diff --git a/CVE-2022/CVE-2022-216xx/CVE-2022-21669.json b/CVE-2022/CVE-2022-216xx/CVE-2022-21669.json index 8bcdec426b4..04871ab2fcf 100644 --- a/CVE-2022/CVE-2022-216xx/CVE-2022-21669.json +++ b/CVE-2022/CVE-2022-216xx/CVE-2022-21669.json @@ -2,8 +2,8 @@ "id": "CVE-2022-21669", "sourceIdentifier": "security-advisories@github.com", "published": "2022-01-11T15:15:08.457", - "lastModified": "2022-01-20T21:04:14.443", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-22T15:15:09.110", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -85,7 +85,7 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "security-advisories@github.com", "type": "Primary", "description": [ { @@ -95,7 +95,7 @@ ] }, { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { @@ -124,6 +124,10 @@ } ], "references": [ + { + "url": "https://github.com/PuddingBot/pudding-bot/commit/a5b15fb0a5be5fdbacba8ff7b2c8759d5e3ba20f", + "source": "security-advisories@github.com" + }, { "url": "https://github.com/PuddingBot/pudding-bot/security/advisories/GHSA-cxgr-xpmj-9qjm", "source": "security-advisories@github.com", diff --git a/CVE-2023/CVE-2023-386xx/CVE-2023-38646.json b/CVE-2023/CVE-2023-386xx/CVE-2023-38646.json index 774a50ecacc..adecba756c4 100644 --- a/CVE-2023/CVE-2023-386xx/CVE-2023-38646.json +++ b/CVE-2023/CVE-2023-386xx/CVE-2023-38646.json @@ -2,7 +2,7 @@ "id": "CVE-2023-38646", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-21T15:15:10.003", - "lastModified": "2023-07-21T15:15:10.003", + "lastModified": "2023-07-22T15:15:09.357", "vulnStatus": "Received", "descriptions": [ { @@ -12,6 +12,10 @@ ], "metrics": {}, "references": [ + { + "url": "https://github.com/metabase/metabase/issues/32552", + "source": "cve@mitre.org" + }, { "url": "https://github.com/metabase/metabase/releases/tag/v0.46.6.1", "source": "cve@mitre.org" diff --git a/CVE-2023/CVE-2023-38xx/CVE-2023-3801.json b/CVE-2023/CVE-2023-38xx/CVE-2023-3801.json index 553ec9c6079..85f84fd2c61 100644 --- a/CVE-2023/CVE-2023-38xx/CVE-2023-3801.json +++ b/CVE-2023/CVE-2023-38xx/CVE-2023-3801.json @@ -2,7 +2,7 @@ "id": "CVE-2023-3801", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-21T00:15:10.453", - "lastModified": "2023-07-22T05:15:37.723", + "lastModified": "2023-07-22T15:15:09.427", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -72,6 +72,10 @@ } ], "references": [ + { + "url": "http://web.archive.org/web/20230722143348/https://github.com/funnn7/cve/blob/main/sql.md", + "source": "cna@vuldb.com" + }, { "url": "https://github.com/Wkingxc/CVE/blob/master/ibos_OA_1.md", "source": "cna@vuldb.com" diff --git a/CVE-2023/CVE-2023-38xx/CVE-2023-3830.json b/CVE-2023/CVE-2023-38xx/CVE-2023-3830.json new file mode 100644 index 00000000000..b2ab72ef444 --- /dev/null +++ b/CVE-2023/CVE-2023-38xx/CVE-2023-3830.json @@ -0,0 +1,84 @@ +{ + "id": "CVE-2023-3830", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-07-22T15:15:09.517", + "lastModified": "2023-07-22T15:15:09.517", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Bug Finder SASS BILLER 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /company/store. The manipulation of the argument name leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-235151. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 4.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.235151", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.235151", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-38xx/CVE-2023-3831.json b/CVE-2023/CVE-2023-38xx/CVE-2023-3831.json new file mode 100644 index 00000000000..321a782de70 --- /dev/null +++ b/CVE-2023/CVE-2023-38xx/CVE-2023-3831.json @@ -0,0 +1,84 @@ +{ + "id": "CVE-2023-3831", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-07-22T15:15:09.597", + "lastModified": "2023-07-22T15:15:09.597", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Bug Finder Finounce 1.0 and classified as problematic. This issue affects some unknown processing of the file /user/ticket/create of the component Ticket Handler. The manipulation of the argument message leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-235157 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 4.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.235157", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.235157", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index dbb50acef1b..980c60bd2b3 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-07-22T14:00:25.424233+00:00 +2023-07-22T16:00:24.788143+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-07-22T12:15:09.477000+00:00 +2023-07-22T15:15:09.597000+00:00 ``` ### Last Data Feed Release @@ -29,20 +29,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -220851 +220853 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `2` -* [CVE-2023-3829](CVE-2023/CVE-2023-38xx/CVE-2023-3829.json) (`2023-07-22T12:15:09.477`) +* [CVE-2023-3830](CVE-2023/CVE-2023-38xx/CVE-2023-3830.json) (`2023-07-22T15:15:09.517`) +* [CVE-2023-3831](CVE-2023/CVE-2023-38xx/CVE-2023-3831.json) (`2023-07-22T15:15:09.597`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `3` +* [CVE-2022-21669](CVE-2022/CVE-2022-216xx/CVE-2022-21669.json) (`2023-07-22T15:15:09.110`) +* [CVE-2023-38646](CVE-2023/CVE-2023-386xx/CVE-2023-38646.json) (`2023-07-22T15:15:09.357`) +* [CVE-2023-3801](CVE-2023/CVE-2023-38xx/CVE-2023-3801.json) (`2023-07-22T15:15:09.427`) ## Download and Usage