Auto-Update: 2023-07-28T02:00:26.625988+00:00

2025-05-08 19:47:09 +00:00 · 2023-07-28 02:00:30 +00:00 · 2023-07-28 02:00:30 +00:00 · 37d3795851
commit 37d3795851
parent 2155d63a03
7 changed files with 279 additions and 37 deletions
--- a/CVE-2023/CVE-2023-37xx/CVE-2023-3774.json
+++ b/CVE-2023/CVE-2023-37xx/CVE-2023-3774.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-3774",
+  "sourceIdentifier": "security@hashicorp.com",
+  "published": "2023-07-28T01:15:09.820",
+  "lastModified": "2023-07-28T01:15:09.820",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash, potentially resulting in denial of service. Fixed in 1.14.1, 1.13.5, and 1.12.9."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@hashicorp.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 4.9,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@hashicorp.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-703"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://discuss.hashicorp.com/t/hcsec-2023-23-vault-enterprise-namespace-creation-may-lead-to-denial-of-service/56617",
+      "source": "security@hashicorp.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-37xx/CVE-2023-3793.json
+++ b/CVE-2023/CVE-2023-37xx/CVE-2023-3793.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-3793",
  "sourceIdentifier": "cna@vuldb.com",
  "published": "2023-07-20T20:15:10.603",
-  "lastModified": "2023-07-21T12:52:32.633",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2023-07-28T00:22:52.543",
+  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
@ -11,6 +11,28 @@
    }
  ],
  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ],
    "cvssMetricV30": [
      {
        "source": "cna@vuldb.com",
@ -71,14 +93,40 @@
      ]
    }
  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:weaver:e-cology:*:*:*:*:*:*:*:*",
+              "versionEndExcluding": "10.58.0",
+              "matchCriteriaId": "4DB281B3-0B2F-493A-926C-F5624CA77910"
+            }
+          ]
+        }
+      ]
+    }
+  ],
  "references": [
    {
      "url": "https://vuldb.com/?ctiid.235061",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Permissions Required",
+        "Third Party Advisory"
+      ]
    },
    {
      "url": "https://vuldb.com/?id.235061",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Permissions Required",
+        "Third Party Advisory"
+      ]
    }
  ]
 }
--- a/CVE-2023/CVE-2023-37xx/CVE-2023-3794.json
+++ b/CVE-2023/CVE-2023-37xx/CVE-2023-3794.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-3794",
  "sourceIdentifier": "cna@vuldb.com",
  "published": "2023-07-20T20:15:10.697",
-  "lastModified": "2023-07-21T12:52:32.633",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2023-07-28T00:21:54.813",
+  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
@ -11,6 +11,28 @@
    }
  ],
  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 6.1,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.7
+      }
+    ],
    "cvssMetricV30": [
      {
        "source": "cna@vuldb.com",
@ -71,14 +93,38 @@
      ]
    }
  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:bugfinder:chaincity:1.0:*:*:*:*:*:*:*",
+              "matchCriteriaId": "87842140-98F0-413B-8B07-755F0077894E"
+            }
+          ]
+        }
+      ]
+    }
+  ],
  "references": [
    {
      "url": "https://vuldb.com/?ctiid.235062",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Permissions Required",
+        "Third Party Advisory"
+      ]
    },
    {
      "url": "https://vuldb.com/?id.235062",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Third Party Advisory"
+      ]
    }
  ]
 }
--- a/CVE-2023/CVE-2023-37xx/CVE-2023-3795.json
+++ b/CVE-2023/CVE-2023-37xx/CVE-2023-3795.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-3795",
  "sourceIdentifier": "cna@vuldb.com",
  "published": "2023-07-20T21:15:10.010",
-  "lastModified": "2023-07-21T12:52:32.633",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2023-07-28T00:21:29.717",
+  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
@ -11,6 +11,28 @@
    }
  ],
  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ],
    "cvssMetricV30": [
      {
        "source": "cna@vuldb.com",
@ -71,14 +93,38 @@
      ]
    }
  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:bugfinder:chaincity:1.0:*:*:*:*:*:*:*",
+              "matchCriteriaId": "87842140-98F0-413B-8B07-755F0077894E"
+            }
+          ]
+        }
+      ]
+    }
+  ],
  "references": [
    {
      "url": "https://vuldb.com/?ctiid.235063",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Permissions Required",
+        "Third Party Advisory"
+      ]
    },
    {
      "url": "https://vuldb.com/?id.235063",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Third Party Advisory"
+      ]
    }
  ]
 }
--- a/CVE-2023/CVE-2023-37xx/CVE-2023-3799.json
+++ b/CVE-2023/CVE-2023-37xx/CVE-2023-3799.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-3799",
  "sourceIdentifier": "cna@vuldb.com",
  "published": "2023-07-20T23:15:10.150",
-  "lastModified": "2023-07-21T12:52:32.633",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2023-07-28T00:20:29.440",
+  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
@ -11,6 +11,28 @@
    }
  ],
  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ],
    "cvssMetricV30": [
      {
        "source": "cna@vuldb.com",
@ -71,18 +93,46 @@
      ]
    }
  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:ibos:ibos:4.5.5:*:*:*:*:*:*:*",
+              "matchCriteriaId": "1F678D76-48AA-4940-833F-5567D196DB7D"
+            }
+          ]
+        }
+      ]
+    }
+  ],
  "references": [
    {
      "url": "https://github.com/GUIqizsq/cve/blob/main/sql.md",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Exploit",
+        "Third Party Advisory"
+      ]
    },
    {
      "url": "https://vuldb.com/?ctiid.235067",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Permissions Required",
+        "Third Party Advisory"
+      ]
    },
    {
      "url": "https://vuldb.com/?id.235067",
-      "source": "cna@vuldb.com"
+      "source": "cna@vuldb.com",
+      "tags": [
+        "Third Party Advisory"
+      ]
    }
  ]
 }
--- a/CVE-2023/CVE-2023-386xx/CVE-2023-38633.json
+++ b/CVE-2023/CVE-2023-386xx/CVE-2023-38633.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-38633",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-07-22T17:15:09.810",
-  "lastModified": "2023-07-24T13:09:06.887",
+  "lastModified": "2023-07-28T00:15:10.020",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
@ -12,6 +12,10 @@
  ],
  "metrics": {},
  "references": [
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2023/07/27/1",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=1213502",
      "source": "cve@mitre.org"
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-07-27T23:55:25.517939+00:00
+2023-07-28T02:00:26.625988+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-07-27T23:53:38.290000+00:00
+2023-07-28T01:15:09.820000+00:00
 ```

 ### Last Data Feed Release
@ -23,38 +23,31 @@ Repository synchronizes with the NVD every 2 hours.
 Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)

 ```plain
-2023-07-27T00:00:13.573160+00:00
+2023-07-28T00:00:13.561196+00:00
 ```

 ### Total Number of included CVEs

 ```plain
-221180
+221181
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `3`
+Recently added CVEs: `1`

-* [CVE-2022-43701](CVE-2022/CVE-2022-437xx/CVE-2022-43701.json) (`2023-07-27T22:15:10.077`)
-* [CVE-2022-43702](CVE-2022/CVE-2022-437xx/CVE-2022-43702.json) (`2023-07-27T22:15:12.697`)
-* [CVE-2022-43703](CVE-2022/CVE-2022-437xx/CVE-2022-43703.json) (`2023-07-27T22:15:12.870`)
+* [CVE-2023-3774](CVE-2023/CVE-2023-37xx/CVE-2023-3774.json) (`2023-07-28T01:15:09.820`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `10`
+Recently modified CVEs: `5`

-* [CVE-2022-43910](CVE-2022/CVE-2022-439xx/CVE-2022-43910.json) (`2023-07-27T23:43:13.553`)
-* [CVE-2023-3760](CVE-2023/CVE-2023-37xx/CVE-2023-3760.json) (`2023-07-27T23:08:13.437`)
-* [CVE-2023-3762](CVE-2023/CVE-2023-37xx/CVE-2023-3762.json) (`2023-07-27T23:17:42.243`)
-* [CVE-2023-37728](CVE-2023/CVE-2023-377xx/CVE-2023-37728.json) (`2023-07-27T23:36:54.710`)
-* [CVE-2023-31753](CVE-2023/CVE-2023-317xx/CVE-2023-31753.json) (`2023-07-27T23:37:37.437`)
-* [CVE-2023-31461](CVE-2023/CVE-2023-314xx/CVE-2023-31461.json) (`2023-07-27T23:40:07.080`)
-* [CVE-2023-38404](CVE-2023/CVE-2023-384xx/CVE-2023-38404.json) (`2023-07-27T23:45:52.217`)
-* [CVE-2023-3800](CVE-2023/CVE-2023-38xx/CVE-2023-3800.json) (`2023-07-27T23:48:00.197`)
-* [CVE-2023-37645](CVE-2023/CVE-2023-376xx/CVE-2023-37645.json) (`2023-07-27T23:49:32.170`)
-* [CVE-2023-38403](CVE-2023/CVE-2023-384xx/CVE-2023-38403.json) (`2023-07-27T23:53:38.290`)
+* [CVE-2023-38633](CVE-2023/CVE-2023-386xx/CVE-2023-38633.json) (`2023-07-28T00:15:10.020`)
+* [CVE-2023-3799](CVE-2023/CVE-2023-37xx/CVE-2023-3799.json) (`2023-07-28T00:20:29.440`)
+* [CVE-2023-3795](CVE-2023/CVE-2023-37xx/CVE-2023-3795.json) (`2023-07-28T00:21:29.717`)
+* [CVE-2023-3794](CVE-2023/CVE-2023-37xx/CVE-2023-3794.json) (`2023-07-28T00:21:54.813`)
+* [CVE-2023-3793](CVE-2023/CVE-2023-37xx/CVE-2023-3793.json) (`2023-07-28T00:22:52.543`)


 ## Download and Usage