diff --git a/CVE-2023/CVE-2023-237xx/CVE-2023-23770.json b/CVE-2023/CVE-2023-237xx/CVE-2023-23770.json index df770fe32ea..e41f6ea4e8e 100644 --- a/CVE-2023/CVE-2023-237xx/CVE-2023-23770.json +++ b/CVE-2023/CVE-2023-237xx/CVE-2023-23770.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23770", "sourceIdentifier": "cert@ncsc.nl", "published": "2023-08-29T09:15:07.993", - "lastModified": "2023-08-29T09:15:07.993", - "vulnStatus": "Received", + "lastModified": "2023-08-29T13:34:55.187", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-237xx/CVE-2023-23771.json b/CVE-2023/CVE-2023-237xx/CVE-2023-23771.json index af0496e652c..47d0eace718 100644 --- a/CVE-2023/CVE-2023-237xx/CVE-2023-23771.json +++ b/CVE-2023/CVE-2023-237xx/CVE-2023-23771.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23771", "sourceIdentifier": "cert@ncsc.nl", "published": "2023-08-29T09:15:08.910", - "lastModified": "2023-08-29T09:15:08.910", - "vulnStatus": "Received", + "lastModified": "2023-08-29T13:34:55.187", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-237xx/CVE-2023-23772.json b/CVE-2023/CVE-2023-237xx/CVE-2023-23772.json index c225cc62683..ce472720451 100644 --- a/CVE-2023/CVE-2023-237xx/CVE-2023-23772.json +++ b/CVE-2023/CVE-2023-237xx/CVE-2023-23772.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23772", "sourceIdentifier": "cert@ncsc.nl", "published": "2023-08-29T09:15:09.193", - "lastModified": "2023-08-29T09:15:09.193", - "vulnStatus": "Received", + "lastModified": "2023-08-29T13:34:55.187", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-237xx/CVE-2023-23773.json b/CVE-2023/CVE-2023-237xx/CVE-2023-23773.json index ac4945cde1f..489a6cc22db 100644 --- a/CVE-2023/CVE-2023-237xx/CVE-2023-23773.json +++ b/CVE-2023/CVE-2023-237xx/CVE-2023-23773.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23773", "sourceIdentifier": "cert@ncsc.nl", "published": "2023-08-29T09:15:09.330", - "lastModified": "2023-08-29T09:15:09.330", - "vulnStatus": "Received", + "lastModified": "2023-08-29T13:34:55.187", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-237xx/CVE-2023-23774.json b/CVE-2023/CVE-2023-237xx/CVE-2023-23774.json index 3cccf05e285..3d8b5681174 100644 --- a/CVE-2023/CVE-2023-237xx/CVE-2023-23774.json +++ b/CVE-2023/CVE-2023-237xx/CVE-2023-23774.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23774", "sourceIdentifier": "cert@ncsc.nl", "published": "2023-08-29T09:15:09.403", - "lastModified": "2023-08-29T09:15:09.403", - "vulnStatus": "Received", + "lastModified": "2023-08-29T13:34:55.187", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32457.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32457.json index d076e1d1ff7..da94e8e329b 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32457.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32457.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32457", "sourceIdentifier": "security_alert@emc.com", "published": "2023-08-29T08:15:34.120", - "lastModified": "2023-08-29T08:15:34.120", - "vulnStatus": "Received", + "lastModified": "2023-08-29T13:34:55.187", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37435.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37435.json index 0675f0efa10..ab7b1418baf 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37435.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37435.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37435", "sourceIdentifier": "security-alert@hpe.com", "published": "2023-08-22T19:16:38.450", - "lastModified": "2023-08-22T20:10:36.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T12:58:20.970", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + }, { "source": "security-alert@hpe.com", "type": "Secondary", @@ -34,10 +54,44 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionEndExcluding": "9.3.1", + "matchCriteriaId": "1EB5B1A1-792C-4AA9-AB5D-99B14DB57E66" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", - "source": "security-alert@hpe.com" + "source": "security-alert@hpe.com", + "tags": [ + "Mitigation", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37436.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37436.json index a906d255b37..8cdf39e3330 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37436.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37436.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37436", "sourceIdentifier": "security-alert@hpe.com", "published": "2023-08-22T19:16:38.543", - "lastModified": "2023-08-22T20:10:36.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T13:19:12.480", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + }, { "source": "security-alert@hpe.com", "type": "Secondary", @@ -34,10 +54,44 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionEndExcluding": "9.3.1", + "matchCriteriaId": "1EB5B1A1-792C-4AA9-AB5D-99B14DB57E66" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", - "source": "security-alert@hpe.com" + "source": "security-alert@hpe.com", + "tags": [ + "Mitigation", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37437.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37437.json index 89340c1bcc7..6439bb09a6c 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37437.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37437.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37437", "sourceIdentifier": "security-alert@hpe.com", "published": "2023-08-22T19:16:38.640", - "lastModified": "2023-08-22T20:10:36.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-29T13:32:27.810", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + }, { "source": "security-alert@hpe.com", "type": "Secondary", @@ -34,10 +54,44 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", + "versionEndExcluding": "9.3.1", + "matchCriteriaId": "1EB5B1A1-792C-4AA9-AB5D-99B14DB57E66" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", - "source": "security-alert@hpe.com" + "source": "security-alert@hpe.com", + "tags": [ + "Mitigation", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-407xx/CVE-2023-40787.json b/CVE-2023/CVE-2023-407xx/CVE-2023-40787.json new file mode 100644 index 00000000000..fbbbb8e9f80 --- /dev/null +++ b/CVE-2023/CVE-2023-407xx/CVE-2023-40787.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-40787", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-29T13:15:53.267", + "lastModified": "2023-08-29T13:34:55.187", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In SpringBlade V3.6.0 when executing SQL query, the parameters submitted by the user are not wrapped in quotation marks, which leads to SQL injection." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/kaliwin/9d6cf58bb6ec06765cdf7b75e13ee460", + "source": "cve@mitre.org" + }, + { + "url": "https://sword.bladex.cn/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index efea673fdef..cb000852ea0 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-08-29T12:00:25.255134+00:00 +2023-08-29T14:00:25.414935+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-08-29T10:15:08.697000+00:00 +2023-08-29T13:34:55.187000+00:00 ``` ### Last Data Feed Release @@ -29,20 +29,29 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -223602 +223603 ``` ### CVEs added in the last Commit -Recently added CVEs: `0` +Recently added CVEs: `1` +* [CVE-2023-40787](CVE-2023/CVE-2023-407xx/CVE-2023-40787.json) (`2023-08-29T13:15:53.267`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `9` -* [CVE-2023-3348](CVE-2023/CVE-2023-33xx/CVE-2023-3348.json) (`2023-08-29T10:15:08.697`) +* [CVE-2023-37435](CVE-2023/CVE-2023-374xx/CVE-2023-37435.json) (`2023-08-29T12:58:20.970`) +* [CVE-2023-37436](CVE-2023/CVE-2023-374xx/CVE-2023-37436.json) (`2023-08-29T13:19:12.480`) +* [CVE-2023-37437](CVE-2023/CVE-2023-374xx/CVE-2023-37437.json) (`2023-08-29T13:32:27.810`) +* [CVE-2023-32457](CVE-2023/CVE-2023-324xx/CVE-2023-32457.json) (`2023-08-29T13:34:55.187`) +* [CVE-2023-23770](CVE-2023/CVE-2023-237xx/CVE-2023-23770.json) (`2023-08-29T13:34:55.187`) +* [CVE-2023-23771](CVE-2023/CVE-2023-237xx/CVE-2023-23771.json) (`2023-08-29T13:34:55.187`) +* [CVE-2023-23772](CVE-2023/CVE-2023-237xx/CVE-2023-23772.json) (`2023-08-29T13:34:55.187`) +* [CVE-2023-23773](CVE-2023/CVE-2023-237xx/CVE-2023-23773.json) (`2023-08-29T13:34:55.187`) +* [CVE-2023-23774](CVE-2023/CVE-2023-237xx/CVE-2023-23774.json) (`2023-08-29T13:34:55.187`) ## Download and Usage