Auto-Update: 2023-12-31T15:00:24.733979+00:00

2025-05-07 03:02:20 +00:00 · 2023-12-31 15:00:28 +00:00 · 2023-12-31 15:00:28 +00:00 · aae7d78d61
commit aae7d78d61
parent 20e3e6476e
10 changed files with 229 additions and 21 deletions
--- a/CVE-2018/CVE-2018-13xx/CVE-2018-1311.json
+++ b/CVE-2018/CVE-2018-13xx/CVE-2018-1311.json
@ -2,7 +2,7 @@
  "id": "CVE-2018-1311",
  "sourceIdentifier": "security@apache.org",
  "published": "2019-12-18T20:15:15.493",
-  "lastModified": "2023-12-31T04:15:07.217",
+  "lastModified": "2023-12-31T14:15:41.450",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -224,6 +224,10 @@
        "Third Party Advisory"
      ]
    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00027.html",
+      "source": "security@apache.org"
+    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7A6WWL4SWKAVYK6VK5YN7KZP4MZWC7IY/",
      "source": "security@apache.org"
--- a/CVE-2020/CVE-2020-128xx/CVE-2020-12801.json
+++ b/CVE-2020/CVE-2020-128xx/CVE-2020-12801.json
@ -2,8 +2,8 @@
  "id": "CVE-2020-12801",
  "sourceIdentifier": "security@documentfoundation.org",
  "published": "2020-05-18T15:15:11.003",
-  "lastModified": "2021-11-04T15:59:15.817",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-12-31T14:15:41.677",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -135,6 +135,10 @@
        "Third Party Advisory"
      ]
    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html",
+      "source": "security@documentfoundation.org"
+    },
    {
      "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12801",
      "source": "security@documentfoundation.org",
--- a/CVE-2020/CVE-2020-128xx/CVE-2020-12802.json
+++ b/CVE-2020/CVE-2020-128xx/CVE-2020-12802.json
@ -2,7 +2,7 @@
  "id": "CVE-2020-12802",
  "sourceIdentifier": "security@documentfoundation.org",
  "published": "2020-06-08T16:15:09.993",
-  "lastModified": "2023-11-07T03:15:44.890",
+  "lastModified": "2023-12-31T14:15:41.813",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -75,7 +75,7 @@
      ]
    },
    {
-      "source": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
+      "source": "security@documentfoundation.org",
      "type": "Secondary",
      "description": [
        {
@ -155,6 +155,10 @@
        "Third Party Advisory"
      ]
    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html",
+      "source": "security@documentfoundation.org"
+    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PQIBAKXD7VO5IGBD7ZMH3GGBNR5R2IOA/",
      "source": "security@documentfoundation.org"
--- a/CVE-2020/CVE-2020-128xx/CVE-2020-12803.json
+++ b/CVE-2020/CVE-2020-128xx/CVE-2020-12803.json
@ -2,7 +2,7 @@
  "id": "CVE-2020-12803",
  "sourceIdentifier": "security@documentfoundation.org",
  "published": "2020-06-08T16:15:10.057",
-  "lastModified": "2023-11-07T03:15:44.967",
+  "lastModified": "2023-12-31T14:15:41.937",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -138,6 +138,10 @@
        "Broken Link"
      ]
    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html",
+      "source": "security@documentfoundation.org"
+    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PQIBAKXD7VO5IGBD7ZMH3GGBNR5R2IOA/",
      "source": "security@documentfoundation.org"
--- a/CVE-2023/CVE-2023-375xx/CVE-2023-37536.json
+++ b/CVE-2023/CVE-2023-375xx/CVE-2023-37536.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-37536",
  "sourceIdentifier": "psirt@hcl.com",
  "published": "2023-10-11T07:15:10.580",
-  "lastModified": "2023-12-31T04:15:07.373",
+  "lastModified": "2023-12-31T14:15:42.080",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -117,6 +117,10 @@
    }
  ],
  "references": [
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00027.html",
+      "source": "psirt@hcl.com"
+    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A6WWL4SWKAVYK6VK5YN7KZP4MZWC7IY/",
      "source": "psirt@hcl.com"
--- a/CVE-2023/CVE-2023-61xx/CVE-2023-6185.json
+++ b/CVE-2023/CVE-2023-61xx/CVE-2023-6185.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-6185",
  "sourceIdentifier": "security@documentfoundation.org",
  "published": "2023-12-11T12:15:07.037",
-  "lastModified": "2023-12-14T13:51:13.473",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-12-31T14:15:42.193",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -132,6 +132,10 @@
    }
  ],
  "references": [
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html",
+      "source": "security@documentfoundation.org"
+    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/",
      "source": "security@documentfoundation.org",
--- a/CVE-2023/CVE-2023-61xx/CVE-2023-6186.json
+++ b/CVE-2023/CVE-2023-61xx/CVE-2023-6186.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-6186",
  "sourceIdentifier": "security@documentfoundation.org",
  "published": "2023-12-11T12:15:07.713",
-  "lastModified": "2023-12-14T14:41:30.390",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-12-31T14:15:42.307",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -132,6 +132,10 @@
    }
  ],
  "references": [
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html",
+      "source": "security@documentfoundation.org"
+    },
    {
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/",
      "source": "security@documentfoundation.org",
--- a/CVE-2023/CVE-2023-71xx/CVE-2023-7186.json
+++ b/CVE-2023/CVE-2023-71xx/CVE-2023-7186.json
@ -0,0 +1,88 @@
+{
+  "id": "CVE-2023-7186",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2023-12-31T13:15:07.827",
+  "lastModified": "2023-12-31T13:15:07.827",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in 7-card Fakabao up to 1.0_build20230805. It has been declared as critical. This vulnerability affects unknown code of the file member/notify.php. The manipulation of the argument out_trade_no leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249388. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "ADJACENT_NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
+          "accessVector": "ADJACENT_NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL",
+          "baseScore": 5.2
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 5.1,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://note.zhaoj.in/share/xHPvSBwWtR4z",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.249388",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.249388",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-71xx/CVE-2023-7187.json
+++ b/CVE-2023/CVE-2023-71xx/CVE-2023-7187.json
@ -0,0 +1,88 @@
+{
+  "id": "CVE-2023-7187",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2023-12-31T14:15:42.383",
+  "lastModified": "2023-12-31T14:15:42.383",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in Totolink N350RT 9.3.5u.6139_B20201216. It has been rated as critical. This issue affects some unknown processing of the file /cgi-bin/cstecgi.cgi?action=login&flag=ie8 of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The exploit has been disclosed to the public and may be used. The identifier VDB-249389 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "ADJACENT_NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
+          "accessVector": "ADJACENT_NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL",
+          "baseScore": 5.2
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 5.1,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-121"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/jylsec/vuldb/blob/main/TOTOLINK/N350RT/1/README.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.249389",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.249389",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-12-31T13:00:24.278816+00:00
+2023-12-31T15:00:24.733979+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-12-31T12:15:32.483000+00:00
+2023-12-31T14:15:42.383000+00:00
 ```

 ### Last Data Feed Release
@ -29,24 +29,28 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-234593
+234595
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `5`
+Recently added CVEs: `2`

-* [CVE-2023-49777](CVE-2023/CVE-2023-497xx/CVE-2023-49777.json) (`2023-12-31T11:15:08.283`)
-* [CVE-2023-52180](CVE-2023/CVE-2023-521xx/CVE-2023-52180.json) (`2023-12-31T11:15:09.130`)
-* [CVE-2023-7183](CVE-2023/CVE-2023-71xx/CVE-2023-7183.json) (`2023-12-31T11:15:09.377`)
-* [CVE-2023-7184](CVE-2023/CVE-2023-71xx/CVE-2023-7184.json) (`2023-12-31T11:15:09.653`)
-* [CVE-2023-7185](CVE-2023/CVE-2023-71xx/CVE-2023-7185.json) (`2023-12-31T12:15:32.483`)
+* [CVE-2023-7186](CVE-2023/CVE-2023-71xx/CVE-2023-7186.json) (`2023-12-31T13:15:07.827`)
+* [CVE-2023-7187](CVE-2023/CVE-2023-71xx/CVE-2023-7187.json) (`2023-12-31T14:15:42.383`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `0`
+Recently modified CVEs: `7`

+* [CVE-2018-1311](CVE-2018/CVE-2018-13xx/CVE-2018-1311.json) (`2023-12-31T14:15:41.450`)
+* [CVE-2020-12801](CVE-2020/CVE-2020-128xx/CVE-2020-12801.json) (`2023-12-31T14:15:41.677`)
+* [CVE-2020-12802](CVE-2020/CVE-2020-128xx/CVE-2020-12802.json) (`2023-12-31T14:15:41.813`)
+* [CVE-2020-12803](CVE-2020/CVE-2020-128xx/CVE-2020-12803.json) (`2023-12-31T14:15:41.937`)
+* [CVE-2023-37536](CVE-2023/CVE-2023-375xx/CVE-2023-37536.json) (`2023-12-31T14:15:42.080`)
+* [CVE-2023-6185](CVE-2023/CVE-2023-61xx/CVE-2023-6185.json) (`2023-12-31T14:15:42.193`)
+* [CVE-2023-6186](CVE-2023/CVE-2023-61xx/CVE-2023-6186.json) (`2023-12-31T14:15:42.307`)


 ## Download and Usage