From 3dc542fc78c58a272edf8b1b5b25b4f475857fc8 Mon Sep 17 00:00:00 2001
From: cad-safe-bot <cad-safe-bot@protonmail.com>
Date: Fri, 16 Jun 2023 22:00:30 +0000
Subject: [PATCH] Auto-Update: 2023-06-16T22:00:27.376950+00:00

---
 CVE-2023/CVE-2023-251xx/CVE-2023-25187.json | 47 +++++++++++++++++
 CVE-2023/CVE-2023-28xx/CVE-2023-2820.json   |  4 +-
 CVE-2023/CVE-2023-309xx/CVE-2023-30903.json | 20 +++++++
 CVE-2023/CVE-2023-309xx/CVE-2023-30904.json | 20 +++++++
 CVE-2023/CVE-2023-309xx/CVE-2023-30905.json | 20 +++++++
 CVE-2023/CVE-2023-31xx/CVE-2023-3195.json   | 48 +++++++++++++++++
 CVE-2023/CVE-2023-334xx/CVE-2023-33438.json | 24 +++++++++
 CVE-2023/CVE-2023-344xx/CVE-2023-34474.json | 40 ++++++++++++++
 CVE-2023/CVE-2023-344xx/CVE-2023-34475.json | 40 ++++++++++++++
 CVE-2023/CVE-2023-357xx/CVE-2023-35708.json |  4 +-
 CVE-2023/CVE-2023-357xx/CVE-2023-35784.json | 40 ++++++++++++++
 CVE-2023/CVE-2023-357xx/CVE-2023-35788.json | 28 ++++++++++
 CVE-2023/CVE-2023-357xx/CVE-2023-35789.json | 24 +++++++++
 CVE-2023/CVE-2023-357xx/CVE-2023-35790.json | 24 +++++++++
 README.md                                   | 58 +++++++--------------
 15 files changed, 398 insertions(+), 43 deletions(-)
 create mode 100644 CVE-2023/CVE-2023-251xx/CVE-2023-25187.json
 create mode 100644 CVE-2023/CVE-2023-309xx/CVE-2023-30903.json
 create mode 100644 CVE-2023/CVE-2023-309xx/CVE-2023-30904.json
 create mode 100644 CVE-2023/CVE-2023-309xx/CVE-2023-30905.json
 create mode 100644 CVE-2023/CVE-2023-31xx/CVE-2023-3195.json
 create mode 100644 CVE-2023/CVE-2023-334xx/CVE-2023-33438.json
 create mode 100644 CVE-2023/CVE-2023-344xx/CVE-2023-34474.json
 create mode 100644 CVE-2023/CVE-2023-344xx/CVE-2023-34475.json
 create mode 100644 CVE-2023/CVE-2023-357xx/CVE-2023-35784.json
 create mode 100644 CVE-2023/CVE-2023-357xx/CVE-2023-35788.json
 create mode 100644 CVE-2023/CVE-2023-357xx/CVE-2023-35789.json
 create mode 100644 CVE-2023/CVE-2023-357xx/CVE-2023-35790.json

diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25187.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25187.json
new file mode 100644
index 00000000000..f4be3754412
--- /dev/null
+++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25187.json
@@ -0,0 +1,47 @@
+{
+  "id": "CVE-2023-25187",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-06-16T20:15:09.297",
+  "lastModified": "2023-06-16T20:15:09.297",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Nokia Single RAN commissioning procedures do not change (factory-time installed) default SSH public/private key values that are specific to a network operator. As a result, the CSP internal BTS network SSH server (disabled by default) continues to apply the default SSH public/private key values. These keys don't give access to BTS, because service user authentication is username/password-based on top of SSH. Nokia factory installed default SSH keys are meant to be changed from operator-specific values during the BTS deployment commissioning phase. However, before the 21B release, BTS commissioning manuals did not provide instructions to change default SSH keys (to BTS operator-specific values). This leads to a possibility for malicious operations staff (inside a CSP network) to attempt MITM exploitation of BTS service user access, during the moments that SSH is enabled for Nokia service personnel to perform troubleshooting activities."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 0.3,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://Nokia.com",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2023-25187/",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2820.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2820.json
index deca128def5..635bbb88171 100644
--- a/CVE-2023/CVE-2023-28xx/CVE-2023-2820.json
+++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2820.json
@@ -2,12 +2,12 @@
   "id": "CVE-2023-2820",
   "sourceIdentifier": "security@proofpoint.com",
   "published": "2023-06-14T22:15:09.273",
-  "lastModified": "2023-06-15T12:39:22.420",
+  "lastModified": "2023-06-16T21:15:09.043",
   "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
-      "value": "An information disclosure vulnerability in the?faye endpoint in Proofpoint Threat Response / Threat Response Auto-Pull (PTR/TRAP) could be used by an attacker on an adjacent network to obtain credentials to integrated services via a man-in-the-middle position or cryptanalysis of the session traffic. An attacker could use these credentials to impersonate PTR/TRAP to these services. All versions prior to 5.10.0 are affected.\u00a0\n"
+      "value": "An information disclosure vulnerability in the faye endpoint in Proofpoint Threat Response / Threat Response Auto-Pull (PTR/TRAP) could be used by an attacker on an adjacent network to obtain credentials to integrated services via a man-in-the-middle position or cryptanalysis of the session traffic. An attacker could use these credentials to impersonate PTR/TRAP to these services. All versions prior to 5.10.0 are affected.\u00a0\n"
     }
   ],
   "metrics": {
diff --git a/CVE-2023/CVE-2023-309xx/CVE-2023-30903.json b/CVE-2023/CVE-2023-309xx/CVE-2023-30903.json
new file mode 100644
index 00000000000..5c28406d2ad
--- /dev/null
+++ b/CVE-2023/CVE-2023-309xx/CVE-2023-30903.json
@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-30903",
+  "sourceIdentifier": "security-alert@hpe.com",
+  "published": "2023-06-16T21:15:09.107",
+  "lastModified": "2023-06-16T21:15:09.107",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6.  "
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbux04474en_us",
+      "source": "security-alert@hpe.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-309xx/CVE-2023-30904.json b/CVE-2023/CVE-2023-309xx/CVE-2023-30904.json
new file mode 100644
index 00000000000..e6bad5871f2
--- /dev/null
+++ b/CVE-2023/CVE-2023-309xx/CVE-2023-30904.json
@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-30904",
+  "sourceIdentifier": "security-alert@hpe.com",
+  "published": "2023-06-16T21:15:09.157",
+  "lastModified": "2023-06-16T21:15:09.157",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A security vulnerability in HPE Insight Remote Support may result in the local disclosure of privileged LDAP information."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04487en_us",
+      "source": "security-alert@hpe.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-309xx/CVE-2023-30905.json b/CVE-2023/CVE-2023-309xx/CVE-2023-30905.json
new file mode 100644
index 00000000000..788f07993af
--- /dev/null
+++ b/CVE-2023/CVE-2023-309xx/CVE-2023-30905.json
@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-30905",
+  "sourceIdentifier": "security-alert@hpe.com",
+  "published": "2023-06-16T21:15:09.200",
+  "lastModified": "2023-06-16T21:15:09.200",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The MC990 X and UV300 RMC component has and inadequate default configuration that could be exploited to obtain enhanced privilege."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04473en_us",
+      "source": "security-alert@hpe.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-31xx/CVE-2023-3195.json b/CVE-2023/CVE-2023-31xx/CVE-2023-3195.json
new file mode 100644
index 00000000000..6f3bb04f065
--- /dev/null
+++ b/CVE-2023/CVE-2023-31xx/CVE-2023-3195.json
@@ -0,0 +1,48 @@
+{
+  "id": "CVE-2023-3195",
+  "sourceIdentifier": "secalert@redhat.com",
+  "published": "2023-06-16T20:15:09.547",
+  "lastModified": "2023-06-16T20:15:09.547",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially crafted malicious tiff file, causing an application to crash, resulting in a denial of service."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "secalert@redhat.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-121"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://access.redhat.com/security/cve/CVE-2023-3195",
+      "source": "secalert@redhat.com"
+    },
+    {
+      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214141",
+      "source": "secalert@redhat.com"
+    },
+    {
+      "url": "https://github.com/ImageMagick/ImageMagick/commit/f620340935777b28fa3f7b0ed7ed6bd86946934c",
+      "source": "secalert@redhat.com"
+    },
+    {
+      "url": "https://github.com/ImageMagick/ImageMagick6/commit/85a370c79afeb45a97842b0959366af5236e9023",
+      "source": "secalert@redhat.com"
+    },
+    {
+      "url": "https://www.openwall.com/lists/oss-security/2023/05/29/1",
+      "source": "secalert@redhat.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-334xx/CVE-2023-33438.json b/CVE-2023/CVE-2023-334xx/CVE-2023-33438.json
new file mode 100644
index 00000000000..0a9cd1048ed
--- /dev/null
+++ b/CVE-2023/CVE-2023-334xx/CVE-2023-33438.json
@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-33438",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-06-16T21:15:09.247",
+  "lastModified": "2023-06-16T21:15:09.247",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A stored Cross-site scripting (XSS) vulnerability in Wolters Kluwer TeamMate+ 35.0.11.0 allows remote attackers to inject arbitrary web script or HTML."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "http://wolters.com",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/justas-dee/CVEs/blob/main/CVE-2023-33438/README.md",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-344xx/CVE-2023-34474.json b/CVE-2023/CVE-2023-344xx/CVE-2023-34474.json
new file mode 100644
index 00000000000..1a2b55df3c9
--- /dev/null
+++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34474.json
@@ -0,0 +1,40 @@
+{
+  "id": "CVE-2023-34474",
+  "sourceIdentifier": "secalert@redhat.com",
+  "published": "2023-06-16T20:15:09.370",
+  "lastModified": "2023-06-16T20:15:09.370",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c. A local attacker could trick the user in opening specially crafted file, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "secalert@redhat.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-122"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://access.redhat.com/security/cve/CVE-2023-34474",
+      "source": "secalert@redhat.com"
+    },
+    {
+      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214148",
+      "source": "secalert@redhat.com"
+    },
+    {
+      "url": "https://github.com/ImageMagick/ImageMagick/commit/1061db7f80fdc9ef572ac60b55f408f7bab6e1b0",
+      "source": "secalert@redhat.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-344xx/CVE-2023-34475.json b/CVE-2023/CVE-2023-344xx/CVE-2023-34475.json
new file mode 100644
index 00000000000..0b5ed422c30
--- /dev/null
+++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34475.json
@@ -0,0 +1,40 @@
+{
+  "id": "CVE-2023-34475",
+  "sourceIdentifier": "secalert@redhat.com",
+  "published": "2023-06-16T20:15:09.433",
+  "lastModified": "2023-06-16T20:15:09.433",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c. An attacker could trick user to open a specially crafted file to convert, triggering an heap-use-after-free write error, allowing an application to crash, resulting in a denial of service."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "secalert@redhat.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-416"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://access.redhat.com/security/cve/CVE-2023-34475",
+      "source": "secalert@redhat.com"
+    },
+    {
+      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214149",
+      "source": "secalert@redhat.com"
+    },
+    {
+      "url": "https://github.com/ImageMagick/ImageMagick/commit/1061db7f80fdc9ef572ac60b55f408f7bab6e1b0",
+      "source": "secalert@redhat.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35708.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35708.json
index 7de3e45d9a0..405c2a48145 100644
--- a/CVE-2023/CVE-2023-357xx/CVE-2023-35708.json
+++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35708.json
@@ -2,12 +2,12 @@
   "id": "CVE-2023-35708",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2023-06-16T04:15:14.203",
-  "lastModified": "2023-06-16T14:15:09.110",
+  "lastModified": "2023-06-16T21:15:09.293",
   "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
-      "value": "In Progress MOVEit Transfer before 2021.0.8 (13.0.8), 2021.1.6 (13.1.6), 2022.0.6 (14.0.6), 2022.1.7 (14.1.7), and 2023.0.3 (15.0.3), a SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database. An attacker could submit a crafted payload to a MOVEit Transfer application endpoint that could result in modification and disclosure of MOVEit database content. The availability date of fixed versions of the DLL drop-in is earlier than the availability date of fixed versions of the full installer. These are fixed versions of the DLL drop-in: 2020.1.10 (12.1.10), 2021.0.8 (13.0.8), 2021.1.6 (13.1.6), 2022.0.6 (14.0.6), 2022.1.7 (14.1.7), and 2023.0.3 (15.0.3)."
+      "value": "In Progress MOVEit Transfer before 2021.0.8 (13.0.8), 2021.1.6 (13.1.6), 2022.0.6 (14.0.6), 2022.1.7 (14.1.7), and 2023.0.3 (15.0.3), a SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database. An attacker could submit a crafted payload to a MOVEit Transfer application endpoint that could result in modification and disclosure of MOVEit database content. These are fixed versions of the DLL drop-in: 2020.1.10 (12.1.10), 2021.0.8 (13.0.8), 2021.1.6 (13.1.6), 2022.0.6 (14.0.6), 2022.1.7 (14.1.7), and 2023.0.3 (15.0.3)."
     }
   ],
   "metrics": {},
diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35784.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35784.json
new file mode 100644
index 00000000000..8406875fa74
--- /dev/null
+++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35784.json
@@ -0,0 +1,40 @@
+{
+  "id": "CVE-2023-35784",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-06-16T20:15:09.493",
+  "lastModified": "2023-06-16T20:15:09.493",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A double free or use after free could occur after SSL_clear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3. NOTE: OpenSSL is not affected."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.3-relnotes.txt",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.7.3-relnotes.txt",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/026_ssl.patch.sig",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/004_ssl.patch.sig",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/libressl/openbsd/commit/1d6680b3682f8caba78c627dee60c76da6e20dd7",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/libressl/openbsd/commit/96094ca8757b95298f49d65c813f303bd514b27b",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35788.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35788.json
new file mode 100644
index 00000000000..0cb51f94486
--- /dev/null
+++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35788.json
@@ -0,0 +1,28 @@
+{
+  "id": "CVE-2023-35788",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-06-16T21:15:09.340",
+  "lastModified": "2023-06-16T21:15:09.340",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.7",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://git.kernel.org/linus/4d56304e5827c8cc8cc18c75343d283af7c4825c",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.openwall.com/lists/oss-security/2023/06/07/1",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35789.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35789.json
new file mode 100644
index 00000000000..5649e1e658a
--- /dev/null
+++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35789.json
@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-35789",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-06-16T21:15:09.383",
+  "lastModified": "2023-06-16T21:15:09.383",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g., for amqp-publish or amqp-consume) and are thus visible to local attackers by listing a process and its arguments."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/alanxz/rabbitmq-c/issues/575",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/alanxz/rabbitmq-c/pull/781",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35790.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35790.json
new file mode 100644
index 00000000000..58af7164a9f
--- /dev/null
+++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35790.json
@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-35790",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-06-16T21:15:09.420",
+  "lastModified": "2023-06-16T21:15:09.420",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in dec_patch_dictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/libjxl/libjxl/pull/2551",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/libjxl/libjxl/releases/tag/v0.8.2",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/README.md b/README.md
index c00b9d483e2..420d45d2c4d 100644
--- a/README.md
+++ b/README.md
@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-06-16T20:00:28.945514+00:00
+2023-06-16T22:00:27.376950+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-06-16T19:42:38.180000+00:00
+2023-06-16T21:15:09.420000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,53 +29,33 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-217955
+217967
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `9`
+Recently added CVEs: `12`
 
-* [CVE-2023-34645](CVE-2023/CVE-2023-346xx/CVE-2023-34645.json) (`2023-06-16T18:15:09.367`)
-* [CVE-2023-34659](CVE-2023/CVE-2023-346xx/CVE-2023-34659.json) (`2023-06-16T18:15:09.437`)
-* [CVE-2023-34660](CVE-2023/CVE-2023-346xx/CVE-2023-34660.json) (`2023-06-16T18:15:09.483`)
-* [CVE-2023-25185](CVE-2023/CVE-2023-251xx/CVE-2023-25185.json) (`2023-06-16T19:15:14.360`)
-* [CVE-2023-25186](CVE-2023/CVE-2023-251xx/CVE-2023-25186.json) (`2023-06-16T19:15:14.423`)
-* [CVE-2023-25188](CVE-2023/CVE-2023-251xx/CVE-2023-25188.json) (`2023-06-16T19:15:14.477`)
-* [CVE-2023-25645](CVE-2023/CVE-2023-256xx/CVE-2023-25645.json) (`2023-06-16T19:15:14.527`)
-* [CVE-2023-34832](CVE-2023/CVE-2023-348xx/CVE-2023-34832.json) (`2023-06-16T18:15:09.523`)
-* [CVE-2023-3268](CVE-2023/CVE-2023-32xx/CVE-2023-3268.json) (`2023-06-16T19:15:14.707`)
+* [CVE-2023-25187](CVE-2023/CVE-2023-251xx/CVE-2023-25187.json) (`2023-06-16T20:15:09.297`)
+* [CVE-2023-34474](CVE-2023/CVE-2023-344xx/CVE-2023-34474.json) (`2023-06-16T20:15:09.370`)
+* [CVE-2023-34475](CVE-2023/CVE-2023-344xx/CVE-2023-34475.json) (`2023-06-16T20:15:09.433`)
+* [CVE-2023-35784](CVE-2023/CVE-2023-357xx/CVE-2023-35784.json) (`2023-06-16T20:15:09.493`)
+* [CVE-2023-3195](CVE-2023/CVE-2023-31xx/CVE-2023-3195.json) (`2023-06-16T20:15:09.547`)
+* [CVE-2023-30903](CVE-2023/CVE-2023-309xx/CVE-2023-30903.json) (`2023-06-16T21:15:09.107`)
+* [CVE-2023-30904](CVE-2023/CVE-2023-309xx/CVE-2023-30904.json) (`2023-06-16T21:15:09.157`)
+* [CVE-2023-30905](CVE-2023/CVE-2023-309xx/CVE-2023-30905.json) (`2023-06-16T21:15:09.200`)
+* [CVE-2023-33438](CVE-2023/CVE-2023-334xx/CVE-2023-33438.json) (`2023-06-16T21:15:09.247`)
+* [CVE-2023-35788](CVE-2023/CVE-2023-357xx/CVE-2023-35788.json) (`2023-06-16T21:15:09.340`)
+* [CVE-2023-35789](CVE-2023/CVE-2023-357xx/CVE-2023-35789.json) (`2023-06-16T21:15:09.383`)
+* [CVE-2023-35790](CVE-2023/CVE-2023-357xx/CVE-2023-35790.json) (`2023-06-16T21:15:09.420`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `37`
+Recently modified CVEs: `2`
 
-* [CVE-2023-30222](CVE-2023/CVE-2023-302xx/CVE-2023-30222.json) (`2023-06-16T18:24:22.883`)
-* [CVE-2023-30223](CVE-2023/CVE-2023-302xx/CVE-2023-30223.json) (`2023-06-16T18:24:22.883`)
-* [CVE-2023-30625](CVE-2023/CVE-2023-306xx/CVE-2023-30625.json) (`2023-06-16T18:24:22.883`)
-* [CVE-2023-34733](CVE-2023/CVE-2023-347xx/CVE-2023-34733.json) (`2023-06-16T18:24:22.883`)
-* [CVE-2023-27706](CVE-2023/CVE-2023-277xx/CVE-2023-27706.json) (`2023-06-16T18:24:48.480`)
-* [CVE-2023-35036](CVE-2023/CVE-2023-350xx/CVE-2023-35036.json) (`2023-06-16T18:28:22.187`)
-* [CVE-2023-1323](CVE-2023/CVE-2023-13xx/CVE-2023-1323.json) (`2023-06-16T18:35:43.427`)
-* [CVE-2023-35053](CVE-2023/CVE-2023-350xx/CVE-2023-35053.json) (`2023-06-16T18:35:52.327`)
-* [CVE-2023-35054](CVE-2023/CVE-2023-350xx/CVE-2023-35054.json) (`2023-06-16T18:36:30.947`)
-* [CVE-2023-32114](CVE-2023/CVE-2023-321xx/CVE-2023-32114.json) (`2023-06-16T18:40:36.677`)
-* [CVE-2023-2362](CVE-2023/CVE-2023-23xx/CVE-2023-2362.json) (`2023-06-16T18:40:59.710`)
-* [CVE-2023-2398](CVE-2023/CVE-2023-23xx/CVE-2023-2398.json) (`2023-06-16T18:41:22.047`)
-* [CVE-2023-2718](CVE-2023/CVE-2023-27xx/CVE-2023-2718.json) (`2023-06-16T18:42:20.787`)
-* [CVE-2023-26294](CVE-2023/CVE-2023-262xx/CVE-2023-26294.json) (`2023-06-16T18:48:22.633`)
-* [CVE-2023-2277](CVE-2023/CVE-2023-22xx/CVE-2023-2277.json) (`2023-06-16T19:12:35.143`)
-* [CVE-2023-2986](CVE-2023/CVE-2023-29xx/CVE-2023-2986.json) (`2023-06-16T19:15:14.577`)
-* [CVE-2023-2278](CVE-2023/CVE-2023-22xx/CVE-2023-2278.json) (`2023-06-16T19:15:21.090`)
-* [CVE-2023-28321](CVE-2023/CVE-2023-283xx/CVE-2023-28321.json) (`2023-06-16T19:17:39.220`)
-* [CVE-2023-2351](CVE-2023/CVE-2023-23xx/CVE-2023-2351.json) (`2023-06-16T19:19:27.133`)
-* [CVE-2023-28478](CVE-2023/CVE-2023-284xx/CVE-2023-28478.json) (`2023-06-16T19:25:18.040`)
-* [CVE-2023-33626](CVE-2023/CVE-2023-336xx/CVE-2023-33626.json) (`2023-06-16T19:29:32.267`)
-* [CVE-2023-35034](CVE-2023/CVE-2023-350xx/CVE-2023-35034.json) (`2023-06-16T19:31:14.683`)
-* [CVE-2023-33625](CVE-2023/CVE-2023-336xx/CVE-2023-33625.json) (`2023-06-16T19:35:15.300`)
-* [CVE-2023-26210](CVE-2023/CVE-2023-262xx/CVE-2023-26210.json) (`2023-06-16T19:39:57.193`)
-* [CVE-2023-26207](CVE-2023/CVE-2023-262xx/CVE-2023-26207.json) (`2023-06-16T19:41:18.567`)
+* [CVE-2023-2820](CVE-2023/CVE-2023-28xx/CVE-2023-2820.json) (`2023-06-16T21:15:09.043`)
+* [CVE-2023-35708](CVE-2023/CVE-2023-357xx/CVE-2023-35708.json) (`2023-06-16T21:15:09.293`)
 
 
 ## Download and Usage