Auto-Update: 2024-01-16T11:00:24.934079+00:00

This commit is contained in:
cad-safe-bot 2024-01-16 11:00:28 +00:00
parent f1ba891db2
commit 53ea5789a0
16 changed files with 483 additions and 16 deletions

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-34063",
"sourceIdentifier": "security@vmware.com",
"published": "2024-01-16T10:15:07.347",
"lastModified": "2024-01-16T10:15:07.347",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Aria Automation contains a Missing Access Control vulnerability.\n\n\nAn authenticated malicious actor may \nexploit this vulnerability leading to unauthorized access to remote \norganizations and workflows.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@vmware.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0001.html",
"source": "security@vmware.com"
}
]
}

View File

@ -0,0 +1,40 @@
{
"id": "CVE-2023-52098",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-01-16T09:15:07.610",
"lastModified": "2024-01-16T09:15:07.610",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Denial of Service (DoS) vulnerability in the DMS module. Successful exploitation of this vulnerability will affect availability."
},
{
"lang": "es",
"value": "Vulnerabilidad de denegaci\u00f3n de servicio (DoS) en el m\u00f3dulo DMS. La explotaci\u00f3n exitosa de esta vulnerabilidad afectar\u00e1 la disponibilidad."
}
],
"metrics": {},
"weaknesses": [
{
"source": "psirt@huawei.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
"source": "psirt@huawei.com"
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
"source": "psirt@huawei.com"
}
]
}

View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52099",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-01-16T10:15:07.553",
"lastModified": "2024-01-16T10:15:07.553",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability of foreground service restrictions being bypassed in the NMS module. Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
"source": "psirt@huawei.com"
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
"source": "psirt@huawei.com"
}
]
}

View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52100",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-01-16T10:15:07.600",
"lastModified": "2024-01-16T10:15:07.600",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Celia Keyboard module has a vulnerability in access control. Successful exploitation of this vulnerability may affect availability."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
"source": "psirt@huawei.com"
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
"source": "psirt@huawei.com"
}
]
}

View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52101",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-01-16T10:15:07.650",
"lastModified": "2024-01-16T10:15:07.650",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Component exposure vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect service availability and integrity."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
"source": "psirt@huawei.com"
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
"source": "psirt@huawei.com"
}
]
}

View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52102",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-01-16T10:15:07.693",
"lastModified": "2024-01-16T10:15:07.693",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability of parameters being not verified in the WMS module. Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
"source": "psirt@huawei.com"
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
"source": "psirt@huawei.com"
}
]
}

View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-52103",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-01-16T10:15:07.743",
"lastModified": "2024-01-16T10:15:07.743",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow vulnerability in the FLP module. Successful exploitation of this vulnerability may cause out-of-bounds read."
}
],
"metrics": {},
"weaknesses": [
{
"source": "psirt@huawei.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
"source": "psirt@huawei.com"
},
{
"url": "https://https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
"source": "psirt@huawei.com"
}
]
}

View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52104",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-01-16T10:15:07.830",
"lastModified": "2024-01-16T10:15:07.830",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability of parameters being not verified in the WMS module. Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
"source": "psirt@huawei.com"
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
"source": "psirt@huawei.com"
}
]
}

View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52105",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-01-16T10:15:07.880",
"lastModified": "2024-01-16T10:15:07.880",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The nearby module has a privilege escalation vulnerability. Successful exploitation of this vulnerability may affect availability."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
"source": "psirt@huawei.com"
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
"source": "psirt@huawei.com"
}
]
}

View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52106",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-01-16T10:15:07.933",
"lastModified": "2024-01-16T10:15:07.933",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The DownloadProviderMain module has a vulnerability in API permission verification. Successful exploitation of this vulnerability may affect integrity and availability."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
"source": "psirt@huawei.com"
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
"source": "psirt@huawei.com"
}
]
}

View File

@ -0,0 +1,40 @@
{
"id": "CVE-2023-52107",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-01-16T09:15:07.750",
"lastModified": "2024-01-16T09:15:07.750",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability of permissions being not strictly verified in the WMS module. Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Vulnerabilidad de permisos no verificados estrictamente en el m\u00f3dulo WMS. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la confidencialidad del servicio."
}
],
"metrics": {},
"weaknesses": [
{
"source": "psirt@huawei.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
"source": "psirt@huawei.com"
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
"source": "psirt@huawei.com"
}
]
}

View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-52108",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-01-16T09:15:07.840",
"lastModified": "2024-01-16T09:15:07.840",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability of process priorities being raised in the ActivityManagerService module. Successful exploitation of this vulnerability will affect availability."
},
{
"lang": "es",
"value": "Vulnerabilidad de las prioridades de proceso que se plantean en el m\u00f3dulo ActivityManagerService. La explotaci\u00f3n exitosa de esta vulnerabilidad afectar\u00e1 la disponibilidad."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
"source": "psirt@huawei.com"
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
"source": "psirt@huawei.com"
}
]
}

View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-52114",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-01-16T09:15:07.883",
"lastModified": "2024-01-16T09:15:07.883",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Data confidentiality vulnerability in the ScreenReader module. Successful exploitation of this vulnerability may affect service integrity."
},
{
"lang": "es",
"value": "Vulnerabilidad de confidencialidad de datos en el m\u00f3dulo ScreenReader. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la integridad del servicio."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
"source": "psirt@huawei.com"
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
"source": "psirt@huawei.com"
}
]
}

View File

@ -0,0 +1,40 @@
{
"id": "CVE-2023-52115",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-01-16T09:15:07.933",
"lastModified": "2024-01-16T09:15:07.933",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The iaware module has a Use-After-Free (UAF) vulnerability. Successful exploitation of this vulnerability may affect the system functions."
},
{
"lang": "es",
"value": "El m\u00f3dulo iaware tiene una vulnerabilidad de Use-After-Free (UAF). La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar las funciones del sistema."
}
],
"metrics": {},
"weaknesses": [
{
"source": "psirt@huawei.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
"source": "psirt@huawei.com"
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
"source": "psirt@huawei.com"
}
]
}

View File

@ -0,0 +1,40 @@
{
"id": "CVE-2023-52116",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-01-16T09:15:08.017",
"lastModified": "2024-01-16T09:15:08.017",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Permission management vulnerability in the multi-screen interaction module. Successful exploitation of this vulnerability may cause service exceptions of the device."
},
{
"lang": "es",
"value": "Vulnerabilidad de gesti\u00f3n de permisos en el m\u00f3dulo de interacci\u00f3n multipantalla. La explotaci\u00f3n exitosa de esta vulnerabilidad puede causar excepciones en el servicio del dispositivo."
}
],
"metrics": {},
"weaknesses": [
{
"source": "psirt@huawei.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
"source": "psirt@huawei.com"
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
"source": "psirt@huawei.com"
}
]
}

View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-01-16T09:00:24.935024+00:00
2024-01-16T11:00:24.934079+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-01-16T08:15:09.207000+00:00
2024-01-16T10:15:07.933000+00:00
```
### Last Data Feed Release
@ -29,30 +29,34 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
235964
235979
```
### CVEs added in the last Commit
Recently added CVEs: `9`
Recently added CVEs: `15`
* [CVE-2011-10005](CVE-2011/CVE-2011-100xx/CVE-2011-10005.json) (`2024-01-16T08:15:07.933`)
* [CVE-2023-44112](CVE-2023/CVE-2023-441xx/CVE-2023-44112.json) (`2024-01-16T08:15:08.467`)
* [CVE-2023-44117](CVE-2023/CVE-2023-441xx/CVE-2023-44117.json) (`2024-01-16T08:15:08.573`)
* [CVE-2023-4566](CVE-2023/CVE-2023-45xx/CVE-2023-4566.json) (`2024-01-16T08:15:08.670`)
* [CVE-2023-52109](CVE-2023/CVE-2023-521xx/CVE-2023-52109.json) (`2024-01-16T08:15:08.763`)
* [CVE-2023-52110](CVE-2023/CVE-2023-521xx/CVE-2023-52110.json) (`2024-01-16T08:15:08.900`)
* [CVE-2023-52111](CVE-2023/CVE-2023-521xx/CVE-2023-52111.json) (`2024-01-16T08:15:08.960`)
* [CVE-2023-52112](CVE-2023/CVE-2023-521xx/CVE-2023-52112.json) (`2024-01-16T08:15:09.050`)
* [CVE-2023-52113](CVE-2023/CVE-2023-521xx/CVE-2023-52113.json) (`2024-01-16T08:15:09.110`)
* [CVE-2023-52098](CVE-2023/CVE-2023-520xx/CVE-2023-52098.json) (`2024-01-16T09:15:07.610`)
* [CVE-2023-52107](CVE-2023/CVE-2023-521xx/CVE-2023-52107.json) (`2024-01-16T09:15:07.750`)
* [CVE-2023-52108](CVE-2023/CVE-2023-521xx/CVE-2023-52108.json) (`2024-01-16T09:15:07.840`)
* [CVE-2023-52114](CVE-2023/CVE-2023-521xx/CVE-2023-52114.json) (`2024-01-16T09:15:07.883`)
* [CVE-2023-52115](CVE-2023/CVE-2023-521xx/CVE-2023-52115.json) (`2024-01-16T09:15:07.933`)
* [CVE-2023-52116](CVE-2023/CVE-2023-521xx/CVE-2023-52116.json) (`2024-01-16T09:15:08.017`)
* [CVE-2023-34063](CVE-2023/CVE-2023-340xx/CVE-2023-34063.json) (`2024-01-16T10:15:07.347`)
* [CVE-2023-52099](CVE-2023/CVE-2023-520xx/CVE-2023-52099.json) (`2024-01-16T10:15:07.553`)
* [CVE-2023-52100](CVE-2023/CVE-2023-521xx/CVE-2023-52100.json) (`2024-01-16T10:15:07.600`)
* [CVE-2023-52101](CVE-2023/CVE-2023-521xx/CVE-2023-52101.json) (`2024-01-16T10:15:07.650`)
* [CVE-2023-52102](CVE-2023/CVE-2023-521xx/CVE-2023-52102.json) (`2024-01-16T10:15:07.693`)
* [CVE-2023-52103](CVE-2023/CVE-2023-521xx/CVE-2023-52103.json) (`2024-01-16T10:15:07.743`)
* [CVE-2023-52104](CVE-2023/CVE-2023-521xx/CVE-2023-52104.json) (`2024-01-16T10:15:07.830`)
* [CVE-2023-52105](CVE-2023/CVE-2023-521xx/CVE-2023-52105.json) (`2024-01-16T10:15:07.880`)
* [CVE-2023-52106](CVE-2023/CVE-2023-521xx/CVE-2023-52106.json) (`2024-01-16T10:15:07.933`)
### CVEs modified in the last Commit
Recently modified CVEs: `2`
Recently modified CVEs: `0`
* [CVE-2023-22527](CVE-2023/CVE-2023-225xx/CVE-2023-22527.json) (`2024-01-16T07:15:07.557`)
* [CVE-2023-5356](CVE-2023/CVE-2023-53xx/CVE-2023-5356.json) (`2024-01-16T08:15:09.207`)
## Download and Usage