Auto-Update: 2024-01-11T05:00:25.099118+00:00

2025-06-21 17:41:05 +00:00 · 2024-01-11 05:00:28 +00:00 · 2024-01-11 05:00:28 +00:00 · 33c0d92a96
commit 33c0d92a96
parent f744dcfcb9
25 changed files with 695 additions and 68 deletions
--- a/CVE-2002/CVE-2002-200xx/CVE-2002-20001.json
+++ b/CVE-2002/CVE-2002-200xx/CVE-2002-20001.json
@ -2,7 +2,7 @@
  "id": "CVE-2002-20001",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2021-11-11T19:15:07.380",
-  "lastModified": "2023-09-25T05:15:09.530",
+  "lastModified": "2024-01-11T03:15:08.380",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -521,6 +521,10 @@
        "Third Party Advisory"
      ]
    },
+    {
+      "url": "https://dheatattack.gitlab.io/",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://github.com/Balasys/dheater",
      "source": "cve@mitre.org",
--- a/CVE-2020/CVE-2020-174xx/CVE-2020-17453.json
+++ b/CVE-2020/CVE-2020-174xx/CVE-2020-17453.json
@ -2,8 +2,8 @@
  "id": "CVE-2020-17453",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2021-04-05T22:15:12.633",
-  "lastModified": "2021-04-08T20:08:50.180",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-01-11T03:15:08.600",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -176,13 +176,6 @@
    }
  ],
  "references": [
-    {
-      "url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2020-1132",
-      "source": "cve@mitre.org",
-      "tags": [
-        "Vendor Advisory"
-      ]
-    },
    {
      "url": "https://github.com/JHHAX/CVE-2020-17453-PoC",
      "source": "cve@mitre.org",
@ -191,6 +184,10 @@
        "Third Party Advisory"
      ]
    },
+    {
+      "url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2021/WSO2-2020-1132/",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://twitter.com/JacksonHHax/status/1374681422678519813",
      "source": "cve@mitre.org",
--- a/CVE-2020/CVE-2020-247xx/CVE-2020-24703.json
+++ b/CVE-2020/CVE-2020-247xx/CVE-2020-24703.json
@ -2,8 +2,8 @@
  "id": "CVE-2020-24703",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2020-08-27T16:15:11.583",
-  "lastModified": "2020-09-08T18:53:08.513",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-01-11T03:15:08.740",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -165,11 +165,8 @@
  ],
  "references": [
    {
-      "url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2020-0687",
-      "source": "cve@mitre.org",
-      "tags": [
-        "Vendor Advisory"
-      ]
+      "url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2020/WSO2-2020-0687/",
+      "source": "cve@mitre.org"
    }
  ]
 }
--- a/CVE-2020/CVE-2020-247xx/CVE-2020-24704.json
+++ b/CVE-2020/CVE-2020-247xx/CVE-2020-24704.json
@ -2,8 +2,8 @@
  "id": "CVE-2020-24704",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2020-08-27T16:15:11.677",
-  "lastModified": "2020-09-08T18:46:15.547",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-01-11T03:15:08.860",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -165,11 +165,8 @@
  ],
  "references": [
    {
-      "url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2020-0685",
-      "source": "cve@mitre.org",
-      "tags": [
-        "Vendor Advisory"
-      ]
+      "url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2020/WSO2-2020-0685/",
+      "source": "cve@mitre.org"
    }
  ]
 }
--- a/CVE-2020/CVE-2020-247xx/CVE-2020-24705.json
+++ b/CVE-2020/CVE-2020-247xx/CVE-2020-24705.json
@ -2,7 +2,7 @@
  "id": "CVE-2020-24705",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2020-08-27T16:15:11.753",
-  "lastModified": "2024-01-09T06:15:45.540",
+  "lastModified": "2024-01-11T03:15:08.953",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -142,13 +142,6 @@
    }
  ],
  "references": [
-    {
-      "url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2020-0718",
-      "source": "cve@mitre.org",
-      "tags": [
-        "Vendor Advisory"
-      ]
-    },
    {
      "url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2020/WSO2-2020-0718/",
      "source": "cve@mitre.org"
--- a/CVE-2021/CVE-2021-426xx/CVE-2021-42646.json
+++ b/CVE-2021/CVE-2021-426xx/CVE-2021-42646.json
@ -2,8 +2,8 @@
  "id": "CVE-2021-42646",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2022-05-11T18:15:23.053",
-  "lastModified": "2022-11-29T16:48:14.397",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-01-11T03:15:09.047",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -169,13 +169,6 @@
        "Third Party Advisory"
      ]
    },
-    {
-      "url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2021-1289",
-      "source": "cve@mitre.org",
-      "tags": [
-        "Vendor Advisory"
-      ]
-    },
    {
      "url": "https://github.com/wso2/carbon-identity-framework/pull/3472",
      "source": "cve@mitre.org",
@ -183,6 +176,10 @@
        "Patch",
        "Third Party Advisory"
      ]
+    },
+    {
+      "url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2021/WSO2-2021-1289/",
+      "source": "cve@mitre.org"
    }
  ]
 }
--- a/CVE-2022/CVE-2022-403xx/CVE-2022-40361.json
+++ b/CVE-2022/CVE-2022-403xx/CVE-2022-40361.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2022-40361",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-11T03:15:09.157",
+  "lastModified": "2024-01-11T03:15:09.157",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross Site Scripting Vulnerability in Elite CRM v1.2.11 allows attacker to execute arbitrary code via the language parameter to the /ngs/login endpoint."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://elitecrm.co/",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://hazemhussien99.wordpress.com/2024/01/07/cve-2022-40361-disclosure/",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2022/CVE-2022-407xx/CVE-2022-40735.json
+++ b/CVE-2022/CVE-2022-407xx/CVE-2022-40735.json
@ -2,12 +2,16 @@
  "id": "CVE-2022-40735",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2022-11-14T23:15:11.423",
-  "lastModified": "2022-11-21T22:15:15.090",
+  "lastModified": "2024-01-11T03:15:09.207",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "The Diffie-Hellman Key Agreement Protocol allows use of long exponents that arguably make certain calculations unnecessarily expensive, because the 1996 van Oorschot and Wiener paper found that \"(appropriately) short exponents\" can be used when there are adequate subgroup constraints, and these short exponents can lead to less expensive calculations than for long exponents. This issue is different from CVE-2002-20001 because it is based on an observation about exponent size, rather than an observation about numbers that are not public keys. The specific situations in which calculation expense would constitute a server-side vulnerability depend on the protocol (e.g., TLS, SSH, or IKE) and the DHE implementation details. In general, there might be an availability concern because of server-side resource consumption from DHE modular-exponentiation calculations. Finally, it is possible for an attacker to exploit this vulnerability and CVE-2002-20001 together."
+    },
+    {
+      "lang": "es",
+      "value": "Diffie-Hellman Key Agreement Protocol permite el uso de exponentes largos que posiblemente hacen que ciertos c\u00e1lculos sean innecesariamente costosos, porque el art\u00edculo de van Oorschot y Wiener de 1996 encontr\u00f3 que se pueden usar \"exponentes (apropiadamente) cortos\" cuando existen restricciones de subgrupo adecuadas, y estos exponentes cortos pueden conducir a c\u00e1lculos menos costosos que los de exponentes largos. Este problema es diferente de CVE-2002-20001, porque se basa en una observaci\u00f3n sobre el tama\u00f1o del exponente, en lugar de una observaci\u00f3n sobre n\u00fameros que no son claves p\u00fablicas. Las situaciones espec\u00edficas en las que el gasto de c\u00e1lculo constituir\u00eda una vulnerabilidad del lado del servidor dependen del protocolo (por ejemplo, TLS, SSH o IKE) y los detalles de implementaci\u00f3n de DHE. En general, puede haber un problema de disponibilidad debido al consumo de recursos del lado del servidor a partir de los c\u00e1lculos de exponenciaci\u00f3n modular de DHE. Finalmente, es posible que un atacante aproveche esta vulnerabilidad y CVE-2002-20001 juntos."
    }
  ],
  "metrics": {
@ -64,6 +68,10 @@
    }
  ],
  "references": [
+    {
+      "url": "https://dheatattack.gitlab.io/",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://gist.github.com/c0r0n3r/9455ddcab985c50fd1912eabf26e058b",
      "source": "cve@mitre.org",
--- a/CVE-2023/CVE-2023-270xx/CVE-2023-27043.json
+++ b/CVE-2023/CVE-2023-270xx/CVE-2023-27043.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-27043",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-04-19T00:15:07.973",
-  "lastModified": "2024-01-04T03:15:09.500",
+  "lastModified": "2024-01-11T03:15:09.307",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -96,6 +96,10 @@
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ARI7VDSNTQVXRQFM6IK5GSSLEIYV4VZH/",
      "source": "cve@mitre.org"
    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6M5I6OQHJABNEYY555HUMMKX3Y4P25Z/",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEUNZSZ3CVSM2QWVYH3N2XGOCDWNYUA3/",
      "source": "cve@mitre.org"
@ -104,6 +108,10 @@
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORLXS5YTKN65E2Q2NWKXMFS5FWQHRNZW/",
      "source": "cve@mitre.org"
    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2MAICLFDDO3QVNHTZ2OCERZQ34R2PIC/",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2W2BZQIHMCKRI5FNBJERFYMS5PK6TAH/",
      "source": "cve@mitre.org"
--- a/CVE-2023/CVE-2023-310xx/CVE-2023-31001.json
+++ b/CVE-2023/CVE-2023-310xx/CVE-2023-31001.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-31001",
+  "sourceIdentifier": "psirt@us.ibm.com",
+  "published": "2024-01-11T03:15:09.413",
+  "lastModified": "2024-01-11T03:15:09.413",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) temporarily stores sensitive information in files that could be accessed by a local user.  IBM X-Force ID:  254653."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "psirt@us.ibm.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
+          "attackVector": "LOCAL",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.1,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.4,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "psirt@us.ibm.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-257"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254653",
+      "source": "psirt@us.ibm.com"
+    },
+    {
+      "url": "https://www.ibm.com/support/pages/node/7106586",
+      "source": "psirt@us.ibm.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-310xx/CVE-2023-31003.json
+++ b/CVE-2023/CVE-2023-310xx/CVE-2023-31003.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-31003",
+  "sourceIdentifier": "psirt@us.ibm.com",
+  "published": "2024-01-11T03:15:09.617",
+  "lastModified": "2024-01-11T03:15:09.617",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) could allow a local user to obtain root access due to improper access controls.  IBM X-Force ID:  254658."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "psirt@us.ibm.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 8.4,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.5,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "psirt@us.ibm.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-59"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254658",
+      "source": "psirt@us.ibm.com"
+    },
+    {
+      "url": "https://www.ibm.com/support/pages/node/7106586",
+      "source": "psirt@us.ibm.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-382xx/CVE-2023-38267.json
+++ b/CVE-2023/CVE-2023-382xx/CVE-2023-38267.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-38267",
+  "sourceIdentifier": "psirt@us.ibm.com",
+  "published": "2024-01-11T03:15:09.803",
+  "lastModified": "2024-01-11T03:15:09.803",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "IBM Security Access Manager Appliance (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) could allow a local user to obtain sensitive configuration information.  IBM X-Force ID:  260584."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "psirt@us.ibm.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 6.2,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.5,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "psirt@us.ibm.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-311"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/260584",
+      "source": "psirt@us.ibm.com"
+    },
+    {
+      "url": "https://www.ibm.com/support/pages/node/7106586",
+      "source": "psirt@us.ibm.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-451xx/CVE-2023-45169.json
+++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45169.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-45169",
+  "sourceIdentifier": "psirt@us.ibm.com",
+  "published": "2024-01-11T03:15:09.990",
+  "lastModified": "2024-01-11T03:15:09.990",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the pmsvcs kernel extension to cause a denial of service.  IBM X-Force ID:  267967."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "psirt@us.ibm.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 6.2,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.5,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "psirt@us.ibm.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-20"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/267967",
+      "source": "psirt@us.ibm.com"
+    },
+    {
+      "url": "https://www.ibm.com/support/pages/node/7105282",
+      "source": "psirt@us.ibm.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-451xx/CVE-2023-45171.json
+++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45171.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-45171",
+  "sourceIdentifier": "psirt@us.ibm.com",
+  "published": "2024-01-11T03:15:10.173",
+  "lastModified": "2024-01-11T03:15:10.173",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the kernel to cause a denial of service.  IBM X-Force ID:  267969."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "psirt@us.ibm.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 6.2,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.5,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "psirt@us.ibm.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-20"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/267969",
+      "source": "psirt@us.ibm.com"
+    },
+    {
+      "url": "https://www.ibm.com/support/pages/node/7105282",
+      "source": "psirt@us.ibm.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-487xx/CVE-2023-48795.json
+++ b/CVE-2023/CVE-2023-487xx/CVE-2023-48795.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-48795",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-12-18T16:15:10.897",
-  "lastModified": "2024-01-10T03:15:43.383",
+  "lastModified": "2024-01-11T04:15:07.790",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -1540,6 +1540,10 @@
        "Mailing List"
      ]
    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/",
      "source": "cve@mitre.org"
@ -1552,6 +1556,14 @@
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/",
      "source": "cve@mitre.org"
    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/",
      "source": "cve@mitre.org"
--- a/CVE-2023/CVE-2023-510xx/CVE-2023-51073.json
+++ b/CVE-2023/CVE-2023-510xx/CVE-2023-51073.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-51073",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-11T03:15:10.710",
+  "lastModified": "2024-01-11T03:15:10.710",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in Buffalo LS210D v.1.78-0.03 allows a remote attacker to execute arbitrary code via the Firmware Update Script at /etc/init.d/update_notifications.sh."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/christopher-pace/CVE-2023-51073/",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.buffalotech.com",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-517xx/CVE-2023-51764.json
+++ b/CVE-2023/CVE-2023-517xx/CVE-2023-51764.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-51764",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-12-24T05:15:08.273",
-  "lastModified": "2024-01-05T16:19:53.853",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-01-11T04:15:08.097",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -184,6 +184,14 @@
        "Third Party Advisory"
      ]
    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ5WXFCW2N6G2PH3JXDTYW5PH5EBQEGO/",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRLF5SOS7TP5N7FQSEK2NFNB44ISVTZC/",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/",
      "source": "cve@mitre.org",
--- a/CVE-2023/CVE-2023-522xx/CVE-2023-52274.json
+++ b/CVE-2023/CVE-2023-522xx/CVE-2023-52274.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-52274",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-11T03:15:10.843",
+  "lastModified": "2024-01-11T03:15:10.843",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "member/index/register.html in YzmCMS 6.5 through 7.0 allows XSS via the Referer HTTP header."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/yzmcms/yzmcms/issues/65",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/yzmcms/yzmcms/tags",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-54xx/CVE-2023-5448.json
+++ b/CVE-2023/CVE-2023-54xx/CVE-2023-5448.json
@ -0,0 +1,47 @@
+{
+  "id": "CVE-2023-5448",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2024-01-11T04:15:08.373",
+  "lastModified": "2024-01-11T04:15:08.373",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The WP Register Profile With Shortcode plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.5.9. This is due to missing or incorrect nonce validation on the update_password_validate function. This makes it possible for unauthenticated attackers to reset a user's password via a forged request granted they can trick the user into performing an action such as clicking on a link."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 8.8,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/3018102",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ca564941-4780-4da2-b937-c9bd45966d81?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-63xx/CVE-2023-6377.json
+++ b/CVE-2023/CVE-2023-63xx/CVE-2023-6377.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-6377",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2023-12-13T07:15:30.030",
-  "lastModified": "2024-01-02T15:15:09.880",
+  "lastModified": "2024-01-11T04:15:08.553",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -337,6 +337,10 @@
        "Vendor Advisory"
      ]
    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IFHV5KCQ2SVOD4QMCPZ5HC6YL44L7YJD/",
+      "source": "secalert@redhat.com"
+    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LJDFWDB7EQVZA45XDP7L5WRSRWS6RVRR/",
      "source": "secalert@redhat.com",
--- a/CVE-2023/CVE-2023-64xx/CVE-2023-6478.json
+++ b/CVE-2023/CVE-2023-64xx/CVE-2023-6478.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-6478",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2023-12-13T07:15:31.213",
-  "lastModified": "2024-01-02T15:15:10.040",
+  "lastModified": "2024-01-11T04:15:08.700",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -330,6 +330,10 @@
        "Vendor Advisory"
      ]
    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IFHV5KCQ2SVOD4QMCPZ5HC6YL44L7YJD/",
+      "source": "secalert@redhat.com"
+    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LJDFWDB7EQVZA45XDP7L5WRSRWS6RVRR/",
      "source": "secalert@redhat.com",
--- a/CVE-2024/CVE-2024-03xx/CVE-2024-0333.json
+++ b/CVE-2024/CVE-2024-03xx/CVE-2024-0333.json
@ -2,7 +2,7 @@
  "id": "CVE-2024-0333",
  "sourceIdentifier": "chrome-cve-admin@google.com",
  "published": "2024-01-10T22:15:50.907",
-  "lastModified": "2024-01-10T22:15:50.907",
+  "lastModified": "2024-01-11T03:15:10.893",
  "vulnStatus": "Received",
  "descriptions": [
    {
@ -19,6 +19,10 @@
    {
      "url": "https://crbug.com/1513379",
      "source": "chrome-cve-admin@google.com"
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPYCYENYQYADCOS6XG4JITUVRZ6HTE2B/",
+      "source": "chrome-cve-admin@google.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-221xx/CVE-2024-22194.json
+++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22194.json
@ -0,0 +1,111 @@
+{
+  "id": "CVE-2024-22194",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2024-01-11T03:15:10.933",
+  "lastModified": "2024-01-11T03:15:10.933",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in `cdo-local-uuid` at version `0.4.0`, and in `case-utils` in unpatched versions (matching the pattern `0.x.0`) at and since `0.5.0`, before `0.15.0`. The vulnerability stems from a Python function, `cdo_local_uuid.local_uuid()`, and its original implementation `case_utils.local_uuid()`. "
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
+          "attackVector": "LOCAL",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 2.2,
+          "baseSeverity": "LOW"
+        },
+        "exploitabilityScore": 0.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-215"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-337"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID/commit/9e78f7cb1075728d0aafc918514f32a1392cd235",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID/pull/3",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID/pull/4",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID/security/advisories/GHSA-rgrf-6mf5-m882",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/casework/CASE-Utilities-Python/commit/00864cd12de7c50d882dd1a74915d32e939c25f9",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/casework/CASE-Utilities-Python/commit/1cccae8eb3cf94b3a28f6490efa0fbf5c82ebd6b",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/casework/CASE-Utilities-Python/commit/5acb929dfb599709d1c8c90d1824dd79e0fd9e10",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/casework/CASE-Utilities-Python/commit/7e02d18383eabbeb9fb4ec97d81438c9980a4790",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/casework/CASE-Utilities-Python/commit/80551f49241c874c7c50e14abe05c5017630dad2",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/casework/CASE-Utilities-Python/commit/939775f956796d0432ecabbf62782ed7ad1007b5",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/casework/CASE-Utilities-Python/commit/db428a0745dac4fdd888ced9c52f617695519f9d",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/casework/CASE-Utilities-Python/commit/e4ffadc3d56fd303b8f465d727c4a58213d311a1",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/casework/CASE-Utilities-Python/commit/fca7388f09feccd3b9ea88e6df9c7a43a5349452",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/casework/CASE-Utilities-Python/commit/fdc32414eccfcbde6be0fd91b7f491cc0779b02d#diff-e60b9cb8fb480ed27283a030a0898be3475992d78228f4045b12ce5cbb2f0509",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-221xx/CVE-2024-22195.json
+++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22195.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2024-22195",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2024-01-11T03:15:11.200",
+  "lastModified": "2024-01-11T03:15:11.200",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template, potentially leading to Cross-Site Scripting (XSS). The Jinja `xmlattr` filter can be abused to inject arbitrary HTML attribute keys and values, bypassing the auto escaping mechanism and potentially leading to XSS. It may also be possible to bypass attribute validation checks if they are blacklist-based.\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.4,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.5
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/pallets/jinja/releases/tag/3.1.3",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-01-11T03:00:32.273564+00:00
+2024-01-11T05:00:25.099118+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-01-11T02:15:48.250000+00:00
+2024-01-11T04:15:08.700000+00:00
 ```

 ### Last Data Feed Release
@ -29,33 +29,43 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-235547
+235558
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `6`
+Recently added CVEs: `11`

-* [CVE-2023-45173](CVE-2023/CVE-2023-451xx/CVE-2023-45173.json) (`2024-01-11T02:15:47.857`)
-* [CVE-2023-45175](CVE-2023/CVE-2023-451xx/CVE-2023-45175.json) (`2024-01-11T02:15:48.063`)
-* [CVE-2024-21665](CVE-2024/CVE-2024-216xx/CVE-2024-21665.json) (`2024-01-11T01:15:45.413`)
-* [CVE-2024-21666](CVE-2024/CVE-2024-216xx/CVE-2024-21666.json) (`2024-01-11T01:15:45.623`)
-* [CVE-2024-21667](CVE-2024/CVE-2024-216xx/CVE-2024-21667.json) (`2024-01-11T01:15:45.810`)
-* [CVE-2024-22190](CVE-2024/CVE-2024-221xx/CVE-2024-22190.json) (`2024-01-11T02:15:48.250`)
+* [CVE-2022-40361](CVE-2022/CVE-2022-403xx/CVE-2022-40361.json) (`2024-01-11T03:15:09.157`)
+* [CVE-2023-31001](CVE-2023/CVE-2023-310xx/CVE-2023-31001.json) (`2024-01-11T03:15:09.413`)
+* [CVE-2023-31003](CVE-2023/CVE-2023-310xx/CVE-2023-31003.json) (`2024-01-11T03:15:09.617`)
+* [CVE-2023-38267](CVE-2023/CVE-2023-382xx/CVE-2023-38267.json) (`2024-01-11T03:15:09.803`)
+* [CVE-2023-45169](CVE-2023/CVE-2023-451xx/CVE-2023-45169.json) (`2024-01-11T03:15:09.990`)
+* [CVE-2023-45171](CVE-2023/CVE-2023-451xx/CVE-2023-45171.json) (`2024-01-11T03:15:10.173`)
+* [CVE-2023-51073](CVE-2023/CVE-2023-510xx/CVE-2023-51073.json) (`2024-01-11T03:15:10.710`)
+* [CVE-2023-52274](CVE-2023/CVE-2023-522xx/CVE-2023-52274.json) (`2024-01-11T03:15:10.843`)
+* [CVE-2023-5448](CVE-2023/CVE-2023-54xx/CVE-2023-5448.json) (`2024-01-11T04:15:08.373`)
+* [CVE-2024-22194](CVE-2024/CVE-2024-221xx/CVE-2024-22194.json) (`2024-01-11T03:15:10.933`)
+* [CVE-2024-22195](CVE-2024/CVE-2024-221xx/CVE-2024-22195.json) (`2024-01-11T03:15:11.200`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `8`
+Recently modified CVEs: `13`

-* [CVE-2023-29357](CVE-2023/CVE-2023-293xx/CVE-2023-29357.json) (`2024-01-11T02:00:01.543`)
-* [CVE-2023-38623](CVE-2023/CVE-2023-386xx/CVE-2023-38623.json) (`2024-01-11T02:06:12.783`)
-* [CVE-2023-38652](CVE-2023/CVE-2023-386xx/CVE-2023-38652.json) (`2024-01-11T02:08:06.267`)
-* [CVE-2023-38651](CVE-2023/CVE-2023-386xx/CVE-2023-38651.json) (`2024-01-11T02:08:28.890`)
-* [CVE-2023-38650](CVE-2023/CVE-2023-386xx/CVE-2023-38650.json) (`2024-01-11T02:08:48.963`)
-* [CVE-2023-38649](CVE-2023/CVE-2023-386xx/CVE-2023-38649.json) (`2024-01-11T02:09:17.940`)
-* [CVE-2023-38648](CVE-2023/CVE-2023-386xx/CVE-2023-38648.json) (`2024-01-11T02:09:36.853`)
-* [CVE-2024-20672](CVE-2024/CVE-2024-206xx/CVE-2024-20672.json) (`2024-01-11T01:15:44.973`)
+* [CVE-2002-20001](CVE-2002/CVE-2002-200xx/CVE-2002-20001.json) (`2024-01-11T03:15:08.380`)
+* [CVE-2020-17453](CVE-2020/CVE-2020-174xx/CVE-2020-17453.json) (`2024-01-11T03:15:08.600`)
+* [CVE-2020-24703](CVE-2020/CVE-2020-247xx/CVE-2020-24703.json) (`2024-01-11T03:15:08.740`)
+* [CVE-2020-24704](CVE-2020/CVE-2020-247xx/CVE-2020-24704.json) (`2024-01-11T03:15:08.860`)
+* [CVE-2020-24705](CVE-2020/CVE-2020-247xx/CVE-2020-24705.json) (`2024-01-11T03:15:08.953`)
+* [CVE-2021-42646](CVE-2021/CVE-2021-426xx/CVE-2021-42646.json) (`2024-01-11T03:15:09.047`)
+* [CVE-2022-40735](CVE-2022/CVE-2022-407xx/CVE-2022-40735.json) (`2024-01-11T03:15:09.207`)
+* [CVE-2023-27043](CVE-2023/CVE-2023-270xx/CVE-2023-27043.json) (`2024-01-11T03:15:09.307`)
+* [CVE-2023-48795](CVE-2023/CVE-2023-487xx/CVE-2023-48795.json) (`2024-01-11T04:15:07.790`)
+* [CVE-2023-51764](CVE-2023/CVE-2023-517xx/CVE-2023-51764.json) (`2024-01-11T04:15:08.097`)
+* [CVE-2023-6377](CVE-2023/CVE-2023-63xx/CVE-2023-6377.json) (`2024-01-11T04:15:08.553`)
+* [CVE-2023-6478](CVE-2023/CVE-2023-64xx/CVE-2023-6478.json) (`2024-01-11T04:15:08.700`)
+* [CVE-2024-0333](CVE-2024/CVE-2024-03xx/CVE-2024-0333.json) (`2024-01-11T03:15:10.893`)


 ## Download and Usage