diff --git a/CVE-2021/CVE-2021-41xx/CVE-2021-4104.json b/CVE-2021/CVE-2021-41xx/CVE-2021-4104.json index 6410a1dd0d1..ccfe6a6f056 100644 --- a/CVE-2021/CVE-2021-41xx/CVE-2021-4104.json +++ b/CVE-2021/CVE-2021-41xx/CVE-2021-4104.json @@ -2,7 +2,7 @@ "id": "CVE-2021-4104", "sourceIdentifier": "security@apache.org", "published": "2021-12-14T12:15:12.200", - "lastModified": "2023-11-07T03:40:10.693", + "lastModified": "2023-12-20T08:15:42.873", "vulnStatus": "Modified", "descriptions": [ { @@ -75,7 +75,7 @@ ] }, { - "source": "f0158376-9dc2-43b6-827c-5f631a4d8d09", + "source": "security@apache.org", "type": "Secondary", "description": [ { @@ -516,6 +516,10 @@ "url": "https://security.gentoo.org/glsa/202310-16", "source": "security@apache.org" }, + { + "url": "https://security.gentoo.org/glsa/202312-02", + "source": "security@apache.org" + }, { "url": "https://security.netapp.com/advisory/ntap-20211223-0007/", "source": "security@apache.org" diff --git a/CVE-2023/CVE-2023-00xx/CVE-2023-0011.json b/CVE-2023/CVE-2023-00xx/CVE-2023-0011.json new file mode 100644 index 00000000000..b3ad12bfe3a --- /dev/null +++ b/CVE-2023/CVE-2023-00xx/CVE-2023-0011.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-0011", + "sourceIdentifier": "vulnerability@ncsc.ch", + "published": "2023-12-20T08:15:43.503", + "lastModified": "2023-12-20T08:15:43.503", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A flaw in the input validation in TOBY-L2 allows a user to execute arbitrary operating system commands using specifically crafted AT commands. This vulnerability requires physical access to the serial interface of the module or the ability to modify the system or software which uses its serial interface to send malicious AT commands.\n\n\n\n\nExploitation of the vulnerability gives full administrative (root) privileges to the attacker to execute any operating system command on TOBY-L2 which can lead to modification of the behavior of the module itself as well as the components connected with it (depending on its rights on other connected systems). It can further provide the ability to read system level files and hamper the availability of the module as well..\n\n\n\n\nThis issue affects TOBY-L2 series: TOBY-L200, TOBY-L201, TOBY-L210, TOBY-L220, TOBY-L280.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "vulnerability@ncsc.ch", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 0.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "vulnerability@ncsc.ch", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://www.u-blox.com/en/report-security-issues", + "source": "vulnerability@ncsc.ch" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-322xx/CVE-2023-32205.json b/CVE-2023/CVE-2023-322xx/CVE-2023-32205.json index 042c1de04ff..62d72b3966a 100644 --- a/CVE-2023/CVE-2023-322xx/CVE-2023-32205.json +++ b/CVE-2023/CVE-2023-322xx/CVE-2023-32205.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32205", "sourceIdentifier": "security@mozilla.org", "published": "2023-06-02T17:15:13.057", - "lastModified": "2023-06-21T15:33:27.127", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-20T08:15:43.997", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -94,6 +94,10 @@ "Vendor Advisory" ] }, + { + "url": "https://security.gentoo.org/glsa/202312-03", + "source": "security@mozilla.org" + }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-16/", "source": "security@mozilla.org", diff --git a/CVE-2023/CVE-2023-322xx/CVE-2023-32206.json b/CVE-2023/CVE-2023-322xx/CVE-2023-32206.json index ef27d62b085..0ba85006dd6 100644 --- a/CVE-2023/CVE-2023-322xx/CVE-2023-32206.json +++ b/CVE-2023/CVE-2023-322xx/CVE-2023-32206.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32206", "sourceIdentifier": "security@mozilla.org", "published": "2023-06-02T17:15:13.100", - "lastModified": "2023-06-09T03:55:57.680", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-20T08:15:44.277", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -86,6 +86,10 @@ "Vendor Advisory" ] }, + { + "url": "https://security.gentoo.org/glsa/202312-03", + "source": "security@mozilla.org" + }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-16/", "source": "security@mozilla.org", diff --git a/CVE-2023/CVE-2023-322xx/CVE-2023-32207.json b/CVE-2023/CVE-2023-322xx/CVE-2023-32207.json index 88ea71bc5e5..65ccf750bc5 100644 --- a/CVE-2023/CVE-2023-322xx/CVE-2023-32207.json +++ b/CVE-2023/CVE-2023-322xx/CVE-2023-32207.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32207", "sourceIdentifier": "security@mozilla.org", "published": "2023-06-02T17:15:13.147", - "lastModified": "2023-06-21T15:19:41.783", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-20T08:15:44.537", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -86,6 +86,10 @@ "Vendor Advisory" ] }, + { + "url": "https://security.gentoo.org/glsa/202312-03", + "source": "security@mozilla.org" + }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-16/", "source": "security@mozilla.org", diff --git a/CVE-2023/CVE-2023-322xx/CVE-2023-32211.json b/CVE-2023/CVE-2023-322xx/CVE-2023-32211.json index d0a545c178d..fe09bba97dd 100644 --- a/CVE-2023/CVE-2023-322xx/CVE-2023-32211.json +++ b/CVE-2023/CVE-2023-322xx/CVE-2023-32211.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32211", "sourceIdentifier": "security@mozilla.org", "published": "2023-06-02T17:15:13.197", - "lastModified": "2023-06-09T03:55:35.073", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-20T08:15:44.760", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -86,6 +86,10 @@ "Vendor Advisory" ] }, + { + "url": "https://security.gentoo.org/glsa/202312-03", + "source": "security@mozilla.org" + }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-16/", "source": "security@mozilla.org", diff --git a/CVE-2023/CVE-2023-322xx/CVE-2023-32212.json b/CVE-2023/CVE-2023-322xx/CVE-2023-32212.json index 67b6f73daf8..ef05ac93d67 100644 --- a/CVE-2023/CVE-2023-322xx/CVE-2023-32212.json +++ b/CVE-2023/CVE-2023-322xx/CVE-2023-32212.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32212", "sourceIdentifier": "security@mozilla.org", "published": "2023-06-02T17:15:13.240", - "lastModified": "2023-06-09T03:55:32.897", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-20T08:15:45.060", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -86,6 +86,10 @@ "Vendor Advisory" ] }, + { + "url": "https://security.gentoo.org/glsa/202312-03", + "source": "security@mozilla.org" + }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-16/", "source": "security@mozilla.org", diff --git a/CVE-2023/CVE-2023-322xx/CVE-2023-32213.json b/CVE-2023/CVE-2023-322xx/CVE-2023-32213.json index a77e12fc273..27ef14d6e3a 100644 --- a/CVE-2023/CVE-2023-322xx/CVE-2023-32213.json +++ b/CVE-2023/CVE-2023-322xx/CVE-2023-32213.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32213", "sourceIdentifier": "security@mozilla.org", "published": "2023-06-02T17:15:13.287", - "lastModified": "2023-06-09T03:55:30.177", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-20T08:15:45.270", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -86,6 +86,10 @@ "Vendor Advisory" ] }, + { + "url": "https://security.gentoo.org/glsa/202312-03", + "source": "security@mozilla.org" + }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-16/", "source": "security@mozilla.org", diff --git a/CVE-2023/CVE-2023-322xx/CVE-2023-32214.json b/CVE-2023/CVE-2023-322xx/CVE-2023-32214.json index 7f9dcb9f13e..bb479fd8f11 100644 --- a/CVE-2023/CVE-2023-322xx/CVE-2023-32214.json +++ b/CVE-2023/CVE-2023-322xx/CVE-2023-32214.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32214", "sourceIdentifier": "security@mozilla.org", "published": "2023-06-19T10:15:09.613", - "lastModified": "2023-06-27T08:25:27.197", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-20T08:15:45.510", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -96,6 +96,10 @@ "Permissions Required" ] }, + { + "url": "https://security.gentoo.org/glsa/202312-03", + "source": "security@mozilla.org" + }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-16/", "source": "security@mozilla.org", diff --git a/CVE-2023/CVE-2023-322xx/CVE-2023-32215.json b/CVE-2023/CVE-2023-322xx/CVE-2023-32215.json index 0879363b340..2d28129cc49 100644 --- a/CVE-2023/CVE-2023-322xx/CVE-2023-32215.json +++ b/CVE-2023/CVE-2023-322xx/CVE-2023-32215.json @@ -2,7 +2,7 @@ "id": "CVE-2023-32215", "sourceIdentifier": "security@mozilla.org", "published": "2023-06-02T17:15:13.337", - "lastModified": "2023-11-07T04:14:29.317", + "lastModified": "2023-12-20T08:15:45.897", "vulnStatus": "Modified", "descriptions": [ { @@ -86,6 +86,10 @@ "Vendor Advisory" ] }, + { + "url": "https://security.gentoo.org/glsa/202312-03", + "source": "security@mozilla.org" + }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-16/", "source": "security@mozilla.org", diff --git a/CVE-2023/CVE-2023-344xx/CVE-2023-34414.json b/CVE-2023/CVE-2023-344xx/CVE-2023-34414.json index 93f218e75bd..8431fbf6fe3 100644 --- a/CVE-2023/CVE-2023-344xx/CVE-2023-34414.json +++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34414.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34414", "sourceIdentifier": "security@mozilla.org", "published": "2023-06-19T11:15:10.927", - "lastModified": "2023-06-27T17:02:20.343", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-20T08:15:46.113", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -84,6 +84,10 @@ "Permissions Required" ] }, + { + "url": "https://security.gentoo.org/glsa/202312-03", + "source": "security@mozilla.org" + }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-19/", "source": "security@mozilla.org", diff --git a/CVE-2023/CVE-2023-344xx/CVE-2023-34416.json b/CVE-2023/CVE-2023-344xx/CVE-2023-34416.json index 1b47f28a370..cc0b3899d21 100644 --- a/CVE-2023/CVE-2023-344xx/CVE-2023-34416.json +++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34416.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34416", "sourceIdentifier": "security@mozilla.org", "published": "2023-06-19T11:15:11.023", - "lastModified": "2023-06-27T17:10:43.233", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-20T08:15:46.477", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -77,6 +77,17 @@ } ], "references": [ + { + "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1752703%2C1818394%2C1826875%2C1827340%2C1827655%2C1828065%2C1830190%2C1830206%2C1830795%2C1833339", + "source": "security@mozilla.org", + "tags": [ + "Broken Link" + ] + }, + { + "url": "https://security.gentoo.org/glsa/202312-03", + "source": "security@mozilla.org" + }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-19/", "source": "security@mozilla.org", diff --git a/CVE-2023/CVE-2023-487xx/CVE-2023-48795.json b/CVE-2023/CVE-2023-487xx/CVE-2023-48795.json index a976f8e8284..493a732c8b7 100644 --- a/CVE-2023/CVE-2023-487xx/CVE-2023-48795.json +++ b/CVE-2023/CVE-2023-487xx/CVE-2023-48795.json @@ -2,7 +2,7 @@ "id": "CVE-2023-48795", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-18T16:15:10.897", - "lastModified": "2023-12-20T02:15:44.827", + "lastModified": "2023-12-20T07:15:06.490", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -28,6 +28,10 @@ "url": "https://access.redhat.com/security/cve/cve-2023-48795", "source": "cve@mitre.org" }, + { + "url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/", + "source": "cve@mitre.org" + }, { "url": "https://bugs.gentoo.org/920280", "source": "cve@mitre.org" diff --git a/README.md b/README.md index 4be707aad19..3092139265e 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-12-20T07:00:24.509673+00:00 +2023-12-20T09:00:25.198051+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-12-20T06:15:45.907000+00:00 +2023-12-20T08:15:46.477000+00:00 ``` ### Last Data Feed Release @@ -29,23 +29,32 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -233805 +233806 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `1` -* [CVE-2023-6974](CVE-2023/CVE-2023-69xx/CVE-2023-6974.json) (`2023-12-20T06:15:45.160`) -* [CVE-2023-6975](CVE-2023/CVE-2023-69xx/CVE-2023-6975.json) (`2023-12-20T06:15:45.553`) -* [CVE-2023-6976](CVE-2023/CVE-2023-69xx/CVE-2023-6976.json) (`2023-12-20T06:15:45.730`) -* [CVE-2023-6977](CVE-2023/CVE-2023-69xx/CVE-2023-6977.json) (`2023-12-20T06:15:45.907`) +* [CVE-2023-0011](CVE-2023/CVE-2023-00xx/CVE-2023-0011.json) (`2023-12-20T08:15:43.503`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `12` +* [CVE-2021-4104](CVE-2021/CVE-2021-41xx/CVE-2021-4104.json) (`2023-12-20T08:15:42.873`) +* [CVE-2023-48795](CVE-2023/CVE-2023-487xx/CVE-2023-48795.json) (`2023-12-20T07:15:06.490`) +* [CVE-2023-32205](CVE-2023/CVE-2023-322xx/CVE-2023-32205.json) (`2023-12-20T08:15:43.997`) +* [CVE-2023-32206](CVE-2023/CVE-2023-322xx/CVE-2023-32206.json) (`2023-12-20T08:15:44.277`) +* [CVE-2023-32207](CVE-2023/CVE-2023-322xx/CVE-2023-32207.json) (`2023-12-20T08:15:44.537`) +* [CVE-2023-32211](CVE-2023/CVE-2023-322xx/CVE-2023-32211.json) (`2023-12-20T08:15:44.760`) +* [CVE-2023-32212](CVE-2023/CVE-2023-322xx/CVE-2023-32212.json) (`2023-12-20T08:15:45.060`) +* [CVE-2023-32213](CVE-2023/CVE-2023-322xx/CVE-2023-32213.json) (`2023-12-20T08:15:45.270`) +* [CVE-2023-32214](CVE-2023/CVE-2023-322xx/CVE-2023-32214.json) (`2023-12-20T08:15:45.510`) +* [CVE-2023-32215](CVE-2023/CVE-2023-322xx/CVE-2023-32215.json) (`2023-12-20T08:15:45.897`) +* [CVE-2023-34414](CVE-2023/CVE-2023-344xx/CVE-2023-34414.json) (`2023-12-20T08:15:46.113`) +* [CVE-2023-34416](CVE-2023/CVE-2023-344xx/CVE-2023-34416.json) (`2023-12-20T08:15:46.477`) ## Download and Usage