Auto-Update: 2023-10-17T08:00:25.402342+00:00

CVE-2023/CVE-2023-394xx/CVE-2023-39456.json

@@ -0,0 +1,32 @@
+{
+  "id": "CVE-2023-39456",
+  "sourceIdentifier": "security@apache.org",
+  "published": "2023-10-17T07:15:09.737",
+  "lastModified": "2023-10-17T07:15:09.737",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Input Validation vulnerability in Apache Traffic Server with malformed HTTP/2 frames.This issue affects Apache Traffic Server: from 9.0.0 through 9.2.2.\n\nUsers are recommended to upgrade to version 9.2.3, which fixes the issue.\n\n"
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "security@apache.org",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-20"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q",
+      "source": "security@apache.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-40xx/CVE-2023-4089.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-4089",
+  "sourceIdentifier": "info@cert.vde.com",
+  "published": "2023-10-17T07:15:10.090",
+  "lastModified": "2023-10-17T07:15:10.090",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an undocumented local file inclusion. This access is logged in a different log file than expected."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "info@cert.vde.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 2.7,
+          "baseSeverity": "LOW"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "info@cert.vde.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-610"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://cert.vde.com/en/advisories/VDE-2023-046/",
+      "source": "info@cert.vde.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-417xx/CVE-2023-41752.json

@@ -0,0 +1,32 @@
+{
+  "id": "CVE-2023-41752",
+  "sourceIdentifier": "security@apache.org",
+  "published": "2023-10-17T07:15:09.960",
+  "lastModified": "2023-10-17T07:15:09.960",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 8.1.8, from 9.0.0 through 9.2.2.\n\nUsers are recommended to upgrade to version 8.1.9 or 9.2.3, which fixes the issue.\n\n"
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "security@apache.org",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-200"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q",
+      "source": "security@apache.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-446xx/CVE-2023-44693.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-44693",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-17T06:15:09.553",
+  "lastModified": "2023-10-17T06:15:09.553",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "D-Link Online behavior audit gateway DAR-7000 V31R02B1413C is vulnerable to SQL Injection via /importexport.php."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/llixixi/cve/blob/main/D-LINK-DAR-7000_sql_%20importexport.md",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-446xx/CVE-2023-44694.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-44694",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-17T06:15:09.690",
+  "lastModified": "2023-10-17T06:15:09.690",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "D-Link Online behavior audit gateway DAR-7000 V31R02B1413C is vulnerable to SQL Injection via /log/mailrecvview.php."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/llixixi/cve/blob/main/D-LINK-DAR-7000_rce_%20mailrecvview.md",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

README.md

@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-10-17T06:00:26.115785+00:00
+2023-10-17T08:00:25.402342+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-10-17T05:15:50.840000+00:00
+2023-10-17T07:15:10.090000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,37 +29,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-228015
+228020
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `8`
+Recently added CVEs: `5`
 
-* [CVE-2023-34207](CVE-2023/CVE-2023-342xx/CVE-2023-34207.json) (`2023-10-17T04:15:11.937`)
-* [CVE-2023-34208](CVE-2023/CVE-2023-342xx/CVE-2023-34208.json) (`2023-10-17T04:15:12.077`)
-* [CVE-2023-34209](CVE-2023/CVE-2023-342xx/CVE-2023-34209.json) (`2023-10-17T05:15:50.207`)
-* [CVE-2023-34210](CVE-2023/CVE-2023-342xx/CVE-2023-34210.json) (`2023-10-17T05:15:50.300`)
-* [CVE-2023-45357](CVE-2023/CVE-2023-453xx/CVE-2023-45357.json) (`2023-10-17T05:15:50.583`)
-* [CVE-2023-45358](CVE-2023/CVE-2023-453xx/CVE-2023-45358.json) (`2023-10-17T05:15:50.657`)
-* [CVE-2023-45375](CVE-2023/CVE-2023-453xx/CVE-2023-45375.json) (`2023-10-17T05:15:50.733`)
-* [CVE-2023-45386](CVE-2023/CVE-2023-453xx/CVE-2023-45386.json) (`2023-10-17T05:15:50.787`)
+* [CVE-2023-44693](CVE-2023/CVE-2023-446xx/CVE-2023-44693.json) (`2023-10-17T06:15:09.553`)
+* [CVE-2023-44694](CVE-2023/CVE-2023-446xx/CVE-2023-44694.json) (`2023-10-17T06:15:09.690`)
+* [CVE-2023-39456](CVE-2023/CVE-2023-394xx/CVE-2023-39456.json) (`2023-10-17T07:15:09.737`)
+* [CVE-2023-41752](CVE-2023/CVE-2023-417xx/CVE-2023-41752.json) (`2023-10-17T07:15:09.960`)
+* [CVE-2023-4089](CVE-2023/CVE-2023-40xx/CVE-2023-4089.json) (`2023-10-17T07:15:10.090`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `10`
+Recently modified CVEs: `0`
 
-* [CVE-2021-28651](CVE-2021/CVE-2021-286xx/CVE-2021-28651.json) (`2023-10-17T05:15:49.187`)
-* [CVE-2021-28652](CVE-2021/CVE-2021-286xx/CVE-2021-28652.json) (`2023-10-17T05:15:49.470`)
-* [CVE-2021-28662](CVE-2021/CVE-2021-286xx/CVE-2021-28662.json) (`2023-10-17T05:15:49.577`)
-* [CVE-2021-31806](CVE-2021/CVE-2021-318xx/CVE-2021-31806.json) (`2023-10-17T05:15:49.683`)
-* [CVE-2021-31807](CVE-2021/CVE-2021-318xx/CVE-2021-31807.json) (`2023-10-17T05:15:49.790`)
-* [CVE-2021-31808](CVE-2021/CVE-2021-318xx/CVE-2021-31808.json) (`2023-10-17T05:15:49.943`)
-* [CVE-2021-33620](CVE-2021/CVE-2021-336xx/CVE-2021-33620.json) (`2023-10-17T05:15:50.050`)
-* [CVE-2023-38039](CVE-2023/CVE-2023-380xx/CVE-2023-38039.json) (`2023-10-17T05:15:50.377`)
-* [CVE-2023-42824](CVE-2023/CVE-2023-428xx/CVE-2023-42824.json) (`2023-10-17T05:15:50.497`)
-* [CVE-2023-5217](CVE-2023/CVE-2023-52xx/CVE-2023-5217.json) (`2023-10-17T05:15:50.840`)
 
 
 ## Download and Usage