Auto-Update: 2023-09-20T08:00:26.422619+00:00

CVE-2023/CVE-2023-21xx/CVE-2023-2163.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-2163",
+  "sourceIdentifier": "cve-coordination@google.com",
+  "published": "2023-09-20T06:15:10.233",
+  "lastModified": "2023-09-20T06:15:10.233",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Incorrect verifier pruning\u00a0in BPF in Linux Kernel\u00a0>=5.4\u00a0leads to unsafe\ncode paths being incorrectly marked as safe, resulting in\u00a0arbitrary read/write in\nkernel memory, lateral privilege escalation, and container escape.\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve-coordination@google.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 10.0,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.8
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve-coordination@google.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-682"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=71b547f561247897a0a14f3082730156c0533fed",
+      "source": "cve-coordination@google.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-436xx/CVE-2023-43616.json

@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-43616",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-09-20T06:15:10.523",
+  "lastModified": "2023-09-20T06:15:10.523",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in Croc through 9.6.5. A sender can cause a receiver to overwrite files during ZIP extraction."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/schollz/croc/issues/594",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.openwall.com/lists/oss-security/2023/09/08/2",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-436xx/CVE-2023-43617.json

@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-43617",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-09-20T06:15:10.617",
+  "lastModified": "2023-09-20T06:15:10.617",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in Croc through 9.6.5. When a custom shared secret is used, the sender and receiver may divulge parts of this secret to an untrusted Relay, as part of composing a room name."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/schollz/croc/issues/596",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.openwall.com/lists/oss-security/2023/09/08/2",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-436xx/CVE-2023-43618.json

@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-43618",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-09-20T06:15:10.693",
+  "lastModified": "2023-09-20T06:15:10.693",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in Croc through 9.6.5. The protocol requires a sender to provide its local IP addresses in cleartext via an ips? message."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/schollz/croc/issues/597",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.openwall.com/lists/oss-security/2023/09/08/2",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-436xx/CVE-2023-43619.json

@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-43619",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-09-20T06:15:10.773",
+  "lastModified": "2023-09-20T06:15:10.773",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in Croc through 9.6.5. A sender may send dangerous new files to a receiver, such as executable content or a .ssh/authorized_keys file."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/schollz/croc/issues/593",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.openwall.com/lists/oss-security/2023/09/08/2",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-436xx/CVE-2023-43620.json

@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-43620",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-09-20T06:15:10.870",
+  "lastModified": "2023-09-20T06:15:10.870",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in Croc through 9.6.5. A sender may place ANSI or CSI escape sequences in a filename to attack the terminal device of a receiver."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/schollz/croc/issues/595",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.openwall.com/lists/oss-security/2023/09/08/2",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-436xx/CVE-2023-43621.json

@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-43621",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-09-20T06:15:10.950",
+  "lastModified": "2023-09-20T06:15:10.950",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in Croc through 9.6.5. The shared secret, located on a command line, can be read by local users who list all processes and their arguments."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/schollz/croc/issues/598",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.openwall.com/lists/oss-security/2023/09/08/2",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

README.md

@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-09-20T06:00:25.717313+00:00
+2023-09-20T08:00:26.422619+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-09-20T05:15:39.923000+00:00
+2023-09-20T06:15:10.950000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,14 +29,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-225871
+225878
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `1`
+Recently added CVEs: `7`
 
-* [CVE-2023-26144](CVE-2023/CVE-2023-261xx/CVE-2023-26144.json) (`2023-09-20T05:15:39.923`)
+* [CVE-2023-2163](CVE-2023/CVE-2023-21xx/CVE-2023-2163.json) (`2023-09-20T06:15:10.233`)
+* [CVE-2023-43616](CVE-2023/CVE-2023-436xx/CVE-2023-43616.json) (`2023-09-20T06:15:10.523`)
+* [CVE-2023-43617](CVE-2023/CVE-2023-436xx/CVE-2023-43617.json) (`2023-09-20T06:15:10.617`)
+* [CVE-2023-43618](CVE-2023/CVE-2023-436xx/CVE-2023-43618.json) (`2023-09-20T06:15:10.693`)
+* [CVE-2023-43619](CVE-2023/CVE-2023-436xx/CVE-2023-43619.json) (`2023-09-20T06:15:10.773`)
+* [CVE-2023-43620](CVE-2023/CVE-2023-436xx/CVE-2023-43620.json) (`2023-09-20T06:15:10.870`)
+* [CVE-2023-43621](CVE-2023/CVE-2023-436xx/CVE-2023-43621.json) (`2023-09-20T06:15:10.950`)
 
 
 ### CVEs modified in the last Commit