diff --git a/CVE-2023/CVE-2023-273xx/CVE-2023-27385.json b/CVE-2023/CVE-2023-273xx/CVE-2023-27385.json index 3f4e822cb2d..340356b9e34 100644 --- a/CVE-2023/CVE-2023-273xx/CVE-2023-27385.json +++ b/CVE-2023/CVE-2023-273xx/CVE-2023-27385.json @@ -2,12 +2,12 @@ "id": "CVE-2023-27385", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-05-10T06:15:13.680", - "lastModified": "2023-05-17T12:49:42.820", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-02T11:15:09.830", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Heap-based buffer overflow vulnerability exists in CX-Drive All models V3.01 and earlier. By having a user open a specially crafted SDD file, arbitrary code may be executed and/or information may be disclosed." + "value": "Heap-based buffer overflow vulnerability exists in CX-Drive All models all versions. By having a user open a specially crafted SDD file, arbitrary code may be executed and/or information may be disclosed.\r\n" } ], "metrics": { diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3426.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3426.json new file mode 100644 index 00000000000..c6689e7ab38 --- /dev/null +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3426.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-3426", + "sourceIdentifier": "security@liferay.com", + "published": "2023-08-02T10:15:09.887", + "lastModified": "2023-08-02T10:15:09.887", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The organization selector in Liferay Portal 7.4.3.81 through 7.4.3.85, and Liferay DXP 7.4 update 81 through 85 does not check user permission, which allows remote authenticated users to obtain a list of all organizations." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@liferay.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@liferay.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-3426", + "source": "security@liferay.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 809f133a039..551deefc042 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-08-02T10:00:30.229403+00:00 +2023-08-02T12:00:30.000306+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-08-02T09:15:14.370000+00:00 +2023-08-02T11:15:09.830000+00:00 ``` ### Last Data Feed Release @@ -29,48 +29,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -221444 +221445 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `1` -* [CVE-2023-38556](CVE-2023/CVE-2023-385xx/CVE-2023-38556.json) (`2023-08-02T08:15:09.910`) -* [CVE-2023-2022](CVE-2023/CVE-2023-20xx/CVE-2023-2022.json) (`2023-08-02T09:15:13.877`) -* [CVE-2023-3401](CVE-2023/CVE-2023-34xx/CVE-2023-3401.json) (`2023-08-02T09:15:14.023`) -* [CVE-2023-4067](CVE-2023/CVE-2023-40xx/CVE-2023-4067.json) (`2023-08-02T09:15:14.370`) +* [CVE-2023-3426](CVE-2023/CVE-2023-34xx/CVE-2023-3426.json) (`2023-08-02T10:15:09.887`) ### CVEs modified in the last Commit -Recently modified CVEs: `26` +Recently modified CVEs: `1` -* [CVE-2022-0174](CVE-2022/CVE-2022-01xx/CVE-2022-0174.json) (`2023-08-02T09:15:11.037`) -* [CVE-2022-0178](CVE-2022/CVE-2022-01xx/CVE-2022-0178.json) (`2023-08-02T09:15:11.170`) -* [CVE-2022-0282](CVE-2022/CVE-2022-02xx/CVE-2022-0282.json) (`2023-08-02T09:15:11.297`) -* [CVE-2022-0338](CVE-2022/CVE-2022-03xx/CVE-2022-0338.json) (`2023-08-02T09:15:11.420`) -* [CVE-2022-0355](CVE-2022/CVE-2022-03xx/CVE-2022-0355.json) (`2023-08-02T09:15:11.547`) -* [CVE-2022-0536](CVE-2022/CVE-2022-05xx/CVE-2022-0536.json) (`2023-08-02T09:15:11.677`) -* [CVE-2022-0565](CVE-2022/CVE-2022-05xx/CVE-2022-0565.json) (`2023-08-02T09:15:11.807`) -* [CVE-2022-0569](CVE-2022/CVE-2022-05xx/CVE-2022-0569.json) (`2023-08-02T09:15:11.930`) -* [CVE-2022-0579](CVE-2022/CVE-2022-05xx/CVE-2022-0579.json) (`2023-08-02T09:15:12.037`) -* [CVE-2022-0580](CVE-2022/CVE-2022-05xx/CVE-2022-0580.json) (`2023-08-02T09:15:12.147`) -* [CVE-2022-0588](CVE-2022/CVE-2022-05xx/CVE-2022-0588.json) (`2023-08-02T09:15:12.253`) -* [CVE-2022-0611](CVE-2022/CVE-2022-06xx/CVE-2022-0611.json) (`2023-08-02T09:15:12.357`) -* [CVE-2022-0762](CVE-2022/CVE-2022-07xx/CVE-2022-0762.json) (`2023-08-02T09:15:12.457`) -* [CVE-2022-1223](CVE-2022/CVE-2022-12xx/CVE-2022-1223.json) (`2023-08-02T09:15:12.567`) -* [CVE-2022-1252](CVE-2022/CVE-2022-12xx/CVE-2022-1252.json) (`2023-08-02T09:15:12.683`) -* [CVE-2022-1316](CVE-2022/CVE-2022-13xx/CVE-2022-1316.json) (`2023-08-02T09:15:12.807`) -* [CVE-2022-1650](CVE-2022/CVE-2022-16xx/CVE-2022-1650.json) (`2023-08-02T09:15:12.927`) -* [CVE-2022-1893](CVE-2022/CVE-2022-18xx/CVE-2022-1893.json) (`2023-08-02T09:15:13.057`) -* [CVE-2022-2054](CVE-2022/CVE-2022-20xx/CVE-2022-2054.json) (`2023-08-02T09:15:13.170`) -* [CVE-2022-2732](CVE-2022/CVE-2022-27xx/CVE-2022-2732.json) (`2023-08-02T09:15:13.307`) -* [CVE-2022-2818](CVE-2022/CVE-2022-28xx/CVE-2022-2818.json) (`2023-08-02T09:15:13.440`) -* [CVE-2022-3225](CVE-2022/CVE-2022-32xx/CVE-2022-3225.json) (`2023-08-02T09:15:13.560`) -* [CVE-2022-3423](CVE-2022/CVE-2022-34xx/CVE-2022-3423.json) (`2023-08-02T09:15:13.683`) -* [CVE-2023-3568](CVE-2023/CVE-2023-35xx/CVE-2023-3568.json) (`2023-08-02T09:15:14.110`) -* [CVE-2023-3700](CVE-2023/CVE-2023-37xx/CVE-2023-3700.json) (`2023-08-02T09:15:14.250`) +* [CVE-2023-27385](CVE-2023/CVE-2023-273xx/CVE-2023-27385.json) (`2023-08-02T11:15:09.830`) ## Download and Usage