Auto-Update: 2024-08-25T18:00:17.294236+00:00

2025-05-08 11:37:26 +00:00 · 2024-08-25 18:03:14 +00:00 · 2024-08-25 18:03:14 +00:00 · a7b286bcff
commit a7b286bcff
parent 63fabd2620
4 changed files with 73 additions and 12 deletions
--- a/CVE-2023/CVE-2023-489xx/CVE-2023-48957.json
+++ b/CVE-2023/CVE-2023-489xx/CVE-2023-48957.json
@ -0,0 +1,25 @@
+{
+  "id": "CVE-2023-48957",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-08-25T17:15:03.553",
+  "lastModified": "2024-08-25T17:15:03.553",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "PureVPN Linux client 2.0.2-Productions fails to properly handle DNS queries, allowing them to bypass the VPN tunnel and be sent directly to the ISP or default DNS servers."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://latesthackingnews.com/2023/11/13/multiple-vulnerabilities-found-in-purevpn-one-remains-unpatched/",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.rafaybaloch.com/2023/11/Multiple%20Critical-Vulnerabilities-in-PureVPN.html?m=1",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-200xx/CVE-2024-20023.json
+++ b/CVE-2024/CVE-2024-200xx/CVE-2024-20023.json
@ -2,7 +2,7 @@
  "id": "CVE-2024-20023",
  "sourceIdentifier": "security@mediatek.com",
  "published": "2024-03-04T03:15:07.193",
-  "lastModified": "2024-03-04T13:58:23.447",
+  "lastModified": "2024-08-25T16:35:00.693",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
@ -15,7 +15,42 @@
      "value": "En flashc, existe una posible escritura fuera de los l\u00edmites debido a la falta de valoraci\u00f3n. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS08541638; ID del problema: ALPS08541638."
    }
  ],
-  "metrics": {},
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 6.7,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 0.8,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-787"
+        }
+      ]
+    }
+  ],
  "references": [
    {
      "url": "https://corp.mediatek.com/product-security-bulletin/March-2024",
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-08-25T16:00:17.431862+00:00
+2024-08-25T18:00:17.294236+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-08-25T15:35:02.580000+00:00
+2024-08-25T17:15:03.553000+00:00
 ```

 ### Last Data Feed Release
@ -33,21 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-261114
+261115
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `0`
+Recently added CVEs: `1`

+- [CVE-2023-48957](CVE-2023/CVE-2023-489xx/CVE-2023-48957.json) (`2024-08-25T17:15:03.553`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `2`
+Recently modified CVEs: `1`

- [CVE-2024-22060](CVE-2024/CVE-2024-220xx/CVE-2024-22060.json) (`2024-08-25T15:35:00.963`)
- [CVE-2024-33224](CVE-2024/CVE-2024-332xx/CVE-2024-33224.json) (`2024-08-25T15:35:02.580`)
+- [CVE-2024-20023](CVE-2024/CVE-2024-200xx/CVE-2024-20023.json) (`2024-08-25T16:35:00.693`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -236512,6 +236512,7 @@ CVE-2023-4895,0,0,4ab77ab411ddc58968fd067c92795434e641f91b82c0093c3bef943d49877e
 CVE-2023-48950,0,0,6209787e722d589445436809c2da6e7ed9f2cc438ec7917b42184e480d1a8d38,2023-11-30T22:09:53.560000
 CVE-2023-48951,0,0,446d172b65c728bf74f46e8a4ea7b3af5392b7183b52bca460149824a522bf24,2023-11-30T22:09:47.687000
 CVE-2023-48952,0,0,b553326e17a696498616a7213cf0df476380803d579c7d299fc82cc4a472f0f7,2023-11-30T22:09:38.880000
+CVE-2023-48957,1,1,63ce188b26b65bd14f1b88d046a652aae501e7d2a79122e901456175118072f4,2024-08-25T17:15:03.553000
 CVE-2023-48958,0,0,7e4319f12642b7a11f4b3b9007fe156de5fc432092034bbccf3e3b2fbc2edda7,2023-12-12T20:21:11.650000
 CVE-2023-4896,0,0,fb9989e4369e907af70e34e324e3785bcae5d095deae157c7b638caecbe789d2,2023-10-24T20:53:59.203000
 CVE-2023-48963,0,0,4a3c91879f595e598c510f956104d2188db72f2066c5ceeee4af55100005ebaf,2023-12-05T20:13:24.923000
@ -242911,7 +242912,7 @@ CVE-2024-2002,0,0,9bb787dd73ad4270fec473ae00d969f2b5c55795bbfeec9dd3a74d6c7578ca
 CVE-2024-20020,0,0,1af2be5239e7889690a24490c95fb1d9708b12f77c9dc96edd896786cba1d93c,2024-03-04T13:58:23.447000
 CVE-2024-20021,0,0,9da6b4090664581723961fe14bfe7a2d90b8c57bd1123df3f77b75a47e068fa3,2024-07-03T01:45:47.187000
 CVE-2024-20022,0,0,6248993b7a916d38fa8ce9e8b47c6621a4becdde41eda305169e026bd72d98e8,2024-03-04T13:58:23.447000
-CVE-2024-20023,0,0,0f3eec01af6b49c524cf4eb0c642d77efd7be67fdf33e7a68b76bb49407ad22a,2024-03-04T13:58:23.447000
+CVE-2024-20023,0,1,a3b3cccb28dbd8c2a0d484f347d7ffc29ffef08cf3b6aa24d55352aa47cd302b,2024-08-25T16:35:00.693000
 CVE-2024-20024,0,0,a587bfbae48c7d89e5f8cdf3a4d9f1f662ddb9590db59d2b26f356c2c055895e,2024-07-03T01:45:47.463000
 CVE-2024-20025,0,0,47e15a7ddf4a93a1f67f16f7b41159792bb8de344e0b811377a0a1f83c75f102,2024-03-04T13:58:23.447000
 CVE-2024-20026,0,0,ed800331684227c8cb6eef8a299085ff35357d20165c3fbe70fc71f0772c4645,2024-03-04T13:58:23.447000
@ -244295,7 +244296,7 @@ CVE-2024-22054,0,0,6e37321c62f2a04e4e3f2f6fd1bef9378fc04c906a238567a88522192ab55
 CVE-2024-22058,0,0,eae5b623fec72c03a6a5d974e26c7d12252da5cb9c755e2b5a8deaacf0fa051e,2024-05-31T19:14:47.793000
 CVE-2024-22059,0,0,50d90b3cb7f9bf66ee5ba944e169106caf70e42a039b7301c7281a7acc269806,2024-07-03T01:47:02.030000
 CVE-2024-2206,0,0,f65296c322fa456a2d924ce652baada633a5cbd15608dca292853eaeea32f655,2024-04-16T12:15:10.187000
-CVE-2024-22060,0,1,7f79d2875f5a614fca219746c1bbf5a9acd1ca84384af60f4f2ea354a4c82f9a,2024-08-25T15:35:00.963000
+CVE-2024-22060,0,0,7f79d2875f5a614fca219746c1bbf5a9acd1ca84384af60f4f2ea354a4c82f9a,2024-08-25T15:35:00.963000
 CVE-2024-22061,0,0,a2f8b1edabd606da9b855ff3e3612ece1cc2a51d553a7dadaf2301f49cdc94da,2024-07-03T01:47:02.763000
 CVE-2024-22062,0,0,cc06929fe5df33d033a09c6d5b184881dcbf0939fe62637d4555c345e1a11ac3,2024-07-09T18:19:14.047000
 CVE-2024-22064,0,0,4ab6f1fd7aac8f5f705eb95fc6fb847518aebb95babd98d77adf15137fe26c27,2024-05-14T16:13:02.773000
@ -252072,7 +252073,7 @@ CVE-2024-33220,0,0,94878fc1442fb742de617743986fbb0ae7d177efb074829742c5a4e187579
 CVE-2024-33221,0,0,4c13ec1b720b7ec2ce94f445e942c2447ba67f3bae626d7dba251fb8b3437798,2024-08-01T13:51:47.243000
 CVE-2024-33222,0,0,826b88c0df0010107f0595e8bf718ff48038d9c2823c40b87f1e329d93d630c8,2024-08-01T13:51:48.023000
 CVE-2024-33223,0,0,bd16de328c282f1aa1b7015361c590473a5b6bf3caa6b0c34867ec1e542d4f9a,2024-05-22T18:59:20.240000
-CVE-2024-33224,0,1,86736ad02528ece16e9971b6f9b2a1db298eb6e0829065eacffc71f386f1e027,2024-08-25T15:35:02.580000
+CVE-2024-33224,0,0,86736ad02528ece16e9971b6f9b2a1db298eb6e0829065eacffc71f386f1e027,2024-08-25T15:35:02.580000
 CVE-2024-33225,0,0,20ea8cc6ddfb6cfd8258351119e0796feeaade6c50f1b0404fcf51caf0bfa6d3,2024-05-22T18:59:20.240000
 CVE-2024-33226,0,0,118644c9a4526f22ebac7f7b4738b46fc0e07956b270365957b518f88d5f05c3,2024-08-22T19:35:26.237000
 CVE-2024-33227,0,0,7642d7b0dea4438aa6cf20447aa6ccfb5a37e8289abc2e50d39a48026159e609,2024-08-21T21:35:06.933000