Auto-Update: 2023-06-15T02:00:26.856769+00:00

2025-07-09 16:05:11 +00:00 · 2023-06-15 02:00:30 +00:00 · 2023-06-15 02:00:30 +00:00 · b23ce43dfe
commit b23ce43dfe
parent dfc8020302
4 changed files with 128 additions and 15 deletions
--- a/CVE-2022/CVE-2022-223xx/CVE-2022-22307.json
+++ b/CVE-2022/CVE-2022-223xx/CVE-2022-22307.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2022-22307",
+  "sourceIdentifier": "psirt@us.ibm.com",
+  "published": "2023-06-15T01:15:09.920",
+  "lastModified": "2023-06-15T01:15:09.920",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "IBM Security Guardium 11.3, 11.4, and 11.5 could allow a local user to obtain elevated privileges due to incorrect authorization checks.  IBM X-Force ID:  216753."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "psirt@us.ibm.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.4,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 2.5
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "psirt@us.ibm.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-863"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/216753",
+      "source": "psirt@us.ibm.com"
+    },
+    {
+      "url": "https://www.ibm.com/support/pages/node/6999317",
+      "source": "psirt@us.ibm.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-256xx/CVE-2023-25683.json
+++ b/CVE-2023/CVE-2023-256xx/CVE-2023-25683.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-25683",
+  "sourceIdentifier": "psirt@us.ibm.com",
+  "published": "2023-06-15T01:15:10.010",
+  "lastModified": "2023-06-15T01:15:10.010",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "IBM PowerVM Hypervisor FW950.00 through FW950.71, FW1010.00 through FW1010.40, FW1020.00 through FW1020.20, and FW1030.00 through FW1030.11 could allow an attacker to obtain sensitive information if they gain service access to the HMC.  IBM X-Force ID:  247592."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "psirt@us.ibm.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.9,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.2,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "psirt@us.ibm.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-200"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/247592",
+      "source": "psirt@us.ibm.com"
+    },
+    {
+      "url": "https://www.ibm.com/support/pages/node/7002721",
+      "source": "psirt@us.ibm.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-344xx/CVE-2023-34448.json
+++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34448.json
@ -2,12 +2,12 @@
  "id": "CVE-2023-34448",
  "sourceIdentifier": "security-advisories@github.com",
  "published": "2023-06-14T23:15:11.107",
-  "lastModified": "2023-06-14T23:15:11.107",
+  "lastModified": "2023-06-15T00:15:10.480",
  "vulnStatus": "Received",
  "descriptions": [
    {
      "lang": "en",
-      "value": "Grav is a file-based Web platform. Prior to version 1.7.42, the patch for CVE-2022-2073, a server-side template injection vulnerability in Grav leveraging the default `filter()` function, did not block other built-in functions exposed by Twig's Core Extension that could be used to invoke arbitrary unsafe functions, thereby allowing for remote code execution. A patch in version 1.74.2 overrides the built-in Twig `map()` and `reduce()` filter functions in `system/src/Grav/Common/Twig/Extension/GravExtension.php` to validate the argument passed to the filter in `$arrow`."
+      "value": "Grav is a flat-file content management system. Prior to version 1.7.42, the patch for CVE-2022-2073, a server-side template injection vulnerability in Grav leveraging the default `filter()` function, did not block other built-in functions exposed by Twig's Core Extension that could be used to invoke arbitrary unsafe functions, thereby allowing for remote code execution. A patch in version 1.74.2 overrides the built-in Twig `map()` and `reduce()` filter functions in `system/src/Grav/Common/Twig/Extension/GravExtension.php` to validate the argument passed to the filter in `$arrow`."
    }
  ],
  "metrics": {
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-06-14T23:55:24.480668+00:00
+2023-06-15T02:00:26.856769+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-06-14T23:15:11.183000+00:00
+2023-06-15T01:15:10.010000+00:00
 ```

 ### Last Data Feed Release
@ -23,33 +23,28 @@ Repository synchronizes with the NVD every 2 hours.
 Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)

 ```plain
-2023-06-14T00:00:13.767868+00:00
+2023-06-15T00:00:13.541780+00:00
 ```

 ### Total Number of included CVEs

 ```plain
-217795
+217797
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `7`
+Recently added CVEs: `2`

-* [CVE-2023-2819](CVE-2023/CVE-2023-28xx/CVE-2023-2819.json) (`2023-06-14T22:15:09.203`)
-* [CVE-2023-2820](CVE-2023/CVE-2023-28xx/CVE-2023-2820.json) (`2023-06-14T22:15:09.273`)
-* [CVE-2023-34251](CVE-2023/CVE-2023-342xx/CVE-2023-34251.json) (`2023-06-14T22:15:09.333`)
-* [CVE-2023-34252](CVE-2023/CVE-2023-342xx/CVE-2023-34252.json) (`2023-06-14T22:15:09.397`)
-* [CVE-2023-34253](CVE-2023/CVE-2023-342xx/CVE-2023-34253.json) (`2023-06-14T23:15:11.037`)
-* [CVE-2023-34448](CVE-2023/CVE-2023-344xx/CVE-2023-34448.json) (`2023-06-14T23:15:11.107`)
-* [CVE-2023-34452](CVE-2023/CVE-2023-344xx/CVE-2023-34452.json) (`2023-06-14T23:15:11.183`)
+* [CVE-2022-22307](CVE-2022/CVE-2022-223xx/CVE-2022-22307.json) (`2023-06-15T01:15:09.920`)
+* [CVE-2023-25683](CVE-2023/CVE-2023-256xx/CVE-2023-25683.json) (`2023-06-15T01:15:10.010`)


 ### CVEs modified in the last Commit

 Recently modified CVEs: `1`

-* [CVE-2022-38131](CVE-2022/CVE-2022-381xx/CVE-2022-38131.json) (`2023-06-14T23:15:10.800`)
+* [CVE-2023-34448](CVE-2023/CVE-2023-344xx/CVE-2023-34448.json) (`2023-06-15T00:15:10.480`)


 ## Download and Usage