Auto-Update: 2023-10-05T22:00:24.999722+00:00

2025-07-09 16:05:11 +00:00 · 2023-10-05 22:00:28 +00:00 · 2023-10-05 22:00:28 +00:00 · 6c012ce7b3
commit 6c012ce7b3
parent 1790684ab5
8 changed files with 207 additions and 47 deletions
--- a/CVE-2023/CVE-2023-393xx/CVE-2023-39323.json
+++ b/CVE-2023/CVE-2023-393xx/CVE-2023-39323.json
@ -0,0 +1,32 @@
+{
+  "id": "CVE-2023-39323",
+  "sourceIdentifier": "security@golang.org",
+  "published": "2023-10-05T21:15:11.283",
+  "lastModified": "2023-10-05T21:15:11.283",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Line directives (\"//line\") can be used to bypass the restrictions on \"//go:cgo_\" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running \"go build\". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://go.dev/cl/533215",
+      "source": "security@golang.org"
+    },
+    {
+      "url": "https://go.dev/issue/63211",
+      "source": "security@golang.org"
+    },
+    {
+      "url": "https://groups.google.com/g/golang-announce/c/XBa1oHDevAo",
+      "source": "security@golang.org"
+    },
+    {
+      "url": "https://pkg.go.dev/vuln/GO-2023-2095",
+      "source": "security@golang.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-409xx/CVE-2023-40920.json
+++ b/CVE-2023/CVE-2023-409xx/CVE-2023-40920.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-40920",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-05T20:15:13.013",
+  "lastModified": "2023-10-05T20:15:13.013",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Prixan prixanconnect up to v1.62 was discovered to contain a SQL injection vulnerability via the component CartsGuruCatalogModuleFrontController::importProducts()."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://security.friendsofpresta.org/modules/2023/10/05/prixanconnect.html",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-432xx/CVE-2023-43284.json
+++ b/CVE-2023/CVE-2023-432xx/CVE-2023-43284.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-43284",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-05T20:15:13.117",
+  "lastModified": "2023-10-05T20:15:13.117",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in D-Link Wireless MU-MIMO Gigabit AC1200 Router DIR-846 firmware version 100A53DBR-Retail allows a remote attacker to execute arbitrary code."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/MateusTesser/CVE-2023-43284",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://youtu.be/Y8osw_xU6-0",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-439xx/CVE-2023-43981.json
+++ b/CVE-2023/CVE-2023-439xx/CVE-2023-43981.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-43981",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-05T20:15:13.200",
+  "lastModified": "2023-10-05T20:15:13.200",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Presto Changeo testsitecreator up to 1.1.1 was discovered to contain a deserialization vulnerability via the component delete_excluded_folder.php."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://security.friendsofpresta.org/modules/2023/10/03/testsitecreator.html",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-439xx/CVE-2023-43983.json
+++ b/CVE-2023/CVE-2023-439xx/CVE-2023-43983.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-43983",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-05T20:15:13.250",
+  "lastModified": "2023-10-05T20:15:13.250",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Presto Changeo attributegrid up to 2.0.3 was discovered to contain a SQL injection vulnerability via the component disable_json.php."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://security.friendsofpresta.org/modules/2023/10/03/attributegrid.html",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-440xx/CVE-2023-44024.json
+++ b/CVE-2023/CVE-2023-440xx/CVE-2023-44024.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-44024",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-05T20:15:13.303",
+  "lastModified": "2023-10-05T20:15:13.303",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "SQL injection vulnerability in KnowBand Module One Page Checkout, Social Login & Mailchimp (supercheckout) v.8.0.3 and before allows a remote attacker to execute arbitrary code via a crafted request to the updateCheckoutBehaviour function in the supercheckout.php component."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://security.friendsofpresta.org/modules/2023/10/05/supercheckout.html",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-54xx/CVE-2023-5441.json
+++ b/CVE-2023/CVE-2023-54xx/CVE-2023-5441.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-5441",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2023-10-05T21:15:11.413",
+  "lastModified": "2023-10-05T21:15:11.413",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 6.2,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.5,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-476"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/vim/vim/commit/20d161ace307e28690229b68584f2d84556f8960",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.dev/bounties/b54cbdf5-3e85-458d-bb38-9ea2c0b669f2",
+      "source": "security@huntr.dev"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-10-05T20:01:33.228399+00:00
+2023-10-05T22:00:24.999722+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-10-05T19:15:11.573000+00:00
+2023-10-05T21:15:11.413000+00:00
 ```

 ### Last Data Feed Release
@ -29,61 +29,26 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-227066
+227073
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `17`
+Recently added CVEs: `7`

-* [CVE-2023-43068](CVE-2023/CVE-2023-430xx/CVE-2023-43068.json) (`2023-10-05T18:15:12.027`)
-* [CVE-2023-43069](CVE-2023/CVE-2023-430xx/CVE-2023-43069.json) (`2023-10-05T18:15:12.140`)
-* [CVE-2023-43070](CVE-2023/CVE-2023-430xx/CVE-2023-43070.json) (`2023-10-05T18:15:12.240`)
-* [CVE-2023-43071](CVE-2023/CVE-2023-430xx/CVE-2023-43071.json) (`2023-10-05T18:15:12.347`)
-* [CVE-2023-43072](CVE-2023/CVE-2023-430xx/CVE-2023-43072.json) (`2023-10-05T18:15:12.463`)
-* [CVE-2023-43073](CVE-2023/CVE-2023-430xx/CVE-2023-43073.json) (`2023-10-05T18:15:12.563`)
-* [CVE-2023-44386](CVE-2023/CVE-2023-443xx/CVE-2023-44386.json) (`2023-10-05T18:15:12.667`)
-* [CVE-2023-44387](CVE-2023/CVE-2023-443xx/CVE-2023-44387.json) (`2023-10-05T18:15:12.787`)
-* [CVE-2023-4401](CVE-2023/CVE-2023-44xx/CVE-2023-4401.json) (`2023-10-05T18:15:13.087`)
-* [CVE-2023-5346](CVE-2023/CVE-2023-53xx/CVE-2023-5346.json) (`2023-10-05T18:15:13.270`)
-* [CVE-2023-5423](CVE-2023/CVE-2023-54xx/CVE-2023-5423.json) (`2023-10-05T18:15:13.330`)
-* [CVE-2023-32485](CVE-2023/CVE-2023-324xx/CVE-2023-32485.json) (`2023-10-05T19:15:11.163`)
-* [CVE-2023-40745](CVE-2023/CVE-2023-407xx/CVE-2023-40745.json) (`2023-10-05T19:15:11.260`)
-* [CVE-2023-41175](CVE-2023/CVE-2023-411xx/CVE-2023-41175.json) (`2023-10-05T19:15:11.340`)
-* [CVE-2023-42754](CVE-2023/CVE-2023-427xx/CVE-2023-42754.json) (`2023-10-05T19:15:11.413`)
-* [CVE-2023-42755](CVE-2023/CVE-2023-427xx/CVE-2023-42755.json) (`2023-10-05T19:15:11.497`)
-* [CVE-2023-43260](CVE-2023/CVE-2023-432xx/CVE-2023-43260.json) (`2023-10-05T19:15:11.573`)
+* [CVE-2023-40920](CVE-2023/CVE-2023-409xx/CVE-2023-40920.json) (`2023-10-05T20:15:13.013`)
+* [CVE-2023-43284](CVE-2023/CVE-2023-432xx/CVE-2023-43284.json) (`2023-10-05T20:15:13.117`)
+* [CVE-2023-43981](CVE-2023/CVE-2023-439xx/CVE-2023-43981.json) (`2023-10-05T20:15:13.200`)
+* [CVE-2023-43983](CVE-2023/CVE-2023-439xx/CVE-2023-43983.json) (`2023-10-05T20:15:13.250`)
+* [CVE-2023-44024](CVE-2023/CVE-2023-440xx/CVE-2023-44024.json) (`2023-10-05T20:15:13.303`)
+* [CVE-2023-39323](CVE-2023/CVE-2023-393xx/CVE-2023-39323.json) (`2023-10-05T21:15:11.283`)
+* [CVE-2023-5441](CVE-2023/CVE-2023-54xx/CVE-2023-5441.json) (`2023-10-05T21:15:11.413`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `29`
+Recently modified CVEs: `0`

-* [CVE-2023-27433](CVE-2023/CVE-2023-274xx/CVE-2023-27433.json) (`2023-10-05T18:10:37.703`)
-* [CVE-2023-25025](CVE-2023/CVE-2023-250xx/CVE-2023-25025.json) (`2023-10-05T18:10:51.417`)
-* [CVE-2023-5373](CVE-2023/CVE-2023-53xx/CVE-2023-5373.json) (`2023-10-05T18:12:03.847`)
-* [CVE-2023-4090](CVE-2023/CVE-2023-40xx/CVE-2023-4090.json) (`2023-10-05T18:12:19.200`)
-* [CVE-2023-4037](CVE-2023/CVE-2023-40xx/CVE-2023-4037.json) (`2023-10-05T18:12:37.073`)
-* [CVE-2023-44208](CVE-2023/CVE-2023-442xx/CVE-2023-44208.json) (`2023-10-05T18:14:38.207`)
-* [CVE-2023-30736](CVE-2023/CVE-2023-307xx/CVE-2023-30736.json) (`2023-10-05T18:15:11.427`)
-* [CVE-2023-0330](CVE-2023/CVE-2023-03xx/CVE-2023-0330.json) (`2023-10-05T18:15:11.690`)
-* [CVE-2023-3180](CVE-2023/CVE-2023-31xx/CVE-2023-3180.json) (`2023-10-05T18:15:11.830`)
-* [CVE-2023-42331](CVE-2023/CVE-2023-423xx/CVE-2023-42331.json) (`2023-10-05T18:15:11.930`)
-* [CVE-2023-4354](CVE-2023/CVE-2023-43xx/CVE-2023-4354.json) (`2023-10-05T18:15:12.923`)
-* [CVE-2023-4355](CVE-2023/CVE-2023-43xx/CVE-2023-4355.json) (`2023-10-05T18:15:13.017`)
-* [CVE-2023-4427](CVE-2023/CVE-2023-44xx/CVE-2023-4427.json) (`2023-10-05T18:15:13.177`)
-* [CVE-2023-43898](CVE-2023/CVE-2023-438xx/CVE-2023-43898.json) (`2023-10-05T18:23:15.117`)
-* [CVE-2023-40559](CVE-2023/CVE-2023-405xx/CVE-2023-40559.json) (`2023-10-05T18:23:25.127`)
-* [CVE-2023-5357](CVE-2023/CVE-2023-53xx/CVE-2023-5357.json) (`2023-10-05T18:23:35.933`)
-* [CVE-2023-5374](CVE-2023/CVE-2023-53xx/CVE-2023-5374.json) (`2023-10-05T18:24:56.450`)
-* [CVE-2023-5375](CVE-2023/CVE-2023-53xx/CVE-2023-5375.json) (`2023-10-05T18:26:45.907`)
-* [CVE-2023-30733](CVE-2023/CVE-2023-307xx/CVE-2023-30733.json) (`2023-10-05T18:33:04.763`)
-* [CVE-2023-30738](CVE-2023/CVE-2023-307xx/CVE-2023-30738.json) (`2023-10-05T18:33:07.273`)
-* [CVE-2023-30732](CVE-2023/CVE-2023-307xx/CVE-2023-30732.json) (`2023-10-05T19:07:11.443`)
-* [CVE-2023-30731](CVE-2023/CVE-2023-307xx/CVE-2023-30731.json) (`2023-10-05T19:10:57.843`)
-* [CVE-2023-30727](CVE-2023/CVE-2023-307xx/CVE-2023-30727.json) (`2023-10-05T19:11:49.360`)
-* [CVE-2023-2306](CVE-2023/CVE-2023-23xx/CVE-2023-2306.json) (`2023-10-05T19:13:42.317`)
-* [CVE-2023-30692](CVE-2023/CVE-2023-306xx/CVE-2023-30692.json) (`2023-10-05T19:14:49.637`)


 ## Download and Usage