Auto-Update: 2023-10-31T07:00:27.802251+00:00

2025-07-11 16:13:34 +00:00 · 2023-10-31 07:00:31 +00:00 · 2023-10-31 07:00:31 +00:00 · 33bc06d0f0
commit 33bc06d0f0
parent 97416db26a
5 changed files with 115 additions and 9 deletions
--- a/CVE-2023/CVE-2023-362xx/CVE-2023-36263.json
+++ b/CVE-2023/CVE-2023-362xx/CVE-2023-36263.json
@ -0,0 +1,43 @@
+{
+  "id": "CVE-2023-36263",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-31T05:15:58.220",
+  "lastModified": "2023-10-31T05:15:58.220",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Prestashop opartlimitquantity 1.4.5 and before is vulnerable to SQL Injection. OpartlimitquantityAlertlimitModuleFrontController::displayAjaxPushAlertMessage()` has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://security.friendsofpresta.org/modules/2023/10/25/opartlimitquantity.html",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-431xx/CVE-2023-43139.json
+++ b/CVE-2023/CVE-2023-431xx/CVE-2023-43139.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-43139",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-31T05:15:58.353",
+  "lastModified": "2023-10-31T05:15:58.353",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in franfinance before v.2.0.27 allows a remote attacker to execute arbitrary code via the validation.php, and controllers/front/validation.php components."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://security.friendsofpresta.org/modules/2023/10/25/franfinance.html",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-459xx/CVE-2023-45996.json
+++ b/CVE-2023/CVE-2023-459xx/CVE-2023-45996.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-45996",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-31T06:15:07.883",
+  "lastModified": "2023-10-31T06:15:07.883",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "SQL injection vulnerability in Senayan Library Management Systems Slims v.9 and Bulian v.9.6.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted script to the reborrowLimit parameter in the member_type.php."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/Vuln0wned/slims_owned/blob/main/slims/slims9-bulian-9.6.1-SQLI-member_type.md",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/slims/slims9_bulian/issues/216",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-463xx/CVE-2023-46361.json
+++ b/CVE-2023/CVE-2023-463xx/CVE-2023-46361.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-46361",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-31T06:15:08.900",
+  "lastModified": "2023-10-31T06:15:08.900",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Artifex Software jbig2dec v0.20 was discovered to contain a SEGV vulnerability via jbig2_error at /jbig2dec/jbig2.c."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/Frank-Z7/z-vulnerabilitys/blob/main/jbig2dec-SEGV/jbig2dec-SEGV.md",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-10-31T05:00:26.622070+00:00
+2023-10-31T07:00:27.802251+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-10-31T04:15:11.313000+00:00
+2023-10-31T06:15:08.900000+00:00
 ```

 ### Last Data Feed Release
@ -29,18 +29,17 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-229312
+229316
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `5`
+Recently added CVEs: `4`

-* [CVE-2015-20110](CVE-2015/CVE-2015-201xx/CVE-2015-20110.json) (`2023-10-31T03:15:07.613`)
-* [CVE-2023-27846](CVE-2023/CVE-2023-278xx/CVE-2023-27846.json) (`2023-10-31T04:15:11.057`)
-* [CVE-2023-45378](CVE-2023/CVE-2023-453xx/CVE-2023-45378.json) (`2023-10-31T04:15:11.207`)
-* [CVE-2023-46356](CVE-2023/CVE-2023-463xx/CVE-2023-46356.json) (`2023-10-31T04:15:11.257`)
-* [CVE-2023-47174](CVE-2023/CVE-2023-471xx/CVE-2023-47174.json) (`2023-10-31T04:15:11.313`)
+* [CVE-2023-36263](CVE-2023/CVE-2023-362xx/CVE-2023-36263.json) (`2023-10-31T05:15:58.220`)
+* [CVE-2023-43139](CVE-2023/CVE-2023-431xx/CVE-2023-43139.json) (`2023-10-31T05:15:58.353`)
+* [CVE-2023-45996](CVE-2023/CVE-2023-459xx/CVE-2023-45996.json) (`2023-10-31T06:15:07.883`)
+* [CVE-2023-46361](CVE-2023/CVE-2023-463xx/CVE-2023-46361.json) (`2023-10-31T06:15:08.900`)


 ### CVEs modified in the last Commit