From 800553a9337578cf631fabb4ff37a333ea89d033 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Fri, 15 Sep 2023 08:00:29 +0000 Subject: [PATCH] Auto-Update: 2023-09-15T08:00:26.330076+00:00 --- CVE-2023/CVE-2023-324xx/CVE-2023-32461.json | 55 +++++++++++++++++++++ CVE-2023/CVE-2023-33xx/CVE-2023-3378.json | 15 ++++++ CVE-2023/CVE-2023-366xx/CVE-2023-36657.json | 24 +++++++++ CVE-2023/CVE-2023-366xx/CVE-2023-36659.json | 24 +++++++++ CVE-2023/CVE-2023-46xx/CVE-2023-4673.json | 55 +++++++++++++++++++++ CVE-2023/CVE-2023-48xx/CVE-2023-4830.json | 55 +++++++++++++++++++++ README.md | 21 ++++---- 7 files changed, 239 insertions(+), 10 deletions(-) create mode 100644 CVE-2023/CVE-2023-324xx/CVE-2023-32461.json create mode 100644 CVE-2023/CVE-2023-33xx/CVE-2023-3378.json create mode 100644 CVE-2023/CVE-2023-366xx/CVE-2023-36657.json create mode 100644 CVE-2023/CVE-2023-366xx/CVE-2023-36659.json create mode 100644 CVE-2023/CVE-2023-46xx/CVE-2023-4673.json create mode 100644 CVE-2023/CVE-2023-48xx/CVE-2023-4830.json diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32461.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32461.json new file mode 100644 index 00000000000..abcac257af3 --- /dev/null +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32461.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32461", + "sourceIdentifier": "security_alert@emc.com", + "published": "2023-09-15T07:15:09.550", + "lastModified": "2023-09-15T07:15:09.550", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nDell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memory and potentially escalate privileges. \u00a0\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security_alert@emc.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.0, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "security_alert@emc.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-122" + } + ] + } + ], + "references": [ + { + "url": "https://www.dell.com/support/kbdoc/en-us/000216543/dsa-2023-292-security-update-for-dell-poweredge-server-bios-vulnerability", + "source": "security_alert@emc.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-33xx/CVE-2023-3378.json b/CVE-2023/CVE-2023-33xx/CVE-2023-3378.json new file mode 100644 index 00000000000..878ddd0b1a3 --- /dev/null +++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3378.json @@ -0,0 +1,15 @@ +{ + "id": "CVE-2023-3378", + "sourceIdentifier": "info@cert.vde.com", + "published": "2023-09-15T06:15:08.077", + "lastModified": "2023-09-15T06:15:08.077", + "vulnStatus": "Rejected", + "descriptions": [ + { + "lang": "en", + "value": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-366xx/CVE-2023-36657.json b/CVE-2023/CVE-2023-366xx/CVE-2023-36657.json new file mode 100644 index 00000000000..6bdf3844db7 --- /dev/null +++ b/CVE-2023/CVE-2023-366xx/CVE-2023-36657.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-36657", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-09-15T06:15:07.810", + "lastModified": "2023-09-15T06:15:07.810", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Built-in features of Windows (desktop shortcuts, narrator) can be abused for privilege escalation." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://docs.opswat.com/mdkiosk", + "source": "cve@mitre.org" + }, + { + "url": "https://docs.opswat.com/mdkiosk/release-notes/cve-2023-36657", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-366xx/CVE-2023-36659.json b/CVE-2023/CVE-2023-366xx/CVE-2023-36659.json new file mode 100644 index 00000000000..b21a6c935ed --- /dev/null +++ b/CVE-2023/CVE-2023-366xx/CVE-2023-36659.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-36659", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-09-15T06:15:08.013", + "lastModified": "2023-09-15T06:15:08.013", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Long inputs were not properly processed, which allows remote attackers to cause a denial of service (loss of communication)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://docs.opswat.com/mdkiosk", + "source": "cve@mitre.org" + }, + { + "url": "https://docs.opswat.com/mdkiosk/release-notes/cve-2023-36659", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-46xx/CVE-2023-4673.json b/CVE-2023/CVE-2023-46xx/CVE-2023-4673.json new file mode 100644 index 00000000000..e6b2fe99227 --- /dev/null +++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4673.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-4673", + "sourceIdentifier": "cve@usom.gov.tr", + "published": "2023-09-15T06:15:08.140", + "lastModified": "2023-09-15T06:15:08.140", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Sanalogy Turasistan allows SQL Injection.This issue affects Turasistan: before 20230911 .\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.usom.gov.tr/bildirim/tr-23-0528", + "source": "cve@usom.gov.tr" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-48xx/CVE-2023-4830.json b/CVE-2023/CVE-2023-48xx/CVE-2023-4830.json new file mode 100644 index 00000000000..99fe7ec8dde --- /dev/null +++ b/CVE-2023/CVE-2023-48xx/CVE-2023-4830.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-4830", + "sourceIdentifier": "cve@usom.gov.tr", + "published": "2023-09-15T06:15:08.287", + "lastModified": "2023-09-15T06:15:08.287", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tura Signalix allows SQL Injection.This issue affects Signalix: 7T_0228.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.usom.gov.tr/bildirim/tr-23-0529", + "source": "cve@usom.gov.tr" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index db499c68540..c44650e184e 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-09-15T06:00:24.865971+00:00 +2023-09-15T08:00:26.330076+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-09-15T05:15:24.997000+00:00 +2023-09-15T07:15:09.550000+00:00 ``` ### Last Data Feed Release @@ -29,24 +29,25 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -225647 +225653 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `6` -* [CVE-2023-38039](CVE-2023/CVE-2023-380xx/CVE-2023-38039.json) (`2023-09-15T04:15:10.127`) -* [CVE-2023-40983](CVE-2023/CVE-2023-409xx/CVE-2023-40983.json) (`2023-09-15T04:15:10.243`) -* [CVE-2023-36658](CVE-2023/CVE-2023-366xx/CVE-2023-36658.json) (`2023-09-15T05:15:24.997`) +* [CVE-2023-36657](CVE-2023/CVE-2023-366xx/CVE-2023-36657.json) (`2023-09-15T06:15:07.810`) +* [CVE-2023-36659](CVE-2023/CVE-2023-366xx/CVE-2023-36659.json) (`2023-09-15T06:15:08.013`) +* [CVE-2023-3378](CVE-2023/CVE-2023-33xx/CVE-2023-3378.json) (`2023-09-15T06:15:08.077`) +* [CVE-2023-4673](CVE-2023/CVE-2023-46xx/CVE-2023-4673.json) (`2023-09-15T06:15:08.140`) +* [CVE-2023-4830](CVE-2023/CVE-2023-48xx/CVE-2023-4830.json) (`2023-09-15T06:15:08.287`) +* [CVE-2023-32461](CVE-2023/CVE-2023-324xx/CVE-2023-32461.json) (`2023-09-15T07:15:09.550`) ### CVEs modified in the last Commit -Recently modified CVEs: `2` +Recently modified CVEs: `0` -* [CVE-2023-36811](CVE-2023/CVE-2023-368xx/CVE-2023-36811.json) (`2023-09-15T04:15:09.473`) -* [CVE-2023-4863](CVE-2023/CVE-2023-48xx/CVE-2023-4863.json) (`2023-09-15T04:15:10.310`) ## Download and Usage