From 375ba12d9a96963dc0cf447f315ecfe373ce7f3b Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 22 May 2023 02:00:32 +0000 Subject: [PATCH] Auto-Update: 2023-05-22 02:00:28.809557+00:00 --- CVE-2023/CVE-2023-323xx/CVE-2023-32336.json | 59 +++++++++++++++++++++ CVE-2023/CVE-2023-332xx/CVE-2023-33264.json | 20 +++++++ README.md | 42 +++------------ 3 files changed, 87 insertions(+), 34 deletions(-) create mode 100644 CVE-2023/CVE-2023-323xx/CVE-2023-32336.json create mode 100644 CVE-2023/CVE-2023-332xx/CVE-2023-33264.json diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32336.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32336.json new file mode 100644 index 00000000000..68c753105ed --- /dev/null +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32336.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-32336", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2023-05-22T01:15:42.787", + "lastModified": "2023-05-22T01:15:42.787", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "IBM InfoSphere Information Server 11.7 is affected by a remote code execution vulnerability due to insecure deserialization in an RMI service. IBM X-Force ID: 255285." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/255285", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/6995879", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33264.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33264.json new file mode 100644 index 00000000000..675e2570b67 --- /dev/null +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33264.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-33264", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-22T01:15:44.333", + "lastModified": "2023-05-22T01:15:44.333", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In Hazelcast through 5.0.4, 5.1 through 5.1.6, and 5.2 through 5.2.3, configuration routines don't mask passwords in the member configuration properly. This allows Hazelcast Management Center users to view some of the secrets." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/hazelcast/hazelcast/pull/24266", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index b89dc392e4c..edf3f58af87 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-05-21T23:55:27.607743+00:00 +2023-05-22T02:00:28.809557+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-05-21T23:15:08.960000+00:00 +2023-05-22T01:15:44.333000+00:00 ``` ### Last Data Feed Release @@ -23,53 +23,27 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2023-05-21T00:00:13.574783+00:00 +2023-05-22T00:00:13.553778+00:00 ``` ### Total Number of included CVEs ```plain -215704 +215706 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `2` -* [CVE-2020-36694](CVE-2020/CVE-2020-366xx/CVE-2020-36694.json) (`2023-05-21T23:15:08.960`) -* [CVE-2023-33252](CVE-2023/CVE-2023-332xx/CVE-2023-33252.json) (`2023-05-21T22:15:14.940`) -* [CVE-2023-33254](CVE-2023/CVE-2023-332xx/CVE-2023-33254.json) (`2023-05-21T22:15:15.067`) +* [CVE-2023-32336](CVE-2023/CVE-2023-323xx/CVE-2023-32336.json) (`2023-05-22T01:15:42.787`) +* [CVE-2023-33264](CVE-2023/CVE-2023-332xx/CVE-2023-33264.json) (`2023-05-22T01:15:44.333`) ### CVEs modified in the last Commit -Recently modified CVEs: `37` +Recently modified CVEs: `0` -* [CVE-2021-44858](CVE-2021/CVE-2021-448xx/CVE-2021-44858.json) (`2023-05-21T22:15:11.500`) -* [CVE-2021-45038](CVE-2021/CVE-2021-450xx/CVE-2021-45038.json) (`2023-05-21T22:15:11.587`) -* [CVE-2021-45341](CVE-2021/CVE-2021-453xx/CVE-2021-45341.json) (`2023-05-21T22:15:11.663`) -* [CVE-2021-45342](CVE-2021/CVE-2021-453xx/CVE-2021-45342.json) (`2023-05-21T22:15:11.757`) -* [CVE-2021-45343](CVE-2021/CVE-2021-453xx/CVE-2021-45343.json) (`2023-05-21T22:15:11.830`) -* [CVE-2022-28202](CVE-2022/CVE-2022-282xx/CVE-2022-28202.json) (`2023-05-21T22:15:11.903`) -* [CVE-2022-28205](CVE-2022/CVE-2022-282xx/CVE-2022-28205.json) (`2023-05-21T22:15:11.997`) -* [CVE-2022-28206](CVE-2022/CVE-2022-282xx/CVE-2022-28206.json) (`2023-05-21T22:15:12.467`) -* [CVE-2022-28209](CVE-2022/CVE-2022-282xx/CVE-2022-28209.json) (`2023-05-21T22:15:12.540`) -* [CVE-2022-31090](CVE-2022/CVE-2022-310xx/CVE-2022-31090.json) (`2023-05-21T22:15:12.610`) -* [CVE-2022-31091](CVE-2022/CVE-2022-310xx/CVE-2022-31091.json) (`2023-05-21T22:15:13.003`) -* [CVE-2022-34911](CVE-2022/CVE-2022-349xx/CVE-2022-34911.json) (`2023-05-21T22:15:13.097`) -* [CVE-2022-34912](CVE-2022/CVE-2022-349xx/CVE-2022-34912.json) (`2023-05-21T22:15:13.197`) -* [CVE-2022-38749](CVE-2022/CVE-2022-387xx/CVE-2022-38749.json) (`2023-05-21T22:15:13.300`) -* [CVE-2022-38750](CVE-2022/CVE-2022-387xx/CVE-2022-38750.json) (`2023-05-21T22:15:13.420`) -* [CVE-2022-38751](CVE-2022/CVE-2022-387xx/CVE-2022-38751.json) (`2023-05-21T22:15:13.510`) -* [CVE-2022-38752](CVE-2022/CVE-2022-387xx/CVE-2022-38752.json) (`2023-05-21T22:15:13.583`) -* [CVE-2022-39955](CVE-2022/CVE-2022-399xx/CVE-2022-39955.json) (`2023-05-21T22:15:13.737`) -* [CVE-2022-39956](CVE-2022/CVE-2022-399xx/CVE-2022-39956.json) (`2023-05-21T22:15:13.937`) -* [CVE-2022-39957](CVE-2022/CVE-2022-399xx/CVE-2022-39957.json) (`2023-05-21T22:15:14.133`) -* [CVE-2022-39958](CVE-2022/CVE-2022-399xx/CVE-2022-39958.json) (`2023-05-21T22:15:14.350`) -* [CVE-2022-40468](CVE-2022/CVE-2022-404xx/CVE-2022-40468.json) (`2023-05-21T22:15:14.443`) -* [CVE-2022-41765](CVE-2022/CVE-2022-417xx/CVE-2022-41765.json) (`2023-05-21T22:15:14.523`) -* [CVE-2022-41767](CVE-2022/CVE-2022-417xx/CVE-2022-41767.json) (`2023-05-21T22:15:14.603`) -* [CVE-2022-47927](CVE-2022/CVE-2022-479xx/CVE-2022-47927.json) (`2023-05-21T22:15:14.720`) ## Download and Usage