diff --git a/CVE-2022/CVE-2022-460xx/CVE-2022-46025.json b/CVE-2022/CVE-2022-460xx/CVE-2022-46025.json new file mode 100644 index 00000000000..72713c0d741 --- /dev/null +++ b/CVE-2022/CVE-2022-460xx/CVE-2022-46025.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-46025", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-10T08:15:37.570", + "lastModified": "2024-01-10T08:15:37.570", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Totolink N200RE_V5 V9.3.5u.6255_B20211224 is vulnerable to Incorrect Access Control. The device allows remote attackers to obtain Wi-Fi system information, such as Wi-Fi SSID and Wi-Fi password, without logging into the management page." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://pastebin.com/aan5jT40", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-416xx/CVE-2023-41603.json b/CVE-2023/CVE-2023-416xx/CVE-2023-41603.json new file mode 100644 index 00000000000..ae032901125 --- /dev/null +++ b/CVE-2023/CVE-2023-416xx/CVE-2023-41603.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-41603", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-10T08:15:37.740", + "lastModified": "2024-01-10T08:15:37.740", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "D-Link R15 before v1.08.02 was discovered to contain no firewall restrictions for IPv6 traffic. This allows attackers to arbitrarily access any services running on the device that may be inadvertently listening via IPv6." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10347", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-417xx/CVE-2023-41781.json b/CVE-2023/CVE-2023-417xx/CVE-2023-41781.json new file mode 100644 index 00000000000..66d4f41e249 --- /dev/null +++ b/CVE-2023/CVE-2023-417xx/CVE-2023-41781.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-41781", + "sourceIdentifier": "psirt@zte.com.cn", + "published": "2024-01-10T07:15:49.423", + "lastModified": "2024-01-10T07:15:49.423", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nThere is a Cross-site\u00a0scripting (XSS) \u00a0vulnerability in ZTE MF258. Due to insufficient input validation of\u00a0SMS\u00a0interface parameter, an XSS attack will be triggered.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@zte.com.cn", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@zte.com.cn", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034684", + "source": "psirt@zte.com.cn" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-488xx/CVE-2023-48864.json b/CVE-2023/CVE-2023-488xx/CVE-2023-48864.json new file mode 100644 index 00000000000..73a8050b302 --- /dev/null +++ b/CVE-2023/CVE-2023-488xx/CVE-2023-48864.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-48864", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-10T08:15:37.807", + "lastModified": "2024-01-10T08:15:37.807", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SEMCMS v4.8 was discovered to contain a SQL injection vulnerability via the languageID parameter in /web_inc.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gitee.com/NoBlake/cve-2023-48864", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 66b77ed71ca..01dc7c93302 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-01-10T07:00:24.059848+00:00 +2024-01-10T09:00:24.246698+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-01-10T05:15:09.050000+00:00 +2024-01-10T08:15:37.807000+00:00 ``` ### Last Data Feed Release @@ -29,14 +29,17 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -235372 +235376 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `4` -* [CVE-2024-21643](CVE-2024/CVE-2024-216xx/CVE-2024-21643.json) (`2024-01-10T05:15:09.050`) +* [CVE-2022-46025](CVE-2022/CVE-2022-460xx/CVE-2022-46025.json) (`2024-01-10T08:15:37.570`) +* [CVE-2023-41781](CVE-2023/CVE-2023-417xx/CVE-2023-41781.json) (`2024-01-10T07:15:49.423`) +* [CVE-2023-41603](CVE-2023/CVE-2023-416xx/CVE-2023-41603.json) (`2024-01-10T08:15:37.740`) +* [CVE-2023-48864](CVE-2023/CVE-2023-488xx/CVE-2023-48864.json) (`2024-01-10T08:15:37.807`) ### CVEs modified in the last Commit