From 838f4ba39e90315e378afbc45c855f37a584153d Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 4 Dec 2023 13:01:01 +0000 Subject: [PATCH] Auto-Update: 2023-12-04T13:00:57.838254+00:00 --- CVE-2023/CVE-2023-328xx/CVE-2023-32804.json | 32 +++++++++++++++++++++ CVE-2023/CVE-2023-492xx/CVE-2023-49287.json | 6 +++- CVE-2023/CVE-2023-51xx/CVE-2023-5157.json | 8 ++++-- CVE-2023/CVE-2023-56xx/CVE-2023-5605.json | 6 ++-- README.md | 22 ++++++-------- 5 files changed, 55 insertions(+), 19 deletions(-) create mode 100644 CVE-2023/CVE-2023-328xx/CVE-2023-32804.json diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32804.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32804.json new file mode 100644 index 00000000000..c1096879c6c --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32804.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-32804", + "sourceIdentifier": "arm-security@arm.com", + "published": "2023-12-04T12:15:07.570", + "lastModified": "2023-12-04T12:15:07.570", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Out-of-bounds Write vulnerability in Arm Ltd Midgard GPU Userspace Driver, Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a\u00a0local non-privileged user to write a constant pattern to a limited amount of memory not allocated by the user space driver.This issue affects Midgard GPU Userspace Driver: from r0p0 through r32p0; Bifrost GPU Userspace Driver: from r0p0 through r44p0; Valhall GPU Userspace Driver: from r19p0 through r44p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r44p0.\n\n" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "arm-security@arm.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", + "source": "arm-security@arm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-492xx/CVE-2023-49287.json b/CVE-2023/CVE-2023-492xx/CVE-2023-49287.json index 433b659cbda..d464e9f1ab0 100644 --- a/CVE-2023/CVE-2023-492xx/CVE-2023-49287.json +++ b/CVE-2023/CVE-2023-492xx/CVE-2023-49287.json @@ -2,7 +2,7 @@ "id": "CVE-2023-49287", "sourceIdentifier": "security-advisories@github.com", "published": "2023-12-04T06:15:07.173", - "lastModified": "2023-12-04T06:15:07.173", + "lastModified": "2023-12-04T12:15:07.747", "vulnStatus": "Received", "descriptions": [ { @@ -51,6 +51,10 @@ } ], "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/12/04/1", + "source": "security-advisories@github.com" + }, { "url": "https://github.com/cxong/tinydir/releases/tag/1.2.6", "source": "security-advisories@github.com" diff --git a/CVE-2023/CVE-2023-51xx/CVE-2023-5157.json b/CVE-2023/CVE-2023-51xx/CVE-2023-5157.json index ef9d93719cb..395f71fb63e 100644 --- a/CVE-2023/CVE-2023-51xx/CVE-2023-5157.json +++ b/CVE-2023/CVE-2023-51xx/CVE-2023-5157.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5157", "sourceIdentifier": "secalert@redhat.com", "published": "2023-09-27T15:19:41.807", - "lastModified": "2023-11-13T12:15:08.057", - "vulnStatus": "Modified", + "lastModified": "2023-12-04T12:15:07.883", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", @@ -298,6 +298,10 @@ "url": "https://access.redhat.com/errata/RHSA-2023:6883", "source": "secalert@redhat.com" }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7633", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-5157", "source": "secalert@redhat.com", diff --git a/CVE-2023/CVE-2023-56xx/CVE-2023-5605.json b/CVE-2023/CVE-2023-56xx/CVE-2023-5605.json index 48baa0281d2..82e6e7ed71e 100644 --- a/CVE-2023/CVE-2023-56xx/CVE-2023-5605.json +++ b/CVE-2023/CVE-2023-56xx/CVE-2023-5605.json @@ -2,12 +2,12 @@ "id": "CVE-2023-5605", "sourceIdentifier": "contact@wpscan.com", "published": "2023-11-06T21:15:10.137", - "lastModified": "2023-11-14T19:03:12.460", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-04T11:15:07.120", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The URL Shortify WordPress plugin through 1.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" + "value": "The URL Shortify WordPress plugin before 1.7.9.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" }, { "lang": "es", diff --git a/README.md b/README.md index 60104da6785..b5ae3defebc 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-12-04T11:04:15.941324+00:00 +2023-12-04T13:00:57.838254+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-12-04T09:15:37.250000+00:00 +2023-12-04T12:15:07.883000+00:00 ``` ### Last Data Feed Release @@ -29,27 +29,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -232129 +232130 ``` ### CVEs added in the last Commit -Recently added CVEs: `8` +Recently added CVEs: `1` -* [CVE-2023-44291](CVE-2023/CVE-2023-442xx/CVE-2023-44291.json) (`2023-12-04T09:15:35.623`) -* [CVE-2023-44300](CVE-2023/CVE-2023-443xx/CVE-2023-44300.json) (`2023-12-04T09:15:35.993`) -* [CVE-2023-44301](CVE-2023/CVE-2023-443xx/CVE-2023-44301.json) (`2023-12-04T09:15:36.213`) -* [CVE-2023-44302](CVE-2023/CVE-2023-443xx/CVE-2023-44302.json) (`2023-12-04T09:15:36.417`) -* [CVE-2023-44304](CVE-2023/CVE-2023-443xx/CVE-2023-44304.json) (`2023-12-04T09:15:36.633`) -* [CVE-2023-44305](CVE-2023/CVE-2023-443xx/CVE-2023-44305.json) (`2023-12-04T09:15:36.833`) -* [CVE-2023-44306](CVE-2023/CVE-2023-443xx/CVE-2023-44306.json) (`2023-12-04T09:15:37.043`) -* [CVE-2023-6481](CVE-2023/CVE-2023-64xx/CVE-2023-6481.json) (`2023-12-04T09:15:37.250`) +* [CVE-2023-32804](CVE-2023/CVE-2023-328xx/CVE-2023-32804.json) (`2023-12-04T12:15:07.570`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `3` +* [CVE-2023-5605](CVE-2023/CVE-2023-56xx/CVE-2023-5605.json) (`2023-12-04T11:15:07.120`) +* [CVE-2023-49287](CVE-2023/CVE-2023-492xx/CVE-2023-49287.json) (`2023-12-04T12:15:07.747`) +* [CVE-2023-5157](CVE-2023/CVE-2023-51xx/CVE-2023-5157.json) (`2023-12-04T12:15:07.883`) ## Download and Usage