From b151709954cbc97906164af5db8f051bbb02da9a Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 28 Aug 2023 06:00:43 +0000 Subject: [PATCH] Auto-Update: 2023-08-28T06:00:39.893906+00:00 --- CVE-2016/CVE-2016-150xx/CVE-2016-15035.json | 88 +++++++++++++++++++++ CVE-2022/CVE-2022-439xx/CVE-2022-43904.json | 4 +- CVE-2022/CVE-2022-439xx/CVE-2022-43907.json | 4 +- CVE-2022/CVE-2022-439xx/CVE-2022-43909.json | 4 +- CVE-2023/CVE-2023-201xx/CVE-2023-20197.json | 6 +- CVE-2023/CVE-2023-228xx/CVE-2023-22877.json | 4 +- CVE-2023/CVE-2023-234xx/CVE-2023-23473.json | 4 +- CVE-2023/CVE-2023-249xx/CVE-2023-24959.json | 4 +- CVE-2023/CVE-2023-262xx/CVE-2023-26270.json | 4 +- CVE-2023/CVE-2023-262xx/CVE-2023-26271.json | 4 +- CVE-2023/CVE-2023-262xx/CVE-2023-26272.json | 4 +- CVE-2023/CVE-2023-304xx/CVE-2023-30435.json | 4 +- CVE-2023/CVE-2023-304xx/CVE-2023-30436.json | 4 +- CVE-2023/CVE-2023-304xx/CVE-2023-30437.json | 4 +- CVE-2023/CVE-2023-338xx/CVE-2023-33852.json | 4 +- CVE-2023/CVE-2023-380xx/CVE-2023-38024.json | 55 +++++++++++++ CVE-2023/CVE-2023-380xx/CVE-2023-38025.json | 43 ++++++++++ CVE-2023/CVE-2023-380xx/CVE-2023-38026.json | 55 +++++++++++++ CVE-2023/CVE-2023-380xx/CVE-2023-38027.json | 43 ++++++++++ CVE-2023/CVE-2023-380xx/CVE-2023-38028.json | 55 +++++++++++++ CVE-2023/CVE-2023-387xx/CVE-2023-38730.json | 4 +- CVE-2023/CVE-2023-45xx/CVE-2023-4544.json | 4 +- CVE-2023/CVE-2023-45xx/CVE-2023-4545.json | 4 +- CVE-2023/CVE-2023-45xx/CVE-2023-4546.json | 4 +- CVE-2023/CVE-2023-45xx/CVE-2023-4547.json | 4 +- CVE-2023/CVE-2023-45xx/CVE-2023-4548.json | 4 +- CVE-2023/CVE-2023-45xx/CVE-2023-4555.json | 4 +- CVE-2023/CVE-2023-45xx/CVE-2023-4556.json | 4 +- CVE-2023/CVE-2023-45xx/CVE-2023-4557.json | 4 +- CVE-2023/CVE-2023-45xx/CVE-2023-4558.json | 4 +- CVE-2023/CVE-2023-45xx/CVE-2023-4559.json | 4 +- CVE-2023/CVE-2023-45xx/CVE-2023-4560.json | 4 +- CVE-2023/CVE-2023-45xx/CVE-2023-4561.json | 4 +- README.md | 52 ++++++++---- 34 files changed, 432 insertions(+), 69 deletions(-) create mode 100644 CVE-2016/CVE-2016-150xx/CVE-2016-15035.json create mode 100644 CVE-2023/CVE-2023-380xx/CVE-2023-38024.json create mode 100644 CVE-2023/CVE-2023-380xx/CVE-2023-38025.json create mode 100644 CVE-2023/CVE-2023-380xx/CVE-2023-38026.json create mode 100644 CVE-2023/CVE-2023-380xx/CVE-2023-38027.json create mode 100644 CVE-2023/CVE-2023-380xx/CVE-2023-38028.json diff --git a/CVE-2016/CVE-2016-150xx/CVE-2016-15035.json b/CVE-2016/CVE-2016-150xx/CVE-2016-15035.json new file mode 100644 index 00000000000..9e29d8a27a3 --- /dev/null +++ b/CVE-2016/CVE-2016-150xx/CVE-2016-15035.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2016-15035", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-08-28T04:15:08.573", + "lastModified": "2023-08-28T05:16:01.577", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Doc2k RE-Chat 1.0. It has been classified as problematic. This affects an unknown part of the file js_on_radio-emergency.de_/re_chat.js. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The patch is named bd17d497ddd3bab4ef9c6831c747c37cc016c570. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-238155." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 4.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Doc2k/re-chat/commit/bd17d497ddd3bab4ef9c6831c747c37cc016c570", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.238155", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.238155", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-439xx/CVE-2022-43904.json b/CVE-2022/CVE-2022-439xx/CVE-2022-43904.json index 293a0bc269e..0f7d72be84e 100644 --- a/CVE-2022/CVE-2022-439xx/CVE-2022-43904.json +++ b/CVE-2022/CVE-2022-439xx/CVE-2022-43904.json @@ -2,8 +2,8 @@ "id": "CVE-2022-43904", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-08-28T00:15:07.610", - "lastModified": "2023-08-28T00:15:07.610", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:01.577", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-439xx/CVE-2022-43907.json b/CVE-2022/CVE-2022-439xx/CVE-2022-43907.json index 237eebaf349..2727843ae48 100644 --- a/CVE-2022/CVE-2022-439xx/CVE-2022-43907.json +++ b/CVE-2022/CVE-2022-439xx/CVE-2022-43907.json @@ -2,8 +2,8 @@ "id": "CVE-2022-43907", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-08-27T23:15:28.737", - "lastModified": "2023-08-27T23:15:28.737", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:07.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-439xx/CVE-2022-43909.json b/CVE-2022/CVE-2022-439xx/CVE-2022-43909.json index d319166ddae..15a6d9a7d0c 100644 --- a/CVE-2022/CVE-2022-439xx/CVE-2022-43909.json +++ b/CVE-2022/CVE-2022-439xx/CVE-2022-43909.json @@ -2,8 +2,8 @@ "id": "CVE-2022-43909", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-08-27T23:15:33.633", - "lastModified": "2023-08-27T23:15:33.633", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:07.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-201xx/CVE-2023-20197.json b/CVE-2023/CVE-2023-201xx/CVE-2023-20197.json index 360efdafa0a..4bf09a03acf 100644 --- a/CVE-2023/CVE-2023-201xx/CVE-2023-20197.json +++ b/CVE-2023/CVE-2023-201xx/CVE-2023-20197.json @@ -2,7 +2,7 @@ "id": "CVE-2023-20197", "sourceIdentifier": "ykramarz@cisco.com", "published": "2023-08-16T22:15:10.510", - "lastModified": "2023-08-27T03:15:12.413", + "lastModified": "2023-08-28T04:15:11.803", "vulnStatus": "Modified", "descriptions": [ { @@ -125,6 +125,10 @@ } ], "references": [ + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00033.html", + "source": "ykramarz@cisco.com" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IISWNZUBAQL4MNBRKLDYG3SHTEGP5KEO/", "source": "ykramarz@cisco.com", diff --git a/CVE-2023/CVE-2023-228xx/CVE-2023-22877.json b/CVE-2023/CVE-2023-228xx/CVE-2023-22877.json index e7b16f8fa4c..8464b6b32b1 100644 --- a/CVE-2023/CVE-2023-228xx/CVE-2023-22877.json +++ b/CVE-2023/CVE-2023-228xx/CVE-2023-22877.json @@ -2,8 +2,8 @@ "id": "CVE-2023-22877", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-08-28T01:15:07.663", - "lastModified": "2023-08-28T01:15:07.663", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:01.577", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-234xx/CVE-2023-23473.json b/CVE-2023/CVE-2023-234xx/CVE-2023-23473.json index d0daf8f0ace..e238b51e14e 100644 --- a/CVE-2023/CVE-2023-234xx/CVE-2023-23473.json +++ b/CVE-2023/CVE-2023-234xx/CVE-2023-23473.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23473", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-08-28T01:15:08.807", - "lastModified": "2023-08-28T01:15:08.807", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:01.577", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-249xx/CVE-2023-24959.json b/CVE-2023/CVE-2023-249xx/CVE-2023-24959.json index 453f5c9d070..9983beb85fc 100644 --- a/CVE-2023/CVE-2023-249xx/CVE-2023-24959.json +++ b/CVE-2023/CVE-2023-249xx/CVE-2023-24959.json @@ -2,8 +2,8 @@ "id": "CVE-2023-24959", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-08-28T01:15:08.973", - "lastModified": "2023-08-28T01:15:08.973", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:01.577", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-262xx/CVE-2023-26270.json b/CVE-2023/CVE-2023-262xx/CVE-2023-26270.json index 6fb10f645c1..e8dd9c0bd89 100644 --- a/CVE-2023/CVE-2023-262xx/CVE-2023-26270.json +++ b/CVE-2023/CVE-2023-262xx/CVE-2023-26270.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26270", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-08-28T01:15:09.117", - "lastModified": "2023-08-28T01:15:09.117", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:01.577", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-262xx/CVE-2023-26271.json b/CVE-2023/CVE-2023-262xx/CVE-2023-26271.json index 96bd9c049f9..9b89353cce7 100644 --- a/CVE-2023/CVE-2023-262xx/CVE-2023-26271.json +++ b/CVE-2023/CVE-2023-262xx/CVE-2023-26271.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26271", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-08-28T01:15:09.263", - "lastModified": "2023-08-28T01:15:09.263", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:01.577", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-262xx/CVE-2023-26272.json b/CVE-2023/CVE-2023-262xx/CVE-2023-26272.json index a30a61fcc16..fea95fd699c 100644 --- a/CVE-2023/CVE-2023-262xx/CVE-2023-26272.json +++ b/CVE-2023/CVE-2023-262xx/CVE-2023-26272.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26272", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-08-28T01:15:09.413", - "lastModified": "2023-08-28T01:15:09.413", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:01.577", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-304xx/CVE-2023-30435.json b/CVE-2023/CVE-2023-304xx/CVE-2023-30435.json index e946198d63e..6e9eae3aea5 100644 --- a/CVE-2023/CVE-2023-304xx/CVE-2023-30435.json +++ b/CVE-2023/CVE-2023-304xx/CVE-2023-30435.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30435", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-08-27T23:15:33.813", - "lastModified": "2023-08-27T23:15:33.813", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:07.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-304xx/CVE-2023-30436.json b/CVE-2023/CVE-2023-304xx/CVE-2023-30436.json index a32ff5daca7..d4a059856e0 100644 --- a/CVE-2023/CVE-2023-304xx/CVE-2023-30436.json +++ b/CVE-2023/CVE-2023-304xx/CVE-2023-30436.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30436", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-08-27T23:15:33.973", - "lastModified": "2023-08-27T23:15:33.973", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:07.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-304xx/CVE-2023-30437.json b/CVE-2023/CVE-2023-304xx/CVE-2023-30437.json index efa72531387..87d20ebe949 100644 --- a/CVE-2023/CVE-2023-304xx/CVE-2023-30437.json +++ b/CVE-2023/CVE-2023-304xx/CVE-2023-30437.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30437", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-08-27T23:15:34.117", - "lastModified": "2023-08-27T23:15:34.117", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:07.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-338xx/CVE-2023-33852.json b/CVE-2023/CVE-2023-338xx/CVE-2023-33852.json index 50dc4ecc7c9..268f0b9df41 100644 --- a/CVE-2023/CVE-2023-338xx/CVE-2023-33852.json +++ b/CVE-2023/CVE-2023-338xx/CVE-2023-33852.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33852", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-08-27T23:15:34.230", - "lastModified": "2023-08-27T23:15:34.230", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:01.577", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-380xx/CVE-2023-38024.json b/CVE-2023/CVE-2023-380xx/CVE-2023-38024.json new file mode 100644 index 00000000000..db36d0a74b7 --- /dev/null +++ b/CVE-2023/CVE-2023-380xx/CVE-2023-38024.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-38024", + "sourceIdentifier": "twcert@cert.org.tw", + "published": "2023-08-28T04:15:14.783", + "lastModified": "2023-08-28T05:16:01.577", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nSpotCam Co., Ltd. SpotCam FHD 2\u2019s hidden Telnet function has a vulnerability of using hard-coded Telnet credentials. An remote unauthenticated attacker can exploit this vulnerability to access the system to perform arbitrary system operations or disrupt service.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-798" + } + ] + } + ], + "references": [ + { + "url": "https://www.twcert.org.tw/tw/cp-132-7331-9099e-1.html", + "source": "twcert@cert.org.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-380xx/CVE-2023-38025.json b/CVE-2023/CVE-2023-380xx/CVE-2023-38025.json new file mode 100644 index 00000000000..de916e493d4 --- /dev/null +++ b/CVE-2023/CVE-2023-380xx/CVE-2023-38025.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-38025", + "sourceIdentifier": "twcert@cert.org.tw", + "published": "2023-08-28T04:15:16.477", + "lastModified": "2023-08-28T05:16:01.577", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nSpotCam Co., Ltd. SpotCam FHD 2\u2019s hidden Telnet function has a vulnerability of OS command injection. An remote unauthenticated attacker can exploit this vulnerability to execute command injection attack to arbitrary system commands or disrupt service.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://www.twcert.org.tw/tw/cp-132-7332-ee011-1.html", + "source": "twcert@cert.org.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-380xx/CVE-2023-38026.json b/CVE-2023/CVE-2023-380xx/CVE-2023-38026.json new file mode 100644 index 00000000000..26283963be6 --- /dev/null +++ b/CVE-2023/CVE-2023-380xx/CVE-2023-38026.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-38026", + "sourceIdentifier": "twcert@cert.org.tw", + "published": "2023-08-28T04:15:16.807", + "lastModified": "2023-08-28T05:16:01.577", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nSpotCam Co., Ltd. SpotCam FHD 2 has a vulnerability of using hard-coded uBoot credentials. An remote attacker can exploit this vulnerability to access the system to perform arbitrary system operations or disrupt service.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-798" + } + ] + } + ], + "references": [ + { + "url": "https://www.twcert.org.tw/tw/cp-132-7333-972ca-1.html", + "source": "twcert@cert.org.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-380xx/CVE-2023-38027.json b/CVE-2023/CVE-2023-380xx/CVE-2023-38027.json new file mode 100644 index 00000000000..04bde7f41eb --- /dev/null +++ b/CVE-2023/CVE-2023-380xx/CVE-2023-38027.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-38027", + "sourceIdentifier": "twcert@cert.org.tw", + "published": "2023-08-28T04:15:17.160", + "lastModified": "2023-08-28T05:16:01.577", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nSpotCam Co., Ltd. SpotCam Sense\u2019s hidden Telnet function has a vulnerability of OS command injection. An remote unauthenticated attacker can exploit this vulnerability to execute command injection attack to perform arbitrary system commands or disrupt service.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://www.twcert.org.tw/tw/cp-132-7334-351fb-1.html", + "source": "twcert@cert.org.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-380xx/CVE-2023-38028.json b/CVE-2023/CVE-2023-380xx/CVE-2023-38028.json new file mode 100644 index 00000000000..143032e15b9 --- /dev/null +++ b/CVE-2023/CVE-2023-380xx/CVE-2023-38028.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-38028", + "sourceIdentifier": "twcert@cert.org.tw", + "published": "2023-08-28T05:15:07.667", + "lastModified": "2023-08-28T05:16:01.577", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nSaho\u2019s attendance devices ADM100 and ADM-100FP have insufficient authentication. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication to read system information and operate user's data, but can\u2019t control system or disrupt service.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], + "references": [ + { + "url": "https://www.twcert.org.tw/tw/cp-132-7335-d300a-1.html", + "source": "twcert@cert.org.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-387xx/CVE-2023-38730.json b/CVE-2023/CVE-2023-387xx/CVE-2023-38730.json index 3eb6a894960..550c5c24d7c 100644 --- a/CVE-2023/CVE-2023-387xx/CVE-2023-38730.json +++ b/CVE-2023/CVE-2023-387xx/CVE-2023-38730.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38730", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-08-27T23:15:34.383", - "lastModified": "2023-08-27T23:15:34.383", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:01.577", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4544.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4544.json index bdc6c6cc920..ea308705866 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4544.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4544.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4544", "sourceIdentifier": "cna@vuldb.com", "published": "2023-08-26T05:15:49.630", - "lastModified": "2023-08-26T05:15:49.630", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:07.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4545.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4545.json index 0facee7bd2e..0fc1ad26ab2 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4545.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4545.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4545", "sourceIdentifier": "cna@vuldb.com", "published": "2023-08-26T07:15:10.067", - "lastModified": "2023-08-26T07:15:10.067", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:07.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4546.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4546.json index abe039438f7..4c30a4ce048 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4546.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4546.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4546", "sourceIdentifier": "cna@vuldb.com", "published": "2023-08-26T08:15:08.047", - "lastModified": "2023-08-26T08:15:08.047", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:07.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4547.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4547.json index 5fdbe1a878e..0e32fe6e57f 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4547.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4547.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4547", "sourceIdentifier": "cna@vuldb.com", "published": "2023-08-26T09:15:09.057", - "lastModified": "2023-08-26T09:15:09.057", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:07.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4548.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4548.json index 0b92dc89a20..0c6c724fa09 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4548.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4548.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4548", "sourceIdentifier": "cna@vuldb.com", "published": "2023-08-26T10:15:11.277", - "lastModified": "2023-08-26T10:15:11.277", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:07.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4555.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4555.json index 7b8e0a99674..86bbe81aa63 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4555.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4555.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4555", "sourceIdentifier": "cna@vuldb.com", "published": "2023-08-27T07:15:07.370", - "lastModified": "2023-08-27T07:15:07.370", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:07.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4556.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4556.json index f4b450a6ed4..178c662bc03 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4556.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4556.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4556", "sourceIdentifier": "cna@vuldb.com", "published": "2023-08-27T07:15:13.950", - "lastModified": "2023-08-27T07:15:13.950", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:07.333", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4557.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4557.json index 6051c88dea7..060c86fc6a1 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4557.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4557.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4557", "sourceIdentifier": "cna@vuldb.com", "published": "2023-08-27T23:15:35.040", - "lastModified": "2023-08-27T23:15:35.040", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:01.577", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4558.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4558.json index e51cbe226a1..9cba8f32fdf 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4558.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4558.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4558", "sourceIdentifier": "cna@vuldb.com", "published": "2023-08-27T23:15:36.730", - "lastModified": "2023-08-27T23:15:36.730", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:01.577", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4559.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4559.json index 4a70bb162b8..78c473e1380 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4559.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4559.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4559", "sourceIdentifier": "cna@vuldb.com", "published": "2023-08-27T23:15:36.837", - "lastModified": "2023-08-27T23:15:36.837", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:01.577", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4560.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4560.json index de9d3977bed..50805d94abc 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4560.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4560.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4560", "sourceIdentifier": "security@huntr.dev", "published": "2023-08-28T01:15:10.793", - "lastModified": "2023-08-28T01:15:10.793", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:01.577", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4561.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4561.json index f0ea07f1159..b27dad9ecaa 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4561.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4561.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4561", "sourceIdentifier": "security@huntr.dev", "published": "2023-08-28T01:15:11.000", - "lastModified": "2023-08-28T01:15:11.000", - "vulnStatus": "Received", + "lastModified": "2023-08-28T05:16:01.577", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/README.md b/README.md index a3ffc050aea..b9e56865002 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-08-28T02:00:32.844445+00:00 +2023-08-28T06:00:39.893906+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-08-28T01:15:11+00:00 +2023-08-28T05:16:07.333000+00:00 ``` ### Last Data Feed Release @@ -29,30 +29,50 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -223521 +223527 ``` ### CVEs added in the last Commit -Recently added CVEs: `9` +Recently added CVEs: `6` -* [CVE-2022-43904](CVE-2022/CVE-2022-439xx/CVE-2022-43904.json) (`2023-08-28T00:15:07.610`) -* [CVE-2023-22877](CVE-2023/CVE-2023-228xx/CVE-2023-22877.json) (`2023-08-28T01:15:07.663`) -* [CVE-2023-23473](CVE-2023/CVE-2023-234xx/CVE-2023-23473.json) (`2023-08-28T01:15:08.807`) -* [CVE-2023-24959](CVE-2023/CVE-2023-249xx/CVE-2023-24959.json) (`2023-08-28T01:15:08.973`) -* [CVE-2023-26270](CVE-2023/CVE-2023-262xx/CVE-2023-26270.json) (`2023-08-28T01:15:09.117`) -* [CVE-2023-26271](CVE-2023/CVE-2023-262xx/CVE-2023-26271.json) (`2023-08-28T01:15:09.263`) -* [CVE-2023-26272](CVE-2023/CVE-2023-262xx/CVE-2023-26272.json) (`2023-08-28T01:15:09.413`) -* [CVE-2023-4560](CVE-2023/CVE-2023-45xx/CVE-2023-4560.json) (`2023-08-28T01:15:10.793`) -* [CVE-2023-4561](CVE-2023/CVE-2023-45xx/CVE-2023-4561.json) (`2023-08-28T01:15:11.000`) +* [CVE-2016-15035](CVE-2016/CVE-2016-150xx/CVE-2016-15035.json) (`2023-08-28T04:15:08.573`) +* [CVE-2023-38024](CVE-2023/CVE-2023-380xx/CVE-2023-38024.json) (`2023-08-28T04:15:14.783`) +* [CVE-2023-38025](CVE-2023/CVE-2023-380xx/CVE-2023-38025.json) (`2023-08-28T04:15:16.477`) +* [CVE-2023-38026](CVE-2023/CVE-2023-380xx/CVE-2023-38026.json) (`2023-08-28T04:15:16.807`) +* [CVE-2023-38027](CVE-2023/CVE-2023-380xx/CVE-2023-38027.json) (`2023-08-28T04:15:17.160`) +* [CVE-2023-38028](CVE-2023/CVE-2023-380xx/CVE-2023-38028.json) (`2023-08-28T05:15:07.667`) ### CVEs modified in the last Commit -Recently modified CVEs: `2` +Recently modified CVEs: `27` -* [CVE-2023-38633](CVE-2023/CVE-2023-386xx/CVE-2023-38633.json) (`2023-08-28T00:15:08.380`) -* [CVE-2023-3330](CVE-2023/CVE-2023-33xx/CVE-2023-3330.json) (`2023-08-28T01:15:09.643`) +* [CVE-2022-43909](CVE-2022/CVE-2022-439xx/CVE-2022-43909.json) (`2023-08-28T05:16:07.333`) +* [CVE-2023-20197](CVE-2023/CVE-2023-201xx/CVE-2023-20197.json) (`2023-08-28T04:15:11.803`) +* [CVE-2023-33852](CVE-2023/CVE-2023-338xx/CVE-2023-33852.json) (`2023-08-28T05:16:01.577`) +* [CVE-2023-38730](CVE-2023/CVE-2023-387xx/CVE-2023-38730.json) (`2023-08-28T05:16:01.577`) +* [CVE-2023-4557](CVE-2023/CVE-2023-45xx/CVE-2023-4557.json) (`2023-08-28T05:16:01.577`) +* [CVE-2023-4558](CVE-2023/CVE-2023-45xx/CVE-2023-4558.json) (`2023-08-28T05:16:01.577`) +* [CVE-2023-4559](CVE-2023/CVE-2023-45xx/CVE-2023-4559.json) (`2023-08-28T05:16:01.577`) +* [CVE-2023-22877](CVE-2023/CVE-2023-228xx/CVE-2023-22877.json) (`2023-08-28T05:16:01.577`) +* [CVE-2023-23473](CVE-2023/CVE-2023-234xx/CVE-2023-23473.json) (`2023-08-28T05:16:01.577`) +* [CVE-2023-24959](CVE-2023/CVE-2023-249xx/CVE-2023-24959.json) (`2023-08-28T05:16:01.577`) +* [CVE-2023-26270](CVE-2023/CVE-2023-262xx/CVE-2023-26270.json) (`2023-08-28T05:16:01.577`) +* [CVE-2023-26271](CVE-2023/CVE-2023-262xx/CVE-2023-26271.json) (`2023-08-28T05:16:01.577`) +* [CVE-2023-26272](CVE-2023/CVE-2023-262xx/CVE-2023-26272.json) (`2023-08-28T05:16:01.577`) +* [CVE-2023-4560](CVE-2023/CVE-2023-45xx/CVE-2023-4560.json) (`2023-08-28T05:16:01.577`) +* [CVE-2023-4561](CVE-2023/CVE-2023-45xx/CVE-2023-4561.json) (`2023-08-28T05:16:01.577`) +* [CVE-2023-4544](CVE-2023/CVE-2023-45xx/CVE-2023-4544.json) (`2023-08-28T05:16:07.333`) +* [CVE-2023-4545](CVE-2023/CVE-2023-45xx/CVE-2023-4545.json) (`2023-08-28T05:16:07.333`) +* [CVE-2023-4546](CVE-2023/CVE-2023-45xx/CVE-2023-4546.json) (`2023-08-28T05:16:07.333`) +* [CVE-2023-4547](CVE-2023/CVE-2023-45xx/CVE-2023-4547.json) (`2023-08-28T05:16:07.333`) +* [CVE-2023-4548](CVE-2023/CVE-2023-45xx/CVE-2023-4548.json) (`2023-08-28T05:16:07.333`) +* [CVE-2023-4555](CVE-2023/CVE-2023-45xx/CVE-2023-4555.json) (`2023-08-28T05:16:07.333`) +* [CVE-2023-4556](CVE-2023/CVE-2023-45xx/CVE-2023-4556.json) (`2023-08-28T05:16:07.333`) +* [CVE-2023-30435](CVE-2023/CVE-2023-304xx/CVE-2023-30435.json) (`2023-08-28T05:16:07.333`) +* [CVE-2023-30436](CVE-2023/CVE-2023-304xx/CVE-2023-30436.json) (`2023-08-28T05:16:07.333`) +* [CVE-2023-30437](CVE-2023/CVE-2023-304xx/CVE-2023-30437.json) (`2023-08-28T05:16:07.333`) ## Download and Usage