Auto-Update: 2024-01-10T09:00:24.246698+00:00

2025-07-09 16:05:11 +00:00 · 2024-01-10 09:00:27 +00:00 · 2024-01-10 09:00:27 +00:00 · 413a3e8f6c
commit 413a3e8f6c
parent 8b6245c848
5 changed files with 123 additions and 5 deletions
--- a/CVE-2022/CVE-2022-460xx/CVE-2022-46025.json
+++ b/CVE-2022/CVE-2022-460xx/CVE-2022-46025.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2022-46025",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-10T08:15:37.570",
+  "lastModified": "2024-01-10T08:15:37.570",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Totolink N200RE_V5 V9.3.5u.6255_B20211224 is vulnerable to Incorrect Access Control. The device allows remote attackers to obtain Wi-Fi system information, such as Wi-Fi SSID and Wi-Fi password, without logging into the management page."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://pastebin.com/aan5jT40",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-416xx/CVE-2023-41603.json
+++ b/CVE-2023/CVE-2023-416xx/CVE-2023-41603.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-41603",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-10T08:15:37.740",
+  "lastModified": "2024-01-10T08:15:37.740",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "D-Link R15 before v1.08.02 was discovered to contain no firewall restrictions for IPv6 traffic. This allows attackers to arbitrarily access any services running on the device that may be inadvertently listening via IPv6."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10347",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-417xx/CVE-2023-41781.json
+++ b/CVE-2023/CVE-2023-417xx/CVE-2023-41781.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-41781",
+  "sourceIdentifier": "psirt@zte.com.cn",
+  "published": "2024-01-10T07:15:49.423",
+  "lastModified": "2024-01-10T07:15:49.423",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nThere is a Cross-site\u00a0scripting (XSS) \u00a0vulnerability in ZTE MF258. Due to insufficient input validation of\u00a0SMS\u00a0interface parameter, an XSS attack will be triggered.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "psirt@zte.com.cn",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L",
+          "attackVector": "ADJACENT_NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.7,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 0.9,
+        "impactScore": 4.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "psirt@zte.com.cn",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-20"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034684",
+      "source": "psirt@zte.com.cn"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-488xx/CVE-2023-48864.json
+++ b/CVE-2023/CVE-2023-488xx/CVE-2023-48864.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-48864",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-10T08:15:37.807",
+  "lastModified": "2024-01-10T08:15:37.807",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "SEMCMS v4.8 was discovered to contain a SQL injection vulnerability via the languageID parameter in /web_inc.php."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://gitee.com/NoBlake/cve-2023-48864",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-01-10T07:00:24.059848+00:00
+2024-01-10T09:00:24.246698+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-01-10T05:15:09.050000+00:00
+2024-01-10T08:15:37.807000+00:00
 ```

 ### Last Data Feed Release
@ -29,14 +29,17 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-235372
+235376
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `1`
+Recently added CVEs: `4`

-* [CVE-2024-21643](CVE-2024/CVE-2024-216xx/CVE-2024-21643.json) (`2024-01-10T05:15:09.050`)
+* [CVE-2022-46025](CVE-2022/CVE-2022-460xx/CVE-2022-46025.json) (`2024-01-10T08:15:37.570`)
+* [CVE-2023-41781](CVE-2023/CVE-2023-417xx/CVE-2023-41781.json) (`2024-01-10T07:15:49.423`)
+* [CVE-2023-41603](CVE-2023/CVE-2023-416xx/CVE-2023-41603.json) (`2024-01-10T08:15:37.740`)
+* [CVE-2023-48864](CVE-2023/CVE-2023-488xx/CVE-2023-48864.json) (`2024-01-10T08:15:37.807`)


 ### CVEs modified in the last Commit