index 00000000000..7940ba91a8f --- /dev/null +++ b/objects/vulnerability/vulnerability--aa53e4de-6ea3-4b5a-870f-026a1d881725.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ee4630b8-dbc5-4e50-8aa3-0cca0c36906e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--aa53e4de-6ea3-4b5a-870f-026a1d881725", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.228764Z", + "modified": "2023-11-02T00:16:12.228764Z", + "name": "CVE-2023-5910", + "description": "A vulnerability was found in PopojiCMS 2.0.1 and classified as problematic. This issue affects some unknown processing of the file install.php of the component Web Config. The manipulation of the argument Site Title with the input leads to cross site scripting. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-244229 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5910" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--aa575e20-5452-40a6-91ba-ed6468a15c7f.json b/objects/vulnerability/vulnerability--aa575e20-5452-40a6-91ba-ed6468a15c7f.json new file mode 100644 index 00000000000..19e53774968 --- /dev/null +++ b/objects/vulnerability/vulnerability--aa575e20-5452-40a6-91ba-ed6468a15c7f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--553cdc7a-8f7d-4812-b799-04399323a4b3", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--aa575e20-5452-40a6-91ba-ed6468a15c7f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.135455Z", + "modified": "2023-11-02T00:16:15.135455Z", + "name": "CVE-2023-20244", + "description": "A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain packets when they are sent to the inspection engine. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to deplete all 9,472 byte blocks on the device, resulting in traffic loss across the device or an unexpected reload of the device. If the device does not reload on its own, a manual reload of the device would be required to recover from this state.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20244" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ae7e0c3b-f48a-4dbf-971c-f46953cc342b.json b/objects/vulnerability/vulnerability--ae7e0c3b-f48a-4dbf-971c-f46953cc342b.json new file mode 100644 index 00000000000..7803a3d6f0f --- /dev/null +++ b/objects/vulnerability/vulnerability--ae7e0c3b-f48a-4dbf-971c-f46953cc342b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d9a2c55d-41e5-4218-afa9-a33ede6a18bc", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ae7e0c3b-f48a-4dbf-971c-f46953cc342b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:22.905119Z", + "modified": "2023-11-02T00:16:22.905119Z", + "name": "CVE-2022-48459", + "description": "In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-48459" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b1e00c4b-8769-4784-adb2-893514e0bb39.json b/objects/vulnerability/vulnerability--b1e00c4b-8769-4784-adb2-893514e0bb39.json new file mode 100644 index 00000000000..3e010ebbb0a --- /dev/null +++ b/objects/vulnerability/vulnerability--b1e00c4b-8769-4784-adb2-893514e0bb39.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0467a9d0-01d3-4e5a-846a-37e9e34e5879", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b1e00c4b-8769-4784-adb2-893514e0bb39", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.405465Z", + "modified": "2023-11-02T00:16:15.405465Z", + "name": "CVE-2023-46927", + "description": "GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in gf_isom_use_compact_size gpac/src/isomedia/isom_write.c:3403:3 in gpac/MP4Box.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-46927" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b2cb845a-2a9b-43b3-98af-4d116e94a5b1.json b/objects/vulnerability/vulnerability--b2cb845a-2a9b-43b3-98af-4d116e94a5b1.json new file mode 100644 index 00000000000..ae409e94618 --- /dev/null +++ b/objects/vulnerability/vulnerability--b2cb845a-2a9b-43b3-98af-4d116e94a5b1.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6ba17cb7-b9f5-43cb-b08e-6852b0d5a1b3", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b2cb845a-2a9b-43b3-98af-4d116e94a5b1", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:14.780049Z", + "modified": "2023-11-02T00:16:14.780049Z", + "name": "CVE-2023-45202", + "description": "Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the feed.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL.\n\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-45202" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b3612165-64e1-4ae6-80c9-e7257bd341ac.json b/objects/vulnerability/vulnerability--b3612165-64e1-4ae6-80c9-e7257bd341ac.json new file mode 100644 index 00000000000..cba47d30255 --- /dev/null +++ b/objects/vulnerability/vulnerability--b3612165-64e1-4ae6-80c9-e7257bd341ac.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9550d636-ef84-41e4-8311-6d387503a8c9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b3612165-64e1-4ae6-80c9-e7257bd341ac", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.122496Z", + "modified": "2023-11-02T00:16:12.122496Z", + "name": "CVE-2023-5765", + "description": "Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to bypass permissions via data source switching.\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5765" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b4b47749-2a1d-4f1c-88d2-f7029d4a2d7d.json b/objects/vulnerability/vulnerability--b4b47749-2a1d-4f1c-88d2-f7029d4a2d7d.json new file mode 100644 index 00000000000..4d31a7ac715 --- /dev/null +++ b/objects/vulnerability/vulnerability--b4b47749-2a1d-4f1c-88d2-f7029d4a2d7d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d5ca5e32-c227-49f3-862b-f99f6cb5a39b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b4b47749-2a1d-4f1c-88d2-f7029d4a2d7d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.298035Z", + "modified": "2023-11-02T00:16:13.298035Z", + "name": "CVE-2023-2621", + "description": "\nThe McFeeder server (distributed as part of SSW package), is susceptible to an arbitrary file write vulnerability on the MAIN computer\nsystem. This vulnerability stems from the use of an outdated version of a third-party library, which is used to extract archives uploaded to McFeeder server. An authenticated malicious client can\nexploit this vulnerability by uploading a crafted ZIP archive via the\nnetwork to McFeeder’s service endpoint.\n\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-2621" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b55b3123-b929-4af2-8546-1c7190991842.json b/objects/vulnerability/vulnerability--b55b3123-b929-4af2-8546-1c7190991842.json new file mode 100644 index 00000000000..7f348eb573c --- /dev/null +++ b/objects/vulnerability/vulnerability--b55b3123-b929-4af2-8546-1c7190991842.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--de80e01f-d92b-4699-af2c-6427fa8ebc17", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b55b3123-b929-4af2-8546-1c7190991842", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.224147Z", + "modified": "2023-11-02T00:16:15.224147Z", + "name": "CVE-2023-20005", + "description": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information. In some cases, it is also possible to cause a temporary availability impact to portions of the FMC Dashboard.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20005" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b860506b-a001-40a5-ac81-f8638f94dec9.json b/objects/vulnerability/vulnerability--b860506b-a001-40a5-ac81-f8638f94dec9.json new file mode 100644 index 00000000000..6f1c22eecfd --- /dev/null +++ b/objects/vulnerability/vulnerability--b860506b-a001-40a5-ac81-f8638f94dec9.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f468aeff-d0c7-4593-99c8-d40fae68de63", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b860506b-a001-40a5-ac81-f8638f94dec9", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.195248Z", + "modified": "2023-11-02T00:16:12.195248Z", + "name": "CVE-2023-5515", + "description": "\nThe responses for web queries with certain parameters disclose internal path of resources. This information can be used to learn internal structure of the application and to further plot attacks against\nweb servers and deployed web applications.\n\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5515" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b89a1a44-dce5-48a7-b9ce-e30cdc4a61f7.json b/objects/vulnerability/vulnerability--b89a1a44-dce5-48a7-b9ce-e30cdc4a61f7.json new file mode 100644 index 00000000000..55034556f31 --- /dev/null +++ b/objects/vulnerability/vulnerability--b89a1a44-dce5-48a7-b9ce-e30cdc4a61f7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--737e12d5-9633-4483-876a-2a20aa9afb1a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b89a1a44-dce5-48a7-b9ce-e30cdc4a61f7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.178561Z", + "modified": "2023-11-02T00:16:15.178561Z", + "name": "CVE-2023-20175", + "description": "A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must have valid Read-only-level privileges or higher on the affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20175" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--baa37d48-ade8-41f1-91fa-68b458238ed8.json b/objects/vulnerability/vulnerability--baa37d48-ade8-41f1-91fa-68b458238ed8.json new file mode 100644 index 00000000000..ec37b1610e2 --- /dev/null +++ b/objects/vulnerability/vulnerability--baa37d48-ade8-41f1-91fa-68b458238ed8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d2b08485-5ef8-4bbd-9893-a6d025186260", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--baa37d48-ade8-41f1-91fa-68b458238ed8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.247954Z", + "modified": "2023-11-02T00:16:12.247954Z", + "name": "CVE-2023-5627", + "description": "A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism vulnerable. This vulnerability arises from the incorrect implementation of sensitive information protection, potentially allowing malicious users to gain unauthorized access to the web service. \n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5627" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--bd4fc2ea-085f-472e-bcea-cf93b25f09b9.json b/objects/vulnerability/vulnerability--bd4fc2ea-085f-472e-bcea-cf93b25f09b9.json new file mode 100644 index 00000000000..6ab444c39cd --- /dev/null +++ b/objects/vulnerability/vulnerability--bd4fc2ea-085f-472e-bcea-cf93b25f09b9.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3f139b53-36d2-4397-ab74-6b894f77700b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--bd4fc2ea-085f-472e-bcea-cf93b25f09b9", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.246Z", + "modified": "2023-11-02T00:16:12.246Z", + "name": "CVE-2023-5482", + "description": "Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5482" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--bd61dca0-593b-4d04-a2ce-c54fbcce1022.json b/objects/vulnerability/vulnerability--bd61dca0-593b-4d04-a2ce-c54fbcce1022.json new file mode 100644 index 00000000000..344bb8b88cc --- /dev/null +++ b/objects/vulnerability/vulnerability--bd61dca0-593b-4d04-a2ce-c54fbcce1022.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e9ece5fd-b6d2-406f-a85c-ad2339576140", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--bd61dca0-593b-4d04-a2ce-c54fbcce1022", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.14069Z", + "modified": "2023-11-02T00:16:15.14069Z", + "name": "CVE-2023-20031", + "description": "A vulnerability in the SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a logic error that occurs when an SSL/TLS certificate that is under load is accessed when it is initiating an SSL connection. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a high rate of SSL/TLS connection requests to be inspected by the Snort 3 detection engine on an affected device. A successful exploit could allow the attacker to cause the Snort 3 detection engine to reload, resulting in either a bypass or a denial of service (DoS) condition, depending on device configuration. The Snort detection engine will restart automatically. No manual intervention is required.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20031" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--bef497e2-ded5-4372-9f31-95c5ec405084.json b/objects/vulnerability/vulnerability--bef497e2-ded5-4372-9f31-95c5ec405084.json new file mode 100644 index 00000000000..3cab5cdbe68 --- /dev/null +++ b/objects/vulnerability/vulnerability--bef497e2-ded5-4372-9f31-95c5ec405084.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--394c354b-636b-40c9-ad84-4d0dc3e539d7", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--bef497e2-ded5-4372-9f31-95c5ec405084", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.212071Z", + "modified": "2023-11-02T00:16:12.212071Z", + "name": "CVE-2023-5358", + "description": "Improper access control in Report log filters feature in Devolutions Server 2023.2.10.0 and earlier allows attackers to retrieve logs from vaults or entries they are not allowed to access via the report request url query parameters.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5358" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--bf80f0ab-3c5c-4e6f-88ec-9ed98a6d88e4.json b/objects/vulnerability/vulnerability--bf80f0ab-3c5c-4e6f-88ec-9ed98a6d88e4.json new file mode 100644 index 00000000000..320258b179c --- /dev/null +++ b/objects/vulnerability/vulnerability--bf80f0ab-3c5c-4e6f-88ec-9ed98a6d88e4.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3ee9ef5a-d59f-453f-9e35-d691f7fffd07", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--bf80f0ab-3c5c-4e6f-88ec-9ed98a6d88e4", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.964323Z", + "modified": "2023-11-02T00:16:13.964323Z", + "name": "CVE-2023-42643", + "description": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42643" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c2ae4c43-c15e-4737-a74f-f4d3d2798e8c.json b/objects/vulnerability/vulnerability--c2ae4c43-c15e-4737-a74f-f4d3d2798e8c.json new file mode 100644 index 00000000000..dc826f0832a --- /dev/null +++ b/objects/vulnerability/vulnerability--c2ae4c43-c15e-4737-a74f-f4d3d2798e8c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--adf7933c-5551-4546-ac37-a46e91779715", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c2ae4c43-c15e-4737-a74f-f4d3d2798e8c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.143055Z", + "modified": "2023-11-02T00:16:15.143055Z", + "name": "CVE-2023-20155", + "description": "A vulnerability in a logging API in Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause the device to become unresponsive or trigger an unexpected reload. This vulnerability could also allow an attacker with valid user credentials, but not Administrator privileges, to view a system log file that they would not normally have access to. This vulnerability is due to a lack of rate-limiting of requests that are sent to a specific API that is related to an FMC log. An attacker could exploit this vulnerability by sending a high rate of HTTP requests to the API. A successful exploit could allow the attacker to cause a denial of service (DoS) condition due to the FMC CPU spiking to 100 percent utilization or to the device reloading. CPU utilization would return to normal if the attack traffic was stopped before an unexpected reload was triggered.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20155" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c5760f4a-cd34-407e-8449-01ec3593ea5e.json b/objects/vulnerability/vulnerability--c5760f4a-cd34-407e-8449-01ec3593ea5e.json new file mode 100644 index 00000000000..5edc8035b98 --- /dev/null +++ b/objects/vulnerability/vulnerability--c5760f4a-cd34-407e-8449-01ec3593ea5e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c3823446-9520-4d81-8b29-42f4e024118f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c5760f4a-cd34-407e-8449-01ec3593ea5e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.386798Z", + "modified": "2023-11-02T00:16:15.386798Z", + "name": "CVE-2023-46928", + "description": "GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gf_media_change_pl /afltest/gpac/src/media_tools/isom_tools.c:3293:42.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-46928" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c6efb8ff-a68a-4dcb-a59f-a4304eb6da1d.json b/objects/vulnerability/vulnerability--c6efb8ff-a68a-4dcb-a59f-a4304eb6da1d.json new file mode 100644 index 00000000000..2ece0860e02 --- /dev/null +++ b/objects/vulnerability/vulnerability--c6efb8ff-a68a-4dcb-a59f-a4304eb6da1d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3cd7230f-433a-43dc-963c-79abe023a6f6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c6efb8ff-a68a-4dcb-a59f-a4304eb6da1d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.107901Z", + "modified": "2023-11-02T00:16:12.107901Z", + "name": "CVE-2023-5896", + "description": "Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.4.0-4.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5896" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--cbfb34d2-52cd-4d98-926a-33abb4934743.json b/objects/vulnerability/vulnerability--cbfb34d2-52cd-4d98-926a-33abb4934743.json new file mode 100644 index 00000000000..b0aed20769e --- /dev/null +++ b/objects/vulnerability/vulnerability--cbfb34d2-52cd-4d98-926a-33abb4934743.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f6beadf8-f38d-4b32-984f-d3e5914653fa", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--cbfb34d2-52cd-4d98-926a-33abb4934743", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:14.729538Z", + "modified": "2023-11-02T00:16:14.729538Z", + "name": "CVE-2023-1719", + "description": "Global variable extraction in bitrix/modules/main/tools.php in Bitrix24 22.0.300 allows unauthenticated remote attackers to (1) enumerate attachments on the server and (2) execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege, via overwriting uninitialised variables.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-1719" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--cd33492d-0d83-4e67-a846-ad3cd768fcdd.json b/objects/vulnerability/vulnerability--cd33492d-0d83-4e67-a846-ad3cd768fcdd.json new file mode 100644 index 00000000000..88ab05a217a --- /dev/null +++ b/objects/vulnerability/vulnerability--cd33492d-0d83-4e67-a846-ad3cd768fcdd.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--986fe2fd-5de4-4304-856e-9e1b3b3e3ddc", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--cd33492d-0d83-4e67-a846-ad3cd768fcdd", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.966194Z", + "modified": "2023-11-02T00:16:13.966194Z", + "name": "CVE-2023-42652", + "description": "In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42652" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--cf2f629d-67b8-407f-9257-d88a673589fe.json b/objects/vulnerability/vulnerability--cf2f629d-67b8-407f-9257-d88a673589fe.json new file mode 100644 index 00000000000..9f32fccc816 --- /dev/null +++ b/objects/vulnerability/vulnerability--cf2f629d-67b8-407f-9257-d88a673589fe.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--965ad6e9-0d8b-4c38-ab4a-2c04e027c1ca", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--cf2f629d-67b8-407f-9257-d88a673589fe", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.21049Z", + "modified": "2023-11-02T00:16:12.21049Z", + "name": "CVE-2023-5895", + "description": "Cross-site Scripting (XSS) - DOM in GitHub repository pkp/pkp-lib prior to 3.3.0-16.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5895" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--cf4f81a9-7da8-45a3-8ff8-987142d3279f.json b/objects/vulnerability/vulnerability--cf4f81a9-7da8-45a3-8ff8-987142d3279f.json new file mode 100644 index 00000000000..05c67eab8e6 --- /dev/null +++ b/objects/vulnerability/vulnerability--cf4f81a9-7da8-45a3-8ff8-987142d3279f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--168d481a-4053-4384-8d54-31a0f49f7591", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--cf4f81a9-7da8-45a3-8ff8-987142d3279f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.143706Z", + "modified": "2023-11-02T00:16:12.143706Z", + "name": "CVE-2023-5894", + "description": "Cross-site Scripting (XSS) - Stored in GitHub repository pkp/ojs prior to 3.3.0-16.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5894" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d0db1cd9-6994-4734-aa27-2455c15cd8fe.json b/objects/vulnerability/vulnerability--d0db1cd9-6994-4734-aa27-2455c15cd8fe.json new file mode 100644 index 00000000000..7debd1e67b2 --- /dev/null +++ b/objects/vulnerability/vulnerability--d0db1cd9-6994-4734-aa27-2455c15cd8fe.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b6787e1b-ceeb-4b89-9097-a1c19f20d84a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d0db1cd9-6994-4734-aa27-2455c15cd8fe", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.253363Z", + "modified": "2023-11-02T00:16:15.253363Z", + "name": "CVE-2023-20195", + "description": "Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. These vulnerabilities are due to improper validation of files that are uploaded to the web-based management interface. An attacker could exploit these vulnerabilities by uploading a crafted file to an affected device. A successful exploit could allow the attacker to store malicious files in specific directories on the device. The attacker could later use those files to conduct additional attacks, including executing arbitrary code on the affected device with root privileges.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20195" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d34a3271-1102-423d-bc22-94b1c36942de.json b/objects/vulnerability/vulnerability--d34a3271-1102-423d-bc22-94b1c36942de.json new file mode 100644 index 00000000000..8a5edbac21a --- /dev/null +++ b/objects/vulnerability/vulnerability--d34a3271-1102-423d-bc22-94b1c36942de.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b280878e-21f3-4700-a02d-0a250e1fb9ee", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d34a3271-1102-423d-bc22-94b1c36942de", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.179135Z", + "modified": "2023-11-02T00:16:12.179135Z", + "name": "CVE-2023-5858", + "description": "Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5858" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d3706840-48d4-45a3-8b37-56e049501313.json b/objects/vulnerability/vulnerability--d3706840-48d4-45a3-8b37-56e049501313.json new file mode 100644 index 00000000000..eeca94416b1 --- /dev/null +++ b/objects/vulnerability/vulnerability--d3706840-48d4-45a3-8b37-56e049501313.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2c0543c6-047c-49a1-afd6-1c9a321b33ca", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d3706840-48d4-45a3-8b37-56e049501313", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.190546Z", + "modified": "2023-11-02T00:16:12.190546Z", + "name": "CVE-2023-5855", + "description": "Use after free in Reading Mode in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5855" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d3b2c125-aece-48d8-b8e8-14e102dcb53b.json b/objects/vulnerability/vulnerability--d3b2c125-aece-48d8-b8e8-14e102dcb53b.json new file mode 100644 index 00000000000..6aa8d5a92ba --- /dev/null +++ b/objects/vulnerability/vulnerability--d3b2c125-aece-48d8-b8e8-14e102dcb53b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--38799c52-92ca-47bb-a73f-056b45f82b49", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d3b2c125-aece-48d8-b8e8-14e102dcb53b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.231874Z", + "modified": "2023-11-02T00:16:15.231874Z", + "name": "CVE-2023-20264", + "description": "A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to intercept the SAML assertion of a user who is authenticating to a remote access VPN session. This vulnerability is due to insufficient validation of the login URL. An attacker could exploit this vulnerability by persuading a user to access a site that is under the control of the attacker, allowing the attacker to modify the login URL. A successful exploit could allow the attacker to intercept a successful SAML assertion and use that assertion to establish a remote access VPN session toward the affected device with the identity and permissions of the hijacked user, resulting in access to the protected network.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20264" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d5a76879-2a51-4d49-bf42-17e2bcfb940f.json b/objects/vulnerability/vulnerability--d5a76879-2a51-4d49-bf42-17e2bcfb940f.json new file mode 100644 index 00000000000..74eae5d2fc1 --- /dev/null +++ b/objects/vulnerability/vulnerability--d5a76879-2a51-4d49-bf42-17e2bcfb940f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4ada9087-7e39-4ea8-a44f-4e5b481c2162", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d5a76879-2a51-4d49-bf42-17e2bcfb940f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.894454Z", + "modified": "2023-11-02T00:16:13.894454Z", + "name": "CVE-2023-42649", + "description": "In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42649" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d79f8a33-ba7e-4ebe-a3a8-530ea2665af7.json b/objects/vulnerability/vulnerability--d79f8a33-ba7e-4ebe-a3a8-530ea2665af7.json new file mode 100644 index 00000000000..2fa9ce5b25f --- /dev/null +++ b/objects/vulnerability/vulnerability--d79f8a33-ba7e-4ebe-a3a8-530ea2665af7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--fc8fbb7c-c9ea-4a91-b904-5ca468841ac5", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d79f8a33-ba7e-4ebe-a3a8-530ea2665af7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.181732Z", + "modified": "2023-11-02T00:16:12.181732Z", + "name": "CVE-2023-5893", + "description": "Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5893" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d82e5bc2-6d41-492f-b12c-92ffcdc46218.json b/objects/vulnerability/vulnerability--d82e5bc2-6d41-492f-b12c-92ffcdc46218.json new file mode 100644 index 00000000000..787d5ea1416 --- /dev/null +++ b/objects/vulnerability/vulnerability--d82e5bc2-6d41-492f-b12c-92ffcdc46218.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4517e01a-e44c-4b97-b76b-6c13bbeabbe3", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d82e5bc2-6d41-492f-b12c-92ffcdc46218", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.163331Z", + "modified": "2023-11-02T00:16:12.163331Z", + "name": "CVE-2023-5851", + "description": "Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5851" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ddcf8855-0d86-4eb2-a17b-6346eb7cb643.json b/objects/vulnerability/vulnerability--ddcf8855-0d86-4eb2-a17b-6346eb7cb643.json new file mode 100644 index 00000000000..cd2c1a2a83a --- /dev/null +++ b/objects/vulnerability/vulnerability--ddcf8855-0d86-4eb2-a17b-6346eb7cb643.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--605bb01c-cdb3-4894-8fde-ac88c327fdd2", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ddcf8855-0d86-4eb2-a17b-6346eb7cb643", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:14.290685Z", + "modified": "2023-11-02T00:16:14.290685Z", + "name": "CVE-2023-44954", + "description": "Cross Site Scripting vulnerability in BigTree CMS v.4.5.7 allows a remote attacker to execute arbitrary code via the ID parameter in the Developer Settings functions.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-44954" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e0a7cace-77db-4c74-91c2-9e038a78d012.json b/objects/vulnerability/vulnerability--e0a7cace-77db-4c74-91c2-9e038a78d012.json new file mode 100644 index 00000000000..00dd0db915a --- /dev/null +++ b/objects/vulnerability/vulnerability--e0a7cace-77db-4c74-91c2-9e038a78d012.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b84d9c45-7869-45bd-97c1-167ab408ac3f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e0a7cace-77db-4c74-91c2-9e038a78d012", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.468377Z", + "modified": "2023-11-02T00:16:15.468377Z", + "name": "CVE-2023-46482", + "description": "SQL injection vulnerability in wuzhicms v.4.1.0 allows a remote attacker to execute arbitrary code via the Database Backup Functionality in the coreframe/app/database/admin/index.php component.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-46482" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e1d4ebd8-d1b5-4370-bd60-1310d345b5f3.json b/objects/vulnerability/vulnerability--e1d4ebd8-d1b5-4370-bd60-1310d345b5f3.json new file mode 100644 index 00000000000..21f01091842 --- /dev/null +++ b/objects/vulnerability/vulnerability--e1d4ebd8-d1b5-4370-bd60-1310d345b5f3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f1f8b890-cf2d-4fd0-a982-101178f98905", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e1d4ebd8-d1b5-4370-bd60-1310d345b5f3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.945461Z", + "modified": "2023-11-02T00:16:13.945461Z", + "name": "CVE-2023-42635", + "description": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42635" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e210a7c2-b910-4f6e-8dcc-81c7e39c7d7c.json b/objects/vulnerability/vulnerability--e210a7c2-b910-4f6e-8dcc-81c7e39c7d7c.json new file mode 100644 index 00000000000..f9ca536d858 --- /dev/null +++ b/objects/vulnerability/vulnerability--e210a7c2-b910-4f6e-8dcc-81c7e39c7d7c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5d6a8059-528f-44ea-a621-2b5de0614481", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e210a7c2-b910-4f6e-8dcc-81c7e39c7d7c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.929648Z", + "modified": "2023-11-02T00:16:13.929648Z", + "name": "CVE-2023-42636", + "description": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42636" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e5271562-19eb-4b3a-a44f-1f593a2c97ac.json b/objects/vulnerability/vulnerability--e5271562-19eb-4b3a-a44f-1f593a2c97ac.json new file mode 100644 index 00000000000..a1305acf737 --- /dev/null +++ b/objects/vulnerability/vulnerability--e5271562-19eb-4b3a-a44f-1f593a2c97ac.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5dbc1f04-41b0-4397-aeb9-319a0ed14853", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e5271562-19eb-4b3a-a44f-1f593a2c97ac", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.187904Z", + "modified": "2023-11-02T00:16:15.187904Z", + "name": "CVE-2023-20255", + "description": "A vulnerability in an API of the Web Bridge feature of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP packets to an affected device. A successful exploit could allow the attacker to cause a partial availability condition, which could cause ongoing video calls to be dropped due to the invalid packets reaching the Web Bridge.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20255" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e8a684f0-3b43-4e4d-985f-f193627325e5.json b/objects/vulnerability/vulnerability--e8a684f0-3b43-4e4d-985f-f193627325e5.json new file mode 100644 index 00000000000..8a0296d49ae --- /dev/null +++ b/objects/vulnerability/vulnerability--e8a684f0-3b43-4e4d-985f-f193627325e5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--31ac2664-375b-4f0f-8f27-1c21d6e59491", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e8a684f0-3b43-4e4d-985f-f193627325e5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:14.661625Z", + "modified": "2023-11-02T00:16:14.661625Z", + "name": "CVE-2023-1720", + "description": "Lack of mime type response header in Bitrix24 22.0.300 allows authenticated remote attackers to execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege, via uploading a crafted HTML file through /desktop_app/file.ajax.php?action=uploadfile.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-1720" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ea70ed60-2e02-468a-bac8-83f40942d72c.json b/objects/vulnerability/vulnerability--ea70ed60-2e02-468a-bac8-83f40942d72c.json new file mode 100644 index 00000000000..60b61f68f56 --- /dev/null +++ b/objects/vulnerability/vulnerability--ea70ed60-2e02-468a-bac8-83f40942d72c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0c05a91a-fa94-4a7a-920a-516f3f1344ed", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ea70ed60-2e02-468a-bac8-83f40942d72c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.180436Z", + "modified": "2023-11-02T00:16:15.180436Z", + "name": "CVE-2023-20071", + "description": "Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20071" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ead11e75-bc59-4a13-a8f5-21749c0e90ab.json b/objects/vulnerability/vulnerability--ead11e75-bc59-4a13-a8f5-21749c0e90ab.json new file mode 100644 index 00000000000..87aa99b3aba --- /dev/null +++ b/objects/vulnerability/vulnerability--ead11e75-bc59-4a13-a8f5-21749c0e90ab.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--a7657539-dd08-4abc-bc36-c9098ee6dbd7", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ead11e75-bc59-4a13-a8f5-21749c0e90ab", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:14.776598Z", + "modified": "2023-11-02T00:16:14.776598Z", + "name": "CVE-2023-45203", + "description": "Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the login.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL.\n\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-45203" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ec90af0c-cfcb-4742-8baa-8de526f47b4a.json b/objects/vulnerability/vulnerability--ec90af0c-cfcb-4742-8baa-8de526f47b4a.json new file mode 100644 index 00000000000..bb8f3944524 --- /dev/null +++ b/objects/vulnerability/vulnerability--ec90af0c-cfcb-4742-8baa-8de526f47b4a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8edbeabf-35d6-4179-863e-b08881fc43ee", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ec90af0c-cfcb-4742-8baa-8de526f47b4a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.159829Z", + "modified": "2023-11-02T00:16:15.159829Z", + "name": "CVE-2023-20041", + "description": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information. In some cases, it is also possible to cause a temporary availability impact to portions of the FMC Dashboard.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20041" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ed862b26-e07f-494d-8699-3f161a5bc2bd.json b/objects/vulnerability/vulnerability--ed862b26-e07f-494d-8699-3f161a5bc2bd.json new file mode 100644 index 00000000000..ea18cf109e6 --- /dev/null +++ b/objects/vulnerability/vulnerability--ed862b26-e07f-494d-8699-3f161a5bc2bd.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7f2cf3b3-dcef-48cf-97c6-c8bd0c4eea08", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ed862b26-e07f-494d-8699-3f161a5bc2bd", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.161611Z", + "modified": "2023-11-02T00:16:15.161611Z", + "name": "CVE-2023-20246", + "description": "Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a logic error that occurs when the access control policies are being populated. An attacker could exploit this vulnerability by establishing a connection to an affected device. A successful exploit could allow the attacker to bypass configured access control rules on the affected system.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20246" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f0758e8c-954d-426f-aa9b-af652b545b5c.json b/objects/vulnerability/vulnerability--f0758e8c-954d-426f-aa9b-af652b545b5c.json new file mode 100644 index 00000000000..238c26be0dc --- /dev/null +++ b/objects/vulnerability/vulnerability--f0758e8c-954d-426f-aa9b-af652b545b5c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b3042778-790a-4286-800a-616dcba0bde3", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f0758e8c-954d-426f-aa9b-af652b545b5c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.184498Z", + "modified": "2023-11-02T00:16:12.184498Z", + "name": "CVE-2023-5899", + "description": "Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5899" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f3c55e17-8ee9-4042-9381-2966c7db9200.json b/objects/vulnerability/vulnerability--f3c55e17-8ee9-4042-9381-2966c7db9200.json new file mode 100644 index 00000000000..76cd8532260 --- /dev/null +++ b/objects/vulnerability/vulnerability--f3c55e17-8ee9-4042-9381-2966c7db9200.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4306940c-122a-47d9-a0f4-0dfe56088d10", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f3c55e17-8ee9-4042-9381-2966c7db9200", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.218579Z", + "modified": "2023-11-02T00:16:12.218579Z", + "name": "CVE-2023-5850", + "description": "Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5850" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f551a5d2-775a-4fd9-a867-920b9725c047.json b/objects/vulnerability/vulnerability--f551a5d2-775a-4fd9-a867-920b9725c047.json new file mode 100644 index 00000000000..30d4a4e9280 --- /dev/null +++ b/objects/vulnerability/vulnerability--f551a5d2-775a-4fd9-a867-920b9725c047.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--39135060-4336-47a3-bfc7-c0e9ef778042", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f551a5d2-775a-4fd9-a867-920b9725c047", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.215126Z", + "modified": "2023-11-02T00:16:12.215126Z", + "name": "CVE-2023-5852", + "description": "Use after free in Printing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5852" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f617a8bc-5de1-4977-9010-99d581f56fa3.json b/objects/vulnerability/vulnerability--f617a8bc-5de1-4977-9010-99d581f56fa3.json new file mode 100644 index 00000000000..10a4343b5b4 --- /dev/null +++ b/objects/vulnerability/vulnerability--f617a8bc-5de1-4977-9010-99d581f56fa3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--bb86b604-3d00-4d47-9b20-8f93eefb37b5", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f617a8bc-5de1-4977-9010-99d581f56fa3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.240983Z", + "modified": "2023-11-02T00:16:15.240983Z", + "name": "CVE-2023-20070", + "description": "A vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability is due to a logic error in how memory allocations are handled during a TLS 1.3 session. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a crafted TLS 1.3 message sequence through an affected device. A successful exploit could allow the attacker to cause the Snort 3 detection engine to reload, resulting in a denial of service (DoS) condition. While the Snort detection engine reloads, packets going through the FTD device that are sent to the Snort detection engine will be dropped. The Snort detection engine will restart automatically. No manual intervention is required.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20070" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f8414b70-8e35-49c4-9b60-3b399a5e9a7a.json b/objects/vulnerability/vulnerability--f8414b70-8e35-49c4-9b60-3b399a5e9a7a.json new file mode 100644 index 00000000000..d783b497829 --- /dev/null +++ b/objects/vulnerability/vulnerability--f8414b70-8e35-49c4-9b60-3b399a5e9a7a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--177bdeb1-4b3f-4405-9809-c8840c2e85ab", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f8414b70-8e35-49c4-9b60-3b399a5e9a7a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:13.97144Z", + "modified": "2023-11-02T00:16:13.97144Z", + "name": "CVE-2023-42639", + "description": "In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42639" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--fa23f9c0-262e-44a7-a3b1-093cfa8795c8.json b/objects/vulnerability/vulnerability--fa23f9c0-262e-44a7-a3b1-093cfa8795c8.json new file mode 100644 index 00000000000..8cd0044f4cc --- /dev/null +++ b/objects/vulnerability/vulnerability--fa23f9c0-262e-44a7-a3b1-093cfa8795c8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1f531343-05ce-4521-8ffd-a5a6fc5a862b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--fa23f9c0-262e-44a7-a3b1-093cfa8795c8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:12.086775Z", + "modified": "2023-11-02T00:16:12.086775Z", + "name": "CVE-2023-5853", + "description": "Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5853" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--fb462bb7-f3f5-4537-8368-5a87412213ca.json b/objects/vulnerability/vulnerability--fb462bb7-f3f5-4537-8368-5a87412213ca.json new file mode 100644 index 00000000000..5a7e9d56522 --- /dev/null +++ b/objects/vulnerability/vulnerability--fb462bb7-f3f5-4537-8368-5a87412213ca.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--34c60c9f-e764-4cdd-be9f-8ac33671a34e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--fb462bb7-f3f5-4537-8368-5a87412213ca", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:14.677526Z", + "modified": "2023-11-02T00:16:14.677526Z", + "name": "CVE-2023-1716", + "description": "\nCross-site scripting (XSS) vulnerability in Invoice Edit Page in Bitrix24 22.0.300 allows attackers to execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege.\n\n\n\n\n\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-1716" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--fbc56b28-cdb3-48c0-adea-31d7e0f09b6a.json b/objects/vulnerability/vulnerability--fbc56b28-cdb3-48c0-adea-31d7e0f09b6a.json new file mode 100644 index 00000000000..2c9299925ec --- /dev/null +++ b/objects/vulnerability/vulnerability--fbc56b28-cdb3-48c0-adea-31d7e0f09b6a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2dac3e86-5ee4-4b1f-a136-7053c95b8b6b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--fbc56b28-cdb3-48c0-adea-31d7e0f09b6a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:15.261978Z", + "modified": "2023-11-02T00:16:15.261978Z", + "name": "CVE-2023-20095", + "description": "A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of HTTPS requests. An attacker could exploit this vulnerability by sending crafted HTTPS requests to an affected system. A successful exploit could allow the attacker to cause resource exhaustion, resulting in a DoS condition.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-20095" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--fde63353-2520-48da-8032-ab63deaa5016.json b/objects/vulnerability/vulnerability--fde63353-2520-48da-8032-ab63deaa5016.json new file mode 100644 index 00000000000..b18c1a7d4b5 --- /dev/null +++ b/objects/vulnerability/vulnerability--fde63353-2520-48da-8032-ab63deaa5016.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b553f353-98cb-45bb-9367-67b52a9d0881", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--fde63353-2520-48da-8032-ab63deaa5016", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-02T00:16:14.721813Z", + "modified": "2023-11-02T00:16:14.721813Z", + "name": "CVE-2023-1192", + "description": "A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-1192" + } + ] + } + ] +} \ No newline at end of file