Auto-Update: 2023-09-28T04:00:24.373808+00:00

CVE-2022/CVE-2022-360xx/CVE-2022-36087.json

@@ -2,8 +2,8 @@
   "id": "CVE-2022-36087",
   "sourceIdentifier": "security-advisories@github.com",
   "published": "2022-09-09T21:15:08.477",
-  "lastModified": "2022-11-10T03:55:29.917",
+  "lastModified": "2023-09-28T03:15:09.057",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
@@ -155,6 +155,10 @@
         "Third Party Advisory"
       ]
     },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NBCQJR3ZF7FVNTJYRVPVSQEQRAYZIUHU/",
+      "source": "security-advisories@github.com"
+    },
     {
       "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYLYHE5HWF6R2CRLJFUK4PILR47WXOE/",
       "source": "security-advisories@github.com",
@@ -162,6 +166,10 @@
         "Mailing List",
         "Third Party Advisory"
       ]
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X2CQZM5CKOUM4GW2GTAPQEQFPITQ6F7S/",
+      "source": "security-advisories@github.com"
     }
   ]
 }

CVE-2023/CVE-2023-410xx/CVE-2023-41051.json

@@ -2,7 +2,7 @@
   "id": "CVE-2023-41051",
   "sourceIdentifier": "security-advisories@github.com",
   "published": "2023-09-01T19:15:42.883",
-  "lastModified": "2023-09-23T02:15:18.330",
+  "lastModified": "2023-09-28T03:15:10.457",
   "vulnStatus": "Modified",
   "descriptions": [
     {
@@ -117,6 +117,14 @@
         "Vendor Advisory"
       ]
     },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPXRXD5VXBZHBGMUM77B52CJJMG7EJGI/",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYM6CYW2DWRHRAVL2HYTQPXC3J2V77J4/",
+      "source": "security-advisories@github.com"
+    },
     {
       "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XZGJL6BQLU4XCPQLLTW4GSSBTNQXB3TI/",
       "source": "security-advisories@github.com"

CVE-2023/CVE-2023-414xx/CVE-2023-41444.json

@@ -0,0 +1,28 @@
+{
+  "id": "CVE-2023-41444",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-09-28T03:15:11.193",
+  "lastModified": "2023-09-28T03:15:11.193",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in Binalyze IREC.sys v.3.11.0 and before allows a local attacker to execute arbitrary code and escalate privileges via the fun_1400084d0 function in IREC.sys driver."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://blog.dru1d.ninja/windows-driver-exploit-development-irec-sys-a5eb45093945",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://gist.github.com/dru1d-foofus/1af21179f253879f101c3a8d4f718bf0",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/magicsword-io/LOLDrivers/blob/main/yaml/d74fdf19-b4b0-4ec2-9c29-4213b064138b.yml",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-414xx/CVE-2023-41446.json

@@ -0,0 +1,28 @@
+{
+  "id": "CVE-2023-41446",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-09-28T03:15:11.387",
+  "lastModified": "2023-09-28T03:15:11.387",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted script to the title parameter in the index.php component."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "http://ajaxnewsticker.com",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "http://phpkobo.com",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://gist.github.com/RNPG/4bb91170f8ee50b395427f26bc96a1f2",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-414xx/CVE-2023-41447.json

@@ -0,0 +1,28 @@
+{
+  "id": "CVE-2023-41447",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-09-28T03:15:11.480",
+  "lastModified": "2023-09-28T03:15:11.480",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the subcmd parameter in the index.php component."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "http://ajaxnewsticker.com",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "http://phpkobo.com",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://gist.github.com/RNPG/56b9fe4dcc3a248d4288bde5ffb3a5b3",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-414xx/CVE-2023-41450.json

@@ -0,0 +1,28 @@
+{
+  "id": "CVE-2023-41450",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-09-28T03:15:11.563",
+  "lastModified": "2023-09-28T03:15:11.563",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "http://ajaxnewsticker.com",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "http://phpkobo.com",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://gist.github.com/RNPG/e11af10e1bd3606de8b568033d932589",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-422xx/CVE-2023-42222.json

@@ -0,0 +1,28 @@
+{
+  "id": "CVE-2023-42222",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-09-28T03:15:11.643",
+  "lastModified": "2023-09-28T03:15:11.643",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "WebCatalog before 49.0 is vulnerable to Incorrect Access Control. WebCatalog calls the Electron shell.openExternal function without verifying that the URL is for an http or https resource, in some circumstances."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/itssixtyn3in/CVE-2023-42222",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://webcatalog.io/changelog/",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.electronjs.org/docs/latest/tutorial/security#15-do-not-use-shellopenexternal-with-untrusted-content",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

README.md

@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-09-28T02:00:25.747309+00:00
+2023-09-28T04:00:24.373808+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-09-28T01:58:26.690000+00:00
+2023-09-28T03:15:11.643000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,35 +29,26 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-226483
+226488
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `1`
+Recently added CVEs: `5`
 
-* [CVE-2023-5244](CVE-2023/CVE-2023-52xx/CVE-2023-5244.json) (`2023-09-28T01:15:09.060`)
+* [CVE-2023-41444](CVE-2023/CVE-2023-414xx/CVE-2023-41444.json) (`2023-09-28T03:15:11.193`)
+* [CVE-2023-41446](CVE-2023/CVE-2023-414xx/CVE-2023-41446.json) (`2023-09-28T03:15:11.387`)
+* [CVE-2023-41447](CVE-2023/CVE-2023-414xx/CVE-2023-41447.json) (`2023-09-28T03:15:11.480`)
+* [CVE-2023-41450](CVE-2023/CVE-2023-414xx/CVE-2023-41450.json) (`2023-09-28T03:15:11.563`)
+* [CVE-2023-42222](CVE-2023/CVE-2023-422xx/CVE-2023-42222.json) (`2023-09-28T03:15:11.643`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `15`
+Recently modified CVEs: `2`
 
-* [CVE-2023-4088](CVE-2023/CVE-2023-40xx/CVE-2023-4088.json) (`2023-09-28T00:15:09.553`)
+* [CVE-2022-36087](CVE-2022/CVE-2022-360xx/CVE-2022-36087.json) (`2023-09-28T03:15:09.057`)
-* [CVE-2023-41962](CVE-2023/CVE-2023-419xx/CVE-2023-41962.json) (`2023-09-28T01:06:56.717`)
+* [CVE-2023-41051](CVE-2023/CVE-2023-410xx/CVE-2023-41051.json) (`2023-09-28T03:15:10.457`)
-* [CVE-2023-43614](CVE-2023/CVE-2023-436xx/CVE-2023-43614.json) (`2023-09-28T01:10:50.470`)
-* [CVE-2023-23958](CVE-2023/CVE-2023-239xx/CVE-2023-23958.json) (`2023-09-28T01:14:41.083`)
-* [CVE-2023-44152](CVE-2023/CVE-2023-441xx/CVE-2023-44152.json) (`2023-09-28T01:22:12.437`)
-* [CVE-2023-44153](CVE-2023/CVE-2023-441xx/CVE-2023-44153.json) (`2023-09-28T01:23:03.267`)
-* [CVE-2023-44154](CVE-2023/CVE-2023-441xx/CVE-2023-44154.json) (`2023-09-28T01:27:19.867`)
-* [CVE-2023-44155](CVE-2023/CVE-2023-441xx/CVE-2023-44155.json) (`2023-09-28T01:28:18.913`)
-* [CVE-2023-44156](CVE-2023/CVE-2023-441xx/CVE-2023-44156.json) (`2023-09-28T01:31:19.293`)
-* [CVE-2023-44157](CVE-2023/CVE-2023-441xx/CVE-2023-44157.json) (`2023-09-28T01:36:28.527`)
-* [CVE-2023-44158](CVE-2023/CVE-2023-441xx/CVE-2023-44158.json) (`2023-09-28T01:38:48.113`)
-* [CVE-2023-44159](CVE-2023/CVE-2023-441xx/CVE-2023-44159.json) (`2023-09-28T01:45:43.997`)
-* [CVE-2023-44160](CVE-2023/CVE-2023-441xx/CVE-2023-44160.json) (`2023-09-28T01:47:00.950`)
-* [CVE-2023-44161](CVE-2023/CVE-2023-441xx/CVE-2023-44161.json) (`2023-09-28T01:52:50.597`)
-* [CVE-2023-44207](CVE-2023/CVE-2023-442xx/CVE-2023-44207.json) (`2023-09-28T01:58:26.690`)
 
 
 ## Download and Usage