admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 03:27:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-17 23:55:26.398365+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-05-17 23:55:30 +00:00
parent 1e405aefa3
commit 8269bb87dd
9 changed files with 295 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
CVE-2023/CVE-2023-18xx/CVE-2023-1859.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-1859",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-17T23:15:09.100",
"lastModified": "2023-05-17T23:15:09.100",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak."
}
],
"metrics": {},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://lore.kernel.org/all/20230313090002.3308025-1-zyytlz.wz@163.com/",
"source": "secalert@redhat.com"
}
]
}

36
CVE-2023/CVE-2023-19xx/CVE-2023-1972.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-1972",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-17T22:15:10.827",
"lastModified": "2023-05-17T22:15:10.827",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability."
}
],
"metrics": {},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185646",
"source": "secalert@redhat.com"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30285",
"source": "secalert@redhat.com"
}
]
}

44
CVE-2023/CVE-2023-22xx/CVE-2023-2203.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2023-2203",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-17T22:15:10.943",
"lastModified": "2023-05-17T22:15:10.943",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. This CVE exists because of a CVE-2023-28205 security regression for the WebKitGTK package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2."
}
],
"metrics": {},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:2653",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:3108",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-2203",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188543",
"source": "secalert@redhat.com"
}
]
}

44
CVE-2023/CVE-2023-22xx/CVE-2023-2295.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2023-2295",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-17T23:15:09.250",
"lastModified": "2023-05-17T23:15:09.250",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This CVE exists because of a CVE-2023-30570 security regression for libreswan package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2."
}
],
"metrics": {},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:3107",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:3148",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-2295",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189777",
"source": "secalert@redhat.com"
}
]
}

28
CVE-2023/CVE-2023-23xx/CVE-2023-2319.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-2319",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-17T23:15:09.313",
"lastModified": "2023-05-17T23:15:09.313",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "It was discovered that an update for PCS package in RHBA-2023:2151 erratum released as part of Red Hat Enterprise Linux 9.2 failed to include the fix for the Webpack issue CVE-2023-28154 (for PCS package), which was previously addressed in Red Hat Enterprise Linux 9.1 via erratum RHSA-2023:1591. The CVE-2023-2319 was assigned to that Red Hat specific security regression in Red Hat Enterprise Linux 9.2."
}
],
"metrics": {},
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:2652",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-2319",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2190092",
"source": "secalert@redhat.com"
}
]
}

44
CVE-2023/CVE-2023-24xx/CVE-2023-2491.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2023-2491",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-17T22:15:10.997",
"lastModified": "2023-05-17T22:15:10.997",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the \"org-babel-execute:latex\" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2."
}
],
"metrics": {},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:2626",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:3104",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-2491",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192873",
"source": "secalert@redhat.com"
}
]
}

12
CVE-2023/CVE-2023-274xx/CVE-2023-27482.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27482",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-03-08T18:15:11.783",
"lastModified": "2023-03-15T14:20:39.313",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-17T23:15:09.167",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -91,6 +91,10 @@
}
],
"references": [
{
"url": "https://github.com/elttam/publications/blob/master/writeups/home-assistant/supervisor-authentication-bypass-advisory.md",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/home-assistant/core/security/advisories/GHSA-2j8f-h4mr-qr25",
"source": "security-advisories@github.com",
@ -98,6 +102,10 @@
"Vendor Advisory"
]
},
{
"url": "https://www.elttam.com/blog/pwnassistant/",
"source": "security-advisories@github.com"
},
{
"url": "https://www.home-assistant.io/blog/2023/03/08/supervisor-security-disclosure/",
"source": "security-advisories@github.com",

44
CVE-2023/CVE-2023-27xx/CVE-2023-2731.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2023-2731",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-17T22:15:11.047",
"lastModified": "2023-05-17T22:15:11.047",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service."
}
],
"metrics": {},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-2731",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2207635",
"source": "secalert@redhat.com"
},
{
"url": "https://github.com/libsdl-org/libtiff/commit/9be22b639ea69e102d3847dca4c53ef025e9527b",
"source": "secalert@redhat.com"
},
{
"url": "https://gitlab.com/libtiff/libtiff/-/issues/548",
"source": "secalert@redhat.com"
}
]
}

51
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-17T22:00:30.373391+00:00
2023-05-17T23:55:26.398365+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-17T21:15:09.470000+00:00
2023-05-17T23:15:09.313000+00:00
```
### Last Data Feed Release
@ -29,52 +29,27 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
215550
215557
```
### CVEs added in the last Commit
Recently added CVEs: `8`
Recently added CVEs: `7`
* [CVE-2023-27233](CVE-2023/CVE-2023-272xx/CVE-2023-27233.json) (`2023-05-17T20:15:09.933`)
* [CVE-2023-29837](CVE-2023/CVE-2023-298xx/CVE-2023-29837.json) (`2023-05-17T20:15:10.280`)
* [CVE-2023-2774](CVE-2023/CVE-2023-27xx/CVE-2023-2774.json) (`2023-05-17T20:15:10.427`)
* [CVE-2023-2775](CVE-2023/CVE-2023-27xx/CVE-2023-2775.json) (`2023-05-17T20:15:10.513`)
* [CVE-2023-2776](CVE-2023/CVE-2023-27xx/CVE-2023-2776.json) (`2023-05-17T20:15:10.597`)
* [CVE-2023-30191](CVE-2023/CVE-2023-301xx/CVE-2023-30191.json) (`2023-05-17T20:15:10.680`)
* [CVE-2023-32767](CVE-2023/CVE-2023-327xx/CVE-2023-32767.json) (`2023-05-17T20:15:10.757`)
* [CVE-2023-2780](CVE-2023/CVE-2023-27xx/CVE-2023-2780.json) (`2023-05-17T21:15:09.470`)
* [CVE-2023-1972](CVE-2023/CVE-2023-19xx/CVE-2023-1972.json) (`2023-05-17T22:15:10.827`)
* [CVE-2023-2203](CVE-2023/CVE-2023-22xx/CVE-2023-2203.json) (`2023-05-17T22:15:10.943`)
* [CVE-2023-2491](CVE-2023/CVE-2023-24xx/CVE-2023-2491.json) (`2023-05-17T22:15:10.997`)
* [CVE-2023-2731](CVE-2023/CVE-2023-27xx/CVE-2023-2731.json) (`2023-05-17T22:15:11.047`)
* [CVE-2023-1859](CVE-2023/CVE-2023-18xx/CVE-2023-1859.json) (`2023-05-17T23:15:09.100`)
* [CVE-2023-2295](CVE-2023/CVE-2023-22xx/CVE-2023-2295.json) (`2023-05-17T23:15:09.250`)
* [CVE-2023-2319](CVE-2023/CVE-2023-23xx/CVE-2023-2319.json) (`2023-05-17T23:15:09.313`)
### CVEs modified in the last Commit
Recently modified CVEs: `26`
Recently modified CVEs: `1`
* [CVE-2023-31555](CVE-2023/CVE-2023-315xx/CVE-2023-31555.json) (`2023-05-17T20:01:45.503`)
* [CVE-2023-30356](CVE-2023/CVE-2023-303xx/CVE-2023-30356.json) (`2023-05-17T20:06:55.363`)
* [CVE-2023-32070](CVE-2023/CVE-2023-320xx/CVE-2023-32070.json) (`2023-05-17T20:12:44.580`)
* [CVE-2023-0210](CVE-2023/CVE-2023-02xx/CVE-2023-0210.json) (`2023-05-17T20:15:09.417`)
* [CVE-2023-0568](CVE-2023/CVE-2023-05xx/CVE-2023-0568.json) (`2023-05-17T20:15:09.497`)
* [CVE-2023-0662](CVE-2023/CVE-2023-06xx/CVE-2023-0662.json) (`2023-05-17T20:15:09.603`)
* [CVE-2023-0664](CVE-2023/CVE-2023-06xx/CVE-2023-0664.json) (`2023-05-17T20:15:09.687`)
* [CVE-2023-1838](CVE-2023/CVE-2023-18xx/CVE-2023-1838.json) (`2023-05-17T20:15:09.770`)
* [CVE-2023-26463](CVE-2023/CVE-2023-264xx/CVE-2023-26463.json) (`2023-05-17T20:15:09.867`)
* [CVE-2023-28464](CVE-2023/CVE-2023-284xx/CVE-2023-28464.json) (`2023-05-17T20:15:09.987`)
* [CVE-2023-29013](CVE-2023/CVE-2023-290xx/CVE-2023-29013.json) (`2023-05-17T20:15:10.097`)
* [CVE-2023-29491](CVE-2023/CVE-2023-294xx/CVE-2023-29491.json) (`2023-05-17T20:15:10.203`)
* [CVE-2023-2008](CVE-2023/CVE-2023-20xx/CVE-2023-2008.json) (`2023-05-17T20:15:10.333`)
* [CVE-2023-2642](CVE-2023/CVE-2023-26xx/CVE-2023-2642.json) (`2023-05-17T20:29:49.607`)
* [CVE-2023-30354](CVE-2023/CVE-2023-303xx/CVE-2023-30354.json) (`2023-05-17T20:32:25.230`)
* [CVE-2023-30353](CVE-2023/CVE-2023-303xx/CVE-2023-30353.json) (`2023-05-17T20:32:56.523`)
* [CVE-2023-30352](CVE-2023/CVE-2023-303xx/CVE-2023-30352.json) (`2023-05-17T20:33:46.237`)
* [CVE-2023-2641](CVE-2023/CVE-2023-26xx/CVE-2023-2641.json) (`2023-05-17T20:35:54.097`)
* [CVE-2023-30351](CVE-2023/CVE-2023-303xx/CVE-2023-30351.json) (`2023-05-17T20:36:04.243`)
* [CVE-2023-2653](CVE-2023/CVE-2023-26xx/CVE-2023-2653.json) (`2023-05-17T20:46:59.930`)
* [CVE-2023-2652](CVE-2023/CVE-2023-26xx/CVE-2023-2652.json) (`2023-05-17T20:47:14.933`)
* [CVE-2023-2648](CVE-2023/CVE-2023-26xx/CVE-2023-2648.json) (`2023-05-17T20:47:29.147`)
* [CVE-2023-2647](CVE-2023/CVE-2023-26xx/CVE-2023-2647.json) (`2023-05-17T20:51:22.823`)
* [CVE-2023-2643](CVE-2023/CVE-2023-26xx/CVE-2023-2643.json) (`2023-05-17T20:51:44.890`)
* [CVE-2023-2156](CVE-2023/CVE-2023-21xx/CVE-2023-2156.json) (`2023-05-17T21:15:09.390`)
* [CVE-2023-27482](CVE-2023/CVE-2023-274xx/CVE-2023-27482.json) (`2023-05-17T23:15:09.167`)
## Download and Usage