diff --git a/CVE-2023/CVE-2023-208xx/CVE-2023-20867.json b/CVE-2023/CVE-2023-208xx/CVE-2023-20867.json index 4487fbd9166..988ee024219 100644 --- a/CVE-2023/CVE-2023-208xx/CVE-2023-20867.json +++ b/CVE-2023/CVE-2023-208xx/CVE-2023-20867.json @@ -2,7 +2,7 @@ "id": "CVE-2023-20867", "sourceIdentifier": "security@vmware.com", "published": "2023-06-13T17:15:14.070", - "lastModified": "2023-09-20T03:15:10.740", + "lastModified": "2023-10-16T06:15:08.633", "vulnStatus": "Modified", "cisaExploitAdd": "2023-06-23", "cisaActionDue": "2023-07-14", @@ -104,6 +104,10 @@ } ], "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/10/16/2", + "source": "security@vmware.com" + }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00020.html", "source": "security@vmware.com" diff --git a/CVE-2023/CVE-2023-214xx/CVE-2023-21413.json b/CVE-2023/CVE-2023-214xx/CVE-2023-21413.json new file mode 100644 index 00000000000..cf951344ae3 --- /dev/null +++ b/CVE-2023/CVE-2023-214xx/CVE-2023-21413.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-21413", + "sourceIdentifier": "product-security@axis.com", + "published": "2023-10-16T07:15:08.503", + "lastModified": "2023-10-16T07:15:08.503", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "GoSecure on behalf of Genetec Inc. has found a flaw that allows for a remote code execution during the installation of ACAP applications on the Axis device. The application handling service in AXIS OS was vulnerable to command injection allowing an attacker to run arbitrary code. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "product-security@axis.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 + } + ] + }, + "references": [ + { + "url": "https://www.axis.com/dam/public/ad/ff/83/cve-2023-21413pdf-en-US-412755.pdf", + "source": "product-security@axis.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-214xx/CVE-2023-21414.json b/CVE-2023/CVE-2023-214xx/CVE-2023-21414.json new file mode 100644 index 00000000000..88a4eb7b5ff --- /dev/null +++ b/CVE-2023/CVE-2023-214xx/CVE-2023-21414.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-21414", + "sourceIdentifier": "product-security@axis.com", + "published": "2023-10-16T07:15:08.680", + "lastModified": "2023-10-16T07:15:08.680", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "NCC Group has found a flaw during the annual internal penetration test ordered by Axis Communications. The protection for device tampering (commonly known as Secure Boot) contains a flaw which provides an opportunity for a sophisticated attack to bypass this protection. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "product-security@axis.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "PHYSICAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 0.5, + "impactScore": 6.0 + } + ] + }, + "references": [ + { + "url": "https://www.axis.com/dam/public/45/3c/a1/cve-2023-21414pdf-en-US-412758.pdf", + "source": "product-security@axis.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-214xx/CVE-2023-21415.json b/CVE-2023/CVE-2023-214xx/CVE-2023-21415.json new file mode 100644 index 00000000000..5347fccb188 --- /dev/null +++ b/CVE-2023/CVE-2023-214xx/CVE-2023-21415.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-21415", + "sourceIdentifier": "product-security@axis.com", + "published": "2023-10-16T07:15:08.760", + "lastModified": "2023-10-16T07:15:08.760", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del.cgi is vulnerable to path traversal attacks that allows for file deletion. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution. \n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "product-security@axis.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://www.axis.com/dam/public/58/0b/36/cve-2023-21415pdf-en-US-412759.pdf", + "source": "product-security@axis.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-369xx/CVE-2023-36950.json b/CVE-2023/CVE-2023-369xx/CVE-2023-36950.json new file mode 100644 index 00000000000..c77103942ea --- /dev/null +++ b/CVE-2023/CVE-2023-369xx/CVE-2023-36950.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-36950", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-16T06:15:10.253", + "lastModified": "2023-10-16T06:15:10.253", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Archerber/bug_submit/blob/main/TOTOLINK/loginauth.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-369xx/CVE-2023-36953.json b/CVE-2023/CVE-2023-369xx/CVE-2023-36953.json new file mode 100644 index 00000000000..57b1a2794b2 --- /dev/null +++ b/CVE-2023/CVE-2023-369xx/CVE-2023-36953.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-36953", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-16T06:15:10.713", + "lastModified": "2023-10-16T06:15:10.713", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "TOTOLINK CP300+ V5.2cu.7594_B20200910 and before is vulnerable to command injection." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Archerber/bug_submit/blob/main/TOTOLINK/CP300%2B_2.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-369xx/CVE-2023-36954.json b/CVE-2023/CVE-2023-369xx/CVE-2023-36954.json new file mode 100644 index 00000000000..97dd8dc3da3 --- /dev/null +++ b/CVE-2023/CVE-2023-369xx/CVE-2023-36954.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-36954", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-16T06:15:10.937", + "lastModified": "2023-10-16T06:15:10.937", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "TOTOLINK CP300+ V5.2cu.7594_B20200910 and before is vulnerable to command injection." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Archerber/bug_submit/blob/main/TOTOLINK/CP300%2B_3.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-369xx/CVE-2023-36955.json b/CVE-2023/CVE-2023-369xx/CVE-2023-36955.json new file mode 100644 index 00000000000..bd7cdb882d8 --- /dev/null +++ b/CVE-2023/CVE-2023-369xx/CVE-2023-36955.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-36955", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-16T06:15:11.217", + "lastModified": "2023-10-16T06:15:11.217", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "TOTOLINK CP300+ <=V5.2cu.7594_B20200910 was discovered to contain a stack overflow via the File parameter in the function UploadCustomModule." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Archerber/bug_submit/blob/main/TOTOLINK/CP300%2B_4.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-448xx/CVE-2023-44808.json b/CVE-2023/CVE-2023-448xx/CVE-2023-44808.json new file mode 100644 index 00000000000..d52c6f80599 --- /dev/null +++ b/CVE-2023/CVE-2023-448xx/CVE-2023-44808.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-44808", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-16T06:15:11.503", + "lastModified": "2023-10-16T06:15:11.503", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_4507CC function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DIR-820l/bug3.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-448xx/CVE-2023-44809.json b/CVE-2023/CVE-2023-448xx/CVE-2023-44809.json new file mode 100644 index 00000000000..b9930139ea3 --- /dev/null +++ b/CVE-2023/CVE-2023-448xx/CVE-2023-44809.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-44809", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-16T06:15:11.783", + "lastModified": "2023-10-16T06:15:11.783", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DIR-820l/bug1.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-455xx/CVE-2023-45572.json b/CVE-2023/CVE-2023-455xx/CVE-2023-45572.json new file mode 100644 index 00000000000..711e06695f2 --- /dev/null +++ b/CVE-2023/CVE-2023-455xx/CVE-2023-45572.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-45572", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-16T06:15:12.070", + "lastModified": "2023-10-16T06:15:12.070", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the fn parameter of the tgfile.htm function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug1.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-455xx/CVE-2023-45573.json b/CVE-2023/CVE-2023-455xx/CVE-2023-45573.json new file mode 100644 index 00000000000..0e1bc58b0f4 --- /dev/null +++ b/CVE-2023/CVE-2023-455xx/CVE-2023-45573.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-45573", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-16T06:15:12.357", + "lastModified": "2023-10-16T06:15:12.357", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wild/mx parameter of the ddns.asp function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug7.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-455xx/CVE-2023-45574.json b/CVE-2023/CVE-2023-455xx/CVE-2023-45574.json new file mode 100644 index 00000000000..feaf88e90e5 --- /dev/null +++ b/CVE-2023/CVE-2023-455xx/CVE-2023-45574.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-45574", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-16T06:15:12.607", + "lastModified": "2023-10-16T06:15:12.607", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the fn parameter of the file.data function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug2.md", + "source": "cve@mitre.org" + }, + { + "url": "https://www.dlink.com/en/security-bulletin/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-455xx/CVE-2023-45575.json b/CVE-2023/CVE-2023-455xx/CVE-2023-45575.json new file mode 100644 index 00000000000..155fdf03cc3 --- /dev/null +++ b/CVE-2023/CVE-2023-455xx/CVE-2023-45575.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-45575", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-16T06:15:12.890", + "lastModified": "2023-10-16T06:15:12.890", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the ip parameter of the ip_position.asp function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug5.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-455xx/CVE-2023-45576.json b/CVE-2023/CVE-2023-455xx/CVE-2023-45576.json new file mode 100644 index 00000000000..d3447a462c3 --- /dev/null +++ b/CVE-2023/CVE-2023-455xx/CVE-2023-45576.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-45576", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-16T07:15:08.843", + "lastModified": "2023-10-16T07:15:08.843", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the remove_ext_proto/remove_ext_port parameter of the upnp_ctrl.asp function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug3.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-455xx/CVE-2023-45577.json b/CVE-2023/CVE-2023-455xx/CVE-2023-45577.json new file mode 100644 index 00000000000..2695423ea75 --- /dev/null +++ b/CVE-2023/CVE-2023-455xx/CVE-2023-45577.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-45577", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-16T07:15:08.907", + "lastModified": "2023-10-16T07:15:08.907", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue in DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wanid parameter of the H5/speedlimit.data function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug9.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-455xx/CVE-2023-45578.json b/CVE-2023/CVE-2023-455xx/CVE-2023-45578.json new file mode 100644 index 00000000000..7faa8093b18 --- /dev/null +++ b/CVE-2023/CVE-2023-455xx/CVE-2023-45578.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-45578", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-16T07:15:08.967", + "lastModified": "2023-10-16T07:15:08.967", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the pap_en/chap_en parameter of the pppoe_base.asp function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug4.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-455xx/CVE-2023-45579.json b/CVE-2023/CVE-2023-455xx/CVE-2023-45579.json new file mode 100644 index 00000000000..35dab4baf88 --- /dev/null +++ b/CVE-2023/CVE-2023-455xx/CVE-2023-45579.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-45579", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-16T07:15:09.027", + "lastModified": "2023-10-16T07:15:09.027", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the ip/type parameter of the jingx.asp function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug8.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-455xx/CVE-2023-45580.json b/CVE-2023/CVE-2023-455xx/CVE-2023-45580.json new file mode 100644 index 00000000000..489cf7c293f --- /dev/null +++ b/CVE-2023/CVE-2023-455xx/CVE-2023-45580.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-45580", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-16T07:15:09.107", + "lastModified": "2023-10-16T07:15:09.107", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wild/mx parameter of the ddns.asp function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug6.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 7b9ec433060..c54df42c9fb 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-10-16T06:00:25.646463+00:00 +2023-10-16T08:00:24.453396+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-10-16T05:15:49.787000+00:00 +2023-10-16T07:15:09.107000+00:00 ``` ### Last Data Feed Release @@ -29,24 +29,38 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -227836 +227854 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `18` -* [CVE-2023-36340](CVE-2023/CVE-2023-363xx/CVE-2023-36340.json) (`2023-10-16T05:15:49.633`) -* [CVE-2023-36947](CVE-2023/CVE-2023-369xx/CVE-2023-36947.json) (`2023-10-16T05:15:49.740`) -* [CVE-2023-36952](CVE-2023/CVE-2023-369xx/CVE-2023-36952.json) (`2023-10-16T05:15:49.787`) +* [CVE-2023-36950](CVE-2023/CVE-2023-369xx/CVE-2023-36950.json) (`2023-10-16T06:15:10.253`) +* [CVE-2023-36953](CVE-2023/CVE-2023-369xx/CVE-2023-36953.json) (`2023-10-16T06:15:10.713`) +* [CVE-2023-36954](CVE-2023/CVE-2023-369xx/CVE-2023-36954.json) (`2023-10-16T06:15:10.937`) +* [CVE-2023-36955](CVE-2023/CVE-2023-369xx/CVE-2023-36955.json) (`2023-10-16T06:15:11.217`) +* [CVE-2023-44808](CVE-2023/CVE-2023-448xx/CVE-2023-44808.json) (`2023-10-16T06:15:11.503`) +* [CVE-2023-44809](CVE-2023/CVE-2023-448xx/CVE-2023-44809.json) (`2023-10-16T06:15:11.783`) +* [CVE-2023-45572](CVE-2023/CVE-2023-455xx/CVE-2023-45572.json) (`2023-10-16T06:15:12.070`) +* [CVE-2023-45573](CVE-2023/CVE-2023-455xx/CVE-2023-45573.json) (`2023-10-16T06:15:12.357`) +* [CVE-2023-45574](CVE-2023/CVE-2023-455xx/CVE-2023-45574.json) (`2023-10-16T06:15:12.607`) +* [CVE-2023-45575](CVE-2023/CVE-2023-455xx/CVE-2023-45575.json) (`2023-10-16T06:15:12.890`) +* [CVE-2023-21413](CVE-2023/CVE-2023-214xx/CVE-2023-21413.json) (`2023-10-16T07:15:08.503`) +* [CVE-2023-21414](CVE-2023/CVE-2023-214xx/CVE-2023-21414.json) (`2023-10-16T07:15:08.680`) +* [CVE-2023-21415](CVE-2023/CVE-2023-214xx/CVE-2023-21415.json) (`2023-10-16T07:15:08.760`) +* [CVE-2023-45576](CVE-2023/CVE-2023-455xx/CVE-2023-45576.json) (`2023-10-16T07:15:08.843`) +* [CVE-2023-45577](CVE-2023/CVE-2023-455xx/CVE-2023-45577.json) (`2023-10-16T07:15:08.907`) +* [CVE-2023-45578](CVE-2023/CVE-2023-455xx/CVE-2023-45578.json) (`2023-10-16T07:15:08.967`) +* [CVE-2023-45579](CVE-2023/CVE-2023-455xx/CVE-2023-45579.json) (`2023-10-16T07:15:09.027`) +* [CVE-2023-45580](CVE-2023/CVE-2023-455xx/CVE-2023-45580.json) (`2023-10-16T07:15:09.107`) ### CVEs modified in the last Commit -Recently modified CVEs: `2` +Recently modified CVEs: `1` -* [CVE-2023-40790](CVE-2023/CVE-2023-407xx/CVE-2023-40790.json) (`2023-10-16T04:15:11.397`) -* [CVE-2023-40791](CVE-2023/CVE-2023-407xx/CVE-2023-40791.json) (`2023-10-16T04:15:11.497`) +* [CVE-2023-20867](CVE-2023/CVE-2023-208xx/CVE-2023-20867.json) (`2023-10-16T06:15:08.633`) ## Download and Usage