Auto-Update: 2023-09-15T06:00:24.865971+00:00

2025-07-09 16:05:11 +00:00 · 2023-09-15 06:00:28 +00:00 · 2023-09-15 06:00:28 +00:00 · 3bb036bbd3
commit 3bb036bbd3
parent b13b32e3ec
6 changed files with 89 additions and 15 deletions
--- a/CVE-2023/CVE-2023-366xx/CVE-2023-36658.json
+++ b/CVE-2023/CVE-2023-366xx/CVE-2023-36658.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-36658",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-09-15T05:15:24.997",
+  "lastModified": "2023-09-15T05:15:24.997",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. It has an unquoted service path that can be abused locally."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://docs.opswat.com/mdkiosk",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://docs.opswat.com/mdkiosk/release-notes/cve-2023-36658",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-368xx/CVE-2023-36811.json
+++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36811.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-36811",
  "sourceIdentifier": "security-advisories@github.com",
  "published": "2023-08-30T18:15:09.487",
-  "lastModified": "2023-09-15T03:15:08.270",
+  "lastModified": "2023-09-15T04:15:09.473",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -106,6 +106,10 @@
        "Vendor Advisory"
      ]
    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5Q3OHXERTU547SEQ3YREZXHOCYNLVD63/",
+      "source": "security-advisories@github.com"
+    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUCQSMAWOJBCRGF6XPKEZ2TPGAPNKIWV/",
      "source": "security-advisories@github.com"
--- a/CVE-2023/CVE-2023-380xx/CVE-2023-38039.json
+++ b/CVE-2023/CVE-2023-380xx/CVE-2023-38039.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-38039",
+  "sourceIdentifier": "support@hackerone.com",
+  "published": "2023-09-15T04:15:10.127",
+  "lastModified": "2023-09-15T04:15:10.127",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "When curl retrieves an HTTP response, it stores the incoming headers so that\nthey can be accessed later via the libcurl headers API.\n\nHowever, curl did not have a limit in how many or how large headers it would\naccept in a response, allowing a malicious server to stream an endless series\nof headers and eventually cause curl to run out of heap memory."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://hackerone.com/reports/2072338",
+      "source": "support@hackerone.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-409xx/CVE-2023-40983.json
+++ b/CVE-2023/CVE-2023-409xx/CVE-2023-40983.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-40983",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-09-15T04:15:10.243",
+  "lastModified": "2023-09-15T04:15:10.243",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A reflected cross-site scripting (XSS) vulnerability in the File Manager function of Webmin v2.100 allows attackers to execute malicious scripts via injecting a crafted payload into the Find in Results file."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "http://webmin.com",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/Vi39/Webmin-2.100/blob/main/CVE-2023-40983",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-48xx/CVE-2023-4863.json
+++ b/CVE-2023/CVE-2023-48xx/CVE-2023-4863.json
@ -2,12 +2,12 @@
  "id": "CVE-2023-4863",
  "sourceIdentifier": "chrome-cve-admin@google.com",
  "published": "2023-09-12T15:15:24.327",
-  "lastModified": "2023-09-14T21:15:10.900",
+  "lastModified": "2023-09-15T04:15:10.310",
  "vulnStatus": "Awaiting Analysis",
  "cisaExploitAdd": "2023-09-13",
  "cisaActionDue": "2023-10-04",
  "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
-  "cisaVulnerabilityName": "Google Chromium Heap-Based Buffer Overflow Vulnerability",
+  "cisaVulnerabilityName": "Google Chromium WebP Heap-Based Buffer Overflow Vulnerability",
  "descriptions": [
    {
      "lang": "en",
@ -36,6 +36,10 @@
      "url": "https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a",
      "source": "chrome-cve-admin@google.com"
    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX/",
+      "source": "chrome-cve-admin@google.com"
+    },
    {
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4863",
      "source": "chrome-cve-admin@google.com"
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-09-15T04:00:23.874367+00:00
+2023-09-15T06:00:24.865971+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-09-15T03:15:09.393000+00:00
+2023-09-15T05:15:24.997000+00:00
 ```

 ### Last Data Feed Release
@ -29,26 +29,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-225644
+225647
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `6`
+Recently added CVEs: `3`

-* [CVE-2022-20917](CVE-2022/CVE-2022-209xx/CVE-2022-20917.json) (`2023-09-15T03:15:07.520`)
-* [CVE-2023-4973](CVE-2023/CVE-2023-49xx/CVE-2023-4973.json) (`2023-09-15T02:15:08.367`)
-* [CVE-2023-3891](CVE-2023/CVE-2023-38xx/CVE-2023-3891.json) (`2023-09-15T03:15:08.803`)
-* [CVE-2023-40982](CVE-2023/CVE-2023-409xx/CVE-2023-40982.json) (`2023-09-15T03:15:09.047`)
-* [CVE-2023-4963](CVE-2023/CVE-2023-49xx/CVE-2023-4963.json) (`2023-09-15T03:15:09.187`)
-* [CVE-2023-4974](CVE-2023/CVE-2023-49xx/CVE-2023-4974.json) (`2023-09-15T03:15:09.393`)
+* [CVE-2023-38039](CVE-2023/CVE-2023-380xx/CVE-2023-38039.json) (`2023-09-15T04:15:10.127`)
+* [CVE-2023-40983](CVE-2023/CVE-2023-409xx/CVE-2023-40983.json) (`2023-09-15T04:15:10.243`)
+* [CVE-2023-36658](CVE-2023/CVE-2023-366xx/CVE-2023-36658.json) (`2023-09-15T05:15:24.997`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `1`
+Recently modified CVEs: `2`

-* [CVE-2023-36811](CVE-2023/CVE-2023-368xx/CVE-2023-36811.json) (`2023-09-15T03:15:08.270`)
+* [CVE-2023-36811](CVE-2023/CVE-2023-368xx/CVE-2023-36811.json) (`2023-09-15T04:15:09.473`)
+* [CVE-2023-4863](CVE-2023/CVE-2023-48xx/CVE-2023-4863.json) (`2023-09-15T04:15:10.310`)


 ## Download and Usage