From 6738b535339311290a6011aa8a7ae4a0c93a6529 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Helmke?= Date: Mon, 8 May 2023 04:00:27 +0200 Subject: [PATCH] Auto-Update: 2023-05-08T02:00:24.483182+00:00 --- CVE-2023/CVE-2023-299xx/CVE-2023-29944.json | 24 ++++++++++++++++++ CVE-2023/CVE-2023-301xx/CVE-2023-30185.json | 28 +++++++++++++++++++++ CVE-2023/CVE-2023-302xx/CVE-2023-30257.json | 24 ++++++++++++++++++ CVE-2023/CVE-2023-302xx/CVE-2023-30264.json | 6 +---- CVE-2023/CVE-2023-302xx/CVE-2023-30266.json | 9 +------ CVE-2023/CVE-2023-314xx/CVE-2023-31484.json | 8 ++++-- CVE-2023/CVE-2023-314xx/CVE-2023-31485.json | 8 ++++-- CVE-2023/CVE-2023-314xx/CVE-2023-31486.json | 12 +++++++-- README.md | 22 ++++++++++------ 9 files changed, 114 insertions(+), 27 deletions(-) create mode 100644 CVE-2023/CVE-2023-299xx/CVE-2023-29944.json create mode 100644 CVE-2023/CVE-2023-301xx/CVE-2023-30185.json create mode 100644 CVE-2023/CVE-2023-302xx/CVE-2023-30257.json diff --git a/CVE-2023/CVE-2023-299xx/CVE-2023-29944.json b/CVE-2023/CVE-2023-299xx/CVE-2023-29944.json new file mode 100644 index 00000000000..18c1ca7aead --- /dev/null +++ b/CVE-2023/CVE-2023-299xx/CVE-2023-29944.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-29944", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-08T01:15:08.830", + "lastModified": "2023-05-08T01:15:08.830", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Metersphere v1.20.20-lts-79d354a6 is vulnerable to Remote Command Execution. The system command reverse-shell can be executed at the custom code snippet function of the metersphere system workbench" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/metersphere/metersphere", + "source": "cve@mitre.org" + }, + { + "url": "https://hacku.top/wl/?id=N67LxQL238Tsw9PDok5fy8tihEO0jI7L", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-301xx/CVE-2023-30185.json b/CVE-2023/CVE-2023-301xx/CVE-2023-30185.json new file mode 100644 index 00000000000..cf317206dc6 --- /dev/null +++ b/CVE-2023/CVE-2023-301xx/CVE-2023-30185.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-30185", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-08T01:15:08.877", + "lastModified": "2023-05-08T01:15:08.877", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "CRMEB v4.4 to v4.6 was discovered to contain an arbitrary file upload vulnerability via the component \\attachment\\SystemAttachmentServices.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://crmeb.com", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/c7w1n/CVE-2023-30185/blob/main/CVE-2023-30185.md", + "source": "cve@mitre.org" + }, + { + "url": "https://www.crmeb.com/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-302xx/CVE-2023-30257.json b/CVE-2023/CVE-2023-302xx/CVE-2023-30257.json new file mode 100644 index 00000000000..9649d60c555 --- /dev/null +++ b/CVE-2023/CVE-2023-302xx/CVE-2023-30257.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-30257", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-08T01:15:08.920", + "lastModified": "2023-05-08T01:15:08.920", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A buffer overflow in the component /proc/ftxxxx-debug of FiiO M6 Build Number v1.0.4 allows attackers to escalate privileges to root." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/stigward/PoCs-and-Exploits/tree/main/fiio_LPE_0day", + "source": "cve@mitre.org" + }, + { + "url": "https://stigward.github.io/posts/fiio-m6-exploit/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-302xx/CVE-2023-30264.json b/CVE-2023/CVE-2023-302xx/CVE-2023-30264.json index 897db707fbf..54e14a395dd 100644 --- a/CVE-2023/CVE-2023-302xx/CVE-2023-30264.json +++ b/CVE-2023/CVE-2023-302xx/CVE-2023-30264.json @@ -2,7 +2,7 @@ "id": "CVE-2023-30264", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-04T20:15:10.377", - "lastModified": "2023-05-05T13:33:53.507", + "lastModified": "2023-05-08T00:15:09.220", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -15,10 +15,6 @@ { "url": "https://gist.github.com/HuBenLab/8498761dc3eaaed724a134197f092c47", "source": "cve@mitre.org" - }, - { - "url": "https://github.com/HuBenLab/HuBenVulList/blob/main/CLTPHP6.0%20Unrestricted%20Upload%20of%20File%20with%20Dangerous%20Type%202.md", - "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-302xx/CVE-2023-30266.json b/CVE-2023/CVE-2023-302xx/CVE-2023-30266.json index eaa2e9b27bd..7bd7b13f290 100644 --- a/CVE-2023/CVE-2023-302xx/CVE-2023-30266.json +++ b/CVE-2023/CVE-2023-302xx/CVE-2023-30266.json @@ -2,7 +2,7 @@ "id": "CVE-2023-30266", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-26T14:15:09.737", - "lastModified": "2023-05-04T20:15:10.493", + "lastModified": "2023-05-08T00:15:09.323", "vulnStatus": "Modified", "descriptions": [ { @@ -68,13 +68,6 @@ { "url": "https://gist.github.com/HuBenLab/a6ef7e5efeae2635f54cb69327409a19", "source": "cve@mitre.org" - }, - { - "url": "https://github.com/HuBenLab/HuBenVulList/blob/main/CLTPHP6.0%20Unrestricted%20Upload%20of%20File%20with%20Dangerous%20Type%201.md", - "source": "cve@mitre.org", - "tags": [ - "Exploit" - ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-314xx/CVE-2023-31484.json b/CVE-2023/CVE-2023-314xx/CVE-2023-31484.json index e23bc7f5269..10bfef98bf7 100644 --- a/CVE-2023/CVE-2023-314xx/CVE-2023-31484.json +++ b/CVE-2023/CVE-2023-314xx/CVE-2023-31484.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31484", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-29T00:15:09.000", - "lastModified": "2023-05-04T00:15:10.567", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-08T00:15:09.433", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", @@ -24,6 +24,10 @@ "url": "http://www.openwall.com/lists/oss-security/2023/05/03/5", "source": "cve@mitre.org" }, + { + "url": "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "source": "cve@mitre.org" + }, { "url": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", "source": "cve@mitre.org" diff --git a/CVE-2023/CVE-2023-314xx/CVE-2023-31485.json b/CVE-2023/CVE-2023-314xx/CVE-2023-31485.json index 01b68187797..61d6dc864d7 100644 --- a/CVE-2023/CVE-2023-314xx/CVE-2023-31485.json +++ b/CVE-2023/CVE-2023-314xx/CVE-2023-31485.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31485", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-29T00:15:09.043", - "lastModified": "2023-05-04T00:15:17.013", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-08T00:15:09.517", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", @@ -24,6 +24,10 @@ "url": "http://www.openwall.com/lists/oss-security/2023/05/03/5", "source": "cve@mitre.org" }, + { + "url": "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "source": "cve@mitre.org" + }, { "url": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", "source": "cve@mitre.org" diff --git a/CVE-2023/CVE-2023-314xx/CVE-2023-31486.json b/CVE-2023/CVE-2023-314xx/CVE-2023-31486.json index 8ed75eed418..aaca5b7fda8 100644 --- a/CVE-2023/CVE-2023-314xx/CVE-2023-31486.json +++ b/CVE-2023/CVE-2023-314xx/CVE-2023-31486.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31486", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-29T00:15:09.083", - "lastModified": "2023-05-04T00:15:17.153", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-08T00:15:09.577", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", @@ -24,6 +24,10 @@ "url": "http://www.openwall.com/lists/oss-security/2023/05/03/5", "source": "cve@mitre.org" }, + { + "url": "http://www.openwall.com/lists/oss-security/2023/05/07/2", + "source": "cve@mitre.org" + }, { "url": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/", "source": "cve@mitre.org" @@ -36,6 +40,10 @@ "url": "https://www.openwall.com/lists/oss-security/2023/04/18/14", "source": "cve@mitre.org" }, + { + "url": "https://www.openwall.com/lists/oss-security/2023/05/03/4", + "source": "cve@mitre.org" + }, { "url": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/", "source": "cve@mitre.org" diff --git a/README.md b/README.md index 6962aefba62..88212f16681 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-05-07T16:00:24.283671+00:00 +2023-05-08T02:00:24.483182+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-05-07T15:15:08.813000+00:00 +2023-05-08T01:15:08.920000+00:00 ``` ### Last Data Feed Release @@ -23,27 +23,33 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](releases/latest) ```plain -2023-05-07T00:00:20.963203+00:00 +2023-05-08T00:00:20.958367+00:00 ``` ### Total Number of included CVEs ```plain -214187 +214190 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `3` -* [CVE-2023-2564](CVE-2023/CVE-2023-25xx/CVE-2023-2564.json) (`2023-05-07T14:15:42.343`) -* [CVE-2023-2565](CVE-2023/CVE-2023-25xx/CVE-2023-2565.json) (`2023-05-07T15:15:08.813`) +* [CVE-2023-29944](CVE-2023/CVE-2023-299xx/CVE-2023-29944.json) (`2023-05-08T01:15:08.830`) +* [CVE-2023-30185](CVE-2023/CVE-2023-301xx/CVE-2023-30185.json) (`2023-05-08T01:15:08.877`) +* [CVE-2023-30257](CVE-2023/CVE-2023-302xx/CVE-2023-30257.json) (`2023-05-08T01:15:08.920`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `5` +* [CVE-2023-30264](CVE-2023/CVE-2023-302xx/CVE-2023-30264.json) (`2023-05-08T00:15:09.220`) +* [CVE-2023-30266](CVE-2023/CVE-2023-302xx/CVE-2023-30266.json) (`2023-05-08T00:15:09.323`) +* [CVE-2023-31484](CVE-2023/CVE-2023-314xx/CVE-2023-31484.json) (`2023-05-08T00:15:09.433`) +* [CVE-2023-31485](CVE-2023/CVE-2023-314xx/CVE-2023-31485.json) (`2023-05-08T00:15:09.517`) +* [CVE-2023-31486](CVE-2023/CVE-2023-314xx/CVE-2023-31486.json) (`2023-05-08T00:15:09.577`) ## Download and Usage