Auto-Update: 2024-01-04T09:00:26.252363+00:00

2025-07-11 16:13:34 +00:00 · 2024-01-04 09:00:29 +00:00 · 2024-01-04 09:00:29 +00:00 · 614aab7b90
commit 614aab7b90
parent dace7e9c47
6 changed files with 147 additions and 5 deletions
--- a/CVE-2022/CVE-2022-433xx/CVE-2022-43375.json
+++ b/CVE-2022/CVE-2022-433xx/CVE-2022-43375.json
@ -0,0 +1,15 @@
+{
+  "id": "CVE-2022-43375",
+  "sourceIdentifier": "productcert@siemens.com",
+  "published": "2024-01-04T07:15:08.893",
+  "lastModified": "2024-01-04T07:15:08.893",
+  "vulnStatus": "Rejected",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Rejected reason: This CVE ID was unused by the CNA."
+    }
+  ],
+  "metrics": {},
+  "references": []
+}
--- a/CVE-2023/CVE-2023-417xx/CVE-2023-41784.json
+++ b/CVE-2023/CVE-2023-417xx/CVE-2023-41784.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-41784",
+  "sourceIdentifier": "psirt@zte.com.cn",
+  "published": "2024-01-04T08:15:08.493",
+  "lastModified": "2024-01-04T08:15:08.493",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nPermissions and Access Control Vulnerability in ZTE Red Magic 8 Pro \n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "psirt@zte.com.cn",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L",
+          "attackVector": "LOCAL",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.6,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 0.8,
+        "impactScore": 5.3
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "psirt@zte.com.cn",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-269"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034444",
+      "source": "psirt@zte.com.cn"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-500xx/CVE-2023-50082.json
+++ b/CVE-2023/CVE-2023-500xx/CVE-2023-50082.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-50082",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-04T08:15:08.993",
+  "lastModified": "2024-01-04T08:15:08.993",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Aoyun Technology pbootcms V3.1.2 is vulnerable to Incorrect Access Control, allows remote attackers to gain sensitive information via session leakage allows a user to avoid logging into the backend management platform."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/juraorab/cve/blob/master/CVE/README.md",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/juraorab/cve/issues/2",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-506xx/CVE-2023-50630.json
+++ b/CVE-2023/CVE-2023-506xx/CVE-2023-50630.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-50630",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-04T08:15:09.053",
+  "lastModified": "2024-01-04T08:15:09.053",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross Site Scripting (XSS) vulnerability in xiweicheng TMS v.2.28.0 allows a remote attacker to execute arbitrary code via a crafted script to the click here function."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/xiweicheng/tms/issues/19",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-523xx/CVE-2023-52322.json
+++ b/CVE-2023/CVE-2023-523xx/CVE-2023-52322.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-52322",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-04T07:15:09.170",
+  "lastModified": "2024-01-04T07:15:09.170",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "ecrire/public/assembler.php in SPIP before 4.1.3 and 4.2.x before 4.2.7 allows XSS because input from _request() is not restricted to safe characters such as alphanumerics."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://blog.spip.net/Mise-a-jour-de-maintenance-et-securite-sortie-de-SPIP-4-2-7-SPIP-4-1-13.html?lang=fr",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://git.spip.net/spip/spip/commit/e90f5344b8c82711053053e778d38a35e42b7bcb",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-01-04T07:00:24.377767+00:00
+2024-01-04T09:00:26.252363+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-01-04T06:15:45.323000+00:00
+2024-01-04T08:15:09.053000+00:00
 ```

 ### Last Data Feed Release
@ -29,14 +29,18 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-234843
+234848
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `1`
+Recently added CVEs: `5`

-* [CVE-2023-29962](CVE-2023/CVE-2023-299xx/CVE-2023-29962.json) (`2024-01-04T06:15:45.323`)
+* [CVE-2022-43375](CVE-2022/CVE-2022-433xx/CVE-2022-43375.json) (`2024-01-04T07:15:08.893`)
+* [CVE-2023-52322](CVE-2023/CVE-2023-523xx/CVE-2023-52322.json) (`2024-01-04T07:15:09.170`)
+* [CVE-2023-41784](CVE-2023/CVE-2023-417xx/CVE-2023-41784.json) (`2024-01-04T08:15:08.493`)
+* [CVE-2023-50082](CVE-2023/CVE-2023-500xx/CVE-2023-50082.json) (`2024-01-04T08:15:08.993`)
+* [CVE-2023-50630](CVE-2023/CVE-2023-506xx/CVE-2023-50630.json) (`2024-01-04T08:15:09.053`)


 ### CVEs modified in the last Commit