From 8f4d930a5424fd46ed3341e83fa556c3c7e45218 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Helmke?= Date: Wed, 10 May 2023 08:00:26 +0200 Subject: [PATCH] Auto-Update: 2023-05-10T06:00:23.927804+00:00 --- CVE-2023/CVE-2023-22xx/CVE-2023-2260.json | 12 ++-- CVE-2023/CVE-2023-24xx/CVE-2023-2459.json | 12 +++- CVE-2023/CVE-2023-24xx/CVE-2023-2460.json | 12 +++- CVE-2023/CVE-2023-24xx/CVE-2023-2461.json | 12 +++- CVE-2023/CVE-2023-24xx/CVE-2023-2462.json | 12 +++- CVE-2023/CVE-2023-24xx/CVE-2023-2463.json | 12 +++- CVE-2023/CVE-2023-24xx/CVE-2023-2464.json | 12 +++- CVE-2023/CVE-2023-24xx/CVE-2023-2465.json | 12 +++- CVE-2023/CVE-2023-24xx/CVE-2023-2466.json | 12 +++- CVE-2023/CVE-2023-24xx/CVE-2023-2467.json | 12 +++- CVE-2023/CVE-2023-24xx/CVE-2023-2468.json | 12 +++- CVE-2023/CVE-2023-261xx/CVE-2023-26126.json | 47 +++++++++++++ CVE-2023/CVE-2023-26xx/CVE-2023-2616.json | 59 ++++++++++++++++ CVE-2023/CVE-2023-325xx/CVE-2023-32568.json | 43 ++++++++++++ CVE-2023/CVE-2023-325xx/CVE-2023-32569.json | 43 ++++++++++++ CVE-2023/CVE-2023-325xx/CVE-2023-32570.json | 24 +++++++ README.md | 75 ++++++--------------- 17 files changed, 343 insertions(+), 80 deletions(-) create mode 100644 CVE-2023/CVE-2023-261xx/CVE-2023-26126.json create mode 100644 CVE-2023/CVE-2023-26xx/CVE-2023-2616.json create mode 100644 CVE-2023/CVE-2023-325xx/CVE-2023-32568.json create mode 100644 CVE-2023/CVE-2023-325xx/CVE-2023-32569.json create mode 100644 CVE-2023/CVE-2023-325xx/CVE-2023-32570.json diff --git a/CVE-2023/CVE-2023-22xx/CVE-2023-2260.json b/CVE-2023/CVE-2023-22xx/CVE-2023-2260.json index 0cfa217ad7f..057c7c1c586 100644 --- a/CVE-2023/CVE-2023-22xx/CVE-2023-2260.json +++ b/CVE-2023/CVE-2023-22xx/CVE-2023-2260.json @@ -2,12 +2,12 @@ "id": "CVE-2023-2260", "sourceIdentifier": "security@huntr.dev", "published": "2023-04-24T21:15:09.613", - "lastModified": "2023-05-03T19:52:26.697", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-10T05:15:11.440", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Improper Authorization of Index Containing Sensitive Information in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304." + "value": "Authorization Bypass Through User-Controlled Key in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304." } ], "metrics": { @@ -58,7 +58,7 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "security@huntr.dev", "type": "Primary", "description": [ { @@ -68,12 +68,12 @@ ] }, { - "source": "security@huntr.dev", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-612" + "value": "CWE-639" } ] } diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2459.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2459.json index c4ca4064ba9..6f16f3fde56 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2459.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2459.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2459", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2023-05-03T00:15:08.803", - "lastModified": "2023-05-09T17:16:44.733", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-10T04:15:44.010", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -117,6 +117,14 @@ "Mailing List" ] }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3V6GPGMY6ZWVWPECMQGGOKQVATXJ5BA/", + "source": "chrome-cve-admin@google.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z4JI552XDFD6DYFU6WNCRBCAXWOFOOSF/", + "source": "chrome-cve-admin@google.com" + }, { "url": "https://www.debian.org/security/2023/dsa-5398", "source": "chrome-cve-admin@google.com", diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2460.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2460.json index bc34f516912..ffa01dc836c 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2460.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2460.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2460", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2023-05-03T00:15:09.327", - "lastModified": "2023-05-09T17:16:24.910", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-10T04:15:44.167", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -117,6 +117,14 @@ "Mailing List" ] }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3V6GPGMY6ZWVWPECMQGGOKQVATXJ5BA/", + "source": "chrome-cve-admin@google.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z4JI552XDFD6DYFU6WNCRBCAXWOFOOSF/", + "source": "chrome-cve-admin@google.com" + }, { "url": "https://www.debian.org/security/2023/dsa-5398", "source": "chrome-cve-admin@google.com", diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2461.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2461.json index 61a7356fa07..5a3af40aad0 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2461.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2461.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2461", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2023-05-03T00:15:09.387", - "lastModified": "2023-05-09T17:16:07.147", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-10T04:15:44.253", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -131,6 +131,14 @@ "Mailing List" ] }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3V6GPGMY6ZWVWPECMQGGOKQVATXJ5BA/", + "source": "chrome-cve-admin@google.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z4JI552XDFD6DYFU6WNCRBCAXWOFOOSF/", + "source": "chrome-cve-admin@google.com" + }, { "url": "https://www.debian.org/security/2023/dsa-5398", "source": "chrome-cve-admin@google.com", diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2462.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2462.json index 85f2f3c1aa0..4c4a5ee655c 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2462.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2462.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2462", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2023-05-03T00:15:09.443", - "lastModified": "2023-05-09T17:15:30.470", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-10T04:15:44.333", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -117,6 +117,14 @@ "Mailing List" ] }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3V6GPGMY6ZWVWPECMQGGOKQVATXJ5BA/", + "source": "chrome-cve-admin@google.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z4JI552XDFD6DYFU6WNCRBCAXWOFOOSF/", + "source": "chrome-cve-admin@google.com" + }, { "url": "https://www.debian.org/security/2023/dsa-5398", "source": "chrome-cve-admin@google.com", diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2463.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2463.json index 224567b89c0..2b6d7ffb35c 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2463.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2463.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2463", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2023-05-03T00:15:09.497", - "lastModified": "2023-05-09T17:13:37.423", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-10T04:15:44.407", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -131,6 +131,14 @@ "Mailing List" ] }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3V6GPGMY6ZWVWPECMQGGOKQVATXJ5BA/", + "source": "chrome-cve-admin@google.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z4JI552XDFD6DYFU6WNCRBCAXWOFOOSF/", + "source": "chrome-cve-admin@google.com" + }, { "url": "https://www.debian.org/security/2023/dsa-5398", "source": "chrome-cve-admin@google.com", diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2464.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2464.json index b2062fbe46a..f3f3ef95bed 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2464.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2464.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2464", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2023-05-03T00:15:09.550", - "lastModified": "2023-05-09T17:12:05.487", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-10T04:15:44.490", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -117,6 +117,14 @@ "Mailing List" ] }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3V6GPGMY6ZWVWPECMQGGOKQVATXJ5BA/", + "source": "chrome-cve-admin@google.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z4JI552XDFD6DYFU6WNCRBCAXWOFOOSF/", + "source": "chrome-cve-admin@google.com" + }, { "url": "https://www.debian.org/security/2023/dsa-5398", "source": "chrome-cve-admin@google.com", diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2465.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2465.json index 8be513e68b1..8fad108b5a5 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2465.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2465.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2465", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2023-05-03T00:15:09.597", - "lastModified": "2023-05-09T17:11:35.407", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-10T04:15:44.563", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -117,6 +117,14 @@ "Mailing List" ] }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3V6GPGMY6ZWVWPECMQGGOKQVATXJ5BA/", + "source": "chrome-cve-admin@google.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z4JI552XDFD6DYFU6WNCRBCAXWOFOOSF/", + "source": "chrome-cve-admin@google.com" + }, { "url": "https://www.debian.org/security/2023/dsa-5398", "source": "chrome-cve-admin@google.com", diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2466.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2466.json index fbe1fe18d9e..82f5316db0d 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2466.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2466.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2466", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2023-05-03T00:15:09.647", - "lastModified": "2023-05-09T17:11:08.640", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-10T04:15:44.647", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -117,6 +117,14 @@ "Mailing List" ] }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3V6GPGMY6ZWVWPECMQGGOKQVATXJ5BA/", + "source": "chrome-cve-admin@google.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z4JI552XDFD6DYFU6WNCRBCAXWOFOOSF/", + "source": "chrome-cve-admin@google.com" + }, { "url": "https://www.debian.org/security/2023/dsa-5398", "source": "chrome-cve-admin@google.com", diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2467.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2467.json index 3d1a8f8844c..18db434398f 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2467.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2467.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2467", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2023-05-03T00:15:09.697", - "lastModified": "2023-05-09T17:10:36.677", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-10T04:15:44.727", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -131,6 +131,14 @@ "Mailing List" ] }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3V6GPGMY6ZWVWPECMQGGOKQVATXJ5BA/", + "source": "chrome-cve-admin@google.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z4JI552XDFD6DYFU6WNCRBCAXWOFOOSF/", + "source": "chrome-cve-admin@google.com" + }, { "url": "https://www.debian.org/security/2023/dsa-5398", "source": "chrome-cve-admin@google.com", diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2468.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2468.json index 4a88cd4cbfc..161054abc50 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2468.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2468.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2468", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2023-05-03T00:15:09.747", - "lastModified": "2023-05-09T17:10:02.967", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-10T04:15:44.797", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -117,6 +117,14 @@ "Mailing List" ] }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3V6GPGMY6ZWVWPECMQGGOKQVATXJ5BA/", + "source": "chrome-cve-admin@google.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z4JI552XDFD6DYFU6WNCRBCAXWOFOOSF/", + "source": "chrome-cve-admin@google.com" + }, { "url": "https://www.debian.org/security/2023/dsa-5398", "source": "chrome-cve-admin@google.com", diff --git a/CVE-2023/CVE-2023-261xx/CVE-2023-26126.json b/CVE-2023/CVE-2023-261xx/CVE-2023-26126.json new file mode 100644 index 00000000000..ed74e5d823d --- /dev/null +++ b/CVE-2023/CVE-2023-261xx/CVE-2023-26126.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-26126", + "sourceIdentifier": "report@snyk.io", + "published": "2023-05-10T05:15:08.860", + "lastModified": "2023-05-10T05:15:08.860", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "All versions of the package m.static are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile function.\r\r" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "report@snyk.io", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://gist.github.com/lirantal/dcb32c11ce87f5aafd2282b90b4dc998", + "source": "report@snyk.io" + }, + { + "url": "https://security.snyk.io/vuln/SNYK-JS-MSTATIC-3244915", + "source": "report@snyk.io" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2616.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2616.json new file mode 100644 index 00000000000..fcd2bfbe113 --- /dev/null +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2616.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-2616", + "sourceIdentifier": "security@huntr.dev", + "published": "2023-05-10T05:15:11.877", + "lastModified": "2023-05-10T05:15:11.877", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.21." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/pimcore/pimcore/commit/07a2c95be524c7e20105cef58c5767d4ebb06091", + "source": "security@huntr.dev" + }, + { + "url": "https://huntr.dev/bounties/564cb512-2bcc-4458-8c20-88110ab45801", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-325xx/CVE-2023-32568.json b/CVE-2023/CVE-2023-325xx/CVE-2023-32568.json new file mode 100644 index 00000000000..305f7df5e8f --- /dev/null +++ b/CVE-2023/CVE-2023-325xx/CVE-2023-32568.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-32568", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-10T05:15:11.990", + "lastModified": "2023-05-10T05:15:11.990", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. The VIOM web application does not validate user-supplied data and appends it to OS commands and internal binaries used by the application. An attacker with root/administrator level privileges can leverage this to read sensitive data stored on the servers, modify data or server configuration, and delete data or application configuration." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://www.veritas.com/content/support/en_US/security/VTS23-007", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-325xx/CVE-2023-32569.json b/CVE-2023/CVE-2023-325xx/CVE-2023-32569.json new file mode 100644 index 00000000000..33ac45e729c --- /dev/null +++ b/CVE-2023/CVE-2023-325xx/CVE-2023-32569.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-32569", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-10T05:15:12.103", + "lastModified": "2023-05-10T05:15:12.103", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. The InfoScale VIOM web application is vulnerable to SQL Injection in some of the areas of the application. This allows attackers to submit arbitrary SQL commands on the back-end database to create, read, update, or delete any sensitive data stored in the database." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://www.veritas.com/content/support/en_US/security/VTS23-007", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-325xx/CVE-2023-32570.json b/CVE-2023/CVE-2023-325xx/CVE-2023-32570.json new file mode 100644 index 00000000000..7c989547fe5 --- /dev/null +++ b/CVE-2023/CVE-2023-325xx/CVE-2023-32570.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-32570", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-10T05:15:12.190", + "lastModified": "2023-05-10T05:15:12.190", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "VideoLAN dav1d before 1.2.0 has a thread_task.c race condition that can lead to an application crash, related to dav1d_decode_frame_exit." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://code.videolan.org/videolan/dav1d/-/commit/cf617fdae0b9bfabd27282854c8e81450d955efa", + "source": "cve@mitre.org" + }, + { + "url": "https://code.videolan.org/videolan/dav1d/-/tags/1.2.0", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 88462d19121..26135efcfac 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-05-10T04:00:24.206269+00:00 +2023-05-10T06:00:23.927804+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-05-10T03:58:32.817000+00:00 +2023-05-10T05:15:12.190000+00:00 ``` ### Last Data Feed Release @@ -29,68 +29,35 @@ Download and Changelog: [Click](releases/latest) ### Total Number of included CVEs ```plain -214662 +214667 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `5` -* [CVE-2023-25833](CVE-2023/CVE-2023-258xx/CVE-2023-25833.json) (`2023-05-10T02:15:08.933`) +* [CVE-2023-26126](CVE-2023/CVE-2023-261xx/CVE-2023-26126.json) (`2023-05-10T05:15:08.860`) +* [CVE-2023-2616](CVE-2023/CVE-2023-26xx/CVE-2023-2616.json) (`2023-05-10T05:15:11.877`) +* [CVE-2023-32568](CVE-2023/CVE-2023-325xx/CVE-2023-32568.json) (`2023-05-10T05:15:11.990`) +* [CVE-2023-32569](CVE-2023/CVE-2023-325xx/CVE-2023-32569.json) (`2023-05-10T05:15:12.103`) +* [CVE-2023-32570](CVE-2023/CVE-2023-325xx/CVE-2023-32570.json) (`2023-05-10T05:15:12.190`) ### CVEs modified in the last Commit -Recently modified CVEs: `48` +Recently modified CVEs: `11` -* [CVE-2017-11197](CVE-2017/CVE-2017-111xx/CVE-2017-11197.json) (`2023-05-10T03:56:15.183`) -* [CVE-2020-22429](CVE-2020/CVE-2020-224xx/CVE-2020-22429.json) (`2023-05-10T03:54:49.863`) -* [CVE-2022-36330](CVE-2022/CVE-2022-363xx/CVE-2022-36330.json) (`2023-05-10T02:29:55.237`) -* [CVE-2022-39161](CVE-2022/CVE-2022-391xx/CVE-2022-39161.json) (`2023-05-10T03:54:37.507`) -* [CVE-2022-45812](CVE-2022/CVE-2022-458xx/CVE-2022-45812.json) (`2023-05-10T02:25:17.547`) -* [CVE-2022-47757](CVE-2022/CVE-2022-477xx/CVE-2022-47757.json) (`2023-05-10T03:54:12.323`) -* [CVE-2023-2156](CVE-2023/CVE-2023-21xx/CVE-2023-2156.json) (`2023-05-10T02:29:55.237`) -* [CVE-2023-23668](CVE-2023/CVE-2023-236xx/CVE-2023-23668.json) (`2023-05-10T02:24:50.837`) -* [CVE-2023-2427](CVE-2023/CVE-2023-24xx/CVE-2023-2427.json) (`2023-05-10T02:19:43.877`) -* [CVE-2023-24400](CVE-2023/CVE-2023-244xx/CVE-2023-24400.json) (`2023-05-10T02:24:37.880`) -* [CVE-2023-24744](CVE-2023/CVE-2023-247xx/CVE-2023-24744.json) (`2023-05-10T03:54:26.793`) -* [CVE-2023-25021](CVE-2023/CVE-2023-250xx/CVE-2023-25021.json) (`2023-05-10T02:25:03.560`) -* [CVE-2023-25052](CVE-2023/CVE-2023-250xx/CVE-2023-25052.json) (`2023-05-10T02:26:02.593`) -* [CVE-2023-2516](CVE-2023/CVE-2023-25xx/CVE-2023-2516.json) (`2023-05-10T02:20:02.473`) -* [CVE-2023-25452](CVE-2023/CVE-2023-254xx/CVE-2023-25452.json) (`2023-05-10T02:26:18.077`) -* [CVE-2023-25491](CVE-2023/CVE-2023-254xx/CVE-2023-25491.json) (`2023-05-10T02:24:21.523`) -* [CVE-2023-2550](CVE-2023/CVE-2023-25xx/CVE-2023-2550.json) (`2023-05-10T02:20:24.467`) -* [CVE-2023-2551](CVE-2023/CVE-2023-25xx/CVE-2023-2551.json) (`2023-05-10T02:21:54.973`) -* [CVE-2023-2552](CVE-2023/CVE-2023-25xx/CVE-2023-2552.json) (`2023-05-10T02:22:08.797`) -* [CVE-2023-2553](CVE-2023/CVE-2023-25xx/CVE-2023-2553.json) (`2023-05-10T02:23:43.497`) -* [CVE-2023-25831](CVE-2023/CVE-2023-258xx/CVE-2023-25831.json) (`2023-05-10T02:29:55.237`) -* [CVE-2023-25832](CVE-2023/CVE-2023-258xx/CVE-2023-25832.json) (`2023-05-10T02:29:55.237`) -* [CVE-2023-25962](CVE-2023/CVE-2023-259xx/CVE-2023-25962.json) (`2023-05-10T02:29:05.977`) -* [CVE-2023-26016](CVE-2023/CVE-2023-260xx/CVE-2023-26016.json) (`2023-05-10T02:28:53.703`) -* [CVE-2023-2610](CVE-2023/CVE-2023-26xx/CVE-2023-2610.json) (`2023-05-10T02:29:55.237`) -* [CVE-2023-26517](CVE-2023/CVE-2023-265xx/CVE-2023-26517.json) (`2023-05-10T02:23:55.010`) -* [CVE-2023-26519](CVE-2023/CVE-2023-265xx/CVE-2023-26519.json) (`2023-05-10T02:24:07.383`) -* [CVE-2023-28125](CVE-2023/CVE-2023-281xx/CVE-2023-28125.json) (`2023-05-10T02:29:55.237`) -* [CVE-2023-28126](CVE-2023/CVE-2023-281xx/CVE-2023-28126.json) (`2023-05-10T02:29:55.237`) -* [CVE-2023-28127](CVE-2023/CVE-2023-281xx/CVE-2023-28127.json) (`2023-05-10T02:29:55.237`) -* [CVE-2023-28128](CVE-2023/CVE-2023-281xx/CVE-2023-28128.json) (`2023-05-10T02:29:55.237`) -* [CVE-2023-28169](CVE-2023/CVE-2023-281xx/CVE-2023-28169.json) (`2023-05-10T02:26:38.837`) -* [CVE-2023-28316](CVE-2023/CVE-2023-283xx/CVE-2023-28316.json) (`2023-05-10T02:29:55.237`) -* [CVE-2023-28317](CVE-2023/CVE-2023-283xx/CVE-2023-28317.json) (`2023-05-10T02:29:55.237`) -* [CVE-2023-28318](CVE-2023/CVE-2023-283xx/CVE-2023-28318.json) (`2023-05-10T02:29:55.237`) -* [CVE-2023-29842](CVE-2023/CVE-2023-298xx/CVE-2023-29842.json) (`2023-05-10T03:58:32.817`) -* [CVE-2023-30056](CVE-2023/CVE-2023-300xx/CVE-2023-30056.json) (`2023-05-10T02:29:55.237`) -* [CVE-2023-30057](CVE-2023/CVE-2023-300xx/CVE-2023-30057.json) (`2023-05-10T02:29:55.237`) -* [CVE-2023-30077](CVE-2023/CVE-2023-300xx/CVE-2023-30077.json) (`2023-05-10T03:57:51.020`) -* [CVE-2023-30184](CVE-2023/CVE-2023-301xx/CVE-2023-30184.json) (`2023-05-10T03:53:22.570`) -* [CVE-2023-30267](CVE-2023/CVE-2023-302xx/CVE-2023-30267.json) (`2023-05-10T02:15:09.027`) -* [CVE-2023-30300](CVE-2023/CVE-2023-303xx/CVE-2023-30300.json) (`2023-05-10T03:54:22.137`) -* [CVE-2023-30331](CVE-2023/CVE-2023-303xx/CVE-2023-30331.json) (`2023-05-10T03:53:34.137`) -* [CVE-2023-30861](CVE-2023/CVE-2023-308xx/CVE-2023-30861.json) (`2023-05-10T03:55:54.567`) -* [CVE-2023-31099](CVE-2023/CVE-2023-310xx/CVE-2023-31099.json) (`2023-05-10T03:53:41.293`) -* [CVE-2023-31434](CVE-2023/CVE-2023-314xx/CVE-2023-31434.json) (`2023-05-10T03:55:17.283`) -* [CVE-2023-31435](CVE-2023/CVE-2023-314xx/CVE-2023-31435.json) (`2023-05-10T03:55:11.183`) -* [CVE-2023-31478](CVE-2023/CVE-2023-314xx/CVE-2023-31478.json) (`2023-05-10T02:29:55.237`) +* [CVE-2023-2260](CVE-2023/CVE-2023-22xx/CVE-2023-2260.json) (`2023-05-10T05:15:11.440`) +* [CVE-2023-2459](CVE-2023/CVE-2023-24xx/CVE-2023-2459.json) (`2023-05-10T04:15:44.010`) +* [CVE-2023-2460](CVE-2023/CVE-2023-24xx/CVE-2023-2460.json) (`2023-05-10T04:15:44.167`) +* [CVE-2023-2461](CVE-2023/CVE-2023-24xx/CVE-2023-2461.json) (`2023-05-10T04:15:44.253`) +* [CVE-2023-2462](CVE-2023/CVE-2023-24xx/CVE-2023-2462.json) (`2023-05-10T04:15:44.333`) +* [CVE-2023-2463](CVE-2023/CVE-2023-24xx/CVE-2023-2463.json) (`2023-05-10T04:15:44.407`) +* [CVE-2023-2464](CVE-2023/CVE-2023-24xx/CVE-2023-2464.json) (`2023-05-10T04:15:44.490`) +* [CVE-2023-2465](CVE-2023/CVE-2023-24xx/CVE-2023-2465.json) (`2023-05-10T04:15:44.563`) +* [CVE-2023-2466](CVE-2023/CVE-2023-24xx/CVE-2023-2466.json) (`2023-05-10T04:15:44.647`) +* [CVE-2023-2467](CVE-2023/CVE-2023-24xx/CVE-2023-2467.json) (`2023-05-10T04:15:44.727`) +* [CVE-2023-2468](CVE-2023/CVE-2023-24xx/CVE-2023-2468.json) (`2023-05-10T04:15:44.797`) ## Download and Usage