Auto-Update: 2023-10-11T10:00:25.885887+00:00

CVE-2023/CVE-2023-27xx/CVE-2023-2718.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-2718",
   "sourceIdentifier": "contact@wpscan.com",
   "published": "2023-06-12T18:15:10.167",
-  "lastModified": "2023-06-16T18:42:20.787",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-10-11T09:15:09.813",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
@@ -72,6 +72,10 @@
         "Exploit",
         "Third Party Advisory"
       ]
+    },
+    {
+      "url": "https://www.onvio.nl/nieuws/research-day-discovering-vulnerabilities-in-wordpress-plugins",
+      "source": "contact@wpscan.com"
     }
   ]
 }

CVE-2023/CVE-2023-31xx/CVE-2023-3134.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-3134",
   "sourceIdentifier": "contact@wpscan.com",
   "published": "2023-07-31T10:15:10.500",
-  "lastModified": "2023-08-03T21:00:41.997",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-10-11T09:15:10.097",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
@@ -72,6 +72,10 @@
         "Exploit",
         "Third Party Advisory"
       ]
+    },
+    {
+      "url": "https://www.onvio.nl/nieuws/research-day-discovering-vulnerabilities-in-wordpress-plugins",
+      "source": "contact@wpscan.com"
     }
   ]
 }

CVE-2023/CVE-2023-35xx/CVE-2023-3575.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-3575",
   "sourceIdentifier": "contact@wpscan.com",
   "published": "2023-08-07T15:15:11.460",
-  "lastModified": "2023-08-09T17:53:14.573",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-10-11T09:15:10.320",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
@@ -72,6 +72,10 @@
         "Exploit",
         "Third Party Advisory"
       ]
+    },
+    {
+      "url": "https://www.onvio.nl/nieuws/research-day-discovering-vulnerabilities-in-wordpress-plugins",
+      "source": "contact@wpscan.com"
     }
   ]
 }

CVE-2023/CVE-2023-421xx/CVE-2023-42138.json

@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-42138",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2023-10-11T09:15:10.417",
+  "lastModified": "2023-10-11T09:15:10.417",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Out-of-bounds read vulnerability exists in KV STUDIO Ver. 11.62 and earlier and KV REPLAY VIEWER Ver. 2.62 and earlier. If this vulnerability is exploited, information may be disclosed or arbitrary code may be executed by having a user of KV STUDIO PLAYER open a specially crafted file."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://jvn.jp/en/vu/JVNVU94752076/index.html",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.keyence.com/vulnerability231001",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}

CVE-2023/CVE-2023-449xx/CVE-2023-44997.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-44997",
+  "sourceIdentifier": "audit@patchstack.com",
+  "published": "2023-10-11T08:15:08.883",
+  "lastModified": "2023-10-11T08:15:08.883",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross-Site Request Forgery (CSRF) vulnerability in Nitin Rathod WP Forms Puzzle Captcha plugin <=\u00a04.1 versions."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "audit@patchstack.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.4,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.5
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "audit@patchstack.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-352"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://patchstack.com/database/vulnerability/wp-forms-puzzle-captcha/wordpress-wp-forms-puzzle-captcha-plugin-4-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
+      "source": "audit@patchstack.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-49xx/CVE-2023-4990.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-4990",
+  "sourceIdentifier": "product-security@gg.jp.panasonic.com",
+  "published": "2023-10-11T08:15:09.053",
+  "lastModified": "2023-10-11T08:15:09.053",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Directory traversal vulnerability in MCL-Net versions prior to 4.6 Update Package (P01) may allow attackers to read arbitrary files."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "product-security@gg.jp.panasonic.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 8.3,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "product-security@gg.jp.panasonic.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-22"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.mcl-mobilityplatform.com/downloads.php",
+      "source": "product-security@gg.jp.panasonic.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-53xx/CVE-2023-5391.json

@@ -2,12 +2,12 @@
   "id": "CVE-2023-5391",
   "sourceIdentifier": "cybersecurity@se.com",
   "published": "2023-10-04T19:15:10.777",
-  "lastModified": "2023-10-10T13:07:17.587",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-10-11T09:15:10.483",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
-      "value": "\nA?CWE-502:?Deserialization of untrusted data?vulnerability exists?that could allow an attacker to execute arbitrary code on the targeted system by sending a specifically crafted packet to the application.\u00a0\n\n\n"
+      "value": "\n\n\nA CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker to\nexecute arbitrary code on the targeted system by sending a specifically crafted packet to the\napplication.\n\n\n\n\n"
     },
     {
       "lang": "es",

CVE-2023/CVE-2023-53xx/CVE-2023-5399.json

@@ -2,12 +2,12 @@
   "id": "CVE-2023-5399",
   "sourceIdentifier": "cybersecurity@se.com",
   "published": "2023-10-04T19:15:10.847",
-  "lastModified": "2023-10-10T13:07:01.630",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-10-11T09:15:10.597",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
-      "value": "\n\n\nA?CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')?vulnerability exists?that could cause?a path traversal issue?when?using the File Command.\u00a0\n\n"
+      "value": "\n\n\n\n\nA CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path\nTraversal') vulnerability exists that could cause tampering of files on the personal computer\nrunning C-Bus when using the File Command.\n\n\n\n"
     },
     {
       "lang": "es",

CVE-2023/CVE-2023-54xx/CVE-2023-5402.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-5402",
   "sourceIdentifier": "cybersecurity@se.com",
   "published": "2023-10-04T18:15:12.240",
-  "lastModified": "2023-10-04T19:53:11.513",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2023-10-11T09:15:10.773",
+  "vulnStatus": "Undergoing Analysis",
   "descriptions": [
     {
       "lang": "en",
-      "value": "\nA?CWE-269: Improper Privilege Management vulnerability exists?that could cause?a local privilege escalation?when the transfer command is used."
+      "value": "\n\n\nA CWE-269: Improper Privilege Management vulnerability exists that could cause a remote\ncode execution when the transfer command is used over the network.\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "CWE-269: Existe una vulnerabilidad de gesti\u00f3n de privilegios inadecuada, que podr\u00eda provocar una escalada de privilegios local, cuando se utiliza el comando de transferencia."
     }
   ],
   "metrics": {

README.md

@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-10-11T08:00:26.208607+00:00
+2023-10-11T10:00:25.885887+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-10-11T07:15:11.173000+00:00
+2023-10-11T09:15:10.773000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,33 +29,28 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-227530
+227533
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `7`
+Recently added CVEs: `3`
 
-* [CVE-2022-42451](CVE-2022/CVE-2022-424xx/CVE-2022-42451.json) (`2023-10-11T06:15:09.387`)
-* [CVE-2022-44757](CVE-2022/CVE-2022-447xx/CVE-2022-44757.json) (`2023-10-11T07:15:09.237`)
-* [CVE-2022-44758](CVE-2022/CVE-2022-447xx/CVE-2022-44758.json) (`2023-10-11T07:15:09.477`)
-* [CVE-2023-26318](CVE-2023/CVE-2023-263xx/CVE-2023-26318.json) (`2023-10-11T07:15:09.890`)
-* [CVE-2023-26319](CVE-2023/CVE-2023-263xx/CVE-2023-26319.json) (`2023-10-11T07:15:10.103`)
-* [CVE-2023-26320](CVE-2023/CVE-2023-263xx/CVE-2023-26320.json) (`2023-10-11T07:15:10.257`)
-* [CVE-2023-37536](CVE-2023/CVE-2023-375xx/CVE-2023-37536.json) (`2023-10-11T07:15:10.580`)
+* [CVE-2023-44997](CVE-2023/CVE-2023-449xx/CVE-2023-44997.json) (`2023-10-11T08:15:08.883`)
+* [CVE-2023-4990](CVE-2023/CVE-2023-49xx/CVE-2023-4990.json) (`2023-10-11T08:15:09.053`)
+* [CVE-2023-42138](CVE-2023/CVE-2023-421xx/CVE-2023-42138.json) (`2023-10-11T09:15:10.417`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `7`
+Recently modified CVEs: `6`
 
-* [CVE-2023-39250](CVE-2023/CVE-2023-392xx/CVE-2023-39250.json) (`2023-10-11T06:15:09.597`)
-* [CVE-2023-24998](CVE-2023/CVE-2023-249xx/CVE-2023-24998.json) (`2023-10-11T07:15:09.583`)
-* [CVE-2023-28709](CVE-2023/CVE-2023-287xx/CVE-2023-28709.json) (`2023-10-11T07:15:10.407`)
-* [CVE-2023-41080](CVE-2023/CVE-2023-410xx/CVE-2023-41080.json) (`2023-10-11T07:15:10.703`)
-* [CVE-2023-42795](CVE-2023/CVE-2023-427xx/CVE-2023-42795.json) (`2023-10-11T07:15:10.877`)
-* [CVE-2023-44487](CVE-2023/CVE-2023-444xx/CVE-2023-44487.json) (`2023-10-11T07:15:11.030`)
-* [CVE-2023-45648](CVE-2023/CVE-2023-456xx/CVE-2023-45648.json) (`2023-10-11T07:15:11.173`)
+* [CVE-2023-2718](CVE-2023/CVE-2023-27xx/CVE-2023-2718.json) (`2023-10-11T09:15:09.813`)
+* [CVE-2023-3134](CVE-2023/CVE-2023-31xx/CVE-2023-3134.json) (`2023-10-11T09:15:10.097`)
+* [CVE-2023-3575](CVE-2023/CVE-2023-35xx/CVE-2023-3575.json) (`2023-10-11T09:15:10.320`)
+* [CVE-2023-5391](CVE-2023/CVE-2023-53xx/CVE-2023-5391.json) (`2023-10-11T09:15:10.483`)
+* [CVE-2023-5399](CVE-2023/CVE-2023-53xx/CVE-2023-5399.json) (`2023-10-11T09:15:10.597`)
+* [CVE-2023-5402](CVE-2023/CVE-2023-54xx/CVE-2023-5402.json) (`2023-10-11T09:15:10.773`)
 
 
 ## Download and Usage