Auto-Update: 2024-01-05T03:00:33.246535+00:00

2025-05-08 19:47:09 +00:00 · 2024-01-05 03:00:36 +00:00 · 2024-01-05 03:00:36 +00:00 · 1ac6a86924
commit 1ac6a86924
parent c1538e8f6f
9 changed files with 148 additions and 39 deletions
--- a/CVE-2023/CVE-2023-417xx/CVE-2023-41782.json
+++ b/CVE-2023/CVE-2023-417xx/CVE-2023-41782.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-41782",
+  "sourceIdentifier": "psirt@zte.com.cn",
+  "published": "2024-01-05T02:15:07.147",
+  "lastModified": "2024-01-05T02:15:07.147",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nThere is a DLL hijacking vulnerability in ZTE ZXCLOUD iRAI, an attacker could place a fake DLL file in a specific directory and successfully exploit this vulnerability to execute malicious code.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "psirt@zte.com.cn",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "LOW",
+          "baseScore": 3.9,
+          "baseSeverity": "LOW"
+        },
+        "exploitabilityScore": 1.3,
+        "impactScore": 2.5
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "psirt@zte.com.cn",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-20"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032984",
+      "source": "psirt@zte.com.cn"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-64xx/CVE-2023-6493.json
+++ b/CVE-2023/CVE-2023-64xx/CVE-2023-6493.json
@ -0,0 +1,47 @@
+{
+  "id": "CVE-2023-6493",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2024-01-05T02:15:07.740",
+  "lastModified": "2024-01-05T02:15:07.740",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Depicter Slider \u2013 Responsive Image Slider, Video Slider & Post Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.6. This is due to missing or incorrect nonce validation on the 'save' function. This makes it possible for unauthenticated attackers to modify the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. CVE-2023-51491 appears to be a duplicate of this issue."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/3013596/depicter/trunk/app/src/WordPress/Settings/Settings.php",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c9c907ea-3ab4-4674-8945-ade4f6ff2679?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-68xx/CVE-2023-6879.json
+++ b/CVE-2023/CVE-2023-68xx/CVE-2023-6879.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-6879",
  "sourceIdentifier": "cve-coordination@google.com",
  "published": "2023-12-27T23:15:07.530",
-  "lastModified": "2023-12-28T15:09:53.403",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2024-01-05T02:15:07.933",
+  "vulnStatus": "Undergoing Analysis",
  "descriptions": [
    {
      "lang": "en",
@ -58,6 +58,10 @@
    {
      "url": "https://crbug.com/aomedia/3491",
      "source": "cve-coordination@google.com"
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D6C2HN4T2S6GYNTAUXLH45LQZHK7QPHP/",
+      "source": "cve-coordination@google.com"
    }
  ]
 }
--- a/CVE-2023/CVE-2023-71xx/CVE-2023-7104.json
+++ b/CVE-2023/CVE-2023-71xx/CVE-2023-7104.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-7104",
  "sourceIdentifier": "cna@vuldb.com",
  "published": "2023-12-29T10:15:13.890",
-  "lastModified": "2023-12-29T13:56:27.537",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2024-01-05T02:15:08.063",
+  "vulnStatus": "Undergoing Analysis",
  "descriptions": [
    {
      "lang": "en",
@ -76,6 +76,10 @@
    }
  ],
  "references": [
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D6C2HN4T2S6GYNTAUXLH45LQZHK7QPHP/",
+      "source": "cna@vuldb.com"
+    },
    {
      "url": "https://sqlite.org/forum/forumpost/5bcbf4571c",
      "source": "cna@vuldb.com"
--- a/CVE-2024/CVE-2024-02xx/CVE-2024-0222.json
+++ b/CVE-2024/CVE-2024-02xx/CVE-2024-0222.json
@ -2,7 +2,7 @@
  "id": "CVE-2024-0222",
  "sourceIdentifier": "chrome-cve-admin@google.com",
  "published": "2024-01-04T02:15:28.933",
-  "lastModified": "2024-01-04T14:58:23.450",
+  "lastModified": "2024-01-05T02:15:08.177",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
@ -23,6 +23,10 @@
    {
      "url": "https://crbug.com/1501798",
      "source": "chrome-cve-admin@google.com"
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D6C2HN4T2S6GYNTAUXLH45LQZHK7QPHP/",
+      "source": "chrome-cve-admin@google.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-02xx/CVE-2024-0223.json
+++ b/CVE-2024/CVE-2024-02xx/CVE-2024-0223.json
@ -2,7 +2,7 @@
  "id": "CVE-2024-0223",
  "sourceIdentifier": "chrome-cve-admin@google.com",
  "published": "2024-01-04T02:15:28.987",
-  "lastModified": "2024-01-04T14:58:23.450",
+  "lastModified": "2024-01-05T02:15:08.230",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
@ -23,6 +23,10 @@
    {
      "url": "https://crbug.com/1505009",
      "source": "chrome-cve-admin@google.com"
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D6C2HN4T2S6GYNTAUXLH45LQZHK7QPHP/",
+      "source": "chrome-cve-admin@google.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-02xx/CVE-2024-0224.json
+++ b/CVE-2024/CVE-2024-02xx/CVE-2024-0224.json
@ -2,7 +2,7 @@
  "id": "CVE-2024-0224",
  "sourceIdentifier": "chrome-cve-admin@google.com",
  "published": "2024-01-04T02:15:29.033",
-  "lastModified": "2024-01-04T14:58:23.450",
+  "lastModified": "2024-01-05T02:15:08.270",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
@ -23,6 +23,10 @@
    {
      "url": "https://crbug.com/1505086",
      "source": "chrome-cve-admin@google.com"
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D6C2HN4T2S6GYNTAUXLH45LQZHK7QPHP/",
+      "source": "chrome-cve-admin@google.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-02xx/CVE-2024-0225.json
+++ b/CVE-2024/CVE-2024-02xx/CVE-2024-0225.json
@ -2,7 +2,7 @@
  "id": "CVE-2024-0225",
  "sourceIdentifier": "chrome-cve-admin@google.com",
  "published": "2024-01-04T02:15:29.080",
-  "lastModified": "2024-01-04T14:58:23.450",
+  "lastModified": "2024-01-05T02:15:08.317",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
@ -23,6 +23,10 @@
    {
      "url": "https://crbug.com/1506923",
      "source": "chrome-cve-admin@google.com"
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D6C2HN4T2S6GYNTAUXLH45LQZHK7QPHP/",
+      "source": "chrome-cve-admin@google.com"
    }
  ]
 }
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-01-05T00:55:26.642430+00:00
+2024-01-05T03:00:33.246535+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-01-05T00:30:50.517000+00:00
+2024-01-05T02:15:08.317000+00:00
 ```

 ### Last Data Feed Release
@ -23,50 +23,33 @@ Repository synchronizes with the NVD every 2 hours.
 Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)

 ```plain
-2024-01-04T01:00:28.262022+00:00
+2024-01-05T01:00:28.275238+00:00
 ```

 ### Total Number of included CVEs

 ```plain
-234889
+234891
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `0`
+Recently added CVEs: `2`

+* [CVE-2023-41782](CVE-2023/CVE-2023-417xx/CVE-2023-41782.json) (`2024-01-05T02:15:07.147`)
+* [CVE-2023-6493](CVE-2023/CVE-2023-64xx/CVE-2023-6493.json) (`2024-01-05T02:15:07.740`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `44`
+Recently modified CVEs: `6`

-* [CVE-2023-51429](CVE-2023/CVE-2023-514xx/CVE-2023-51429.json) (`2024-01-04T23:36:16.723`)
-* [CVE-2023-51428](CVE-2023/CVE-2023-514xx/CVE-2023-51428.json) (`2024-01-04T23:38:22.723`)
-* [CVE-2023-51427](CVE-2023/CVE-2023-514xx/CVE-2023-51427.json) (`2024-01-04T23:40:05.267`)
-* [CVE-2023-51426](CVE-2023/CVE-2023-514xx/CVE-2023-51426.json) (`2024-01-04T23:42:36.860`)
-* [CVE-2023-31296](CVE-2023/CVE-2023-312xx/CVE-2023-31296.json) (`2024-01-04T23:43:22.250`)
-* [CVE-2023-23443](CVE-2023/CVE-2023-234xx/CVE-2023-23443.json) (`2024-01-04T23:45:33.647`)
-* [CVE-2023-23442](CVE-2023/CVE-2023-234xx/CVE-2023-23442.json) (`2024-01-04T23:46:49.527`)
-* [CVE-2023-7131](CVE-2023/CVE-2023-71xx/CVE-2023-7131.json) (`2024-01-04T23:47:58.357`)
-* [CVE-2023-23441](CVE-2023/CVE-2023-234xx/CVE-2023-23441.json) (`2024-01-04T23:48:30.330`)
-* [CVE-2023-51154](CVE-2023/CVE-2023-511xx/CVE-2023-51154.json) (`2024-01-04T23:48:42.333`)
-* [CVE-2023-51812](CVE-2023/CVE-2023-518xx/CVE-2023-51812.json) (`2024-01-04T23:48:42.333`)
-* [CVE-2023-7132](CVE-2023/CVE-2023-71xx/CVE-2023-7132.json) (`2024-01-04T23:50:55.687`)
-* [CVE-2023-50448](CVE-2023/CVE-2023-504xx/CVE-2023-50448.json) (`2024-01-04T23:56:47.930`)
-* [CVE-2023-52083](CVE-2023/CVE-2023-520xx/CVE-2023-52083.json) (`2024-01-05T00:01:33.360`)
-* [CVE-2023-52084](CVE-2023/CVE-2023-520xx/CVE-2023-52084.json) (`2024-01-05T00:08:19.287`)
-* [CVE-2023-50104](CVE-2023/CVE-2023-501xx/CVE-2023-50104.json) (`2024-01-05T00:12:12.343`)
-* [CVE-2023-7144](CVE-2023/CVE-2023-71xx/CVE-2023-7144.json) (`2024-01-05T00:15:42.040`)
-* [CVE-2023-52085](CVE-2023/CVE-2023-520xx/CVE-2023-52085.json) (`2024-01-05T00:30:50.517`)
-* [CVE-2024-21636](CVE-2024/CVE-2024-216xx/CVE-2024-21636.json) (`2024-01-04T23:48:42.333`)
-* [CVE-2024-0241](CVE-2024/CVE-2024-02xx/CVE-2024-0241.json) (`2024-01-04T23:48:42.333`)
-* [CVE-2024-22047](CVE-2024/CVE-2024-220xx/CVE-2024-22047.json) (`2024-01-04T23:48:42.333`)
-* [CVE-2024-22048](CVE-2024/CVE-2024-220xx/CVE-2024-22048.json) (`2024-01-04T23:48:42.333`)
-* [CVE-2024-22049](CVE-2024/CVE-2024-220xx/CVE-2024-22049.json) (`2024-01-04T23:48:42.333`)
-* [CVE-2024-22050](CVE-2024/CVE-2024-220xx/CVE-2024-22050.json) (`2024-01-04T23:48:42.333`)
-* [CVE-2024-22051](CVE-2024/CVE-2024-220xx/CVE-2024-22051.json) (`2024-01-04T23:48:42.333`)
+* [CVE-2023-6879](CVE-2023/CVE-2023-68xx/CVE-2023-6879.json) (`2024-01-05T02:15:07.933`)
+* [CVE-2023-7104](CVE-2023/CVE-2023-71xx/CVE-2023-7104.json) (`2024-01-05T02:15:08.063`)
+* [CVE-2024-0222](CVE-2024/CVE-2024-02xx/CVE-2024-0222.json) (`2024-01-05T02:15:08.177`)
+* [CVE-2024-0223](CVE-2024/CVE-2024-02xx/CVE-2024-0223.json) (`2024-01-05T02:15:08.230`)
+* [CVE-2024-0224](CVE-2024/CVE-2024-02xx/CVE-2024-0224.json) (`2024-01-05T02:15:08.270`)
+* [CVE-2024-0225](CVE-2024/CVE-2024-02xx/CVE-2024-0225.json) (`2024-01-05T02:15:08.317`)


 ## Download and Usage