Auto-Update: 2023-10-07T02:00:26.303445+00:00

2025-05-08 11:37:26 +00:00 · 2023-10-07 02:00:30 +00:00 · 2023-10-07 02:00:30 +00:00 · 68e15b4be8
commit 68e15b4be8
parent 3f0e4d6d84
6 changed files with 138 additions and 24 deletions
--- a/CVE-2023/CVE-2023-361xx/CVE-2023-36123.json
+++ b/CVE-2023/CVE-2023-361xx/CVE-2023-36123.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-36123",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-07T00:15:11.457",
+  "lastModified": "2023-10-07T00:15:11.457",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Directory Traversal vulnerability in Hex-Dragon Plain Craft Launcher 2 version Alpha 1.3.9, allows local attackers to execute arbitrary code and gain sensitive information."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://gist.github.com/9Bakabaka/d4559b081ce0577dbf415917afc0efb5",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/9Bakabaka/CVE-2023-36123",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-436xx/CVE-2023-43615.json
+++ b/CVE-2023/CVE-2023-436xx/CVE-2023-43615.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-43615",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-07T01:15:10.783",
+  "lastModified": "2023-10-07T01:15:10.783",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2023-10-1/",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-451xx/CVE-2023-45199.json
+++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45199.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-45199",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-07T01:15:10.840",
+  "lastModified": "2023-10-07T01:15:10.840",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2023-10-2/",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-453xx/CVE-2023-45322.json
+++ b/CVE-2023/CVE-2023-453xx/CVE-2023-45322.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-45322",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-10-06T22:15:11.660",
-  "lastModified": "2023-10-06T22:23:04.467",
+  "lastModified": "2023-10-07T00:15:11.530",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
@ -12,6 +12,10 @@
  ],
  "metrics": {},
  "references": [
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2023/10/06/5",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/344",
      "source": "cve@mitre.org"
--- a/CVE-2023/CVE-2023-51xx/CVE-2023-5182.json
+++ b/CVE-2023/CVE-2023-51xx/CVE-2023-5182.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-5182",
+  "sourceIdentifier": "security@ubuntu.com",
+  "published": "2023-10-07T00:15:11.597",
+  "lastModified": "2023-10-07T00:15:11.597",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Sensitive data could be exposed in logs of subiquity version 23.09.1 and earlier. An attacker in the adm group could use this information to find hashed passwords and possibly escalate their privilege."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@ubuntu.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@ubuntu.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-532"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5182",
+      "source": "security@ubuntu.com"
+    },
+    {
+      "url": "https://github.com/canonical/subiquity/pull/1820/commits/62e126896fb063808767d74d00886001e38eaa1c",
+      "source": "security@ubuntu.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-10-06T23:55:24.864778+00:00
+2023-10-07T02:00:26.303445+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-10-06T23:15:11.120000+00:00
+2023-10-07T01:15:10.840000+00:00
 ```

 ### Last Data Feed Release
@ -23,43 +23,30 @@ Repository synchronizes with the NVD every 2 hours.
 Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)

 ```plain
-2023-10-06T00:00:13.535152+00:00
+2023-10-07T00:00:13.585919+00:00
 ```

 ### Total Number of included CVEs

 ```plain
-227153
+227157
 ```

 ### CVEs added in the last Commit

 Recently added CVEs: `4`

-* [CVE-2022-33160](CVE-2022/CVE-2022-331xx/CVE-2022-33160.json) (`2023-10-06T22:15:11.523`)
-* [CVE-2023-45322](CVE-2023/CVE-2023-453xx/CVE-2023-45322.json) (`2023-10-06T22:15:11.660`)
-* [CVE-2023-44061](CVE-2023/CVE-2023-440xx/CVE-2023-44061.json) (`2023-10-06T23:15:11.060`)
-* [CVE-2023-44860](CVE-2023/CVE-2023-448xx/CVE-2023-44860.json) (`2023-10-06T23:15:11.120`)
+* [CVE-2023-36123](CVE-2023/CVE-2023-361xx/CVE-2023-36123.json) (`2023-10-07T00:15:11.457`)
+* [CVE-2023-5182](CVE-2023/CVE-2023-51xx/CVE-2023-5182.json) (`2023-10-07T00:15:11.597`)
+* [CVE-2023-43615](CVE-2023/CVE-2023-436xx/CVE-2023-43615.json) (`2023-10-07T01:15:10.783`)
+* [CVE-2023-45199](CVE-2023/CVE-2023-451xx/CVE-2023-45199.json) (`2023-10-07T01:15:10.840`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `14`
+Recently modified CVEs: `1`

-* [CVE-2022-34355](CVE-2022/CVE-2022-343xx/CVE-2022-34355.json) (`2023-10-06T22:23:04.467`)
-* [CVE-2023-5452](CVE-2023/CVE-2023-54xx/CVE-2023-5452.json) (`2023-10-06T22:23:04.467`)
-* [CVE-2023-3725](CVE-2023/CVE-2023-37xx/CVE-2023-3725.json) (`2023-10-06T22:23:04.467`)
-* [CVE-2023-45311](CVE-2023/CVE-2023-453xx/CVE-2023-45311.json) (`2023-10-06T22:23:04.467`)
-* [CVE-2023-1832](CVE-2023/CVE-2023-18xx/CVE-2023-1832.json) (`2023-10-06T22:29:49.610`)
-* [CVE-2023-40684](CVE-2023/CVE-2023-406xx/CVE-2023-40684.json) (`2023-10-06T22:30:06.407`)
-* [CVE-2023-39191](CVE-2023/CVE-2023-391xx/CVE-2023-39191.json) (`2023-10-06T22:30:30.320`)
-* [CVE-2023-38703](CVE-2023/CVE-2023-387xx/CVE-2023-38703.json) (`2023-10-06T22:30:43.150`)
-* [CVE-2023-43284](CVE-2023/CVE-2023-432xx/CVE-2023-43284.json) (`2023-10-06T22:30:50.923`)
-* [CVE-2023-44075](CVE-2023/CVE-2023-440xx/CVE-2023-44075.json) (`2023-10-06T22:31:17.653`)
-* [CVE-2023-44209](CVE-2023/CVE-2023-442xx/CVE-2023-44209.json) (`2023-10-06T22:31:38.830`)
-* [CVE-2023-44210](CVE-2023/CVE-2023-442xx/CVE-2023-44210.json) (`2023-10-06T22:31:59.547`)
-* [CVE-2023-36618](CVE-2023/CVE-2023-366xx/CVE-2023-36618.json) (`2023-10-06T22:32:14.727`)
-* [CVE-2023-36619](CVE-2023/CVE-2023-366xx/CVE-2023-36619.json) (`2023-10-06T22:32:37.880`)
+* [CVE-2023-45322](CVE-2023/CVE-2023-453xx/CVE-2023-45322.json) (`2023-10-07T00:15:11.530`)


 ## Download and Usage