Auto-Update: 2024-01-16T11:00:24.934079+00:00

2025-07-09 16:05:11 +00:00 · 2024-01-16 11:00:28 +00:00 · 2024-01-16 11:00:28 +00:00 · 53ea5789a0
commit 53ea5789a0
parent f1ba891db2
16 changed files with 483 additions and 16 deletions
--- a/CVE-2023/CVE-2023-340xx/CVE-2023-34063.json
+++ b/CVE-2023/CVE-2023-340xx/CVE-2023-34063.json
@ -0,0 +1,43 @@
+{
+  "id": "CVE-2023-34063",
+  "sourceIdentifier": "security@vmware.com",
+  "published": "2024-01-16T10:15:07.347",
+  "lastModified": "2024-01-16T10:15:07.347",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Aria Automation contains a Missing Access Control vulnerability.\n\n\nAn authenticated malicious actor may \nexploit this vulnerability leading to unauthorized access to remote \norganizations and workflows.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@vmware.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.9,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 6.0
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://www.vmware.com/security/advisories/VMSA-2024-0001.html",
+      "source": "security@vmware.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-520xx/CVE-2023-52098.json
+++ b/CVE-2023/CVE-2023-520xx/CVE-2023-52098.json
@ -0,0 +1,40 @@
+{
+  "id": "CVE-2023-52098",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2024-01-16T09:15:07.610",
+  "lastModified": "2024-01-16T09:15:07.610",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Denial of Service (DoS) vulnerability in the DMS module. Successful exploitation of this vulnerability will affect availability."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de denegaci\u00f3n de servicio (DoS) en el m\u00f3dulo DMS. La explotaci\u00f3n exitosa de esta vulnerabilidad afectar\u00e1 la disponibilidad."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "psirt@huawei.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-400"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-520xx/CVE-2023-52099.json
+++ b/CVE-2023/CVE-2023-520xx/CVE-2023-52099.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-52099",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2024-01-16T10:15:07.553",
+  "lastModified": "2024-01-16T10:15:07.553",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability of foreground service restrictions being bypassed in the NMS module. Successful exploitation of this vulnerability may affect service confidentiality."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-521xx/CVE-2023-52100.json
+++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52100.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-52100",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2024-01-16T10:15:07.600",
+  "lastModified": "2024-01-16T10:15:07.600",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Celia Keyboard module has a vulnerability in access control. Successful exploitation of this vulnerability may affect availability."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-521xx/CVE-2023-52101.json
+++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52101.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-52101",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2024-01-16T10:15:07.650",
+  "lastModified": "2024-01-16T10:15:07.650",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Component exposure vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect service availability and integrity."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-521xx/CVE-2023-52102.json
+++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52102.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-52102",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2024-01-16T10:15:07.693",
+  "lastModified": "2024-01-16T10:15:07.693",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability of parameters being not verified in the WMS module. Successful exploitation of this vulnerability may affect service confidentiality."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-521xx/CVE-2023-52103.json
+++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52103.json
@ -0,0 +1,36 @@
+{
+  "id": "CVE-2023-52103",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2024-01-16T10:15:07.743",
+  "lastModified": "2024-01-16T10:15:07.743",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Buffer overflow vulnerability in the FLP module. Successful exploitation of this vulnerability may cause out-of-bounds read."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "psirt@huawei.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-120"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-521xx/CVE-2023-52104.json
+++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52104.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-52104",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2024-01-16T10:15:07.830",
+  "lastModified": "2024-01-16T10:15:07.830",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability of parameters being not verified in the WMS module. Successful exploitation of this vulnerability may affect service confidentiality."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-521xx/CVE-2023-52105.json
+++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52105.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-52105",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2024-01-16T10:15:07.880",
+  "lastModified": "2024-01-16T10:15:07.880",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The nearby module has a privilege escalation vulnerability. Successful exploitation of this vulnerability may affect availability."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-521xx/CVE-2023-52106.json
+++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52106.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-52106",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2024-01-16T10:15:07.933",
+  "lastModified": "2024-01-16T10:15:07.933",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The DownloadProviderMain module has a vulnerability in API permission verification. Successful exploitation of this vulnerability may affect integrity and availability."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-521xx/CVE-2023-52107.json
+++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52107.json
@ -0,0 +1,40 @@
+{
+  "id": "CVE-2023-52107",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2024-01-16T09:15:07.750",
+  "lastModified": "2024-01-16T09:15:07.750",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability of permissions being not strictly verified in the WMS module. Successful exploitation of this vulnerability may affect service confidentiality."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de permisos no verificados estrictamente en el m\u00f3dulo WMS. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la confidencialidad del servicio."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "psirt@huawei.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-269"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-521xx/CVE-2023-52108.json
+++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52108.json
@ -0,0 +1,28 @@
+{
+  "id": "CVE-2023-52108",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2024-01-16T09:15:07.840",
+  "lastModified": "2024-01-16T09:15:07.840",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Vulnerability of process priorities being raised in the ActivityManagerService module. Successful exploitation of this vulnerability will affect availability."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de las prioridades de proceso que se plantean en el m\u00f3dulo ActivityManagerService. La explotaci\u00f3n exitosa de esta vulnerabilidad afectar\u00e1 la disponibilidad."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-521xx/CVE-2023-52114.json
+++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52114.json
@ -0,0 +1,28 @@
+{
+  "id": "CVE-2023-52114",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2024-01-16T09:15:07.883",
+  "lastModified": "2024-01-16T09:15:07.883",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Data confidentiality vulnerability in the ScreenReader module. Successful exploitation of this vulnerability may affect service integrity."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de confidencialidad de datos en el m\u00f3dulo ScreenReader. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la integridad del servicio."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-521xx/CVE-2023-52115.json
+++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52115.json
@ -0,0 +1,40 @@
+{
+  "id": "CVE-2023-52115",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2024-01-16T09:15:07.933",
+  "lastModified": "2024-01-16T09:15:07.933",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The iaware module has a Use-After-Free (UAF) vulnerability. Successful exploitation of this vulnerability may affect the system functions."
+    },
+    {
+      "lang": "es",
+      "value": "El m\u00f3dulo iaware tiene una vulnerabilidad de Use-After-Free (UAF). La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar las funciones del sistema."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "psirt@huawei.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-416"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-521xx/CVE-2023-52116.json
+++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52116.json
@ -0,0 +1,40 @@
+{
+  "id": "CVE-2023-52116",
+  "sourceIdentifier": "psirt@huawei.com",
+  "published": "2024-01-16T09:15:08.017",
+  "lastModified": "2024-01-16T09:15:08.017",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Permission management vulnerability in the multi-screen interaction module. Successful exploitation of this vulnerability may cause service exceptions of the device."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de gesti\u00f3n de permisos en el m\u00f3dulo de interacci\u00f3n multipantalla. La explotaci\u00f3n exitosa de esta vulnerabilidad puede causar excepciones en el servicio del dispositivo."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "psirt@huawei.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-269"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
+      "source": "psirt@huawei.com"
+    },
+    {
+      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
+      "source": "psirt@huawei.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-01-16T09:00:24.935024+00:00
+2024-01-16T11:00:24.934079+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-01-16T08:15:09.207000+00:00
+2024-01-16T10:15:07.933000+00:00
 ```

 ### Last Data Feed Release
@ -29,30 +29,34 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-235964
+235979
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `9`
+Recently added CVEs: `15`

-* [CVE-2011-10005](CVE-2011/CVE-2011-100xx/CVE-2011-10005.json) (`2024-01-16T08:15:07.933`)
-* [CVE-2023-44112](CVE-2023/CVE-2023-441xx/CVE-2023-44112.json) (`2024-01-16T08:15:08.467`)
-* [CVE-2023-44117](CVE-2023/CVE-2023-441xx/CVE-2023-44117.json) (`2024-01-16T08:15:08.573`)
-* [CVE-2023-4566](CVE-2023/CVE-2023-45xx/CVE-2023-4566.json) (`2024-01-16T08:15:08.670`)
-* [CVE-2023-52109](CVE-2023/CVE-2023-521xx/CVE-2023-52109.json) (`2024-01-16T08:15:08.763`)
-* [CVE-2023-52110](CVE-2023/CVE-2023-521xx/CVE-2023-52110.json) (`2024-01-16T08:15:08.900`)
-* [CVE-2023-52111](CVE-2023/CVE-2023-521xx/CVE-2023-52111.json) (`2024-01-16T08:15:08.960`)
-* [CVE-2023-52112](CVE-2023/CVE-2023-521xx/CVE-2023-52112.json) (`2024-01-16T08:15:09.050`)
-* [CVE-2023-52113](CVE-2023/CVE-2023-521xx/CVE-2023-52113.json) (`2024-01-16T08:15:09.110`)
+* [CVE-2023-52098](CVE-2023/CVE-2023-520xx/CVE-2023-52098.json) (`2024-01-16T09:15:07.610`)
+* [CVE-2023-52107](CVE-2023/CVE-2023-521xx/CVE-2023-52107.json) (`2024-01-16T09:15:07.750`)
+* [CVE-2023-52108](CVE-2023/CVE-2023-521xx/CVE-2023-52108.json) (`2024-01-16T09:15:07.840`)
+* [CVE-2023-52114](CVE-2023/CVE-2023-521xx/CVE-2023-52114.json) (`2024-01-16T09:15:07.883`)
+* [CVE-2023-52115](CVE-2023/CVE-2023-521xx/CVE-2023-52115.json) (`2024-01-16T09:15:07.933`)
+* [CVE-2023-52116](CVE-2023/CVE-2023-521xx/CVE-2023-52116.json) (`2024-01-16T09:15:08.017`)
+* [CVE-2023-34063](CVE-2023/CVE-2023-340xx/CVE-2023-34063.json) (`2024-01-16T10:15:07.347`)
+* [CVE-2023-52099](CVE-2023/CVE-2023-520xx/CVE-2023-52099.json) (`2024-01-16T10:15:07.553`)
+* [CVE-2023-52100](CVE-2023/CVE-2023-521xx/CVE-2023-52100.json) (`2024-01-16T10:15:07.600`)
+* [CVE-2023-52101](CVE-2023/CVE-2023-521xx/CVE-2023-52101.json) (`2024-01-16T10:15:07.650`)
+* [CVE-2023-52102](CVE-2023/CVE-2023-521xx/CVE-2023-52102.json) (`2024-01-16T10:15:07.693`)
+* [CVE-2023-52103](CVE-2023/CVE-2023-521xx/CVE-2023-52103.json) (`2024-01-16T10:15:07.743`)
+* [CVE-2023-52104](CVE-2023/CVE-2023-521xx/CVE-2023-52104.json) (`2024-01-16T10:15:07.830`)
+* [CVE-2023-52105](CVE-2023/CVE-2023-521xx/CVE-2023-52105.json) (`2024-01-16T10:15:07.880`)
+* [CVE-2023-52106](CVE-2023/CVE-2023-521xx/CVE-2023-52106.json) (`2024-01-16T10:15:07.933`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `2`
+Recently modified CVEs: `0`

-* [CVE-2023-22527](CVE-2023/CVE-2023-225xx/CVE-2023-22527.json) (`2024-01-16T07:15:07.557`)
-* [CVE-2023-5356](CVE-2023/CVE-2023-53xx/CVE-2023-5356.json) (`2024-01-16T08:15:09.207`)


 ## Download and Usage