Auto-Update: 2023-11-08T11:00:19.220672+00:00

2025-07-09 16:05:11 +00:00 · 2023-11-08 11:00:22 +00:00 · 2023-11-08 11:00:22 +00:00 · 39c7f6625d
commit 39c7f6625d
parent 364baa443f
17 changed files with 520 additions and 9 deletions
--- a/CVE-2022/CVE-2022-486xx/CVE-2022-48613.json
+++ b/CVE-2022/CVE-2022-486xx/CVE-2022-48613.json
@ -0,0 +1,36 @@
+{
+  "id": "CVE-2022-48613",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2023-11-08T10:15:08.400",
+  "lastModified": "2023-11-08T10:15:08.400",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Race condition vulnerability in the kernel module. Successful exploitation of this vulnerability may cause variable values to be read with the condition evaluation bypassed."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "psirt@huawei.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-362"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2023/11/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202311-0000001729189597",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-440xx/CVE-2023-44098.json
+++ b/CVE-2023/CVE-2023-440xx/CVE-2023-44098.json
@ -0,0 +1,36 @@
+{
+  "id": "CVE-2023-44098",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2023-11-08T09:15:07.680",
+  "lastModified": "2023-11-08T09:15:07.680",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability of missing encryption in the card management module. Successful exploitation of this vulnerability may affect service confidentiality."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "psirt@huawei.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-200"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2023/11/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202311-0000001729189597",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-467xx/CVE-2023-46755.json
+++ b/CVE-2023/CVE-2023-467xx/CVE-2023-46755.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-46755",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2023-11-08T10:15:08.683",
+  "lastModified": "2023-11-08T10:15:08.683",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability of input parameters being not strictly verified in the input. Successful exploitation of this vulnerability may cause the launcher to restart."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2023/11/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202311-0000001729189597",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-467xx/CVE-2023-46760.json
+++ b/CVE-2023/CVE-2023-467xx/CVE-2023-46760.json
@ -0,0 +1,36 @@
+{
+  "id": "CVE-2023-46760",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2023-11-08T10:15:08.790",
+  "lastModified": "2023-11-08T10:15:08.790",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "psirt@huawei.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-787"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2023/11/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202311-0000001729189597",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-467xx/CVE-2023-46761.json
+++ b/CVE-2023/CVE-2023-467xx/CVE-2023-46761.json
@ -0,0 +1,36 @@
+{
+  "id": "CVE-2023-46761",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2023-11-08T10:15:09.013",
+  "lastModified": "2023-11-08T10:15:09.013",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "psirt@huawei.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-787"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2023/11/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202311-0000001729189597",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-467xx/CVE-2023-46762.json
+++ b/CVE-2023/CVE-2023-467xx/CVE-2023-46762.json
@ -0,0 +1,36 @@
+{
+  "id": "CVE-2023-46762",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2023-11-08T10:15:09.207",
+  "lastModified": "2023-11-08T10:15:09.207",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "psirt@huawei.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-125"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2023/11/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202311-0000001729189597",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-467xx/CVE-2023-46763.json
+++ b/CVE-2023/CVE-2023-467xx/CVE-2023-46763.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-46763",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2023-11-08T10:15:09.463",
+  "lastModified": "2023-11-08T10:15:09.463",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability of background app permission management in the framework module. Successful exploitation of this vulnerability may cause background apps to start maliciously."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2023/11/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202311-0000001729189597",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-467xx/CVE-2023-46764.json
+++ b/CVE-2023/CVE-2023-467xx/CVE-2023-46764.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-46764",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2023-11-08T10:15:09.527",
+  "lastModified": "2023-11-08T10:15:09.527",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Unauthorized startup vulnerability of background apps. Successful exploitation of this vulnerability may cause background apps to start maliciously."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2023/11/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202311-0000001729189597",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-467xx/CVE-2023-46765.json
+++ b/CVE-2023/CVE-2023-467xx/CVE-2023-46765.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-46765",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2023-11-08T10:15:09.680",
+  "lastModified": "2023-11-08T10:15:09.680",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability of uncaught exceptions in the NFC module. Successful exploitation of this vulnerability can affect NFC availability."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2023/11/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202311-0000001729189597",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-467xx/CVE-2023-46766.json
+++ b/CVE-2023/CVE-2023-467xx/CVE-2023-46766.json
@ -0,0 +1,36 @@
+{
+  "id": "CVE-2023-46766",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2023-11-08T10:15:09.740",
+  "lastModified": "2023-11-08T10:15:09.740",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "psirt@huawei.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-125"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2023/11/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202311-0000001729189597",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-467xx/CVE-2023-46767.json
+++ b/CVE-2023/CVE-2023-467xx/CVE-2023-46767.json
@ -0,0 +1,36 @@
+{
+  "id": "CVE-2023-46767",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2023-11-08T10:15:10.073",
+  "lastModified": "2023-11-08T10:15:10.073",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "psirt@huawei.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-125"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2023/11/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202311-0000001729189597",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-467xx/CVE-2023-46771.json
+++ b/CVE-2023/CVE-2023-467xx/CVE-2023-46771.json
@ -0,0 +1,36 @@
+{
+  "id": "CVE-2023-46771",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2023-11-08T09:15:07.763",
+  "lastModified": "2023-11-08T09:15:07.763",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Security vulnerability in the face unlock module. Successful exploitation of this vulnerability may affect service confidentiality."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "psirt@huawei.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-269"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2023/11/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202311-0000001729189597",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-467xx/CVE-2023-46772.json
+++ b/CVE-2023/CVE-2023-467xx/CVE-2023-46772.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-46772",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2023-11-08T10:15:10.293",
+  "lastModified": "2023-11-08T10:15:10.293",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability of parameters being out of the value range in the QMI service module. Successful exploitation of this vulnerability may cause errors in reading file data."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2023/11/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202311-0000001729189597",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-467xx/CVE-2023-46774.json
+++ b/CVE-2023/CVE-2023-467xx/CVE-2023-46774.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-46774",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2023-11-08T10:15:10.350",
+  "lastModified": "2023-11-08T10:15:10.350",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability of uncaught exceptions in the NFC module. Successful exploitation of this vulnerability can affect NFC availability."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2023/11/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202311-0000001729189597",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-59xx/CVE-2023-5941.json
+++ b/CVE-2023/CVE-2023-59xx/CVE-2023-5941.json
@ -0,0 +1,36 @@
+{
+  "id": "CVE-2023-5941",
+  "sourceIdentifier": "secteam@freebsd.org",
+  "published": "2023-11-08T09:15:07.847",
+  "lastModified": "2023-11-08T09:15:07.847",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p5 the __sflush() stdio function in libc does not correctly update FILE objects' write space members for write-buffered streams when the write(2) system call returns an error. \u00a0Depending on the nature of an application that calls libc's stdio functions and the presence of errors returned from the write(2) system call (or an overridden stdio write routine) a heap buffer overflow may occur.  Such overflows may lead to data corruption or the execution of arbitrary code at the privilege level of the calling program."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "secteam@freebsd.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-131"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-787"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://security.freebsd.org/advisories/FreeBSD-SA-23:15.stdio.asc",
+      "source": "secteam@freebsd.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-59xx/CVE-2023-5978.json
+++ b/CVE-2023/CVE-2023-59xx/CVE-2023-5978.json
@ -0,0 +1,32 @@
+{
+  "id": "CVE-2023-5978",
+  "sourceIdentifier": "secteam@freebsd.org",
+  "published": "2023-11-08T09:15:07.933",
+  "lastModified": "2023-11-08T09:15:07.933",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In versions of FreeBSD 13-RELEASE before 13-RELEASE-p5, under certain circumstances the cap_net libcasper(3) service incorrectly validates that updated constraints are strictly subsets of the active constraints. \u00a0When only a list\u00a0of resolvable domain names was specified without setting any other limitations, an application could submit a new list of domains including include entries not previously listed. \u00a0This could permit the application to resolve domain names that were previously restricted."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "secteam@freebsd.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-269"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://security.freebsd.org/advisories/FreeBSD-SA-23:16.cap_net.asc",
+      "source": "secteam@freebsd.org"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-11-08T09:00:20.632143+00:00
+2023-11-08T11:00:19.220672+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-11-08T08:15:09.523000+00:00
+2023-11-08T10:15:10.350000+00:00
 ```

 ### Last Data Feed Release
@ -29,18 +29,29 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-230107
+230123
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `5`
+Recently added CVEs: `16`

-* [CVE-2023-41270](CVE-2023/CVE-2023-412xx/CVE-2023-41270.json) (`2023-11-08T07:15:27.367`)
-* [CVE-2023-39913](CVE-2023/CVE-2023-399xx/CVE-2023-39913.json) (`2023-11-08T08:15:08.883`)
-* [CVE-2023-41111](CVE-2023/CVE-2023-411xx/CVE-2023-41111.json) (`2023-11-08T08:15:09.080`)
-* [CVE-2023-41112](CVE-2023/CVE-2023-411xx/CVE-2023-41112.json) (`2023-11-08T08:15:09.327`)
-* [CVE-2023-46483](CVE-2023/CVE-2023-464xx/CVE-2023-46483.json) (`2023-11-08T08:15:09.523`)
+* [CVE-2022-48613](CVE-2022/CVE-2022-486xx/CVE-2022-48613.json) (`2023-11-08T10:15:08.400`)
+* [CVE-2023-44098](CVE-2023/CVE-2023-440xx/CVE-2023-44098.json) (`2023-11-08T09:15:07.680`)
+* [CVE-2023-46771](CVE-2023/CVE-2023-467xx/CVE-2023-46771.json) (`2023-11-08T09:15:07.763`)
+* [CVE-2023-5941](CVE-2023/CVE-2023-59xx/CVE-2023-5941.json) (`2023-11-08T09:15:07.847`)
+* [CVE-2023-5978](CVE-2023/CVE-2023-59xx/CVE-2023-5978.json) (`2023-11-08T09:15:07.933`)
+* [CVE-2023-46755](CVE-2023/CVE-2023-467xx/CVE-2023-46755.json) (`2023-11-08T10:15:08.683`)
+* [CVE-2023-46760](CVE-2023/CVE-2023-467xx/CVE-2023-46760.json) (`2023-11-08T10:15:08.790`)
+* [CVE-2023-46761](CVE-2023/CVE-2023-467xx/CVE-2023-46761.json) (`2023-11-08T10:15:09.013`)
+* [CVE-2023-46762](CVE-2023/CVE-2023-467xx/CVE-2023-46762.json) (`2023-11-08T10:15:09.207`)
+* [CVE-2023-46763](CVE-2023/CVE-2023-467xx/CVE-2023-46763.json) (`2023-11-08T10:15:09.463`)
+* [CVE-2023-46764](CVE-2023/CVE-2023-467xx/CVE-2023-46764.json) (`2023-11-08T10:15:09.527`)
+* [CVE-2023-46765](CVE-2023/CVE-2023-467xx/CVE-2023-46765.json) (`2023-11-08T10:15:09.680`)
+* [CVE-2023-46766](CVE-2023/CVE-2023-467xx/CVE-2023-46766.json) (`2023-11-08T10:15:09.740`)
+* [CVE-2023-46767](CVE-2023/CVE-2023-467xx/CVE-2023-46767.json) (`2023-11-08T10:15:10.073`)
+* [CVE-2023-46772](CVE-2023/CVE-2023-467xx/CVE-2023-46772.json) (`2023-11-08T10:15:10.293`)
+* [CVE-2023-46774](CVE-2023/CVE-2023-467xx/CVE-2023-46774.json) (`2023-11-08T10:15:10.350`)


 ### CVEs modified in the last Commit