Auto-Update: 2023-12-05T07:00:17.921348+00:00

CVE-2022/CVE-2022-475xx/CVE-2022-47531.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2022-47531",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-12-05T06:15:48.367",
+  "lastModified": "2023-12-05T06:15:48.367",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue was discovered in Ericsson Evolved Packet Gateway (EPG) versions 3.x before 3.25 and 2.x before 2.16, allows authenticated users to bypass system CLI and execute commands they are authorized to execute directly in the UNIX shell."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://www.gruppotim.it/it/footer/red-team.html",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-332xx/CVE-2023-33202.json

@@ -2,12 +2,12 @@
   "id": "CVE-2023-33202",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2023-11-23T16:15:07.273",
-  "lastModified": "2023-11-30T20:49:49.457",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-12-05T06:15:48.500",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
-      "value": "Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack."
+      "value": "Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.)"
     },
     {
       "lang": "es",

CVE-2023/CVE-2023-375xx/CVE-2023-37572.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-37572",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-12-05T06:15:48.617",
+  "lastModified": "2023-12-05T06:15:48.617",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Softing OPC Suite version 5.25 and before has Incorrect Access Control, allows attackers to obtain sensitive information via weak permissions in OSF_discovery service."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2023/syt-2023-5.html",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-392xx/CVE-2023-39248.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-39248",
+  "sourceIdentifier": "security_alert@emc.com",
+  "published": "2023-12-05T06:15:48.667",
+  "lastModified": "2023-12-05T06:15:48.667",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nDell OS10 Networking Switches running 10.5.2.x and above contain an Uncontrolled Resource Consumption (Denial of Service) vulnerability, when switches are configured with VLT and VRRP. A remote unauthenticated\u00a0user can cause the network to be flooded leading to Denial of Service for actual network users. This is a high severity vulnerability as it allows an attacker to cause an outage of network. Dell recommends customers to upgrade at the earliest opportunity.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security_alert@emc.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.5,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security_alert@emc.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-400"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.dell.com/support/kbdoc/en-us/000220138/dsa-2023-278-dell-networking-os10-security-updates-for-uncontrolled-resource-consumption",
+      "source": "security_alert@emc.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-442xx/CVE-2023-44288.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-44288",
+  "sourceIdentifier": "security_alert@emc.com",
+  "published": "2023-12-05T06:15:48.900",
+  "lastModified": "2023-12-05T06:15:48.900",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nDell PowerScale OneFS, 8.2.2.x through 9.6.0.x, contains an improper control of a resource through its lifetime vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, leading to denial of service.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security_alert@emc.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 7.5,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security_alert@emc.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-664"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.dell.com/support/kbdoc/en-us/000219932/dsa-2023-417-dell-powerscale-onefs-security-updates-for-multiple-security-vulnerabilities",
+      "source": "security_alert@emc.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-442xx/CVE-2023-44295.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-44295",
+  "sourceIdentifier": "security_alert@emc.com",
+  "published": "2023-12-05T06:15:49.110",
+  "lastModified": "2023-12-05T06:15:49.110",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nDell PowerScale OneFS versions 8.2.2.x through 9.6.0.x contains an improper control of a resource through its lifetime vulnerability. A low privilege attacker could potentially exploit this vulnerability, leading to loss of information, and information disclosure.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security_alert@emc.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.0,
+        "impactScore": 3.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security_alert@emc.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-664"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.dell.com/support/kbdoc/en-us/000219932/dsa-2023-417-dell-powerscale-onefs-security-updates-for-multiple-security-vulnerabilities",
+      "source": "security_alert@emc.com"
+    }
+  ]
+}

README.md

@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-12-05T05:00:18.417593+00:00
+2023-12-05T07:00:17.921348+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-12-05T04:15:07.083000+00:00
+2023-12-05T06:15:49.110000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,44 +29,25 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-232315
+232320
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `65`
+Recently added CVEs: `5`
 
-* [CVE-2023-42558](CVE-2023/CVE-2023-425xx/CVE-2023-42558.json) (`2023-12-05T03:15:15.390`)
-* [CVE-2023-42559](CVE-2023/CVE-2023-425xx/CVE-2023-42559.json) (`2023-12-05T03:15:15.557`)
-* [CVE-2023-42560](CVE-2023/CVE-2023-425xx/CVE-2023-42560.json) (`2023-12-05T03:15:15.723`)
-* [CVE-2023-42561](CVE-2023/CVE-2023-425xx/CVE-2023-42561.json) (`2023-12-05T03:15:15.893`)
-* [CVE-2023-42562](CVE-2023/CVE-2023-425xx/CVE-2023-42562.json) (`2023-12-05T03:15:16.060`)
-* [CVE-2023-42563](CVE-2023/CVE-2023-425xx/CVE-2023-42563.json) (`2023-12-05T03:15:16.230`)
-* [CVE-2023-42564](CVE-2023/CVE-2023-425xx/CVE-2023-42564.json) (`2023-12-05T03:15:16.400`)
-* [CVE-2023-42565](CVE-2023/CVE-2023-425xx/CVE-2023-42565.json) (`2023-12-05T03:15:16.553`)
-* [CVE-2023-42566](CVE-2023/CVE-2023-425xx/CVE-2023-42566.json) (`2023-12-05T03:15:16.720`)
-* [CVE-2023-42567](CVE-2023/CVE-2023-425xx/CVE-2023-42567.json) (`2023-12-05T03:15:16.900`)
-* [CVE-2023-42568](CVE-2023/CVE-2023-425xx/CVE-2023-42568.json) (`2023-12-05T03:15:17.070`)
-* [CVE-2023-42569](CVE-2023/CVE-2023-425xx/CVE-2023-42569.json) (`2023-12-05T03:15:17.237`)
-* [CVE-2023-42570](CVE-2023/CVE-2023-425xx/CVE-2023-42570.json) (`2023-12-05T03:15:17.403`)
-* [CVE-2023-42571](CVE-2023/CVE-2023-425xx/CVE-2023-42571.json) (`2023-12-05T03:15:17.573`)
-* [CVE-2023-42572](CVE-2023/CVE-2023-425xx/CVE-2023-42572.json) (`2023-12-05T03:15:17.750`)
-* [CVE-2023-42573](CVE-2023/CVE-2023-425xx/CVE-2023-42573.json) (`2023-12-05T03:15:17.927`)
-* [CVE-2023-42574](CVE-2023/CVE-2023-425xx/CVE-2023-42574.json) (`2023-12-05T03:15:18.100`)
-* [CVE-2023-42575](CVE-2023/CVE-2023-425xx/CVE-2023-42575.json) (`2023-12-05T03:15:18.273`)
-* [CVE-2023-42576](CVE-2023/CVE-2023-425xx/CVE-2023-42576.json) (`2023-12-05T03:15:18.450`)
-* [CVE-2023-42577](CVE-2023/CVE-2023-425xx/CVE-2023-42577.json) (`2023-12-05T03:15:18.623`)
-* [CVE-2023-42578](CVE-2023/CVE-2023-425xx/CVE-2023-42578.json) (`2023-12-05T03:15:18.803`)
-* [CVE-2023-42579](CVE-2023/CVE-2023-425xx/CVE-2023-42579.json) (`2023-12-05T03:15:18.967`)
-* [CVE-2023-42580](CVE-2023/CVE-2023-425xx/CVE-2023-42580.json) (`2023-12-05T03:15:19.120`)
-* [CVE-2023-42581](CVE-2023/CVE-2023-425xx/CVE-2023-42581.json) (`2023-12-05T03:15:19.293`)
-* [CVE-2023-47304](CVE-2023/CVE-2023-473xx/CVE-2023-47304.json) (`2023-12-05T04:15:07.083`)
+* [CVE-2022-47531](CVE-2022/CVE-2022-475xx/CVE-2022-47531.json) (`2023-12-05T06:15:48.367`)
+* [CVE-2023-37572](CVE-2023/CVE-2023-375xx/CVE-2023-37572.json) (`2023-12-05T06:15:48.617`)
+* [CVE-2023-39248](CVE-2023/CVE-2023-392xx/CVE-2023-39248.json) (`2023-12-05T06:15:48.667`)
+* [CVE-2023-44288](CVE-2023/CVE-2023-442xx/CVE-2023-44288.json) (`2023-12-05T06:15:48.900`)
+* [CVE-2023-44295](CVE-2023/CVE-2023-442xx/CVE-2023-44295.json) (`2023-12-05T06:15:49.110`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `0`
+Recently modified CVEs: `1`
 
+* [CVE-2023-33202](CVE-2023/CVE-2023-332xx/CVE-2023-33202.json) (`2023-12-05T06:15:48.500`)
 
 
 ## Download and Usage