Auto-Update: 2024-01-03T13:00:25.313667+00:00

CVE-2012/CVE-2012-56xx/CVE-2012-5639.json

@@ -2,7 +2,7 @@
   "id": "CVE-2012-5639",
   "sourceIdentifier": "secalert@redhat.com",
   "published": "2019-12-20T14:15:11.400",
-  "lastModified": "2023-12-29T00:15:47.550",
+  "lastModified": "2024-01-03T12:15:22.547",
   "vulnStatus": "Modified",
   "descriptions": [
     {
@@ -145,6 +145,10 @@
       "url": "http://www.openwall.com/lists/oss-security/2023/12/28/6",
       "source": "secalert@redhat.com"
     },
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2024/01/03/6",
+      "source": "secalert@redhat.com"
+    },
     {
       "url": "https://access.redhat.com/security/cve/cve-2012-5639",
       "source": "secalert@redhat.com",

CVE-2022/CVE-2022-436xx/CVE-2022-43680.json

@@ -2,7 +2,7 @@
   "id": "CVE-2022-43680",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2022-10-24T14:15:53.323",
-  "lastModified": "2023-12-29T00:15:49.437",
+  "lastModified": "2024-01-03T12:15:22.877",
   "vulnStatus": "Undergoing Analysis",
   "descriptions": [
     {
@@ -305,6 +305,10 @@
       "url": "http://www.openwall.com/lists/oss-security/2023/12/28/5",
       "source": "cve@mitre.org"
     },
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2024/01/03/5",
+      "source": "cve@mitre.org"
+    },
     {
       "url": "https://github.com/libexpat/libexpat/issues/649",
       "source": "cve@mitre.org",

CVE-2022/CVE-2022-475xx/CVE-2022-47502.json

@@ -2,7 +2,7 @@
   "id": "CVE-2022-47502",
   "sourceIdentifier": "security@apache.org",
   "published": "2023-03-24T16:15:08.280",
-  "lastModified": "2023-12-28T21:15:07.767",
+  "lastModified": "2024-01-03T12:15:23.040",
   "vulnStatus": "Modified",
   "descriptions": [
     {
@@ -73,6 +73,10 @@
       "url": "http://www.openwall.com/lists/oss-security/2023/12/28/3",
       "source": "security@apache.org"
     },
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2024/01/03/3",
+      "source": "security@apache.org"
+    },
     {
       "url": "https://lists.apache.org/thread/xr6tl91jj2jgcq8pdbrc4d8w13s6xn80",
       "source": "security@apache.org",

CVE-2023/CVE-2023-11xx/CVE-2023-1183.json

@@ -2,7 +2,7 @@
   "id": "CVE-2023-1183",
   "sourceIdentifier": "secalert@redhat.com",
   "published": "2023-07-10T16:15:48.773",
-  "lastModified": "2023-12-29T00:15:49.557",
+  "lastModified": "2024-01-03T12:15:23.163",
   "vulnStatus": "Modified",
   "descriptions": [
     {
@@ -139,6 +139,10 @@
       "url": "http://www.openwall.com/lists/oss-security/2023/12/28/4",
       "source": "secalert@redhat.com"
     },
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2024/01/03/4",
+      "source": "secalert@redhat.com"
+    },
     {
       "url": "https://access.redhat.com/security/cve/CVE-2023-1183",
       "source": "secalert@redhat.com",

CVE-2023/CVE-2023-43xx/CVE-2023-4320.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-4320",
   "sourceIdentifier": "secalert@redhat.com",
   "published": "2023-12-18T14:15:09.830",
-  "lastModified": "2023-12-29T22:45:34.747",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-01-03T12:15:23.390",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
@@ -41,19 +41,19 @@
         "type": "Secondary",
         "cvssData": {
           "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
           "attackVector": "NETWORK",
           "attackComplexity": "LOW",
-          "privilegesRequired": "HIGH",
+          "privilegesRequired": "LOW",
           "userInteraction": "NONE",
           "scope": "UNCHANGED",
           "confidentialityImpact": "LOW",
           "integrityImpact": "HIGH",
           "availabilityImpact": "LOW",
-          "baseScore": 6.0,
-          "baseSeverity": "MEDIUM"
+          "baseScore": 7.6,
+          "baseSeverity": "HIGH"
         },
-        "exploitabilityScore": 1.2,
+        "exploitabilityScore": 2.8,
         "impactScore": 4.7
       }
     ]

CVE-2023/CVE-2023-46xx/CVE-2023-4692.json

@@ -2,7 +2,7 @@
   "id": "CVE-2023-4692",
   "sourceIdentifier": "secalert@redhat.com",
   "published": "2023-10-25T18:17:41.743",
-  "lastModified": "2023-12-08T19:15:08.003",
+  "lastModified": "2024-01-03T12:15:23.617",
   "vulnStatus": "Modified",
   "descriptions": [
     {
@@ -41,20 +41,20 @@
         "type": "Secondary",
         "cvssData": {
           "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N",
+          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
           "attackVector": "LOCAL",
           "attackComplexity": "HIGH",
           "privilegesRequired": "HIGH",
           "userInteraction": "NONE",
           "scope": "CHANGED",
-          "confidentialityImpact": "NONE",
+          "confidentialityImpact": "HIGH",
           "integrityImpact": "HIGH",
-          "availabilityImpact": "NONE",
-          "baseScore": 5.3,
-          "baseSeverity": "MEDIUM"
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.5,
+          "baseSeverity": "HIGH"
         },
         "exploitabilityScore": 0.8,
-        "impactScore": 4.0
+        "impactScore": 6.0
       }
     ]
   },

CVE-2023/CVE-2023-478xx/CVE-2023-47804.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-47804",
   "sourceIdentifier": "security@apache.org",
   "published": "2023-12-29T15:15:09.157",
-  "lastModified": "2023-12-29T17:08:18.447",
+  "lastModified": "2024-01-03T12:15:23.300",
   "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
       "value": "Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments. Several URI Schemes are defined for this purpose.\n\nLinks can be activated by clicks, or by automatic document events.\n\nThe execution of such links must be subject to user approval.\n\nIn the affected versions of OpenOffice, approval for certain links is not requested; when activated, such links could therefore result in arbitrary script execution.\n\nThis is a corner case of CVE-2022-47502.\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "Los documentos de Apache OpenOffice pueden contener enlaces que llaman a macros internas con argumentos arbitrarios. Para este fin se definen varios esquemas de URI. Los enlaces se pueden activar mediante clics o mediante eventos autom\u00e1ticos del documento. La ejecuci\u00f3n de dichos enlaces debe estar sujeta a la aprobaci\u00f3n del usuario. En las versiones afectadas de OpenOffice, no se solicita aprobaci\u00f3n para ciertos enlaces; Cuando se activan, dichos enlaces podr\u00edan dar lugar a la ejecuci\u00f3n de scripts arbitrarios. Este es un caso de esquina de CVE-2022-47502."
     }
   ],
   "metrics": {},
@@ -28,6 +32,10 @@
     }
   ],
   "references": [
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2024/01/03/3",
+      "source": "security@apache.org"
+    },
     {
       "url": "https://lists.apache.org/thread/ygp59swfcy6g46jf8v9s6qpwmxn8fsvb",
       "source": "security@apache.org"

CVE-2023/CVE-2023-517xx/CVE-2023-51784.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-51784",
   "sourceIdentifier": "security@apache.org",
   "published": "2024-01-03T10:15:09.027",
-  "lastModified": "2024-01-03T10:15:09.027",
+  "lastModified": "2024-01-03T12:15:23.883",
   "vulnStatus": "Received",
   "descriptions": [
     {
       "lang": "en",
       "value": "Improper Control of Generation of Code ('Code Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.9.0, which could lead to Remote Code Execution.\u00a0Users are advised to upgrade to Apache InLong's 1.10.0 or cherry-pick [1] to solve it.\n\n[1]  https://github.com/apache/inlong/pull/9329 \n\n"
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de control inadecuado de generaci\u00f3n de c\u00f3digo (\"inyecci\u00f3n de c\u00f3digo\") en Apache InLong. Este problema afecta a Apache InLong: desde 1.5.0 hasta 1.9.0, lo que podr\u00eda provocar la ejecuci\u00f3n remota de c\u00f3digo. Se recomienda a los usuarios actualizar a Apache InLong 1.10.0 o seleccionar [1] para resolverlo. [1] https://github.com/apache/inlong/pull/9329"
     }
   ],
   "metrics": {},
@@ -24,6 +28,10 @@
     }
   ],
   "references": [
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2024/01/03/1",
+      "source": "security@apache.org"
+    },
     {
       "url": "https://lists.apache.org/thread/4nxbyl6mh5jgh0plk0qposbxwn6w9h8j",
       "source": "security@apache.org"

CVE-2023/CVE-2023-517xx/CVE-2023-51785.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-51785",
   "sourceIdentifier": "security@apache.org",
   "published": "2024-01-03T10:15:09.130",
-  "lastModified": "2024-01-03T10:15:09.130",
+  "lastModified": "2024-01-03T12:15:23.953",
   "vulnStatus": "Received",
   "descriptions": [
     {
       "lang": "en",
       "value": "Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong: from 1.7.0 through 1.9.0, the attackers\u00a0can make a arbitrary file read attack using mysql driver.\u00a0Users are advised to upgrade to Apache InLong's 1.10.0 or cherry-pick [1] to solve it.\n\n[1]\u00a0 https://github.com/apache/inlong/pull/9331 \n\n"
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de deserializaci\u00f3n de datos no confiables en Apache InLong. Este problema afecta a Apache InLong: desde la versi\u00f3n 1.7.0 hasta la 1.9.0, los atacantes pueden realizar un ataque de lectura de archivos arbitrario utilizando el controlador mysql. Se recomienda a los usuarios actualizar a Apache InLong 1.10.0 o seleccionar [1] para resolverlo. [1] https://github.com/apache/inlong/pull/9331"
     }
   ],
   "metrics": {},
@@ -24,6 +28,10 @@
     }
   ],
   "references": [
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2024/01/03/2",
+      "source": "security@apache.org"
+    },
     {
       "url": "https://lists.apache.org/thread/g0yjmtjqvp8bnf1j0tdsk0nhfozjdjno",
       "source": "security@apache.org"

README.md

@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-01-03T11:00:25.793446+00:00
+2024-01-03T13:00:25.313667+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-01-03T10:15:09.240000+00:00
+2024-01-03T12:15:23.953000+00:00
 ```
 
 ### Last Data Feed Release
@@ -34,39 +34,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `26`
+Recently added CVEs: `0`
 
-* [CVE-2023-38675](CVE-2023/CVE-2023-386xx/CVE-2023-38675.json) (`2024-01-03T09:15:08.340`)
-* [CVE-2023-38676](CVE-2023/CVE-2023-386xx/CVE-2023-38676.json) (`2024-01-03T09:15:08.517`)
-* [CVE-2023-38677](CVE-2023/CVE-2023-386xx/CVE-2023-38677.json) (`2024-01-03T09:15:08.687`)
-* [CVE-2023-38678](CVE-2023/CVE-2023-386xx/CVE-2023-38678.json) (`2024-01-03T09:15:08.877`)
-* [CVE-2023-50921](CVE-2023/CVE-2023-509xx/CVE-2023-50921.json) (`2024-01-03T09:15:09.067`)
-* [CVE-2023-52302](CVE-2023/CVE-2023-523xx/CVE-2023-52302.json) (`2024-01-03T09:15:09.110`)
-* [CVE-2023-52303](CVE-2023/CVE-2023-523xx/CVE-2023-52303.json) (`2024-01-03T09:15:09.277`)
-* [CVE-2023-52304](CVE-2023/CVE-2023-523xx/CVE-2023-52304.json) (`2024-01-03T09:15:09.447`)
-* [CVE-2023-52305](CVE-2023/CVE-2023-523xx/CVE-2023-52305.json) (`2024-01-03T09:15:09.617`)
-* [CVE-2023-52306](CVE-2023/CVE-2023-523xx/CVE-2023-52306.json) (`2024-01-03T09:15:09.793`)
-* [CVE-2023-52307](CVE-2023/CVE-2023-523xx/CVE-2023-52307.json) (`2024-01-03T09:15:09.970`)
-* [CVE-2023-52308](CVE-2023/CVE-2023-523xx/CVE-2023-52308.json) (`2024-01-03T09:15:10.170`)
-* [CVE-2023-52309](CVE-2023/CVE-2023-523xx/CVE-2023-52309.json) (`2024-01-03T09:15:10.340`)
-* [CVE-2023-52310](CVE-2023/CVE-2023-523xx/CVE-2023-52310.json) (`2024-01-03T09:15:10.520`)
-* [CVE-2023-52311](CVE-2023/CVE-2023-523xx/CVE-2023-52311.json) (`2024-01-03T09:15:10.720`)
-* [CVE-2023-52312](CVE-2023/CVE-2023-523xx/CVE-2023-52312.json) (`2024-01-03T09:15:10.903`)
-* [CVE-2023-52313](CVE-2023/CVE-2023-523xx/CVE-2023-52313.json) (`2024-01-03T09:15:11.083`)
-* [CVE-2023-52314](CVE-2023/CVE-2023-523xx/CVE-2023-52314.json) (`2024-01-03T09:15:11.267`)
-* [CVE-2023-6621](CVE-2023/CVE-2023-66xx/CVE-2023-6621.json) (`2024-01-03T09:15:11.440`)
-* [CVE-2023-6747](CVE-2023/CVE-2023-67xx/CVE-2023-6747.json) (`2024-01-03T09:15:11.487`)
-* [CVE-2023-6984](CVE-2023/CVE-2023-69xx/CVE-2023-6984.json) (`2024-01-03T09:15:11.647`)
-* [CVE-2023-7068](CVE-2023/CVE-2023-70xx/CVE-2023-7068.json) (`2024-01-03T09:15:11.810`)
-* [CVE-2023-51784](CVE-2023/CVE-2023-517xx/CVE-2023-51784.json) (`2024-01-03T10:15:09.027`)
-* [CVE-2023-51785](CVE-2023/CVE-2023-517xx/CVE-2023-51785.json) (`2024-01-03T10:15:09.130`)
-* [CVE-2024-0201](CVE-2024/CVE-2024-02xx/CVE-2024-0201.json) (`2024-01-03T10:15:09.240`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `0`
+Recently modified CVEs: `9`
 
+* [CVE-2012-5639](CVE-2012/CVE-2012-56xx/CVE-2012-5639.json) (`2024-01-03T12:15:22.547`)
+* [CVE-2022-43680](CVE-2022/CVE-2022-436xx/CVE-2022-43680.json) (`2024-01-03T12:15:22.877`)
+* [CVE-2022-47502](CVE-2022/CVE-2022-475xx/CVE-2022-47502.json) (`2024-01-03T12:15:23.040`)
+* [CVE-2023-1183](CVE-2023/CVE-2023-11xx/CVE-2023-1183.json) (`2024-01-03T12:15:23.163`)
+* [CVE-2023-47804](CVE-2023/CVE-2023-478xx/CVE-2023-47804.json) (`2024-01-03T12:15:23.300`)
+* [CVE-2023-4320](CVE-2023/CVE-2023-43xx/CVE-2023-4320.json) (`2024-01-03T12:15:23.390`)
+* [CVE-2023-4692](CVE-2023/CVE-2023-46xx/CVE-2023-4692.json) (`2024-01-03T12:15:23.617`)
+* [CVE-2023-51784](CVE-2023/CVE-2023-517xx/CVE-2023-51784.json) (`2024-01-03T12:15:23.883`)
+* [CVE-2023-51785](CVE-2023/CVE-2023-517xx/CVE-2023-51785.json) (`2024-01-03T12:15:23.953`)
 
 
 ## Download and Usage