Auto-Update: 2023-06-30T04:00:27.053994+00:00

CVE-2020/CVE-2020-184xx/CVE-2020-18432.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2020-18432",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-06-30T02:15:08.623",
+  "lastModified": "2023-06-30T02:15:08.623",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "File Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers to upload arbitrary files and gain escalated privileges."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://vorders.me/2019/03/05/semcms-vulnerablity-before-php-v3-7/#admin-upload-webshell-in-SEMCMS-Upfile-php",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2022/CVE-2022-471xx/CVE-2022-47184.json

@@ -2,7 +2,7 @@
   "id": "CVE-2022-47184",
   "sourceIdentifier": "security@apache.org",
   "published": "2023-06-14T08:15:08.633",
-  "lastModified": "2023-06-23T03:15:08.847",
+  "lastModified": "2023-06-30T02:15:08.723",
   "vulnStatus": "Modified",
   "descriptions": [
     {
@@ -110,6 +110,10 @@
         "Mailing List"
       ]
     },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html",
+      "source": "security@apache.org"
+    },
     {
       "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/",
       "source": "security@apache.org"

CVE-2023/CVE-2023-28xx/CVE-2023-2828.json

@@ -2,7 +2,7 @@
   "id": "CVE-2023-2828",
   "sourceIdentifier": "security-officer@isc.org",
   "published": "2023-06-21T17:15:47.703",
-  "lastModified": "2023-06-26T08:15:09.213",
+  "lastModified": "2023-06-30T03:15:09.077",
   "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
@@ -43,6 +43,10 @@
       "url": "https://kb.isc.org/docs/cve-2023-2828",
       "source": "security-officer@isc.org"
     },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/",
+      "source": "security-officer@isc.org"
+    },
     {
       "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/",
       "source": "security-officer@isc.org"

CVE-2023/CVE-2023-28xx/CVE-2023-2834.json

@@ -0,0 +1,79 @@
+{
+  "id": "CVE-2023-2834",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2023-06-30T02:15:08.820",
+  "lastModified": "2023-06-30T02:15:08.820",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The BookIt plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.3.7. This is due to insufficient verification on the user being supplied during booking an appointment through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-288"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://lana.codes/lanavdb/0dea1346-fd60-4338-8af6-6f89c29075d4/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/bookit/tags/2.3.6/includes/classes/CustomerController.php#L27",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/bookit/tags/2.3.6/includes/classes/database/Customers.php#L63",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/2919529/bookit",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/2925153/bookit",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/blog/2023/06/stylemixthemes-addresses-authentication-bypass-vulnerability-in-bookit-wordpress-plugin/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cfd32e46-a4fc-4c10-b546-9f9da75db791?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-29xx/CVE-2023-2911.json

@@ -2,7 +2,7 @@
   "id": "CVE-2023-2911",
   "sourceIdentifier": "security-officer@isc.org",
   "published": "2023-06-21T17:15:47.827",
-  "lastModified": "2023-06-26T08:15:09.293",
+  "lastModified": "2023-06-30T03:15:09.160",
   "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
@@ -43,6 +43,10 @@
       "url": "https://kb.isc.org/docs/cve-2023-2911",
       "source": "security-officer@isc.org"
     },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/",
+      "source": "security-officer@isc.org"
+    },
     {
       "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/",
       "source": "security-officer@isc.org"

CVE-2023/CVE-2023-306xx/CVE-2023-30631.json

@@ -2,7 +2,7 @@
   "id": "CVE-2023-30631",
   "sourceIdentifier": "security@apache.org",
   "published": "2023-06-14T08:15:09.257",
-  "lastModified": "2023-06-23T03:15:08.977",
+  "lastModified": "2023-06-30T02:15:08.917",
   "vulnStatus": "Modified",
   "descriptions": [
     {
@@ -90,6 +90,10 @@
         "Mailing List"
       ]
     },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html",
+      "source": "security@apache.org"
+    },
     {
       "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/",
       "source": "security@apache.org"

CVE-2023/CVE-2023-30xx/CVE-2023-3063.json

@@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-3063",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2023-06-30T02:15:09.457",
+  "lastModified": "2023-06-30T02:15:09.457",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The SP Project & Document Manager plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.67. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers with subscriber privileges or above, to change user passwords and potentially take over administrator accounts."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 8.8,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-639"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/sp-client-document-manager/trunk/classes/ajax.php#L149",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6dc2e720-85d9-42d9-94ef-eb172425993d?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-326xx/CVE-2023-32607.json

@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-32607",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2023-06-30T03:15:09.237",
+  "lastModified": "2023-06-30T03:15:09.237",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Stored cross-site scripting vulnerability in Pleasanter (Community Edition and Enterprise Edition)  1.3.39.2 and earlier versions allows a remote authenticated attacker to inject an arbitrary script."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN97818024/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://pleasanter.org/archives/vulnerability-update-202306",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}

CVE-2023/CVE-2023-326xx/CVE-2023-32608.json

@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-32608",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2023-06-30T03:15:09.297",
+  "lastModified": "2023-06-30T03:15:09.297",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Directory traversal vulnerability in Pleasanter (Community Edition and Enterprise Edition) 1.3.39.2 and earlier versions allows a remote authenticated attacker to alter an arbitrary file on the server."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN97818024/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://pleasanter.org/archives/vulnerability-update-202306",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}

CVE-2023/CVE-2023-32xx/CVE-2023-3249.json

@@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-3249",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2023-06-30T02:15:09.543",
+  "lastModified": "2023-06-30T02:15:09.543",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Web3 \u2013 Crypto wallet Login & NFT token gating plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.6.0. This is due to incorrect authentication checking in the 'hidden_form_data' function. This makes it possible for authenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-288"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/web3-authentication/tags/2.6.0/classes/common/Web3/controller/class-moweb3flowhandler.php#L198",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e30b62de-7280-4c29-b882-dfa83e65966b?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-333xx/CVE-2023-33336.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-33336",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-06-30T02:15:09.000",
+  "lastModified": "2023-06-30T02:15:09.000",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Reflected cross site scripting (XSS) vulnerability was discovered in Sophos Web Appliance v4.3.9.1 that allows for arbitrary code to be inputted via the double quotes."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://inf0seq.github.io/cve/2023/04/30/Cross-site-scripting-(XSS)-in-Sophos-Web-Appliance-4.1.1-0.9.html",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-337xx/CVE-2023-33733.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-33733",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2023-06-05T16:15:09.550",
-  "lastModified": "2023-06-09T22:58:22.683",
+  "lastModified": "2023-06-30T03:15:09.353",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
@@ -72,6 +72,10 @@
         "Exploit",
         "Third Party Advisory"
       ]
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6ALE727IRACYBTTOFIFG57RS4OA2SHIJ/",
+      "source": "cve@mitre.org"
     }
   ]
 }

CVE-2023/CVE-2023-339xx/CVE-2023-33933.json

@@ -2,7 +2,7 @@
   "id": "CVE-2023-33933",
   "sourceIdentifier": "security@apache.org",
   "published": "2023-06-14T08:15:09.323",
-  "lastModified": "2023-06-23T03:15:09.067",
+  "lastModified": "2023-06-30T02:15:09.060",
   "vulnStatus": "Modified",
   "descriptions": [
     {
@@ -90,6 +90,10 @@
         "Mailing List"
       ]
     },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html",
+      "source": "security@apache.org"
+    },
     {
       "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/",
       "source": "security@apache.org"

CVE-2023/CVE-2023-342xx/CVE-2023-34241.json

@@ -2,7 +2,7 @@
   "id": "CVE-2023-34241",
   "sourceIdentifier": "security-advisories@github.com",
   "published": "2023-06-22T23:15:09.493",
-  "lastModified": "2023-06-26T15:15:09.760",
+  "lastModified": "2023-06-30T03:15:09.433",
   "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
@@ -66,6 +66,10 @@
     {
       "url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-qjgh-5hcq-5f25",
       "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TBIYKDS3UG3W4Z7YOHTR2AWFNBRYPNYY/",
+      "source": "security-advisories@github.com"
     }
   ]
 }

CVE-2023/CVE-2023-351xx/CVE-2023-35131.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-35131",
   "sourceIdentifier": "patrick@puiterwijk.org",
   "published": "2023-06-22T21:15:09.413",
-  "lastModified": "2023-06-29T20:37:43.530",
+  "lastModified": "2023-06-30T03:15:09.527",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
@@ -95,6 +95,14 @@
     }
   ],
   "references": [
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC/",
+      "source": "patrick@puiterwijk.org"
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT/",
+      "source": "patrick@puiterwijk.org"
+    },
     {
       "url": "https://moodle.org/mod/forum/discuss.php?d=447829",
       "source": "patrick@puiterwijk.org",

CVE-2023/CVE-2023-351xx/CVE-2023-35132.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-35132",
   "sourceIdentifier": "patrick@puiterwijk.org",
   "published": "2023-06-22T21:15:09.470",
-  "lastModified": "2023-06-29T20:36:59.997",
+  "lastModified": "2023-06-30T03:15:09.590",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
@@ -101,6 +101,14 @@
     }
   ],
   "references": [
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC/",
+      "source": "patrick@puiterwijk.org"
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT/",
+      "source": "patrick@puiterwijk.org"
+    },
     {
       "url": "https://moodle.org/mod/forum/discuss.php?d=447830",
       "source": "patrick@puiterwijk.org",

CVE-2023/CVE-2023-351xx/CVE-2023-35133.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-35133",
   "sourceIdentifier": "patrick@puiterwijk.org",
   "published": "2023-06-22T21:15:09.520",
-  "lastModified": "2023-06-29T20:27:24.947",
+  "lastModified": "2023-06-30T03:15:09.667",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
@@ -101,6 +101,14 @@
     }
   ],
   "references": [
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC/",
+      "source": "patrick@puiterwijk.org"
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT/",
+      "source": "patrick@puiterwijk.org"
+    },
     {
       "url": "https://moodle.org/mod/forum/discuss.php?d=447831",
       "source": "patrick@puiterwijk.org",

CVE-2023/CVE-2023-363xx/CVE-2023-36345.json

@@ -2,7 +2,7 @@
   "id": "CVE-2023-36345",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2023-06-23T20:15:09.427",
-  "lastModified": "2023-06-24T12:41:30.800",
+  "lastModified": "2023-06-30T02:15:09.180",
   "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
@@ -15,6 +15,10 @@
     {
       "url": "https://youtu.be/KxjsEqNWU9E",
       "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://yuyudhn.github.io/pos-codekop-vulnerability/",
+      "source": "cve@mitre.org"
     }
   ]
 }

CVE-2023/CVE-2023-363xx/CVE-2023-36346.json

@@ -2,7 +2,7 @@
   "id": "CVE-2023-36346",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2023-06-23T20:15:09.473",
-  "lastModified": "2023-06-24T12:41:30.800",
+  "lastModified": "2023-06-30T02:15:09.280",
   "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
@@ -15,6 +15,10 @@
     {
       "url": "https://www.youtube.com/watch?v=bbbA-q1syrA",
       "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://yuyudhn.github.io/pos-codekop-vulnerability/",
+      "source": "cve@mitre.org"
     }
   ]
 }

CVE-2023/CVE-2023-363xx/CVE-2023-36347.json

@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-36347",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-06-30T02:15:09.347",
+  "lastModified": "2023-06-30T02:15:09.347",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://www.youtube.com/watch?v=7qaIeE2cyO4",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://yuyudhn.github.io/pos-codekop-vulnerability/",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-363xx/CVE-2023-36348.json

@@ -2,7 +2,7 @@
   "id": "CVE-2023-36348",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2023-06-23T20:15:09.517",
-  "lastModified": "2023-06-24T12:41:30.800",
+  "lastModified": "2023-06-30T02:15:09.400",
   "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
@@ -15,6 +15,10 @@
     {
       "url": "https://www.youtube.com/watch?v=Ge0zqY0sGiQ",
       "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://yuyudhn.github.io/pos-codekop-vulnerability/",
+      "source": "cve@mitre.org"
     }
   ]
 }

CVE-2023/CVE-2023-365xx/CVE-2023-36539.json

@@ -0,0 +1,43 @@
+{
+  "id": "CVE-2023-36539",
+  "sourceIdentifier": "security@zoom.us",
+  "published": "2023-06-30T03:15:09.747",
+  "lastModified": "2023-06-30T03:15:09.747",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "\nExposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@zoom.us",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.6,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://explore.zoom.us/en/trust/security/security-bulletin/",
+      "source": "security@zoom.us"
+    }
+  ]
+}

README.md

@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-06-30T02:00:27.355272+00:00
+2023-06-30T04:00:27.053994+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-06-30T01:15:08.880000+00:00
+2023-06-30T03:15:09.747000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,47 +29,41 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-218918
+218927
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `3`
+Recently added CVEs: `9`
 
-* [CVE-2023-36143](CVE-2023/CVE-2023-361xx/CVE-2023-36143.json) (`2023-06-30T01:15:08.767`)
+* [CVE-2020-18432](CVE-2020/CVE-2020-184xx/CVE-2020-18432.json) (`2023-06-30T02:15:08.623`)
-* [CVE-2023-36146](CVE-2023/CVE-2023-361xx/CVE-2023-36146.json) (`2023-06-30T01:15:08.823`)
+* [CVE-2023-2834](CVE-2023/CVE-2023-28xx/CVE-2023-2834.json) (`2023-06-30T02:15:08.820`)
-* [CVE-2023-3469](CVE-2023/CVE-2023-34xx/CVE-2023-3469.json) (`2023-06-30T01:15:08.880`)
+* [CVE-2023-33336](CVE-2023/CVE-2023-333xx/CVE-2023-33336.json) (`2023-06-30T02:15:09.000`)
+* [CVE-2023-36347](CVE-2023/CVE-2023-363xx/CVE-2023-36347.json) (`2023-06-30T02:15:09.347`)
+* [CVE-2023-3063](CVE-2023/CVE-2023-30xx/CVE-2023-3063.json) (`2023-06-30T02:15:09.457`)
+* [CVE-2023-3249](CVE-2023/CVE-2023-32xx/CVE-2023-3249.json) (`2023-06-30T02:15:09.543`)
+* [CVE-2023-32607](CVE-2023/CVE-2023-326xx/CVE-2023-32607.json) (`2023-06-30T03:15:09.237`)
+* [CVE-2023-32608](CVE-2023/CVE-2023-326xx/CVE-2023-32608.json) (`2023-06-30T03:15:09.297`)
+* [CVE-2023-36539](CVE-2023/CVE-2023-365xx/CVE-2023-36539.json) (`2023-06-30T03:15:09.747`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `32`
+Recently modified CVEs: `13`
 
-* [CVE-2022-31642](CVE-2022/CVE-2022-316xx/CVE-2022-31642.json) (`2023-06-30T00:06:38.553`)
+* [CVE-2022-47184](CVE-2022/CVE-2022-471xx/CVE-2022-47184.json) (`2023-06-30T02:15:08.723`)
-* [CVE-2022-31644](CVE-2022/CVE-2022-316xx/CVE-2022-31644.json) (`2023-06-30T00:07:03.547`)
+* [CVE-2023-30631](CVE-2023/CVE-2023-306xx/CVE-2023-30631.json) (`2023-06-30T02:15:08.917`)
-* [CVE-2022-31645](CVE-2022/CVE-2022-316xx/CVE-2022-31645.json) (`2023-06-30T00:07:19.013`)
+* [CVE-2023-33933](CVE-2023/CVE-2023-339xx/CVE-2023-33933.json) (`2023-06-30T02:15:09.060`)
-* [CVE-2022-31646](CVE-2022/CVE-2022-316xx/CVE-2022-31646.json) (`2023-06-30T00:07:28.433`)
+* [CVE-2023-36345](CVE-2023/CVE-2023-363xx/CVE-2023-36345.json) (`2023-06-30T02:15:09.180`)
-* [CVE-2022-4149](CVE-2022/CVE-2022-41xx/CVE-2022-4149.json) (`2023-06-30T00:08:31.660`)
+* [CVE-2023-36346](CVE-2023/CVE-2023-363xx/CVE-2023-36346.json) (`2023-06-30T02:15:09.280`)
-* [CVE-2023-30946](CVE-2023/CVE-2023-309xx/CVE-2023-30946.json) (`2023-06-29T23:57:54.363`)
+* [CVE-2023-36348](CVE-2023/CVE-2023-363xx/CVE-2023-36348.json) (`2023-06-30T02:15:09.400`)
-* [CVE-2023-30955](CVE-2023/CVE-2023-309xx/CVE-2023-30955.json) (`2023-06-29T23:57:54.363`)
+* [CVE-2023-2828](CVE-2023/CVE-2023-28xx/CVE-2023-2828.json) (`2023-06-30T03:15:09.077`)
-* [CVE-2023-33190](CVE-2023/CVE-2023-331xx/CVE-2023-33190.json) (`2023-06-29T23:57:54.363`)
+* [CVE-2023-2911](CVE-2023/CVE-2023-29xx/CVE-2023-2911.json) (`2023-06-30T03:15:09.160`)
-* [CVE-2023-36484](CVE-2023/CVE-2023-364xx/CVE-2023-36484.json) (`2023-06-29T23:57:54.363`)
+* [CVE-2023-33733](CVE-2023/CVE-2023-337xx/CVE-2023-33733.json) (`2023-06-30T03:15:09.353`)
-* [CVE-2023-25433](CVE-2023/CVE-2023-254xx/CVE-2023-25433.json) (`2023-06-29T23:57:54.363`)
+* [CVE-2023-34241](CVE-2023/CVE-2023-342xx/CVE-2023-34241.json) (`2023-06-30T03:15:09.433`)
-* [CVE-2023-26966](CVE-2023/CVE-2023-269xx/CVE-2023-26966.json) (`2023-06-29T23:57:54.363`)
+* [CVE-2023-35131](CVE-2023/CVE-2023-351xx/CVE-2023-35131.json) (`2023-06-30T03:15:09.527`)
-* [CVE-2023-35938](CVE-2023/CVE-2023-359xx/CVE-2023-35938.json) (`2023-06-29T23:57:54.363`)
+* [CVE-2023-35132](CVE-2023/CVE-2023-351xx/CVE-2023-35132.json) (`2023-06-30T03:15:09.590`)
-* [CVE-2023-36471](CVE-2023/CVE-2023-364xx/CVE-2023-36471.json) (`2023-06-29T23:57:54.363`)
+* [CVE-2023-35133](CVE-2023/CVE-2023-351xx/CVE-2023-35133.json) (`2023-06-30T03:15:09.667`)
-* [CVE-2023-36468](CVE-2023/CVE-2023-364xx/CVE-2023-36468.json) (`2023-06-29T23:57:54.363`)
-* [CVE-2023-36469](CVE-2023/CVE-2023-364xx/CVE-2023-36469.json) (`2023-06-29T23:57:54.363`)
-* [CVE-2023-36470](CVE-2023/CVE-2023-364xx/CVE-2023-36470.json) (`2023-06-29T23:57:54.363`)
-* [CVE-2023-36607](CVE-2023/CVE-2023-366xx/CVE-2023-36607.json) (`2023-06-29T23:57:54.363`)
-* [CVE-2023-3464](CVE-2023/CVE-2023-34xx/CVE-2023-3464.json) (`2023-06-29T23:57:54.363`)
-* [CVE-2023-3465](CVE-2023/CVE-2023-34xx/CVE-2023-3465.json) (`2023-06-29T23:57:54.363`)
-* [CVE-2023-1707](CVE-2023/CVE-2023-17xx/CVE-2023-1707.json) (`2023-06-30T00:03:45.170`)
-* [CVE-2023-2270](CVE-2023/CVE-2023-22xx/CVE-2023-2270.json) (`2023-06-30T00:08:10.847`)
-* [CVE-2023-28809](CVE-2023/CVE-2023-288xx/CVE-2023-28809.json) (`2023-06-30T00:08:59.093`)
-* [CVE-2023-2686](CVE-2023/CVE-2023-26xx/CVE-2023-2686.json) (`2023-06-30T00:09:12.553`)
-* [CVE-2023-2747](CVE-2023/CVE-2023-27xx/CVE-2023-2747.json) (`2023-06-30T00:09:44.927`)
-* [CVE-2023-34641](CVE-2023/CVE-2023-346xx/CVE-2023-34641.json) (`2023-06-30T01:15:08.693`)
 
 
 ## Download and Usage