Auto-Update: 2024-01-12T05:00:24.610868+00:00

2025-07-09 16:05:11 +00:00 · 2024-01-12 05:00:28 +00:00 · 2024-01-12 05:00:28 +00:00 · 7903b6fe9f
commit 7903b6fe9f
parent 39b94e84f0
9 changed files with 206 additions and 35 deletions
--- a/CVE-2016/CVE-2016-200xx/CVE-2016-20021.json
+++ b/CVE-2016/CVE-2016-200xx/CVE-2016-20021.json
@ -0,0 +1,28 @@
+{
+  "id": "CVE-2016-20021",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-12T03:15:08.410",
+  "lastModified": "2024-01-12T03:15:08.410",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://bugs.gentoo.org/597800",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://gitweb.gentoo.org/proj/portage.git/tree/NEWS",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://wiki.gentoo.org/wiki/Portage",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2021/CVE-2021-422xx/CVE-2021-42260.json
+++ b/CVE-2021/CVE-2021-422xx/CVE-2021-42260.json
@ -2,7 +2,7 @@
  "id": "CVE-2021-42260",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2021-10-11T20:15:07.433",
-  "lastModified": "2024-01-08T03:15:12.927",
+  "lastModified": "2024-01-12T03:15:08.540",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -145,6 +145,10 @@
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QCR5PIOBGDIDS6SYRESTMDJSEDFSCOE/",
      "source": "cve@mitre.org"
    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HOMBSHRIW5Q34SQSXYURYAOYDZD2NQF6/",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://sourceforge.net/p/tinyxml/bugs/141/",
      "source": "cve@mitre.org",
--- a/CVE-2022/CVE-2022-486xx/CVE-2022-48619.json
+++ b/CVE-2022/CVE-2022-486xx/CVE-2022-48619.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2022-48619",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-12T03:15:08.633",
+  "lastModified": "2024-01-12T03:15:08.633",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service (panic) because input_set_capability mishandles the situation in which an event code falls outside of a bitmap."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.10",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/torvalds/linux/commit/409353cbe9fe48f6bc196114c442b1cff05a39bc",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2022/CVE-2022-486xx/CVE-2022-48620.json
+++ b/CVE-2022/CVE-2022-486xx/CVE-2022-48620.json
@ -0,0 +1,28 @@
+{
+  "id": "CVE-2022-48620",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-12T04:15:08.123",
+  "lastModified": "2024-01-12T04:15:08.123",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "uev (aka libuev) before 2.4.1 has a buffer overflow in epoll_wait if maxevents is a large number."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/troglobit/libuev/commit/2d9f1c9ce655cc38511aeeb6e95ac30914f7aec9",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/troglobit/libuev/compare/v2.4.0...v2.4.1",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/troglobit/libuev/issues/27",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2022/CVE-2022-49xx/CVE-2022-4960.json
+++ b/CVE-2022/CVE-2022-49xx/CVE-2022-4960.json
@ -0,0 +1,88 @@
+{
+  "id": "CVE-2022-4960",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-01-12T03:15:08.683",
+  "lastModified": "2024-01-12T03:15:08.683",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability, which was classified as problematic, has been found in cloudfavorites favorites-web 1.3.0. Affected by this issue is some unknown functionality of the component Nickname Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-250238 is the identifier assigned to this vulnerability."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 3.5,
+          "baseSeverity": "LOW"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.0
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/cloudfavorites/favorites-web/issues/127",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.250238",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.250238",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-341xx/CVE-2023-34194.json
+++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34194.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-34194",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-12-13T14:15:43.680",
-  "lastModified": "2024-01-08T03:15:13.160",
+  "lastModified": "2024-01-12T03:15:08.950",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -77,6 +77,10 @@
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QCR5PIOBGDIDS6SYRESTMDJSEDFSCOE/",
      "source": "cve@mitre.org"
    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HOMBSHRIW5Q34SQSXYURYAOYDZD2NQF6/",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://sourceforge.net/p/tinyxml/git/ci/master/tree/tinyxmlparser.cpp",
      "source": "cve@mitre.org",
--- a/CVE-2023/CVE-2023-517xx/CVE-2023-51766.json
+++ b/CVE-2023/CVE-2023-517xx/CVE-2023-51766.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-51766",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-12-24T06:15:07.673",
-  "lastModified": "2024-01-05T23:15:08.963",
-  "vulnStatus": "Modified",
+  "lastModified": "2024-01-12T03:15:09.037",
+  "vulnStatus": "Undergoing Analysis",
  "descriptions": [
    {
      "lang": "en",
@ -209,6 +209,14 @@
      "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00002.html",
      "source": "cve@mitre.org"
    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORN7OKEQPPBKUHYRQ6LR5PSNBQVDHAWB/",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPDWHJPABVJCXDSNELSSVTIVAJU2MDUQ/",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/",
      "source": "cve@mitre.org",
--- a/CVE-2023/CVE-2023-60xx/CVE-2023-6040.json
+++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6040.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-6040",
  "sourceIdentifier": "security@ubuntu.com",
  "published": "2024-01-12T02:15:44.683",
-  "lastModified": "2024-01-12T02:15:44.683",
+  "lastModified": "2024-01-12T03:15:09.153",
  "vulnStatus": "Received",
  "descriptions": [
    {
@ -47,6 +47,10 @@
    }
  ],
  "references": [
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2024/01/12/1",
+      "source": "security@ubuntu.com"
+    },
    {
      "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6040",
      "source": "security@ubuntu.com"
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-01-12T03:00:24.718919+00:00
+2024-01-12T05:00:24.610868+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-01-12T02:15:44.867000+00:00
+2024-01-12T04:15:08.123000+00:00
 ```

 ### Last Data Feed Release
@ -29,44 +29,27 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-235712
+235716
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `27`
+Recently added CVEs: `4`

-* [CVE-2023-52339](CVE-2023/CVE-2023-523xx/CVE-2023-52339.json) (`2024-01-12T02:15:44.637`)
-* [CVE-2023-6040](CVE-2023/CVE-2023-60xx/CVE-2023-6040.json) (`2024-01-12T02:15:44.683`)
-* [CVE-2024-21585](CVE-2024/CVE-2024-215xx/CVE-2024-21585.json) (`2024-01-12T01:15:46.053`)
-* [CVE-2024-21587](CVE-2024/CVE-2024-215xx/CVE-2024-21587.json) (`2024-01-12T01:15:46.290`)
-* [CVE-2024-21589](CVE-2024/CVE-2024-215xx/CVE-2024-21589.json) (`2024-01-12T01:15:46.493`)
-* [CVE-2024-21591](CVE-2024/CVE-2024-215xx/CVE-2024-21591.json) (`2024-01-12T01:15:46.697`)
-* [CVE-2024-21594](CVE-2024/CVE-2024-215xx/CVE-2024-21594.json) (`2024-01-12T01:15:46.880`)
-* [CVE-2024-21595](CVE-2024/CVE-2024-215xx/CVE-2024-21595.json) (`2024-01-12T01:15:47.063`)
-* [CVE-2024-21596](CVE-2024/CVE-2024-215xx/CVE-2024-21596.json) (`2024-01-12T01:15:47.267`)
-* [CVE-2024-21597](CVE-2024/CVE-2024-215xx/CVE-2024-21597.json) (`2024-01-12T01:15:47.460`)
-* [CVE-2024-21599](CVE-2024/CVE-2024-215xx/CVE-2024-21599.json) (`2024-01-12T01:15:47.660`)
-* [CVE-2024-21600](CVE-2024/CVE-2024-216xx/CVE-2024-21600.json) (`2024-01-12T01:15:47.857`)
-* [CVE-2024-21601](CVE-2024/CVE-2024-216xx/CVE-2024-21601.json) (`2024-01-12T01:15:48.043`)
-* [CVE-2024-21602](CVE-2024/CVE-2024-216xx/CVE-2024-21602.json) (`2024-01-12T01:15:48.270`)
-* [CVE-2024-21603](CVE-2024/CVE-2024-216xx/CVE-2024-21603.json) (`2024-01-12T01:15:48.467`)
-* [CVE-2024-21604](CVE-2024/CVE-2024-216xx/CVE-2024-21604.json) (`2024-01-12T01:15:48.677`)
-* [CVE-2024-21606](CVE-2024/CVE-2024-216xx/CVE-2024-21606.json) (`2024-01-12T01:15:48.873`)
-* [CVE-2024-21607](CVE-2024/CVE-2024-216xx/CVE-2024-21607.json) (`2024-01-12T01:15:49.057`)
-* [CVE-2024-21611](CVE-2024/CVE-2024-216xx/CVE-2024-21611.json) (`2024-01-12T01:15:49.263`)
-* [CVE-2024-21612](CVE-2024/CVE-2024-216xx/CVE-2024-21612.json) (`2024-01-12T01:15:49.457`)
-* [CVE-2024-21613](CVE-2024/CVE-2024-216xx/CVE-2024-21613.json) (`2024-01-12T01:15:49.657`)
-* [CVE-2024-21614](CVE-2024/CVE-2024-216xx/CVE-2024-21614.json) (`2024-01-12T01:15:49.837`)
-* [CVE-2024-21616](CVE-2024/CVE-2024-216xx/CVE-2024-21616.json) (`2024-01-12T01:15:50.027`)
-* [CVE-2024-21617](CVE-2024/CVE-2024-216xx/CVE-2024-21617.json) (`2024-01-12T01:15:50.230`)
-* [CVE-2024-0454](CVE-2024/CVE-2024-04xx/CVE-2024-0454.json) (`2024-01-12T02:15:44.867`)
+* [CVE-2016-20021](CVE-2016/CVE-2016-200xx/CVE-2016-20021.json) (`2024-01-12T03:15:08.410`)
+* [CVE-2022-48619](CVE-2022/CVE-2022-486xx/CVE-2022-48619.json) (`2024-01-12T03:15:08.633`)
+* [CVE-2022-4960](CVE-2022/CVE-2022-49xx/CVE-2022-4960.json) (`2024-01-12T03:15:08.683`)
+* [CVE-2022-48620](CVE-2022/CVE-2022-486xx/CVE-2022-48620.json) (`2024-01-12T04:15:08.123`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `0`
+Recently modified CVEs: `4`

+* [CVE-2021-42260](CVE-2021/CVE-2021-422xx/CVE-2021-42260.json) (`2024-01-12T03:15:08.540`)
+* [CVE-2023-34194](CVE-2023/CVE-2023-341xx/CVE-2023-34194.json) (`2024-01-12T03:15:08.950`)
+* [CVE-2023-51766](CVE-2023/CVE-2023-517xx/CVE-2023-51766.json) (`2024-01-12T03:15:09.037`)
+* [CVE-2023-6040](CVE-2023/CVE-2023-60xx/CVE-2023-6040.json) (`2024-01-12T03:15:09.153`)


 ## Download and Usage