diff --git a/CVE-2022/CVE-2022-433xx/CVE-2022-43375.json b/CVE-2022/CVE-2022-433xx/CVE-2022-43375.json new file mode 100644 index 00000000000..9a4fcd83648 --- /dev/null +++ b/CVE-2022/CVE-2022-433xx/CVE-2022-43375.json @@ -0,0 +1,15 @@ +{ + "id": "CVE-2022-43375", + "sourceIdentifier": "productcert@siemens.com", + "published": "2024-01-04T07:15:08.893", + "lastModified": "2024-01-04T07:15:08.893", + "vulnStatus": "Rejected", + "descriptions": [ + { + "lang": "en", + "value": "Rejected reason: This CVE ID was unused by the CNA." + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-417xx/CVE-2023-41784.json b/CVE-2023/CVE-2023-417xx/CVE-2023-41784.json new file mode 100644 index 00000000000..8b71aeb3ce9 --- /dev/null +++ b/CVE-2023/CVE-2023-417xx/CVE-2023-41784.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-41784", + "sourceIdentifier": "psirt@zte.com.cn", + "published": "2024-01-04T08:15:08.493", + "lastModified": "2024-01-04T08:15:08.493", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nPermissions and Access Control Vulnerability in ZTE Red Magic 8 Pro \n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@zte.com.cn", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 6.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.3 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@zte.com.cn", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + } + ], + "references": [ + { + "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034444", + "source": "psirt@zte.com.cn" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-500xx/CVE-2023-50082.json b/CVE-2023/CVE-2023-500xx/CVE-2023-50082.json new file mode 100644 index 00000000000..c07d718024b --- /dev/null +++ b/CVE-2023/CVE-2023-500xx/CVE-2023-50082.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-50082", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-04T08:15:08.993", + "lastModified": "2024-01-04T08:15:08.993", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Aoyun Technology pbootcms V3.1.2 is vulnerable to Incorrect Access Control, allows remote attackers to gain sensitive information via session leakage allows a user to avoid logging into the backend management platform." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/juraorab/cve/blob/master/CVE/README.md", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/juraorab/cve/issues/2", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-506xx/CVE-2023-50630.json b/CVE-2023/CVE-2023-506xx/CVE-2023-50630.json new file mode 100644 index 00000000000..a5273e69102 --- /dev/null +++ b/CVE-2023/CVE-2023-506xx/CVE-2023-50630.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-50630", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-04T08:15:09.053", + "lastModified": "2024-01-04T08:15:09.053", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Scripting (XSS) vulnerability in xiweicheng TMS v.2.28.0 allows a remote attacker to execute arbitrary code via a crafted script to the click here function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/xiweicheng/tms/issues/19", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-523xx/CVE-2023-52322.json b/CVE-2023/CVE-2023-523xx/CVE-2023-52322.json new file mode 100644 index 00000000000..981675a6d81 --- /dev/null +++ b/CVE-2023/CVE-2023-523xx/CVE-2023-52322.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-52322", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-04T07:15:09.170", + "lastModified": "2024-01-04T07:15:09.170", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "ecrire/public/assembler.php in SPIP before 4.1.3 and 4.2.x before 4.2.7 allows XSS because input from _request() is not restricted to safe characters such as alphanumerics." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://blog.spip.net/Mise-a-jour-de-maintenance-et-securite-sortie-de-SPIP-4-2-7-SPIP-4-1-13.html?lang=fr", + "source": "cve@mitre.org" + }, + { + "url": "https://git.spip.net/spip/spip/commit/e90f5344b8c82711053053e778d38a35e42b7bcb", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index cfe934a6045..ff90b44958f 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-01-04T07:00:24.377767+00:00 +2024-01-04T09:00:26.252363+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-01-04T06:15:45.323000+00:00 +2024-01-04T08:15:09.053000+00:00 ``` ### Last Data Feed Release @@ -29,14 +29,18 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -234843 +234848 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `5` -* [CVE-2023-29962](CVE-2023/CVE-2023-299xx/CVE-2023-29962.json) (`2024-01-04T06:15:45.323`) +* [CVE-2022-43375](CVE-2022/CVE-2022-433xx/CVE-2022-43375.json) (`2024-01-04T07:15:08.893`) +* [CVE-2023-52322](CVE-2023/CVE-2023-523xx/CVE-2023-52322.json) (`2024-01-04T07:15:09.170`) +* [CVE-2023-41784](CVE-2023/CVE-2023-417xx/CVE-2023-41784.json) (`2024-01-04T08:15:08.493`) +* [CVE-2023-50082](CVE-2023/CVE-2023-500xx/CVE-2023-50082.json) (`2024-01-04T08:15:08.993`) +* [CVE-2023-50630](CVE-2023/CVE-2023-506xx/CVE-2023-50630.json) (`2024-01-04T08:15:09.053`) ### CVEs modified in the last Commit