From 5333885f2758aac6ec51d82f57c6afd7b34f6c44 Mon Sep 17 00:00:00 2001
From: cad-safe-bot <cad-safe-bot@protonmail.com>
Date: Sat, 11 Nov 2023 03:00:24 +0000
Subject: [PATCH] Auto-Update: 2023-11-11T03:00:20.047343+00:00

---
 CVE-2023/CVE-2023-468xx/CVE-2023-46849.json | 36 +++++++++++++++++++++
 CVE-2023/CVE-2023-468xx/CVE-2023-46850.json | 36 +++++++++++++++++++++
 README.md                                   | 18 +++++------
 3 files changed, 80 insertions(+), 10 deletions(-)
 create mode 100644 CVE-2023/CVE-2023-468xx/CVE-2023-46849.json
 create mode 100644 CVE-2023/CVE-2023-468xx/CVE-2023-46850.json

diff --git a/CVE-2023/CVE-2023-468xx/CVE-2023-46849.json b/CVE-2023/CVE-2023-468xx/CVE-2023-46849.json
new file mode 100644
index 00000000000..78470e2f6a0
--- /dev/null
+++ b/CVE-2023/CVE-2023-468xx/CVE-2023-46849.json
@@ -0,0 +1,36 @@
+{
+  "id": "CVE-2023-46849",
+  "sourceIdentifier": "security@openvpn.net",
+  "published": "2023-11-11T01:15:07.270",
+  "lastModified": "2023-11-11T01:15:07.270",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "security@openvpn.net",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-369"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://community.openvpn.net/openvpn/wiki/CVE-2023-46849",
+      "source": "security@openvpn.net"
+    },
+    {
+      "url": "https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/",
+      "source": "security@openvpn.net"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-468xx/CVE-2023-46850.json b/CVE-2023/CVE-2023-468xx/CVE-2023-46850.json
new file mode 100644
index 00000000000..93c5d033707
--- /dev/null
+++ b/CVE-2023/CVE-2023-468xx/CVE-2023-46850.json
@@ -0,0 +1,36 @@
+{
+  "id": "CVE-2023-46850",
+  "sourceIdentifier": "security@openvpn.net",
+  "published": "2023-11-11T01:15:07.357",
+  "lastModified": "2023-11-11T01:15:07.357",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "security@openvpn.net",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-416"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://community.openvpn.net/openvpn/wiki/CVE-2023-46850",
+      "source": "security@openvpn.net"
+    },
+    {
+      "url": "https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/",
+      "source": "security@openvpn.net"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/README.md b/README.md
index e942ee443e6..88b5cfa2f03 100644
--- a/README.md
+++ b/README.md
@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-11-11T00:55:20.503898+00:00
+2023-11-11T03:00:20.047343+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-11-10T23:15:07.743000+00:00
+2023-11-11T01:15:07.357000+00:00
 ```
 
 ### Last Data Feed Release
@@ -23,29 +23,27 @@ Repository synchronizes with the NVD every 2 hours.
 Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
 
 ```plain
-2023-11-10T01:00:13.564677+00:00
+2023-11-11T01:00:13.546663+00:00
 ```
 
 ### Total Number of included CVEs
 
 ```plain
-230345
+230347
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `1`
+Recently added CVEs: `2`
 
-* [CVE-2023-4804](CVE-2023/CVE-2023-48xx/CVE-2023-4804.json) (`2023-11-10T23:15:07.743`)
+* [CVE-2023-46849](CVE-2023/CVE-2023-468xx/CVE-2023-46849.json) (`2023-11-11T01:15:07.270`)
+* [CVE-2023-46850](CVE-2023/CVE-2023-468xx/CVE-2023-46850.json) (`2023-11-11T01:15:07.357`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `3`
+Recently modified CVEs: `0`
 
-* [CVE-2023-0574](CVE-2023/CVE-2023-05xx/CVE-2023-0574.json) (`2023-11-10T23:15:07.437`)
-* [CVE-2023-0575](CVE-2023/CVE-2023-05xx/CVE-2023-0575.json) (`2023-11-10T23:15:07.560`)
-* [CVE-2023-0745](CVE-2023/CVE-2023-07xx/CVE-2023-0745.json) (`2023-11-10T23:15:07.647`)
 
 
 ## Download and Usage