Auto-Update: 2023-08-21T04:00:33.528442+00:00

2025-07-11 16:13:34 +00:00 · 2023-08-21 04:00:36 +00:00 · 2023-08-21 04:00:36 +00:00 · 050fbd4c33
commit 050fbd4c33
parent 179c1c266f
18 changed files with 574 additions and 40 deletions
--- a/CVE-2023/CVE-2023-205xx/CVE-2023-20593.json
+++ b/CVE-2023/CVE-2023-205xx/CVE-2023-20593.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-20593",
  "sourceIdentifier": "psirt@amd.com",
  "published": "2023-07-24T20:15:10.237",
-  "lastModified": "2023-08-17T19:15:10.013",
+  "lastModified": "2023-08-21T03:15:09.260",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -2119,6 +2119,10 @@
      "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html",
      "source": "psirt@amd.com"
    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP6WQO3CDPLE5O635N7TAL5KCZ6HZ4FE/",
+      "source": "psirt@amd.com"
+    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD2G74BXS2SWOE3FIQJ6X76S3A7PDGML/",
      "source": "psirt@amd.com"
--- a/CVE-2023/CVE-2023-396xx/CVE-2023-39617.json
+++ b/CVE-2023/CVE-2023-396xx/CVE-2023-39617.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-39617",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-08-21T02:15:09.303",
+  "lastModified": "2023-08-21T02:15:09.303",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "TOTOLINK X5000R_V9.1.0cu.2089_B20211224 and X5000R_V9.1.0cu.2350_B20230313 were discovered to contain a remote code execution (RCE) vulnerability via the lang parameter in the setLanguageCfg function."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://sedate-class-393.notion.site/TOTOlink-ee7eb0d4cd5d43e9983296200371eff1?pvs=4",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-396xx/CVE-2023-39618.json
+++ b/CVE-2023/CVE-2023-396xx/CVE-2023-39618.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-39618",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-08-21T02:15:09.630",
+  "lastModified": "2023-08-21T02:15:09.630",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "TOTOLINK X5000R B20210419 was discovered to contain a remote code execution (RCE) vulnerability via the setTracerouteCfg interface."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://sedate-class-393.notion.site/TOTOlink-3567fd9f93d84afab0d81cd8c063f9a1?pvs=4",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-397xx/CVE-2023-39745.json
+++ b/CVE-2023/CVE-2023-397xx/CVE-2023-39745.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-39745",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-08-21T03:15:11.487",
+  "lastModified": "2023-08-21T03:15:11.487",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "TP-Link TL-WR940N V2, TP-Link TL-WR941ND V5 and TP-Link TL-WR841N V8 were discovered to contain a buffer overflow via the component /userRpm/AccessCtrlAccessRulesRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/16/TP-Link%20WR940N%20WR941ND%20WR841N%20wireless%20router%20userRpmAccessCtrlAccessRulesRpm%20buffer%20read%20out-of-bounds%20vulnerability.md",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-397xx/CVE-2023-39747.json
+++ b/CVE-2023/CVE-2023-397xx/CVE-2023-39747.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-39747",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-08-21T03:15:11.560",
+  "lastModified": "2023-08-21T03:15:11.560",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "TP-Link WR841N V8, TP-Link TL-WR940N V2, and TL-WR941ND V5 were discovered to contain a buffer overflow via the radiusSecret parameter at /userRpm/WlanSecurityRpm."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/17/TP-Link%20WR841N%20wireless%20router%20WlanSecurityRpm%20Stack%20Overflow%20vulnerability.md",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-397xx/CVE-2023-39748.json
+++ b/CVE-2023/CVE-2023-397xx/CVE-2023-39748.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-39748",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-08-21T03:15:11.623",
+  "lastModified": "2023-08-21T03:15:11.623",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in the component /userRpm/NetworkCfgRpm of TP-Link TL-WR1041N V2 allows attackers to cause a Denial of Service (DoS) via a crafted GET request."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/19/TL_WR1041N_NetworkCfgRpm_denial_of_service_vulnerability.md",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-397xx/CVE-2023-39749.json
+++ b/CVE-2023/CVE-2023-397xx/CVE-2023-39749.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-39749",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-08-21T03:15:11.683",
+  "lastModified": "2023-08-21T03:15:11.683",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the component /adv_resource. This vulnerability is exploited via a crafted GET request."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/a101e-IoTvul/iotvul/blob/main/d-link/2/D-Link%20DAP-2660%20adv_resource.md",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.dlink.com/en/security-bulletin/",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-397xx/CVE-2023-39750.json
+++ b/CVE-2023/CVE-2023-397xx/CVE-2023-39750.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-39750",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-08-21T03:15:11.747",
+  "lastModified": "2023-08-21T03:15:11.747",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the f_ipv6_enable parameter at /bsc_ipv6. This vulnerability is exploited via a crafted POST request."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/a101e-IoTvul/iotvul/blob/main/d-link/1/D-Link%20DAP-2660%20bsc_ipv6.md",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.dlink.com/en/security-bulletin/",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-397xx/CVE-2023-39751.json
+++ b/CVE-2023/CVE-2023-397xx/CVE-2023-39751.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-39751",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-08-21T03:15:11.803",
+  "lastModified": "2023-08-21T03:15:11.803",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "TP-Link TL-WR941ND V6 were discovered to contain a buffer overflow via the pSize parameter at /userRpm/PingIframeRpm."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/20/WR941ND_userRpm_PingIframeRpm_buffer_write_out-of-bounds_vulnerability.md",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-402xx/CVE-2023-40251.json
+++ b/CVE-2023/CVE-2023-402xx/CVE-2023-40251.json
@ -2,12 +2,12 @@
  "id": "CVE-2023-40251",
  "sourceIdentifier": "vuln@krcert.or.kr",
  "published": "2023-08-17T07:15:43.737",
-  "lastModified": "2023-08-17T12:53:44.537",
+  "lastModified": "2023-08-21T02:15:09.693",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
-      "value": "Missing Encryption of Sensitive DataCAPEC- vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Man in the Middle Attack.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.\n\n"
+      "value": "Missing Encryption of Sensitive Data vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Man in the Middle Attack.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.\n\n"
    }
  ],
  "metrics": {
--- a/CVE-2023/CVE-2023-402xx/CVE-2023-40252.json
+++ b/CVE-2023/CVE-2023-402xx/CVE-2023-40252.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-40252",
  "sourceIdentifier": "vuln@krcert.or.kr",
  "published": "2023-08-17T07:15:43.847",
-  "lastModified": "2023-08-21T01:15:09.617",
+  "lastModified": "2023-08-21T02:15:09.917",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
@ -17,20 +17,20 @@
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "HIGH",
          "userInteraction": "NONE",
          "scope": "CHANGED",
-          "confidentialityImpact": "HIGH",
+          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
-          "availabilityImpact": "HIGH",
-          "baseScore": 8.2,
-          "baseSeverity": "HIGH"
+          "availabilityImpact": "NONE",
+          "baseScore": 6.0,
+          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 1.5,
-        "impactScore": 6.0
+        "impactScore": 4.0
      }
    ]
  },
--- a/CVE-2023/CVE-2023-402xx/CVE-2023-40253.json
+++ b/CVE-2023/CVE-2023-402xx/CVE-2023-40253.json
@ -2,12 +2,12 @@
  "id": "CVE-2023-40253",
  "sourceIdentifier": "vuln@krcert.or.kr",
  "published": "2023-08-11T06:15:10.673",
-  "lastModified": "2023-08-21T01:15:09.810",
+  "lastModified": "2023-08-21T02:15:10.010",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
-      "value": "Improper Control of Generation of Code ('Code Injection') vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Replace Trusted Executable.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.\n\n"
+      "value": "Improper Authentication vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Authentication Abuse.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.\n\n"
    }
  ],
  "metrics": {
@ -17,20 +17,20 @@
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "HIGH",
          "userInteraction": "NONE",
          "scope": "CHANGED",
-          "confidentialityImpact": "HIGH",
+          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
-          "availabilityImpact": "HIGH",
-          "baseScore": 8.2,
-          "baseSeverity": "HIGH"
+          "availabilityImpact": "NONE",
+          "baseScore": 6.0,
+          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 1.5,
-        "impactScore": 6.0
+        "impactScore": 4.0
      }
    ]
  },
@ -41,7 +41,7 @@
      "description": [
        {
          "lang": "en",
-          "value": "CWE-94"
+          "value": "CWE-287"
        }
      ]
    }
--- a/CVE-2023/CVE-2023-40xx/CVE-2023-4016.json
+++ b/CVE-2023/CVE-2023-40xx/CVE-2023-4016.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-4016",
  "sourceIdentifier": "trellixpsirt@trellix.com",
  "published": "2023-08-02T05:15:09.850",
-  "lastModified": "2023-08-07T19:21:21.123",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-08-21T03:15:11.863",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -102,6 +102,10 @@
      "tags": [
        "Product"
      ]
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUETRRT24OFGPYK6ACPM5VUGHNKH5CQ5/",
+      "source": "trellixpsirt@trellix.com"
    }
  ]
 }
--- a/CVE-2023/CVE-2023-44xx/CVE-2023-4447.json
+++ b/CVE-2023/CVE-2023-44xx/CVE-2023-4447.json
@ -0,0 +1,88 @@
+{
+  "id": "CVE-2023-4447",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2023-08-21T02:15:10.120",
+  "lastModified": "2023-08-21T02:15:10.120",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability has been found in OpenRapid RapidCMS 1.3.1 and classified as critical. This vulnerability affects unknown code of the file admin/article-chat.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237568."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL",
+          "baseScore": 6.5
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/OpenRapid/rapidcms/issues/4",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.237568",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.237568",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-44xx/CVE-2023-4448.json
+++ b/CVE-2023/CVE-2023-44xx/CVE-2023-4448.json
@ -0,0 +1,92 @@
+{
+  "id": "CVE-2023-4448",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2023-08-21T02:15:10.227",
+  "lastModified": "2023-08-21T02:15:10.227",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in OpenRapid RapidCMS 1.3.1 and classified as critical. This issue affects some unknown processing of the file admin/run-movepass.php. The manipulation of the argument password/password2 leads to weak password recovery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 4dff387283060961c362d50105ff8da8ea40bcbe. It is recommended to apply a patch to fix this issue. The identifier VDB-237569 was assigned to this vulnerability."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL",
+          "baseScore": 6.5
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-640"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/OpenRapid/rapidcms/commit/4dff387283060961c362d50105ff8da8ea40bcbe#diff-fc57d4c69cf5912c6edb5233c6df069a91106ebd481c115faf1ea124478b26d0",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://github.com/OpenRapid/rapidcms/issues/5",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.237569",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.237569",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-44xx/CVE-2023-4449.json
+++ b/CVE-2023/CVE-2023-44xx/CVE-2023-4449.json
@ -0,0 +1,88 @@
+{
+  "id": "CVE-2023-4449",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2023-08-21T02:15:10.370",
+  "lastModified": "2023-08-21T02:15:10.370",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in SourceCodester Free and Open Source Inventory Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /index.php?page=member. The manipulation of the argument columns[0][data] leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-237570 is the identifier assigned to this vulnerability."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL",
+          "baseScore": 6.5
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/Jacky-Y/vuls/blob/main/README.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.237570",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.237570",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-44xx/CVE-2023-4450.json
+++ b/CVE-2023/CVE-2023-44xx/CVE-2023-4450.json
@ -0,0 +1,88 @@
+{
+  "id": "CVE-2023-4450",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2023-08-21T03:15:13.760",
+  "lastModified": "2023-08-21T03:15:13.760",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in jeecgboot JimuReport up to 1.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Template Handler. The manipulation leads to injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.6.1 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-237571."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL",
+          "baseScore": 6.5
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-74"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/keecth/bug/blob/main/jimureport%20ssti(RCE).md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.237571",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.237571",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-08-21T02:00:32.282531+00:00
+2023-08-21T04:00:33.528442+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-08-21T01:15:10.320000+00:00
+2023-08-21T03:15:13.760000+00:00
 ```

 ### Last Data Feed Release
@ -29,34 +29,36 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-223034
+223046
 ```

 ### CVEs added in the last Commit

 Recently added CVEs: `12`

-* [CVE-2023-4441](CVE-2023/CVE-2023-44xx/CVE-2023-4441.json) (`2023-08-21T00:15:09.457`)
-* [CVE-2023-4442](CVE-2023/CVE-2023-44xx/CVE-2023-4442.json) (`2023-08-21T00:15:09.860`)
-* [CVE-2023-39784](CVE-2023/CVE-2023-397xx/CVE-2023-39784.json) (`2023-08-21T01:15:08.927`)
-* [CVE-2023-39785](CVE-2023/CVE-2023-397xx/CVE-2023-39785.json) (`2023-08-21T01:15:09.273`)
-* [CVE-2023-39786](CVE-2023/CVE-2023-397xx/CVE-2023-39786.json) (`2023-08-21T01:15:09.357`)
-* [CVE-2023-39807](CVE-2023/CVE-2023-398xx/CVE-2023-39807.json) (`2023-08-21T01:15:09.417`)
-* [CVE-2023-39808](CVE-2023/CVE-2023-398xx/CVE-2023-39808.json) (`2023-08-21T01:15:09.477`)
-* [CVE-2023-39809](CVE-2023/CVE-2023-398xx/CVE-2023-39809.json) (`2023-08-21T01:15:09.550`)
-* [CVE-2023-4443](CVE-2023/CVE-2023-44xx/CVE-2023-4443.json) (`2023-08-21T01:15:10.013`)
-* [CVE-2023-4444](CVE-2023/CVE-2023-44xx/CVE-2023-4444.json) (`2023-08-21T01:15:10.117`)
-* [CVE-2023-4445](CVE-2023/CVE-2023-44xx/CVE-2023-4445.json) (`2023-08-21T01:15:10.210`)
-* [CVE-2023-4446](CVE-2023/CVE-2023-44xx/CVE-2023-4446.json) (`2023-08-21T01:15:10.320`)
+* [CVE-2023-39617](CVE-2023/CVE-2023-396xx/CVE-2023-39617.json) (`2023-08-21T02:15:09.303`)
+* [CVE-2023-39618](CVE-2023/CVE-2023-396xx/CVE-2023-39618.json) (`2023-08-21T02:15:09.630`)
+* [CVE-2023-4447](CVE-2023/CVE-2023-44xx/CVE-2023-4447.json) (`2023-08-21T02:15:10.120`)
+* [CVE-2023-4448](CVE-2023/CVE-2023-44xx/CVE-2023-4448.json) (`2023-08-21T02:15:10.227`)
+* [CVE-2023-4449](CVE-2023/CVE-2023-44xx/CVE-2023-4449.json) (`2023-08-21T02:15:10.370`)
+* [CVE-2023-39745](CVE-2023/CVE-2023-397xx/CVE-2023-39745.json) (`2023-08-21T03:15:11.487`)
+* [CVE-2023-39747](CVE-2023/CVE-2023-397xx/CVE-2023-39747.json) (`2023-08-21T03:15:11.560`)
+* [CVE-2023-39748](CVE-2023/CVE-2023-397xx/CVE-2023-39748.json) (`2023-08-21T03:15:11.623`)
+* [CVE-2023-39749](CVE-2023/CVE-2023-397xx/CVE-2023-39749.json) (`2023-08-21T03:15:11.683`)
+* [CVE-2023-39750](CVE-2023/CVE-2023-397xx/CVE-2023-39750.json) (`2023-08-21T03:15:11.747`)
+* [CVE-2023-39751](CVE-2023/CVE-2023-397xx/CVE-2023-39751.json) (`2023-08-21T03:15:11.803`)
+* [CVE-2023-4450](CVE-2023/CVE-2023-44xx/CVE-2023-4450.json) (`2023-08-21T03:15:13.760`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `3`
+Recently modified CVEs: `5`

-* [CVE-2023-40252](CVE-2023/CVE-2023-402xx/CVE-2023-40252.json) (`2023-08-21T01:15:09.617`)
-* [CVE-2023-40253](CVE-2023/CVE-2023-402xx/CVE-2023-40253.json) (`2023-08-21T01:15:09.810`)
-* [CVE-2023-40254](CVE-2023/CVE-2023-402xx/CVE-2023-40254.json) (`2023-08-21T01:15:09.913`)
+* [CVE-2023-40251](CVE-2023/CVE-2023-402xx/CVE-2023-40251.json) (`2023-08-21T02:15:09.693`)
+* [CVE-2023-40252](CVE-2023/CVE-2023-402xx/CVE-2023-40252.json) (`2023-08-21T02:15:09.917`)
+* [CVE-2023-40253](CVE-2023/CVE-2023-402xx/CVE-2023-40253.json) (`2023-08-21T02:15:10.010`)
+* [CVE-2023-20593](CVE-2023/CVE-2023-205xx/CVE-2023-20593.json) (`2023-08-21T03:15:09.260`)
+* [CVE-2023-4016](CVE-2023/CVE-2023-40xx/CVE-2023-4016.json) (`2023-08-21T03:15:11.863`)


 ## Download and Usage