Auto-Update: 2024-01-03T00:55:25.751953+00:00

2025-05-08 11:37:26 +00:00 · 2024-01-03 00:55:29 +00:00 · 2024-01-03 00:55:29 +00:00 · adfb404fb4
commit adfb404fb4
parent fdeb1c6dd8
12 changed files with 271 additions and 42 deletions
--- a/CVE-2023/CVE-2023-484xx/CVE-2023-48418.json
+++ b/CVE-2023/CVE-2023-484xx/CVE-2023-48418.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-48418",
+  "sourceIdentifier": "dsap-vuln-management@google.com",
+  "published": "2024-01-02T23:15:11.000",
+  "lastModified": "2024-01-02T23:15:11.000",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\u00a0In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a\n\u00a0 \u00a0 possible way to access adb before SUW completion due to an insecure default\n\u00a0 \u00a0 value. This could lead to local escalation of privilege with no additional\n\u00a0 \u00a0 execution privileges needed. User interaction is not needed for\n\u00a0 \u00a0 exploitation\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "dsap-vuln-management@google.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 10.0,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 6.0
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "dsap-vuln-management@google.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-269"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://source.android.com/docs/security/bulletin/pixel-watch/2023/2023-12-01",
+      "source": "dsap-vuln-management@google.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-495xx/CVE-2023-49549.json
+++ b/CVE-2023/CVE-2023-495xx/CVE-2023-49549.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-49549",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-02T23:15:12.107",
+  "lastModified": "2024-01-02T23:15:12.107",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_getretvalpos function in the msj.c file."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/cesanta/mjs/issues/251",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-495xx/CVE-2023-49550.json
+++ b/CVE-2023/CVE-2023-495xx/CVE-2023-49550.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-49550",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-02T23:15:12.167",
+  "lastModified": "2024-01-02T23:15:12.167",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs+0x4ec508 component."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/cesanta/mjs/issues/252",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-495xx/CVE-2023-49551.json
+++ b/CVE-2023/CVE-2023-495xx/CVE-2023-49551.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-49551",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-02T23:15:12.233",
+  "lastModified": "2024-01-02T23:15:12.233",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_op_json_parse function in the msj.c file."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/cesanta/mjs/issues/257",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-495xx/CVE-2023-49552.json
+++ b/CVE-2023/CVE-2023-495xx/CVE-2023-49552.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-49552",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-02T23:15:12.290",
+  "lastModified": "2024-01-02T23:15:12.290",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An Out of Bounds Write in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_op_json_stringify function in the msj.c file."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/cesanta/mjs/issues/256",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-495xx/CVE-2023-49553.json
+++ b/CVE-2023/CVE-2023-495xx/CVE-2023-49553.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-49553",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-02T23:15:12.333",
+  "lastModified": "2024-01-02T23:15:12.333",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_destroy function in the msj.c file."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/cesanta/mjs/issues/253",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-495xx/CVE-2023-49554.json
+++ b/CVE-2023/CVE-2023-495xx/CVE-2023-49554.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-49554",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-03T00:15:08.987",
+  "lastModified": "2024-01-03T00:15:08.987",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Use After Free vulnerability in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the do_directive function in the modules/preprocs/nasm/nasm-pp.c component."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/yasm/yasm/issues/249",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-495xx/CVE-2023-49555.json
+++ b/CVE-2023/CVE-2023-495xx/CVE-2023-49555.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-49555",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-03T00:15:09.047",
+  "lastModified": "2024-01-03T00:15:09.047",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expand_smacro function in the modules/preprocs/nasm/nasm-pp.c component."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/yasm/yasm/issues/248",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-495xx/CVE-2023-49556.json
+++ b/CVE-2023/CVE-2023-495xx/CVE-2023-49556.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-49556",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-03T00:15:09.090",
+  "lastModified": "2024-01-03T00:15:09.090",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Buffer Overflow vulnerability in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expr_delete_term function in the libyasm/expr.c component."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/yasm/yasm/issues/250",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-495xx/CVE-2023-49557.json
+++ b/CVE-2023/CVE-2023-495xx/CVE-2023-49557.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-49557",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-03T00:15:09.147",
+  "lastModified": "2024-01-03T00:15:09.147",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the yasm_section_bcs_first function in the libyasm/section.c component."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/yasm/yasm/issues/253",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-495xx/CVE-2023-49558.json
+++ b/CVE-2023/CVE-2023-495xx/CVE-2023-49558.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-49558",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-03T00:15:09.203",
+  "lastModified": "2024-01-03T00:15:09.203",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expand_mmac_params function in the modules/preprocs/nasm/nasm-pp.c component."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/yasm/yasm/issues/252",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-01-02T23:00:24.766906+00:00
+2024-01-03T00:55:25.751953+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-01-02T22:15:10.103000+00:00
+2024-01-03T00:15:09.203000+00:00
 ```

 ### Last Data Feed Release
@ -29,56 +29,30 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-234722
+234733
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `19`
+Recently added CVEs: `11`

-* [CVE-2020-26623](CVE-2020/CVE-2020-266xx/CVE-2020-26623.json) (`2024-01-02T22:15:07.777`)
-* [CVE-2020-26624](CVE-2020/CVE-2020-266xx/CVE-2020-26624.json) (`2024-01-02T22:15:07.837`)
-* [CVE-2020-26625](CVE-2020/CVE-2020-266xx/CVE-2020-26625.json) (`2024-01-02T22:15:07.880`)
-* [CVE-2023-45561](CVE-2023/CVE-2023-455xx/CVE-2023-45561.json) (`2024-01-02T21:15:09.530`)
-* [CVE-2023-45892](CVE-2023/CVE-2023-458xx/CVE-2023-45892.json) (`2024-01-02T21:15:09.583`)
-* [CVE-2023-45893](CVE-2023/CVE-2023-458xx/CVE-2023-45893.json) (`2024-01-02T21:15:09.630`)
-* [CVE-2023-47458](CVE-2023/CVE-2023-474xx/CVE-2023-47458.json) (`2024-01-02T21:15:09.673`)
-* [CVE-2023-4164](CVE-2023/CVE-2023-41xx/CVE-2023-4164.json) (`2024-01-02T22:15:08.937`)
-* [CVE-2023-50019](CVE-2023/CVE-2023-500xx/CVE-2023-50019.json) (`2024-01-02T22:15:09.147`)
-* [CVE-2023-50020](CVE-2023/CVE-2023-500xx/CVE-2023-50020.json) (`2024-01-02T22:15:09.190`)
-* [CVE-2023-6339](CVE-2023/CVE-2023-63xx/CVE-2023-6339.json) (`2024-01-02T22:15:09.237`)
-* [CVE-2024-0194](CVE-2024/CVE-2024-01xx/CVE-2024-0194.json) (`2024-01-02T21:15:09.760`)
-* [CVE-2024-0195](CVE-2024/CVE-2024-01xx/CVE-2024-0195.json) (`2024-01-02T21:15:10.003`)
-* [CVE-2024-21623](CVE-2024/CVE-2024-216xx/CVE-2024-21623.json) (`2024-01-02T21:15:10.250`)
-* [CVE-2024-21627](CVE-2024/CVE-2024-216xx/CVE-2024-21627.json) (`2024-01-02T21:15:10.467`)
-* [CVE-2024-0196](CVE-2024/CVE-2024-01xx/CVE-2024-0196.json) (`2024-01-02T22:15:09.453`)
-* [CVE-2024-21628](CVE-2024/CVE-2024-216xx/CVE-2024-21628.json) (`2024-01-02T22:15:09.687`)
-* [CVE-2024-21629](CVE-2024/CVE-2024-216xx/CVE-2024-21629.json) (`2024-01-02T22:15:09.897`)
-* [CVE-2024-21632](CVE-2024/CVE-2024-216xx/CVE-2024-21632.json) (`2024-01-02T22:15:10.103`)
+* [CVE-2023-48418](CVE-2023/CVE-2023-484xx/CVE-2023-48418.json) (`2024-01-02T23:15:11.000`)
+* [CVE-2023-49549](CVE-2023/CVE-2023-495xx/CVE-2023-49549.json) (`2024-01-02T23:15:12.107`)
+* [CVE-2023-49550](CVE-2023/CVE-2023-495xx/CVE-2023-49550.json) (`2024-01-02T23:15:12.167`)
+* [CVE-2023-49551](CVE-2023/CVE-2023-495xx/CVE-2023-49551.json) (`2024-01-02T23:15:12.233`)
+* [CVE-2023-49552](CVE-2023/CVE-2023-495xx/CVE-2023-49552.json) (`2024-01-02T23:15:12.290`)
+* [CVE-2023-49553](CVE-2023/CVE-2023-495xx/CVE-2023-49553.json) (`2024-01-02T23:15:12.333`)
+* [CVE-2023-49554](CVE-2023/CVE-2023-495xx/CVE-2023-49554.json) (`2024-01-03T00:15:08.987`)
+* [CVE-2023-49555](CVE-2023/CVE-2023-495xx/CVE-2023-49555.json) (`2024-01-03T00:15:09.047`)
+* [CVE-2023-49556](CVE-2023/CVE-2023-495xx/CVE-2023-49556.json) (`2024-01-03T00:15:09.090`)
+* [CVE-2023-49557](CVE-2023/CVE-2023-495xx/CVE-2023-49557.json) (`2024-01-03T00:15:09.147`)
+* [CVE-2023-49558](CVE-2023/CVE-2023-495xx/CVE-2023-49558.json) (`2024-01-03T00:15:09.203`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `18`
+Recently modified CVEs: `0`

-* [CVE-2023-3961](CVE-2023/CVE-2023-39xx/CVE-2023-3961.json) (`2024-01-02T21:15:08.913`)
-* [CVE-2023-45326](CVE-2023/CVE-2023-453xx/CVE-2023-45326.json) (`2024-01-02T21:15:09.207`)
-* [CVE-2023-45327](CVE-2023/CVE-2023-453xx/CVE-2023-45327.json) (`2024-01-02T21:15:09.293`)
-* [CVE-2023-45328](CVE-2023/CVE-2023-453xx/CVE-2023-45328.json) (`2024-01-02T21:15:09.380`)
-* [CVE-2023-45330](CVE-2023/CVE-2023-453xx/CVE-2023-45330.json) (`2024-01-02T21:15:09.453`)
-* [CVE-2023-44165](CVE-2023/CVE-2023-441xx/CVE-2023-44165.json) (`2024-01-02T22:15:07.967`)
-* [CVE-2023-44167](CVE-2023/CVE-2023-441xx/CVE-2023-44167.json) (`2024-01-02T22:15:08.060`)
-* [CVE-2023-44168](CVE-2023/CVE-2023-441xx/CVE-2023-44168.json) (`2024-01-02T22:15:08.137`)
-* [CVE-2023-46786](CVE-2023/CVE-2023-467xx/CVE-2023-46786.json) (`2024-01-02T22:15:08.210`)
-* [CVE-2023-46790](CVE-2023/CVE-2023-467xx/CVE-2023-46790.json) (`2024-01-02T22:15:08.290`)
-* [CVE-2023-46791](CVE-2023/CVE-2023-467xx/CVE-2023-46791.json) (`2024-01-02T22:15:08.367`)
-* [CVE-2023-46792](CVE-2023/CVE-2023-467xx/CVE-2023-46792.json) (`2024-01-02T22:15:08.440`)
-* [CVE-2023-46794](CVE-2023/CVE-2023-467xx/CVE-2023-46794.json) (`2024-01-02T22:15:08.510`)
-* [CVE-2023-46795](CVE-2023/CVE-2023-467xx/CVE-2023-46795.json) (`2024-01-02T22:15:08.580`)
-* [CVE-2023-46796](CVE-2023/CVE-2023-467xx/CVE-2023-46796.json) (`2024-01-02T22:15:08.650`)
-* [CVE-2023-46797](CVE-2023/CVE-2023-467xx/CVE-2023-46797.json) (`2024-01-02T22:15:08.717`)
-* [CVE-2023-46798](CVE-2023/CVE-2023-467xx/CVE-2023-46798.json) (`2024-01-02T22:15:08.790`)
-* [CVE-2023-46799](CVE-2023/CVE-2023-467xx/CVE-2023-46799.json) (`2024-01-02T22:15:08.863`)


 ## Download and Usage