From 3f5b99d544d435f6f02dbf1162dc0659e65df5e3 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 2 Jan 2024 05:00:28 +0000 Subject: [PATCH] Auto-Update: 2024-01-02T05:00:24.445699+00:00 --- CVE-2023/CVE-2023-328xx/CVE-2023-32831.json | 20 ++++++++++++ CVE-2023/CVE-2023-328xx/CVE-2023-32872.json | 20 ++++++++++++ CVE-2023/CVE-2023-328xx/CVE-2023-32874.json | 20 ++++++++++++ CVE-2023/CVE-2023-328xx/CVE-2023-32875.json | 20 ++++++++++++ CVE-2023/CVE-2023-328xx/CVE-2023-32876.json | 20 ++++++++++++ CVE-2023/CVE-2023-328xx/CVE-2023-32877.json | 20 ++++++++++++ CVE-2023/CVE-2023-328xx/CVE-2023-32878.json | 20 ++++++++++++ CVE-2023/CVE-2023-328xx/CVE-2023-32879.json | 20 ++++++++++++ CVE-2023/CVE-2023-328xx/CVE-2023-32880.json | 20 ++++++++++++ CVE-2023/CVE-2023-328xx/CVE-2023-32881.json | 20 ++++++++++++ CVE-2023/CVE-2023-328xx/CVE-2023-32882.json | 20 ++++++++++++ CVE-2023/CVE-2023-328xx/CVE-2023-32883.json | 20 ++++++++++++ CVE-2023/CVE-2023-328xx/CVE-2023-32884.json | 20 ++++++++++++ CVE-2023/CVE-2023-328xx/CVE-2023-32885.json | 20 ++++++++++++ CVE-2023/CVE-2023-328xx/CVE-2023-32886.json | 20 ++++++++++++ CVE-2023/CVE-2023-328xx/CVE-2023-32887.json | 20 ++++++++++++ CVE-2023/CVE-2023-328xx/CVE-2023-32888.json | 20 ++++++++++++ CVE-2023/CVE-2023-328xx/CVE-2023-32889.json | 20 ++++++++++++ CVE-2023/CVE-2023-328xx/CVE-2023-32890.json | 20 ++++++++++++ CVE-2023/CVE-2023-328xx/CVE-2023-32891.json | 20 ++++++++++++ README.md | 34 +++++++++++++++------ 21 files changed, 425 insertions(+), 9 deletions(-) create mode 100644 CVE-2023/CVE-2023-328xx/CVE-2023-32831.json create mode 100644 CVE-2023/CVE-2023-328xx/CVE-2023-32872.json create mode 100644 CVE-2023/CVE-2023-328xx/CVE-2023-32874.json create mode 100644 CVE-2023/CVE-2023-328xx/CVE-2023-32875.json create mode 100644 CVE-2023/CVE-2023-328xx/CVE-2023-32876.json create mode 100644 CVE-2023/CVE-2023-328xx/CVE-2023-32877.json create mode 100644 CVE-2023/CVE-2023-328xx/CVE-2023-32878.json create mode 100644 CVE-2023/CVE-2023-328xx/CVE-2023-32879.json create mode 100644 CVE-2023/CVE-2023-328xx/CVE-2023-32880.json create mode 100644 CVE-2023/CVE-2023-328xx/CVE-2023-32881.json create mode 100644 CVE-2023/CVE-2023-328xx/CVE-2023-32882.json create mode 100644 CVE-2023/CVE-2023-328xx/CVE-2023-32883.json create mode 100644 CVE-2023/CVE-2023-328xx/CVE-2023-32884.json create mode 100644 CVE-2023/CVE-2023-328xx/CVE-2023-32885.json create mode 100644 CVE-2023/CVE-2023-328xx/CVE-2023-32886.json create mode 100644 CVE-2023/CVE-2023-328xx/CVE-2023-32887.json create mode 100644 CVE-2023/CVE-2023-328xx/CVE-2023-32888.json create mode 100644 CVE-2023/CVE-2023-328xx/CVE-2023-32889.json create mode 100644 CVE-2023/CVE-2023-328xx/CVE-2023-32890.json create mode 100644 CVE-2023/CVE-2023-328xx/CVE-2023-32891.json diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32831.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32831.json new file mode 100644 index 00000000000..d9a0755f38f --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32831.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32831", + "sourceIdentifier": "security@mediatek.com", + "published": "2024-01-02T03:15:07.720", + "lastModified": "2024-01-02T03:15:07.720", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This could lead to local information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00325055; Issue ID: MSV-868." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/January-2024", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32872.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32872.json new file mode 100644 index 00000000000..f62de323297 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32872.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32872", + "sourceIdentifier": "security@mediatek.com", + "published": "2024-01-02T03:15:07.790", + "lastModified": "2024-01-02T03:15:07.790", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08308607." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/January-2024", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32874.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32874.json new file mode 100644 index 00000000000..6d02f8f64a5 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32874.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32874", + "sourceIdentifier": "security@mediatek.com", + "published": "2024-01-02T03:15:07.833", + "lastModified": "2024-01-02T03:15:07.833", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/January-2024", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32875.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32875.json new file mode 100644 index 00000000000..6bfe6454924 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32875.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32875", + "sourceIdentifier": "security@mediatek.com", + "published": "2024-01-02T03:15:07.883", + "lastModified": "2024-01-02T03:15:07.883", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08304217." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/January-2024", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32876.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32876.json new file mode 100644 index 00000000000..df4596af30f --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32876.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32876", + "sourceIdentifier": "security@mediatek.com", + "published": "2024-01-02T03:15:07.937", + "lastModified": "2024-01-02T03:15:07.937", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308612; Issue ID: ALPS08308612." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/January-2024", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32877.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32877.json new file mode 100644 index 00000000000..32d7b676717 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32877.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32877", + "sourceIdentifier": "security@mediatek.com", + "published": "2024-01-02T03:15:07.980", + "lastModified": "2024-01-02T03:15:07.980", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308070." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/January-2024", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32878.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32878.json new file mode 100644 index 00000000000..1fd3b26208c --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32878.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32878", + "sourceIdentifier": "security@mediatek.com", + "published": "2024-01-02T03:15:08.027", + "lastModified": "2024-01-02T03:15:08.027", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In battery, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08307992." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/January-2024", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32879.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32879.json new file mode 100644 index 00000000000..7bdb8ef7b53 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32879.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32879", + "sourceIdentifier": "security@mediatek.com", + "published": "2024-01-02T03:15:08.077", + "lastModified": "2024-01-02T03:15:08.077", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308064." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/January-2024", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32880.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32880.json new file mode 100644 index 00000000000..a0673b1f115 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32880.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32880", + "sourceIdentifier": "security@mediatek.com", + "published": "2024-01-02T03:15:08.123", + "lastModified": "2024-01-02T03:15:08.123", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In battery, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308076." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/January-2024", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32881.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32881.json new file mode 100644 index 00000000000..89e5ce3f3cc --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32881.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32881", + "sourceIdentifier": "security@mediatek.com", + "published": "2024-01-02T03:15:08.173", + "lastModified": "2024-01-02T03:15:08.173", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In battery, there is a possible information disclosure due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308080." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/January-2024", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32882.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32882.json new file mode 100644 index 00000000000..0b2d9018960 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32882.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32882", + "sourceIdentifier": "security@mediatek.com", + "published": "2024-01-02T03:15:08.220", + "lastModified": "2024-01-02T03:15:08.220", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In battery, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308616." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/January-2024", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32883.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32883.json new file mode 100644 index 00000000000..6c205df2651 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32883.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32883", + "sourceIdentifier": "security@mediatek.com", + "published": "2024-01-02T03:15:08.260", + "lastModified": "2024-01-02T03:15:08.260", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In Engineer Mode, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08282249; Issue ID: ALPS08282249." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/January-2024", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32884.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32884.json new file mode 100644 index 00000000000..00135148171 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32884.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32884", + "sourceIdentifier": "security@mediatek.com", + "published": "2024-01-02T03:15:08.303", + "lastModified": "2024-01-02T03:15:08.303", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In netdagent, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944011; Issue ID: ALPS07944011." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/January-2024", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32885.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32885.json new file mode 100644 index 00000000000..182984801d3 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32885.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32885", + "sourceIdentifier": "security@mediatek.com", + "published": "2024-01-02T03:15:08.353", + "lastModified": "2024-01-02T03:15:08.353", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In display drm, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07780685; Issue ID: ALPS07780685." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/January-2024", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32886.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32886.json new file mode 100644 index 00000000000..ca83aa1386d --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32886.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32886", + "sourceIdentifier": "security@mediatek.com", + "published": "2024-01-02T03:15:08.400", + "lastModified": "2024-01-02T03:15:08.400", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/January-2024", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32887.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32887.json new file mode 100644 index 00000000000..35449390600 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32887.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32887", + "sourceIdentifier": "security@mediatek.com", + "published": "2024-01-02T03:15:08.450", + "lastModified": "2024-01-02T03:15:08.450", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/January-2024", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32888.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32888.json new file mode 100644 index 00000000000..ac906c8db14 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32888.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32888", + "sourceIdentifier": "security@mediatek.com", + "published": "2024-01-02T03:15:08.493", + "lastModified": "2024-01-02T03:15:08.493", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/January-2024", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32889.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32889.json new file mode 100644 index 00000000000..05746460fe3 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32889.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32889", + "sourceIdentifier": "security@mediatek.com", + "published": "2024-01-02T03:15:08.540", + "lastModified": "2024-01-02T03:15:08.540", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161825; Issue ID: MOLY01161825 (MSV-895)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/January-2024", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32890.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32890.json new file mode 100644 index 00000000000..feb5354521a --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32890.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32890", + "sourceIdentifier": "security@mediatek.com", + "published": "2024-01-02T03:15:08.587", + "lastModified": "2024-01-02T03:15:08.587", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/January-2024", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32891.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32891.json new file mode 100644 index 00000000000..a38a59febe2 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32891.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32891", + "sourceIdentifier": "security@mediatek.com", + "published": "2024-01-02T03:15:08.633", + "lastModified": "2024-01-02T03:15:08.633", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/January-2024", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index c877ce91562..99adcaa51fe 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-01-02T03:00:24.405581+00:00 +2024-01-02T05:00:24.445699+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-01-02T01:15:08.273000+00:00 +2024-01-02T03:15:08.633000+00:00 ``` ### Last Data Feed Release @@ -29,23 +29,39 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -234626 +234646 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `20` -* [CVE-2024-0185](CVE-2024/CVE-2024-01xx/CVE-2024-0185.json) (`2024-01-02T01:15:08.020`) -* [CVE-2024-0186](CVE-2024/CVE-2024-01xx/CVE-2024-0186.json) (`2024-01-02T01:15:08.273`) +* [CVE-2023-32831](CVE-2023/CVE-2023-328xx/CVE-2023-32831.json) (`2024-01-02T03:15:07.720`) +* [CVE-2023-32872](CVE-2023/CVE-2023-328xx/CVE-2023-32872.json) (`2024-01-02T03:15:07.790`) +* [CVE-2023-32874](CVE-2023/CVE-2023-328xx/CVE-2023-32874.json) (`2024-01-02T03:15:07.833`) +* [CVE-2023-32875](CVE-2023/CVE-2023-328xx/CVE-2023-32875.json) (`2024-01-02T03:15:07.883`) +* [CVE-2023-32876](CVE-2023/CVE-2023-328xx/CVE-2023-32876.json) (`2024-01-02T03:15:07.937`) +* [CVE-2023-32877](CVE-2023/CVE-2023-328xx/CVE-2023-32877.json) (`2024-01-02T03:15:07.980`) +* [CVE-2023-32878](CVE-2023/CVE-2023-328xx/CVE-2023-32878.json) (`2024-01-02T03:15:08.027`) +* [CVE-2023-32879](CVE-2023/CVE-2023-328xx/CVE-2023-32879.json) (`2024-01-02T03:15:08.077`) +* [CVE-2023-32880](CVE-2023/CVE-2023-328xx/CVE-2023-32880.json) (`2024-01-02T03:15:08.123`) +* [CVE-2023-32881](CVE-2023/CVE-2023-328xx/CVE-2023-32881.json) (`2024-01-02T03:15:08.173`) +* [CVE-2023-32882](CVE-2023/CVE-2023-328xx/CVE-2023-32882.json) (`2024-01-02T03:15:08.220`) +* [CVE-2023-32883](CVE-2023/CVE-2023-328xx/CVE-2023-32883.json) (`2024-01-02T03:15:08.260`) +* [CVE-2023-32884](CVE-2023/CVE-2023-328xx/CVE-2023-32884.json) (`2024-01-02T03:15:08.303`) +* [CVE-2023-32885](CVE-2023/CVE-2023-328xx/CVE-2023-32885.json) (`2024-01-02T03:15:08.353`) +* [CVE-2023-32886](CVE-2023/CVE-2023-328xx/CVE-2023-32886.json) (`2024-01-02T03:15:08.400`) +* [CVE-2023-32887](CVE-2023/CVE-2023-328xx/CVE-2023-32887.json) (`2024-01-02T03:15:08.450`) +* [CVE-2023-32888](CVE-2023/CVE-2023-328xx/CVE-2023-32888.json) (`2024-01-02T03:15:08.493`) +* [CVE-2023-32889](CVE-2023/CVE-2023-328xx/CVE-2023-32889.json) (`2024-01-02T03:15:08.540`) +* [CVE-2023-32890](CVE-2023/CVE-2023-328xx/CVE-2023-32890.json) (`2024-01-02T03:15:08.587`) +* [CVE-2023-32891](CVE-2023/CVE-2023-328xx/CVE-2023-32891.json) (`2024-01-02T03:15:08.633`) ### CVEs modified in the last Commit -Recently modified CVEs: `2` +Recently modified CVEs: `0` -* [CVE-2023-40303](CVE-2023/CVE-2023-403xx/CVE-2023-40303.json) (`2024-01-02T01:15:07.857`) -* [CVE-2023-51766](CVE-2023/CVE-2023-517xx/CVE-2023-51766.json) (`2024-01-02T01:15:07.963`) ## Download and Usage