diff --git a/CVE-2023/CVE-2023-361xx/CVE-2023-36123.json b/CVE-2023/CVE-2023-361xx/CVE-2023-36123.json new file mode 100644 index 00000000000..c3884ebce7e --- /dev/null +++ b/CVE-2023/CVE-2023-361xx/CVE-2023-36123.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-36123", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-07T00:15:11.457", + "lastModified": "2023-10-07T00:15:11.457", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Directory Traversal vulnerability in Hex-Dragon Plain Craft Launcher 2 version Alpha 1.3.9, allows local attackers to execute arbitrary code and gain sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/9Bakabaka/d4559b081ce0577dbf415917afc0efb5", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/9Bakabaka/CVE-2023-36123", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-436xx/CVE-2023-43615.json b/CVE-2023/CVE-2023-436xx/CVE-2023-43615.json new file mode 100644 index 00000000000..1749d90a40c --- /dev/null +++ b/CVE-2023/CVE-2023-436xx/CVE-2023-43615.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-43615", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-07T01:15:10.783", + "lastModified": "2023-10-07T01:15:10.783", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2023-10-1/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-451xx/CVE-2023-45199.json b/CVE-2023/CVE-2023-451xx/CVE-2023-45199.json new file mode 100644 index 00000000000..a668e16c9f1 --- /dev/null +++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45199.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-45199", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-07T01:15:10.840", + "lastModified": "2023-10-07T01:15:10.840", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2023-10-2/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-453xx/CVE-2023-45322.json b/CVE-2023/CVE-2023-453xx/CVE-2023-45322.json index a02d0661ecf..158d2ad0488 100644 --- a/CVE-2023/CVE-2023-453xx/CVE-2023-45322.json +++ b/CVE-2023/CVE-2023-453xx/CVE-2023-45322.json @@ -2,7 +2,7 @@ "id": "CVE-2023-45322", "sourceIdentifier": "cve@mitre.org", "published": "2023-10-06T22:15:11.660", - "lastModified": "2023-10-06T22:23:04.467", + "lastModified": "2023-10-07T00:15:11.530", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -12,6 +12,10 @@ ], "metrics": {}, "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/10/06/5", + "source": "cve@mitre.org" + }, { "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/344", "source": "cve@mitre.org" diff --git a/CVE-2023/CVE-2023-51xx/CVE-2023-5182.json b/CVE-2023/CVE-2023-51xx/CVE-2023-5182.json new file mode 100644 index 00000000000..700674d2d65 --- /dev/null +++ b/CVE-2023/CVE-2023-51xx/CVE-2023-5182.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-5182", + "sourceIdentifier": "security@ubuntu.com", + "published": "2023-10-07T00:15:11.597", + "lastModified": "2023-10-07T00:15:11.597", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Sensitive data could be exposed in logs of subiquity version 23.09.1 and earlier. An attacker in the adm group could use this information to find hashed passwords and possibly escalate their privilege." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@ubuntu.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@ubuntu.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] + } + ], + "references": [ + { + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5182", + "source": "security@ubuntu.com" + }, + { + "url": "https://github.com/canonical/subiquity/pull/1820/commits/62e126896fb063808767d74d00886001e38eaa1c", + "source": "security@ubuntu.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 1deec157fc1..5ec94ab089f 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-10-06T23:55:24.864778+00:00 +2023-10-07T02:00:26.303445+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-10-06T23:15:11.120000+00:00 +2023-10-07T01:15:10.840000+00:00 ``` ### Last Data Feed Release @@ -23,43 +23,30 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2023-10-06T00:00:13.535152+00:00 +2023-10-07T00:00:13.585919+00:00 ``` ### Total Number of included CVEs ```plain -227153 +227157 ``` ### CVEs added in the last Commit Recently added CVEs: `4` -* [CVE-2022-33160](CVE-2022/CVE-2022-331xx/CVE-2022-33160.json) (`2023-10-06T22:15:11.523`) -* [CVE-2023-45322](CVE-2023/CVE-2023-453xx/CVE-2023-45322.json) (`2023-10-06T22:15:11.660`) -* [CVE-2023-44061](CVE-2023/CVE-2023-440xx/CVE-2023-44061.json) (`2023-10-06T23:15:11.060`) -* [CVE-2023-44860](CVE-2023/CVE-2023-448xx/CVE-2023-44860.json) (`2023-10-06T23:15:11.120`) +* [CVE-2023-36123](CVE-2023/CVE-2023-361xx/CVE-2023-36123.json) (`2023-10-07T00:15:11.457`) +* [CVE-2023-5182](CVE-2023/CVE-2023-51xx/CVE-2023-5182.json) (`2023-10-07T00:15:11.597`) +* [CVE-2023-43615](CVE-2023/CVE-2023-436xx/CVE-2023-43615.json) (`2023-10-07T01:15:10.783`) +* [CVE-2023-45199](CVE-2023/CVE-2023-451xx/CVE-2023-45199.json) (`2023-10-07T01:15:10.840`) ### CVEs modified in the last Commit -Recently modified CVEs: `14` +Recently modified CVEs: `1` -* [CVE-2022-34355](CVE-2022/CVE-2022-343xx/CVE-2022-34355.json) (`2023-10-06T22:23:04.467`) -* [CVE-2023-5452](CVE-2023/CVE-2023-54xx/CVE-2023-5452.json) (`2023-10-06T22:23:04.467`) -* [CVE-2023-3725](CVE-2023/CVE-2023-37xx/CVE-2023-3725.json) (`2023-10-06T22:23:04.467`) -* [CVE-2023-45311](CVE-2023/CVE-2023-453xx/CVE-2023-45311.json) (`2023-10-06T22:23:04.467`) -* [CVE-2023-1832](CVE-2023/CVE-2023-18xx/CVE-2023-1832.json) (`2023-10-06T22:29:49.610`) -* [CVE-2023-40684](CVE-2023/CVE-2023-406xx/CVE-2023-40684.json) (`2023-10-06T22:30:06.407`) -* [CVE-2023-39191](CVE-2023/CVE-2023-391xx/CVE-2023-39191.json) (`2023-10-06T22:30:30.320`) -* [CVE-2023-38703](CVE-2023/CVE-2023-387xx/CVE-2023-38703.json) (`2023-10-06T22:30:43.150`) -* [CVE-2023-43284](CVE-2023/CVE-2023-432xx/CVE-2023-43284.json) (`2023-10-06T22:30:50.923`) -* [CVE-2023-44075](CVE-2023/CVE-2023-440xx/CVE-2023-44075.json) (`2023-10-06T22:31:17.653`) -* [CVE-2023-44209](CVE-2023/CVE-2023-442xx/CVE-2023-44209.json) (`2023-10-06T22:31:38.830`) -* [CVE-2023-44210](CVE-2023/CVE-2023-442xx/CVE-2023-44210.json) (`2023-10-06T22:31:59.547`) -* [CVE-2023-36618](CVE-2023/CVE-2023-366xx/CVE-2023-36618.json) (`2023-10-06T22:32:14.727`) -* [CVE-2023-36619](CVE-2023/CVE-2023-366xx/CVE-2023-36619.json) (`2023-10-06T22:32:37.880`) +* [CVE-2023-45322](CVE-2023/CVE-2023-453xx/CVE-2023-45322.json) (`2023-10-07T00:15:11.530`) ## Download and Usage