Auto-Update: 2023-08-07T06:00:34.543685+00:00

2025-07-09 16:05:11 +00:00 · 2023-08-07 06:00:38 +00:00 · 2023-08-07 06:00:38 +00:00 · 09c77273c0
commit 09c77273c0
parent c6b5eec875
38 changed files with 797 additions and 16 deletions
--- a/CVE-2022/CVE-2022-485xx/CVE-2022-48579.json
+++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48579.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2022-48579",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-08-07T04:15:12.073",
+  "lastModified": "2023-08-07T04:15:12.073",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/pmachapman/unrar/commit/2ecab6bb5ac4f3b88f270218445496662020205f#diff-ca3086f578522062d7e390ed2cd7e10f646378a8b8cbf287a6e4db5966df68ee",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-207xx/CVE-2023-20780.json
+++ b/CVE-2023/CVE-2023-207xx/CVE-2023-20780.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20780",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:12.577",
+  "lastModified": "2023-08-07T04:15:12.577",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017756."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-207xx/CVE-2023-20781.json
+++ b/CVE-2023/CVE-2023-207xx/CVE-2023-20781.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20781",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:12.647",
+  "lastModified": "2023-08-07T04:15:12.647",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In keyinstall, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS07905323."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-207xx/CVE-2023-20782.json
+++ b/CVE-2023/CVE-2023-207xx/CVE-2023-20782.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20782",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:12.720",
+  "lastModified": "2023-08-07T04:15:12.720",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07550104; Issue ID: ALPS07550103."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-207xx/CVE-2023-20783.json
+++ b/CVE-2023/CVE-2023-207xx/CVE-2023-20783.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20783",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:12.793",
+  "lastModified": "2023-08-07T04:15:12.793",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826905; Issue ID: ALPS07826905."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-207xx/CVE-2023-20784.json
+++ b/CVE-2023/CVE-2023-207xx/CVE-2023-20784.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20784",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:12.860",
+  "lastModified": "2023-08-07T04:15:12.860",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826989; Issue ID: ALPS07826989."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-207xx/CVE-2023-20785.json
+++ b/CVE-2023/CVE-2023-207xx/CVE-2023-20785.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20785",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:12.927",
+  "lastModified": "2023-08-07T04:15:12.927",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628524; Issue ID: ALPS07628524."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-207xx/CVE-2023-20786.json
+++ b/CVE-2023/CVE-2023-207xx/CVE-2023-20786.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20786",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:12.990",
+  "lastModified": "2023-08-07T04:15:12.990",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767811; Issue ID: ALPS07767811."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-207xx/CVE-2023-20787.json
+++ b/CVE-2023/CVE-2023-207xx/CVE-2023-20787.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20787",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:13.057",
+  "lastModified": "2023-08-07T04:15:13.057",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In thermal, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648734; Issue ID: ALPS07648734."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-207xx/CVE-2023-20788.json
+++ b/CVE-2023/CVE-2023-207xx/CVE-2023-20788.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20788",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:13.123",
+  "lastModified": "2023-08-07T04:15:13.123",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In thermal, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648734; Issue ID: ALPS07648735."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-207xx/CVE-2023-20789.json
+++ b/CVE-2023/CVE-2023-207xx/CVE-2023-20789.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20789",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:13.193",
+  "lastModified": "2023-08-07T04:15:13.193",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In jpeg, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07693193; Issue ID: ALPS07693193."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-207xx/CVE-2023-20790.json
+++ b/CVE-2023/CVE-2023-207xx/CVE-2023-20790.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20790",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:13.263",
+  "lastModified": "2023-08-07T04:15:13.263",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07740194; Issue ID: ALPS07740194."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-207xx/CVE-2023-20793.json
+++ b/CVE-2023/CVE-2023-207xx/CVE-2023-20793.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20793",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:13.323",
+  "lastModified": "2023-08-07T04:15:13.323",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In apu, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767818; Issue ID: ALPS07767818."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-207xx/CVE-2023-20795.json
+++ b/CVE-2023/CVE-2023-207xx/CVE-2023-20795.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20795",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:13.393",
+  "lastModified": "2023-08-07T04:15:13.393",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07864900; Issue ID: ALPS07864900."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-207xx/CVE-2023-20796.json
+++ b/CVE-2023/CVE-2023-207xx/CVE-2023-20796.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20796",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:13.457",
+  "lastModified": "2023-08-07T04:15:13.457",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In power, there is a possible memory corruption due to an incorrect bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929790; Issue ID: ALPS07929790."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-207xx/CVE-2023-20797.json
+++ b/CVE-2023/CVE-2023-207xx/CVE-2023-20797.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20797",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:13.537",
+  "lastModified": "2023-08-07T04:15:13.537",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In camera middleware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629582; Issue ID: ALPS07629582."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-207xx/CVE-2023-20798.json
+++ b/CVE-2023/CVE-2023-207xx/CVE-2023-20798.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20798",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:13.603",
+  "lastModified": "2023-08-07T04:15:13.603",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In pda, there is a possible out of bounds read due to an incorrect calculation of buffer size. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07147572; Issue ID: ALPS07421076."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-208xx/CVE-2023-20800.json
+++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20800.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20800",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:13.667",
+  "lastModified": "2023-08-07T04:15:13.667",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In imgsys, there is a possible system crash due to a mssing ptr check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420955."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-208xx/CVE-2023-20801.json
+++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20801.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20801",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:13.730",
+  "lastModified": "2023-08-07T04:15:13.730",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In imgsys,\u00a0there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420968."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-208xx/CVE-2023-20802.json
+++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20802.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20802",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:13.797",
+  "lastModified": "2023-08-07T04:15:13.797",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420976."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-208xx/CVE-2023-20803.json
+++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20803.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20803",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:13.867",
+  "lastModified": "2023-08-07T04:15:13.867",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326374."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-208xx/CVE-2023-20804.json
+++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20804.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20804",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:13.930",
+  "lastModified": "2023-08-07T04:15:13.930",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07199773; Issue ID: ALPS07326384."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-208xx/CVE-2023-20805.json
+++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20805.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20805",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:13.993",
+  "lastModified": "2023-08-07T04:15:13.993",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07199773; Issue ID: ALPS07326411."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-208xx/CVE-2023-20806.json
+++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20806.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20806",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:14.060",
+  "lastModified": "2023-08-07T04:15:14.060",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In hcp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07537437."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-208xx/CVE-2023-20807.json
+++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20807.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20807",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:14.120",
+  "lastModified": "2023-08-07T04:15:14.120",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In dpe, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07608433; Issue ID: ALPS07608433."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-208xx/CVE-2023-20808.json
+++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20808.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20808",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:14.180",
+  "lastModified": "2023-08-07T04:15:14.180",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In OPTEE, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03645895; Issue ID: DTV03645895."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-208xx/CVE-2023-20809.json
+++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20809.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20809",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:14.240",
+  "lastModified": "2023-08-07T04:15:14.240",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03751198; Issue ID: DTV03751198."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-208xx/CVE-2023-20810.json
+++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20810.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20810",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:14.307",
+  "lastModified": "2023-08-07T04:15:14.307",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In IOMMU, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03692061; Issue ID: DTV03692061."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-208xx/CVE-2023-20811.json
+++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20811.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20811",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:14.367",
+  "lastModified": "2023-08-07T04:15:14.367",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In IOMMU, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03692061; Issue ID: DTV03692061."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-208xx/CVE-2023-20812.json
+++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20812.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20812",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:14.437",
+  "lastModified": "2023-08-07T04:15:14.437",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944987; Issue ID: ALPS07944987."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-208xx/CVE-2023-20813.json
+++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20813.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20813",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:14.500",
+  "lastModified": "2023-08-07T04:15:14.500",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453549; Issue ID: ALPS07453549."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-208xx/CVE-2023-20814.json
+++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20814.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20814",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:14.563",
+  "lastModified": "2023-08-07T04:15:14.563",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453560; Issue ID: ALPS07453560."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-208xx/CVE-2023-20815.json
+++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20815.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20815",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:14.627",
+  "lastModified": "2023-08-07T04:15:14.627",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453587; Issue ID: ALPS07453587."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-208xx/CVE-2023-20816.json
+++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20816.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20816",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:14.693",
+  "lastModified": "2023-08-07T04:15:14.693",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453589; Issue ID: ALPS07453589."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-208xx/CVE-2023-20817.json
+++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20817.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20817",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:14.757",
+  "lastModified": "2023-08-07T04:15:14.757",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453600; Issue ID: ALPS07453600."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-208xx/CVE-2023-20818.json
+++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20818.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-20818",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2023-08-07T04:15:14.827",
+  "lastModified": "2023-08-07T04:15:14.827",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07460540; Issue ID: ALPS07460540."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/August-2023",
+      "source": "security@mediatek.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-399xx/CVE-2023-39903.json
+++ b/CVE-2023/CVE-2023-399xx/CVE-2023-39903.json
@ -0,0 +1,47 @@
+{
+  "id": "CVE-2023-39903",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-08-07T05:15:09.957",
+  "lastModified": "2023-08-07T05:15:09.957",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in Fujitsu Software Infrastructure Manager (ISM) before 2.8.0.061. The ismsnap component (in this specific case at /var/log/fujitsu/ServerViewSuite/ism/FirmwareManagement/FirmwareManagement.log) allows insecure collection and storage of authorization credentials in cleartext. That occurs when users perform any ISM Firmware Repository Address setup test (Test the Connection), or regularly authorize against an already configured remote firmware repository site, as set up in ISM Firmware Repository Address. A privileged attacker is therefore able to potentially gather the associated ismsnap maintenance data, in the same manner as a trusted party allowed to export ismsnap data from ISM. The preconditions for an ISM installation to be generally vulnerable are that the Download Firmware (Firmware Repository Server) function is enabled and configured, and that the character \\ (backslash) is used in a user credential (i.e., user/ID or password) of the remote proxy host / firmware repository server. NOTE: this may overlap CVE-2023-39379."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.9,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.5,
+        "impactScore": 4.0
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://security.ts.fujitsu.com/IndexDownload.asp?SoftwareGuid=a0131919-6d84-43b4-800e-d7f78200a70f",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://security.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-ISS-IS-2023-071410-Security-Notice.pdf",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-08-07T04:00:26.081665+00:00
+2023-08-07T06:00:34.543685+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-08-07T03:15:21.800000+00:00
+2023-08-07T05:15:09.957000+00:00
 ```

 ### Last Data Feed Release
@ -29,30 +29,44 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-221752
+221789
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `10`
+Recently added CVEs: `37`

-* [CVE-2022-47350](CVE-2022/CVE-2022-473xx/CVE-2022-47350.json) (`2023-08-07T02:15:09.770`)
-* [CVE-2022-47351](CVE-2022/CVE-2022-473xx/CVE-2022-47351.json) (`2023-08-07T02:15:10.233`)
-* [CVE-2023-33906](CVE-2023/CVE-2023-339xx/CVE-2023-33906.json) (`2023-08-07T02:15:10.317`)
-* [CVE-2023-33907](CVE-2023/CVE-2023-339xx/CVE-2023-33907.json) (`2023-08-07T02:15:10.397`)
-* [CVE-2023-33908](CVE-2023/CVE-2023-339xx/CVE-2023-33908.json) (`2023-08-07T02:15:10.480`)
-* [CVE-2023-33909](CVE-2023/CVE-2023-339xx/CVE-2023-33909.json) (`2023-08-07T02:15:10.563`)
-* [CVE-2023-33910](CVE-2023/CVE-2023-339xx/CVE-2023-33910.json) (`2023-08-07T02:15:10.667`)
-* [CVE-2023-33911](CVE-2023/CVE-2023-339xx/CVE-2023-33911.json) (`2023-08-07T02:15:10.737`)
-* [CVE-2023-33912](CVE-2023/CVE-2023-339xx/CVE-2023-33912.json) (`2023-08-07T02:15:10.810`)
-* [CVE-2023-33913](CVE-2023/CVE-2023-339xx/CVE-2023-33913.json) (`2023-08-07T02:15:10.897`)
+* [CVE-2023-20793](CVE-2023/CVE-2023-207xx/CVE-2023-20793.json) (`2023-08-07T04:15:13.323`)
+* [CVE-2023-20795](CVE-2023/CVE-2023-207xx/CVE-2023-20795.json) (`2023-08-07T04:15:13.393`)
+* [CVE-2023-20796](CVE-2023/CVE-2023-207xx/CVE-2023-20796.json) (`2023-08-07T04:15:13.457`)
+* [CVE-2023-20797](CVE-2023/CVE-2023-207xx/CVE-2023-20797.json) (`2023-08-07T04:15:13.537`)
+* [CVE-2023-20798](CVE-2023/CVE-2023-207xx/CVE-2023-20798.json) (`2023-08-07T04:15:13.603`)
+* [CVE-2023-20800](CVE-2023/CVE-2023-208xx/CVE-2023-20800.json) (`2023-08-07T04:15:13.667`)
+* [CVE-2023-20801](CVE-2023/CVE-2023-208xx/CVE-2023-20801.json) (`2023-08-07T04:15:13.730`)
+* [CVE-2023-20802](CVE-2023/CVE-2023-208xx/CVE-2023-20802.json) (`2023-08-07T04:15:13.797`)
+* [CVE-2023-20803](CVE-2023/CVE-2023-208xx/CVE-2023-20803.json) (`2023-08-07T04:15:13.867`)
+* [CVE-2023-20804](CVE-2023/CVE-2023-208xx/CVE-2023-20804.json) (`2023-08-07T04:15:13.930`)
+* [CVE-2023-20805](CVE-2023/CVE-2023-208xx/CVE-2023-20805.json) (`2023-08-07T04:15:13.993`)
+* [CVE-2023-20806](CVE-2023/CVE-2023-208xx/CVE-2023-20806.json) (`2023-08-07T04:15:14.060`)
+* [CVE-2023-20807](CVE-2023/CVE-2023-208xx/CVE-2023-20807.json) (`2023-08-07T04:15:14.120`)
+* [CVE-2023-20808](CVE-2023/CVE-2023-208xx/CVE-2023-20808.json) (`2023-08-07T04:15:14.180`)
+* [CVE-2023-20809](CVE-2023/CVE-2023-208xx/CVE-2023-20809.json) (`2023-08-07T04:15:14.240`)
+* [CVE-2023-20810](CVE-2023/CVE-2023-208xx/CVE-2023-20810.json) (`2023-08-07T04:15:14.307`)
+* [CVE-2023-20811](CVE-2023/CVE-2023-208xx/CVE-2023-20811.json) (`2023-08-07T04:15:14.367`)
+* [CVE-2023-20812](CVE-2023/CVE-2023-208xx/CVE-2023-20812.json) (`2023-08-07T04:15:14.437`)
+* [CVE-2023-20813](CVE-2023/CVE-2023-208xx/CVE-2023-20813.json) (`2023-08-07T04:15:14.500`)
+* [CVE-2023-20814](CVE-2023/CVE-2023-208xx/CVE-2023-20814.json) (`2023-08-07T04:15:14.563`)
+* [CVE-2023-20815](CVE-2023/CVE-2023-208xx/CVE-2023-20815.json) (`2023-08-07T04:15:14.627`)
+* [CVE-2023-20816](CVE-2023/CVE-2023-208xx/CVE-2023-20816.json) (`2023-08-07T04:15:14.693`)
+* [CVE-2023-20817](CVE-2023/CVE-2023-208xx/CVE-2023-20817.json) (`2023-08-07T04:15:14.757`)
+* [CVE-2023-20818](CVE-2023/CVE-2023-208xx/CVE-2023-20818.json) (`2023-08-07T04:15:14.827`)
+* [CVE-2023-39903](CVE-2023/CVE-2023-399xx/CVE-2023-39903.json) (`2023-08-07T05:15:09.957`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `1`
+Recently modified CVEs: `0`

-* [CVE-2023-30589](CVE-2023/CVE-2023-305xx/CVE-2023-30589.json) (`2023-08-07T03:15:21.800`)


 ## Download and Usage