From 4252bc2da1923d3ed27dc8a4f765535d7737a792 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 4 Oct 2023 23:55:28 +0000 Subject: [PATCH] Auto-Update: 2023-10-04T23:55:24.622401+00:00 --- CVE-2023/CVE-2023-358xx/CVE-2023-35803.json | 20 ++++++++ CVE-2023/CVE-2023-402xx/CVE-2023-40299.json | 32 ++++++++++++ CVE-2023/CVE-2023-433xx/CVE-2023-43321.json | 24 +++++++++ CVE-2023/CVE-2023-438xx/CVE-2023-43877.json | 20 ++++++++ CVE-2023/CVE-2023-48xx/CVE-2023-4853.json | 8 ++- README.md | 55 ++++----------------- 6 files changed, 112 insertions(+), 47 deletions(-) create mode 100644 CVE-2023/CVE-2023-358xx/CVE-2023-35803.json create mode 100644 CVE-2023/CVE-2023-402xx/CVE-2023-40299.json create mode 100644 CVE-2023/CVE-2023-433xx/CVE-2023-43321.json create mode 100644 CVE-2023/CVE-2023-438xx/CVE-2023-43877.json diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35803.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35803.json new file mode 100644 index 00000000000..b10a5fb4ee8 --- /dev/null +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35803.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-35803", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-04T22:15:09.777", + "lastModified": "2023-10-04T22:15:09.777", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "IQ Engine before 10.6r2 on Extreme Network AP devices has a Buffer Overflow." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://community.extremenetworks.com/t5/security-advisories-formerly/sa-2023-067-iq-engine-acsd-service-buffer-overflow-cve-2023/ba-p/96472", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-402xx/CVE-2023-40299.json b/CVE-2023/CVE-2023-402xx/CVE-2023-40299.json new file mode 100644 index 00000000000..36f86b11b2b --- /dev/null +++ b/CVE-2023/CVE-2023-402xx/CVE-2023-40299.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-40299", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-04T22:15:09.830", + "lastModified": "2023-10-04T22:15:09.830", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Kong Insomnia 2023.4.0 on macOS allows attackers to execute code and access restricted files, or make requests for TCC permissions, by using the DYLD_INSERT_LIBRARIES environment variable." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Kong/insomnia/pull/6217/commits", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/Kong/insomnia/releases", + "source": "cve@mitre.org" + }, + { + "url": "https://insomnia.rest/changelog", + "source": "cve@mitre.org" + }, + { + "url": "https://www.angelystor.com/posts/cve-2023-40299/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-433xx/CVE-2023-43321.json b/CVE-2023/CVE-2023-433xx/CVE-2023-43321.json new file mode 100644 index 00000000000..e0d59525efa --- /dev/null +++ b/CVE-2023/CVE-2023-433xx/CVE-2023-43321.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-43321", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-04T22:15:09.887", + "lastModified": "2023-10-04T22:15:09.887", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "File Upload vulnerability in Digital China Networks DCFW-1800-SDC v.3.0 allows an authenticated attacker to execute arbitrary code via the wget function in the /sbin/cloudadmin.sh component." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Push3AX/vul/blob/main/DCN/DCFW_1800_SDC_CommandInjection.md", + "source": "cve@mitre.org" + }, + { + "url": "https://www.dcnetworks.com.cn/goods/61.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-438xx/CVE-2023-43877.json b/CVE-2023/CVE-2023-438xx/CVE-2023-43877.json new file mode 100644 index 00000000000..6762f3469ee --- /dev/null +++ b/CVE-2023/CVE-2023-438xx/CVE-2023-43877.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-43877", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-04T22:15:09.937", + "lastModified": "2023-10-04T22:15:09.937", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Rite CMS 3.0 has Multiple Cross-Site scripting (XSS) vulnerabilities that allow attackers to execute arbitrary code via a payload crafted in the Home Page fields in the Administration menu." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/sromanhu/RiteCMS-Stored-XSS---Home", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-48xx/CVE-2023-4853.json b/CVE-2023/CVE-2023-48xx/CVE-2023-4853.json index 46b3d3fec04..b18f890c5ee 100644 --- a/CVE-2023/CVE-2023-48xx/CVE-2023-4853.json +++ b/CVE-2023/CVE-2023-48xx/CVE-2023-4853.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4853", "sourceIdentifier": "secalert@redhat.com", "published": "2023-09-20T10:15:14.947", - "lastModified": "2023-09-27T16:17:00.917", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-04T22:15:09.980", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -177,6 +177,10 @@ "Vendor Advisory" ] }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:5446", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-4853", "source": "secalert@redhat.com", diff --git a/README.md b/README.md index be45ed98931..f197f392875 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-10-04T22:00:25.343486+00:00 +2023-10-04T23:55:24.622401+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-10-04T21:27:54.943000+00:00 +2023-10-04T22:15:09.980000+00:00 ``` ### Last Data Feed Release @@ -29,59 +29,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -227021 +227025 ``` ### CVEs added in the last Commit -Recently added CVEs: `16` +Recently added CVEs: `4` -* [CVE-2023-38537](CVE-2023/CVE-2023-385xx/CVE-2023-38537.json) (`2023-10-04T20:15:09.927`) -* [CVE-2023-38538](CVE-2023/CVE-2023-385xx/CVE-2023-38538.json) (`2023-10-04T20:15:10.020`) -* [CVE-2023-42449](CVE-2023/CVE-2023-424xx/CVE-2023-42449.json) (`2023-10-04T20:15:10.107`) -* [CVE-2023-42808](CVE-2023/CVE-2023-428xx/CVE-2023-42808.json) (`2023-10-04T20:15:10.187`) -* [CVE-2023-42809](CVE-2023/CVE-2023-428xx/CVE-2023-42809.json) (`2023-10-04T20:15:10.263`) -* [CVE-2023-44075](CVE-2023/CVE-2023-440xx/CVE-2023-44075.json) (`2023-10-04T20:15:10.347`) -* [CVE-2023-44209](CVE-2023/CVE-2023-442xx/CVE-2023-44209.json) (`2023-10-04T20:15:10.397`) -* [CVE-2023-44210](CVE-2023/CVE-2023-442xx/CVE-2023-44210.json) (`2023-10-04T20:15:10.463`) -* [CVE-2023-36618](CVE-2023/CVE-2023-366xx/CVE-2023-36618.json) (`2023-10-04T21:15:09.857`) -* [CVE-2023-36619](CVE-2023/CVE-2023-366xx/CVE-2023-36619.json) (`2023-10-04T21:15:09.907`) -* [CVE-2023-41094](CVE-2023/CVE-2023-410xx/CVE-2023-41094.json) (`2023-10-04T21:15:09.963`) -* [CVE-2023-43793](CVE-2023/CVE-2023-437xx/CVE-2023-43793.json) (`2023-10-04T21:15:10.040`) -* [CVE-2023-43799](CVE-2023/CVE-2023-437xx/CVE-2023-43799.json) (`2023-10-04T21:15:10.127`) -* [CVE-2023-43805](CVE-2023/CVE-2023-438xx/CVE-2023-43805.json) (`2023-10-04T21:15:10.203`) -* [CVE-2023-43809](CVE-2023/CVE-2023-438xx/CVE-2023-43809.json) (`2023-10-04T21:15:10.280`) -* [CVE-2023-44389](CVE-2023/CVE-2023-443xx/CVE-2023-44389.json) (`2023-10-04T21:15:10.360`) +* [CVE-2023-35803](CVE-2023/CVE-2023-358xx/CVE-2023-35803.json) (`2023-10-04T22:15:09.777`) +* [CVE-2023-40299](CVE-2023/CVE-2023-402xx/CVE-2023-40299.json) (`2023-10-04T22:15:09.830`) +* [CVE-2023-43321](CVE-2023/CVE-2023-433xx/CVE-2023-43321.json) (`2023-10-04T22:15:09.887`) +* [CVE-2023-43877](CVE-2023/CVE-2023-438xx/CVE-2023-43877.json) (`2023-10-04T22:15:09.937`) ### CVEs modified in the last Commit -Recently modified CVEs: `24` +Recently modified CVEs: `1` -* [CVE-2023-39165](CVE-2023/CVE-2023-391xx/CVE-2023-39165.json) (`2023-10-04T20:00:28.027`) -* [CVE-2023-2830](CVE-2023/CVE-2023-28xx/CVE-2023-2830.json) (`2023-10-04T20:00:32.557`) -* [CVE-2023-33271](CVE-2023/CVE-2023-332xx/CVE-2023-33271.json) (`2023-10-04T20:04:35.777`) -* [CVE-2023-33272](CVE-2023/CVE-2023-332xx/CVE-2023-33272.json) (`2023-10-04T20:05:08.207`) -* [CVE-2023-33273](CVE-2023/CVE-2023-332xx/CVE-2023-33273.json) (`2023-10-04T20:05:16.653`) -* [CVE-2023-44464](CVE-2023/CVE-2023-444xx/CVE-2023-44464.json) (`2023-10-04T20:15:10.527`) -* [CVE-2023-33268](CVE-2023/CVE-2023-332xx/CVE-2023-33268.json) (`2023-10-04T20:34:09.853`) -* [CVE-2023-33269](CVE-2023/CVE-2023-332xx/CVE-2023-33269.json) (`2023-10-04T20:34:26.603`) -* [CVE-2023-33270](CVE-2023/CVE-2023-332xx/CVE-2023-33270.json) (`2023-10-04T20:34:36.617`) -* [CVE-2023-4211](CVE-2023/CVE-2023-42xx/CVE-2023-4211.json) (`2023-10-04T20:51:36.240`) -* [CVE-2023-5345](CVE-2023/CVE-2023-53xx/CVE-2023-5345.json) (`2023-10-04T20:56:10.307`) -* [CVE-2023-5334](CVE-2023/CVE-2023-53xx/CVE-2023-5334.json) (`2023-10-04T20:57:14.823`) -* [CVE-2023-3967](CVE-2023/CVE-2023-39xx/CVE-2023-3967.json) (`2023-10-04T20:59:13.480`) -* [CVE-2023-3335](CVE-2023/CVE-2023-33xx/CVE-2023-3335.json) (`2023-10-04T21:01:47.887`) -* [CVE-2023-43627](CVE-2023/CVE-2023-436xx/CVE-2023-43627.json) (`2023-10-04T21:03:53.027`) -* [CVE-2023-42771](CVE-2023/CVE-2023-427xx/CVE-2023-42771.json) (`2023-10-04T21:05:00.090`) -* [CVE-2023-32670](CVE-2023/CVE-2023-326xx/CVE-2023-32670.json) (`2023-10-04T21:06:20.757`) -* [CVE-2023-32669](CVE-2023/CVE-2023-326xx/CVE-2023-32669.json) (`2023-10-04T21:07:05.703`) -* [CVE-2023-39917](CVE-2023/CVE-2023-399xx/CVE-2023-39917.json) (`2023-10-04T21:08:21.527`) -* [CVE-2023-4098](CVE-2023/CVE-2023-40xx/CVE-2023-4098.json) (`2023-10-04T21:11:07.557`) -* [CVE-2023-21235](CVE-2023/CVE-2023-212xx/CVE-2023-21235.json) (`2023-10-04T21:15:09.760`) -* [CVE-2023-4099](CVE-2023/CVE-2023-40xx/CVE-2023-4099.json) (`2023-10-04T21:16:25.047`) -* [CVE-2023-33039](CVE-2023/CVE-2023-330xx/CVE-2023-33039.json) (`2023-10-04T21:18:51.943`) -* [CVE-2023-4100](CVE-2023/CVE-2023-41xx/CVE-2023-4100.json) (`2023-10-04T21:27:54.943`) +* [CVE-2023-4853](CVE-2023/CVE-2023-48xx/CVE-2023-4853.json) (`2023-10-04T22:15:09.980`) ## Download and Usage