From 999f609d0cc3c35114d5cb8fcb9c65c854f8d680 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Fri, 16 Jun 2023 08:00:31 +0000 Subject: [PATCH] Auto-Update: 2023-06-16T08:00:28.277489+00:00 --- CVE-2023/CVE-2023-341xx/CVE-2023-34154.json | 20 ++++++++++ CVE-2023/CVE-2023-341xx/CVE-2023-34157.json | 43 +++++++++++++++++++++ CVE-2023/CVE-2023-341xx/CVE-2023-34165.json | 20 ++++++++++ README.md | 40 ++++--------------- 4 files changed, 91 insertions(+), 32 deletions(-) create mode 100644 CVE-2023/CVE-2023-341xx/CVE-2023-34154.json create mode 100644 CVE-2023/CVE-2023-341xx/CVE-2023-34157.json create mode 100644 CVE-2023/CVE-2023-341xx/CVE-2023-34165.json diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34154.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34154.json new file mode 100644 index 00000000000..a10e8f82bdc --- /dev/null +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34154.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34154", + "sourceIdentifier": "psirt@huawei.com", + "published": "2023-06-16T07:15:08.457", + "lastModified": "2023-06-16T07:15:08.457", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Vulnerability of undefined permissions in HUAWEI VR screen projection.Successful exploitation of this vulnerability will cause third-party apps to create windows in an arbitrary way, consuming system resources." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202306-0000001560777672", + "source": "psirt@huawei.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34157.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34157.json new file mode 100644 index 00000000000..32ac81e419f --- /dev/null +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34157.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-34157", + "sourceIdentifier": "psirt@huawei.com", + "published": "2023-06-16T07:15:08.680", + "lastModified": "2023-06-16T07:15:08.680", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Vulnerability of HwWatchHealth being hijacked.Successful exploitation of this vulnerability may cause repeated pop-up windows of the app." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@huawei.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 10.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "references": [ + { + "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202306-0000001560777672", + "source": "psirt@huawei.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34165.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34165.json new file mode 100644 index 00000000000..7da748ea76c --- /dev/null +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34165.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-34165", + "sourceIdentifier": "psirt@huawei.com", + "published": "2023-06-16T07:15:08.840", + "lastModified": "2023-06-16T07:15:08.840", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Unauthorized access vulnerability in the Save for later feature provided by AI Touch.Successful exploitation of this vulnerability may cause third-party apps to forge a URI for unauthorized access with zero permissions." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202306-0000001560777672", + "source": "psirt@huawei.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 97bd01e72ae..ac624804f9f 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-06-16T06:00:34.503353+00:00 +2023-06-16T08:00:28.277489+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-06-16T05:15:50.637000+00:00 +2023-06-16T07:15:08.840000+00:00 ``` ### Last Data Feed Release @@ -29,46 +29,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -217901 +217904 ``` ### CVEs added in the last Commit -Recently added CVEs: `5` +Recently added CVEs: `3` -* [CVE-2023-32754](CVE-2023/CVE-2023-327xx/CVE-2023-32754.json) (`2023-06-16T04:15:13.947`) -* [CVE-2023-34845](CVE-2023/CVE-2023-348xx/CVE-2023-34845.json) (`2023-06-16T04:15:14.143`) -* [CVE-2023-35708](CVE-2023/CVE-2023-357xx/CVE-2023-35708.json) (`2023-06-16T04:15:14.203`) -* [CVE-2023-32752](CVE-2023/CVE-2023-327xx/CVE-2023-32752.json) (`2023-06-16T04:15:13.717`) -* [CVE-2023-32753](CVE-2023/CVE-2023-327xx/CVE-2023-32753.json) (`2023-06-16T04:15:13.863`) +* [CVE-2023-34154](CVE-2023/CVE-2023-341xx/CVE-2023-34154.json) (`2023-06-16T07:15:08.457`) +* [CVE-2023-34157](CVE-2023/CVE-2023-341xx/CVE-2023-34157.json) (`2023-06-16T07:15:08.680`) +* [CVE-2023-34165](CVE-2023/CVE-2023-341xx/CVE-2023-34165.json) (`2023-06-16T07:15:08.840`) ### CVEs modified in the last Commit -Recently modified CVEs: `22` +Recently modified CVEs: `0` -* [CVE-2022-46165](CVE-2022/CVE-2022-461xx/CVE-2022-46165.json) (`2023-06-16T04:15:11.407`) -* [CVE-2022-47015](CVE-2022/CVE-2022-470xx/CVE-2022-47015.json) (`2023-06-16T04:15:11.550`) -* [CVE-2023-0666](CVE-2023/CVE-2023-06xx/CVE-2023-0666.json) (`2023-06-16T04:15:11.707`) -* [CVE-2023-0668](CVE-2023/CVE-2023-06xx/CVE-2023-0668.json) (`2023-06-16T04:15:11.830`) -* [CVE-2023-1161](CVE-2023/CVE-2023-11xx/CVE-2023-1161.json) (`2023-06-16T04:15:11.953`) -* [CVE-2023-1992](CVE-2023/CVE-2023-19xx/CVE-2023-1992.json) (`2023-06-16T04:15:12.127`) -* [CVE-2023-1993](CVE-2023/CVE-2023-19xx/CVE-2023-1993.json) (`2023-06-16T04:15:12.253`) -* [CVE-2023-1994](CVE-2023/CVE-2023-19xx/CVE-2023-1994.json) (`2023-06-16T04:15:12.347`) -* [CVE-2023-24038](CVE-2023/CVE-2023-240xx/CVE-2023-24038.json) (`2023-06-16T04:15:12.473`) -* [CVE-2023-24329](CVE-2023/CVE-2023-243xx/CVE-2023-24329.json) (`2023-06-16T04:15:12.660`) -* [CVE-2023-2854](CVE-2023/CVE-2023-28xx/CVE-2023-2854.json) (`2023-06-16T04:15:12.840`) -* [CVE-2023-2855](CVE-2023/CVE-2023-28xx/CVE-2023-2855.json) (`2023-06-16T04:15:12.943`) -* [CVE-2023-2856](CVE-2023/CVE-2023-28xx/CVE-2023-2856.json) (`2023-06-16T04:15:13.027`) -* [CVE-2023-2857](CVE-2023/CVE-2023-28xx/CVE-2023-2857.json) (`2023-06-16T04:15:13.147`) -* [CVE-2023-2858](CVE-2023/CVE-2023-28xx/CVE-2023-2858.json) (`2023-06-16T04:15:13.240`) -* [CVE-2023-2879](CVE-2023/CVE-2023-28xx/CVE-2023-2879.json) (`2023-06-16T04:15:13.340`) -* [CVE-2023-2952](CVE-2023/CVE-2023-29xx/CVE-2023-2952.json) (`2023-06-16T04:15:13.610`) -* [CVE-2023-33461](CVE-2023/CVE-2023-334xx/CVE-2023-33461.json) (`2023-06-16T04:15:14.040`) -* [CVE-2023-3214](CVE-2023/CVE-2023-32xx/CVE-2023-3214.json) (`2023-06-16T04:15:14.263`) -* [CVE-2023-3215](CVE-2023/CVE-2023-32xx/CVE-2023-3215.json) (`2023-06-16T04:15:14.337`) -* [CVE-2023-3216](CVE-2023/CVE-2023-32xx/CVE-2023-3216.json) (`2023-06-16T04:15:14.393`) -* [CVE-2023-3217](CVE-2023/CVE-2023-32xx/CVE-2023-3217.json) (`2023-06-16T04:15:14.453`) ## Download and Usage