From 085d814b0b94c267f099a7380ca0ce20fdfd652d Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 11 Sep 2023 12:00:29 +0000 Subject: [PATCH] Auto-Update: 2023-09-11T12:00:26.438117+00:00 --- CVE-2023/CVE-2023-36xx/CVE-2023-3612.json | 55 +++++++++++++++++++++++ README.md | 32 +++---------- 2 files changed, 61 insertions(+), 26 deletions(-) create mode 100644 CVE-2023/CVE-2023-36xx/CVE-2023-3612.json diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3612.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3612.json new file mode 100644 index 00000000000..53803c5568c --- /dev/null +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3612.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-3612", + "sourceIdentifier": "incident@nbu.gov.sk", + "published": "2023-09-11T10:15:07.603", + "lastModified": "2023-09-11T10:15:07.603", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Govee Home app has unprotected access to WebView component which can be opened by any app on\u00a0the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or\u00a0steal sensitive user data by displaying phishing content. " + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "incident@nbu.gov.sk", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 8.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "incident@nbu.gov.sk", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-749" + } + ] + } + ], + "references": [ + { + "url": "https://www.sk-cert.sk/sk/threat/sk-cert-bezpecnostne-varovanie-v20230811-10", + "source": "incident@nbu.gov.sk" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 140c25b5e46..1174682c08c 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-09-11T10:00:25.001618+00:00 +2023-09-11T12:00:26.438117+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-09-11T09:15:09.797000+00:00 +2023-09-11T10:15:07.603000+00:00 ``` ### Last Data Feed Release @@ -29,40 +29,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -224588 +224589 ``` ### CVEs added in the last Commit -Recently added CVEs: `18` +Recently added CVEs: `1` -* [CVE-2023-35845](CVE-2023/CVE-2023-358xx/CVE-2023-35845.json) (`2023-09-11T08:15:07.493`) -* [CVE-2023-42470](CVE-2023/CVE-2023-424xx/CVE-2023-42470.json) (`2023-09-11T08:15:07.647`) -* [CVE-2023-42471](CVE-2023/CVE-2023-424xx/CVE-2023-42471.json) (`2023-09-11T08:15:07.703`) -* [CVE-2023-4573](CVE-2023/CVE-2023-45xx/CVE-2023-4573.json) (`2023-09-11T08:15:07.847`) -* [CVE-2023-4816](CVE-2023/CVE-2023-48xx/CVE-2023-4816.json) (`2023-09-11T08:15:07.917`) -* [CVE-2023-4104](CVE-2023/CVE-2023-41xx/CVE-2023-4104.json) (`2023-09-11T09:15:08.997`) -* [CVE-2023-4574](CVE-2023/CVE-2023-45xx/CVE-2023-4574.json) (`2023-09-11T09:15:09.087`) -* [CVE-2023-4575](CVE-2023/CVE-2023-45xx/CVE-2023-4575.json) (`2023-09-11T09:15:09.143`) -* [CVE-2023-4576](CVE-2023/CVE-2023-45xx/CVE-2023-4576.json) (`2023-09-11T09:15:09.217`) -* [CVE-2023-4577](CVE-2023/CVE-2023-45xx/CVE-2023-4577.json) (`2023-09-11T09:15:09.287`) -* [CVE-2023-4578](CVE-2023/CVE-2023-45xx/CVE-2023-4578.json) (`2023-09-11T09:15:09.347`) -* [CVE-2023-4579](CVE-2023/CVE-2023-45xx/CVE-2023-4579.json) (`2023-09-11T09:15:09.407`) -* [CVE-2023-4580](CVE-2023/CVE-2023-45xx/CVE-2023-4580.json) (`2023-09-11T09:15:09.477`) -* [CVE-2023-4581](CVE-2023/CVE-2023-45xx/CVE-2023-4581.json) (`2023-09-11T09:15:09.550`) -* [CVE-2023-4582](CVE-2023/CVE-2023-45xx/CVE-2023-4582.json) (`2023-09-11T09:15:09.617`) -* [CVE-2023-4583](CVE-2023/CVE-2023-45xx/CVE-2023-4583.json) (`2023-09-11T09:15:09.680`) -* [CVE-2023-4584](CVE-2023/CVE-2023-45xx/CVE-2023-4584.json) (`2023-09-11T09:15:09.740`) -* [CVE-2023-4585](CVE-2023/CVE-2023-45xx/CVE-2023-4585.json) (`2023-09-11T09:15:09.797`) +* [CVE-2023-3612](CVE-2023/CVE-2023-36xx/CVE-2023-3612.json) (`2023-09-11T10:15:07.603`) ### CVEs modified in the last Commit -Recently modified CVEs: `3` +Recently modified CVEs: `0` -* [CVE-2023-39676](CVE-2023/CVE-2023-396xx/CVE-2023-39676.json) (`2023-09-11T09:15:08.227`) -* [CVE-2023-4051](CVE-2023/CVE-2023-40xx/CVE-2023-4051.json) (`2023-09-11T09:15:08.707`) -* [CVE-2023-4053](CVE-2023/CVE-2023-40xx/CVE-2023-4053.json) (`2023-09-11T09:15:08.907`) ## Download and Usage