Auto-Update: 2023-12-20T09:00:25.198051+00:00

CVE-2021/CVE-2021-41xx/CVE-2021-4104.json

@@ -2,7 +2,7 @@
   "id": "CVE-2021-4104",
   "sourceIdentifier": "security@apache.org",
   "published": "2021-12-14T12:15:12.200",
-  "lastModified": "2023-11-07T03:40:10.693",
+  "lastModified": "2023-12-20T08:15:42.873",
   "vulnStatus": "Modified",
   "descriptions": [
     {
@@ -75,7 +75,7 @@
       ]
     },
     {
-      "source": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
+      "source": "security@apache.org",
       "type": "Secondary",
       "description": [
         {
@@ -516,6 +516,10 @@
       "url": "https://security.gentoo.org/glsa/202310-16",
       "source": "security@apache.org"
     },
+    {
+      "url": "https://security.gentoo.org/glsa/202312-02",
+      "source": "security@apache.org"
+    },
     {
       "url": "https://security.netapp.com/advisory/ntap-20211223-0007/",
       "source": "security@apache.org"

CVE-2023/CVE-2023-00xx/CVE-2023-0011.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-0011",
+  "sourceIdentifier": "vulnerability@ncsc.ch",
+  "published": "2023-12-20T08:15:43.503",
+  "lastModified": "2023-12-20T08:15:43.503",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A flaw in the input validation in TOBY-L2 allows a user to execute arbitrary operating system commands using specifically crafted AT commands. This vulnerability requires physical access to the serial interface of the module or the ability to modify the system or software which uses its serial interface to send malicious AT commands.\n\n\n\n\nExploitation of the vulnerability gives full administrative (root) privileges to the attacker to execute any operating system command on TOBY-L2 which can lead to modification of the behavior of the module itself as well as the components connected with it (depending on its rights on other connected systems). It can further provide the ability to read system level files and hamper the availability of the module as well..\n\n\n\n\nThis issue affects TOBY-L2 series: TOBY-L200, TOBY-L201, TOBY-L210, TOBY-L220, TOBY-L280.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "vulnerability@ncsc.ch",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
+          "attackVector": "PHYSICAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.6,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 0.9,
+        "impactScore": 6.0
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "vulnerability@ncsc.ch",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-20"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.u-blox.com/en/report-security-issues",
+      "source": "vulnerability@ncsc.ch"
+    }
+  ]
+}

CVE-2023/CVE-2023-322xx/CVE-2023-32205.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-32205",
   "sourceIdentifier": "security@mozilla.org",
   "published": "2023-06-02T17:15:13.057",
-  "lastModified": "2023-06-21T15:33:27.127",
+  "lastModified": "2023-12-20T08:15:43.997",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
@@ -94,6 +94,10 @@
         "Vendor Advisory"
       ]
     },
+    {
+      "url": "https://security.gentoo.org/glsa/202312-03",
+      "source": "security@mozilla.org"
+    },
     {
       "url": "https://www.mozilla.org/security/advisories/mfsa2023-16/",
       "source": "security@mozilla.org",

CVE-2023/CVE-2023-322xx/CVE-2023-32206.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-32206",
   "sourceIdentifier": "security@mozilla.org",
   "published": "2023-06-02T17:15:13.100",
-  "lastModified": "2023-06-09T03:55:57.680",
+  "lastModified": "2023-12-20T08:15:44.277",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
@@ -86,6 +86,10 @@
         "Vendor Advisory"
       ]
     },
+    {
+      "url": "https://security.gentoo.org/glsa/202312-03",
+      "source": "security@mozilla.org"
+    },
     {
       "url": "https://www.mozilla.org/security/advisories/mfsa2023-16/",
       "source": "security@mozilla.org",

CVE-2023/CVE-2023-322xx/CVE-2023-32207.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-32207",
   "sourceIdentifier": "security@mozilla.org",
   "published": "2023-06-02T17:15:13.147",
-  "lastModified": "2023-06-21T15:19:41.783",
+  "lastModified": "2023-12-20T08:15:44.537",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
@@ -86,6 +86,10 @@
         "Vendor Advisory"
       ]
     },
+    {
+      "url": "https://security.gentoo.org/glsa/202312-03",
+      "source": "security@mozilla.org"
+    },
     {
       "url": "https://www.mozilla.org/security/advisories/mfsa2023-16/",
       "source": "security@mozilla.org",

CVE-2023/CVE-2023-322xx/CVE-2023-32211.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-32211",
   "sourceIdentifier": "security@mozilla.org",
   "published": "2023-06-02T17:15:13.197",
-  "lastModified": "2023-06-09T03:55:35.073",
+  "lastModified": "2023-12-20T08:15:44.760",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
@@ -86,6 +86,10 @@
         "Vendor Advisory"
       ]
     },
+    {
+      "url": "https://security.gentoo.org/glsa/202312-03",
+      "source": "security@mozilla.org"
+    },
     {
       "url": "https://www.mozilla.org/security/advisories/mfsa2023-16/",
       "source": "security@mozilla.org",

CVE-2023/CVE-2023-322xx/CVE-2023-32212.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-32212",
   "sourceIdentifier": "security@mozilla.org",
   "published": "2023-06-02T17:15:13.240",
-  "lastModified": "2023-06-09T03:55:32.897",
+  "lastModified": "2023-12-20T08:15:45.060",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
@@ -86,6 +86,10 @@
         "Vendor Advisory"
       ]
     },
+    {
+      "url": "https://security.gentoo.org/glsa/202312-03",
+      "source": "security@mozilla.org"
+    },
     {
       "url": "https://www.mozilla.org/security/advisories/mfsa2023-16/",
       "source": "security@mozilla.org",

CVE-2023/CVE-2023-322xx/CVE-2023-32213.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-32213",
   "sourceIdentifier": "security@mozilla.org",
   "published": "2023-06-02T17:15:13.287",
-  "lastModified": "2023-06-09T03:55:30.177",
+  "lastModified": "2023-12-20T08:15:45.270",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
@@ -86,6 +86,10 @@
         "Vendor Advisory"
       ]
     },
+    {
+      "url": "https://security.gentoo.org/glsa/202312-03",
+      "source": "security@mozilla.org"
+    },
     {
       "url": "https://www.mozilla.org/security/advisories/mfsa2023-16/",
       "source": "security@mozilla.org",

CVE-2023/CVE-2023-322xx/CVE-2023-32214.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-32214",
   "sourceIdentifier": "security@mozilla.org",
   "published": "2023-06-19T10:15:09.613",
-  "lastModified": "2023-06-27T08:25:27.197",
+  "lastModified": "2023-12-20T08:15:45.510",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
@@ -96,6 +96,10 @@
         "Permissions Required"
       ]
     },
+    {
+      "url": "https://security.gentoo.org/glsa/202312-03",
+      "source": "security@mozilla.org"
+    },
     {
       "url": "https://www.mozilla.org/security/advisories/mfsa2023-16/",
       "source": "security@mozilla.org",

CVE-2023/CVE-2023-322xx/CVE-2023-32215.json

@@ -2,7 +2,7 @@
   "id": "CVE-2023-32215",
   "sourceIdentifier": "security@mozilla.org",
   "published": "2023-06-02T17:15:13.337",
-  "lastModified": "2023-11-07T04:14:29.317",
+  "lastModified": "2023-12-20T08:15:45.897",
   "vulnStatus": "Modified",
   "descriptions": [
     {
@@ -86,6 +86,10 @@
         "Vendor Advisory"
       ]
     },
+    {
+      "url": "https://security.gentoo.org/glsa/202312-03",
+      "source": "security@mozilla.org"
+    },
     {
       "url": "https://www.mozilla.org/security/advisories/mfsa2023-16/",
       "source": "security@mozilla.org",

CVE-2023/CVE-2023-344xx/CVE-2023-34414.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-34414",
   "sourceIdentifier": "security@mozilla.org",
   "published": "2023-06-19T11:15:10.927",
-  "lastModified": "2023-06-27T17:02:20.343",
+  "lastModified": "2023-12-20T08:15:46.113",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
@@ -84,6 +84,10 @@
         "Permissions Required"
       ]
     },
+    {
+      "url": "https://security.gentoo.org/glsa/202312-03",
+      "source": "security@mozilla.org"
+    },
     {
       "url": "https://www.mozilla.org/security/advisories/mfsa2023-19/",
       "source": "security@mozilla.org",

CVE-2023/CVE-2023-344xx/CVE-2023-34416.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-34416",
   "sourceIdentifier": "security@mozilla.org",
   "published": "2023-06-19T11:15:11.023",
-  "lastModified": "2023-06-27T17:10:43.233",
+  "lastModified": "2023-12-20T08:15:46.477",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
@@ -77,6 +77,17 @@
     }
   ],
   "references": [
+    {
+      "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1752703%2C1818394%2C1826875%2C1827340%2C1827655%2C1828065%2C1830190%2C1830206%2C1830795%2C1833339",
+      "source": "security@mozilla.org",
+      "tags": [
+        "Broken Link"
+      ]
+    },
+    {
+      "url": "https://security.gentoo.org/glsa/202312-03",
+      "source": "security@mozilla.org"
+    },
     {
       "url": "https://www.mozilla.org/security/advisories/mfsa2023-19/",
       "source": "security@mozilla.org",

CVE-2023/CVE-2023-487xx/CVE-2023-48795.json

@@ -2,7 +2,7 @@
   "id": "CVE-2023-48795",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2023-12-18T16:15:10.897",
-  "lastModified": "2023-12-20T02:15:44.827",
+  "lastModified": "2023-12-20T07:15:06.490",
   "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
@@ -28,6 +28,10 @@
       "url": "https://access.redhat.com/security/cve/cve-2023-48795",
       "source": "cve@mitre.org"
     },
+    {
+      "url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/",
+      "source": "cve@mitre.org"
+    },
     {
       "url": "https://bugs.gentoo.org/920280",
       "source": "cve@mitre.org"

README.md

@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-12-20T07:00:24.509673+00:00
+2023-12-20T09:00:25.198051+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-12-20T06:15:45.907000+00:00
+2023-12-20T08:15:46.477000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,23 +29,32 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-233805
+233806
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `4`
+Recently added CVEs: `1`
 
-* [CVE-2023-6974](CVE-2023/CVE-2023-69xx/CVE-2023-6974.json) (`2023-12-20T06:15:45.160`)
+* [CVE-2023-0011](CVE-2023/CVE-2023-00xx/CVE-2023-0011.json) (`2023-12-20T08:15:43.503`)
-* [CVE-2023-6975](CVE-2023/CVE-2023-69xx/CVE-2023-6975.json) (`2023-12-20T06:15:45.553`)
-* [CVE-2023-6976](CVE-2023/CVE-2023-69xx/CVE-2023-6976.json) (`2023-12-20T06:15:45.730`)
-* [CVE-2023-6977](CVE-2023/CVE-2023-69xx/CVE-2023-6977.json) (`2023-12-20T06:15:45.907`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `0`
+Recently modified CVEs: `12`
 
+* [CVE-2021-4104](CVE-2021/CVE-2021-41xx/CVE-2021-4104.json) (`2023-12-20T08:15:42.873`)
+* [CVE-2023-48795](CVE-2023/CVE-2023-487xx/CVE-2023-48795.json) (`2023-12-20T07:15:06.490`)
+* [CVE-2023-32205](CVE-2023/CVE-2023-322xx/CVE-2023-32205.json) (`2023-12-20T08:15:43.997`)
+* [CVE-2023-32206](CVE-2023/CVE-2023-322xx/CVE-2023-32206.json) (`2023-12-20T08:15:44.277`)
+* [CVE-2023-32207](CVE-2023/CVE-2023-322xx/CVE-2023-32207.json) (`2023-12-20T08:15:44.537`)
+* [CVE-2023-32211](CVE-2023/CVE-2023-322xx/CVE-2023-32211.json) (`2023-12-20T08:15:44.760`)
+* [CVE-2023-32212](CVE-2023/CVE-2023-322xx/CVE-2023-32212.json) (`2023-12-20T08:15:45.060`)
+* [CVE-2023-32213](CVE-2023/CVE-2023-322xx/CVE-2023-32213.json) (`2023-12-20T08:15:45.270`)
+* [CVE-2023-32214](CVE-2023/CVE-2023-322xx/CVE-2023-32214.json) (`2023-12-20T08:15:45.510`)
+* [CVE-2023-32215](CVE-2023/CVE-2023-322xx/CVE-2023-32215.json) (`2023-12-20T08:15:45.897`)
+* [CVE-2023-34414](CVE-2023/CVE-2023-344xx/CVE-2023-34414.json) (`2023-12-20T08:15:46.113`)
+* [CVE-2023-34416](CVE-2023/CVE-2023-344xx/CVE-2023-34416.json) (`2023-12-20T08:15:46.477`)
 
 
 ## Download and Usage