diff --git a/CVE-2021/CVE-2021-354xx/CVE-2021-35437.json b/CVE-2021/CVE-2021-354xx/CVE-2021-35437.json new file mode 100644 index 00000000000..cfd919765c2 --- /dev/null +++ b/CVE-2021/CVE-2021-354xx/CVE-2021-35437.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2021-35437", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-11-16T05:15:24.303", + "lastModified": "2023-11-16T05:15:24.303", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SQL injection vulnerability in LMXCMS v.1.4 allows attacker to execute arbitrary code via the TagsAction.class." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/GHA193/Vulns/blob/main/lmxcms%20injection.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-432xx/CVE-2023-43275.json b/CVE-2023/CVE-2023-432xx/CVE-2023-43275.json new file mode 100644 index 00000000000..ae50219c77c --- /dev/null +++ b/CVE-2023/CVE-2023-432xx/CVE-2023-43275.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-43275", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-11-16T05:15:29.880", + "lastModified": "2023-11-16T05:15:29.880", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in DedeCMS v5.7 in 110 backend management interface via /catalog_add.php, allows attackers to create crafted web pages due to a lack of verification of the token value of the submitted form." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/thedarknessdied/dedecms/blob/main/v5.7_110-CSRF.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47003.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47003.json new file mode 100644 index 00000000000..2bd32729d70 --- /dev/null +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47003.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-47003", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-11-16T05:15:29.927", + "lastModified": "2023-11-16T05:15:29.927", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue in RedisGraph v.2.12.10 allows an attacker to execute arbitrary code and cause a denial of service via a crafted string in DataBlock_ItemIsDeleted." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/RedisGraph/RedisGraph/issues/3063", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-473xx/CVE-2023-47335.json b/CVE-2023/CVE-2023-473xx/CVE-2023-47335.json new file mode 100644 index 00000000000..ea66f10d2e5 --- /dev/null +++ b/CVE-2023/CVE-2023-473xx/CVE-2023-47335.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-47335", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-11-16T06:15:31.923", + "lastModified": "2023-11-16T06:15:31.923", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Insecure permissions in the setNFZEnable function of Autel Robotics EVO Nano drone v1.6.5 allows attackers to breach the geo-fence and fly into no-fly zones." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/czbxzm/AUTEL-smart-drones-have-a-vulnerability-to-unauthorised-breaches-of-no-fly-zone", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 21f148dd6d3..26d8e8bed2c 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-11-16T05:00:21.359057+00:00 +2023-11-16T07:00:18.873981+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-11-16T04:15:06.857000+00:00 +2023-11-16T06:15:31.923000+00:00 ``` ### Last Data Feed Release @@ -29,36 +29,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -230885 +230889 ``` ### CVEs added in the last Commit Recently added CVEs: `4` -* [CVE-2023-47263](CVE-2023/CVE-2023-472xx/CVE-2023-47263.json) (`2023-11-16T03:15:07.290`) -* [CVE-2023-47264](CVE-2023/CVE-2023-472xx/CVE-2023-47264.json) (`2023-11-16T03:15:07.347`) -* [CVE-2023-47470](CVE-2023/CVE-2023-474xx/CVE-2023-47470.json) (`2023-11-16T03:15:07.400`) -* [CVE-2023-47471](CVE-2023/CVE-2023-474xx/CVE-2023-47471.json) (`2023-11-16T04:15:06.857`) +* [CVE-2021-35437](CVE-2021/CVE-2021-354xx/CVE-2021-35437.json) (`2023-11-16T05:15:24.303`) +* [CVE-2023-43275](CVE-2023/CVE-2023-432xx/CVE-2023-43275.json) (`2023-11-16T05:15:29.880`) +* [CVE-2023-47003](CVE-2023/CVE-2023-470xx/CVE-2023-47003.json) (`2023-11-16T05:15:29.927`) +* [CVE-2023-47335](CVE-2023/CVE-2023-473xx/CVE-2023-47335.json) (`2023-11-16T06:15:31.923`) ### CVEs modified in the last Commit -Recently modified CVEs: `13` +Recently modified CVEs: `0` -* [CVE-2020-7332](CVE-2020/CVE-2020-73xx/CVE-2020-7332.json) (`2023-11-16T03:05:59.747`) -* [CVE-2020-7339](CVE-2020/CVE-2020-73xx/CVE-2020-7339.json) (`2023-11-16T03:11:19.030`) -* [CVE-2021-43809](CVE-2021/CVE-2021-438xx/CVE-2021-43809.json) (`2023-11-16T03:04:51.220`) -* [CVE-2021-4038](CVE-2021/CVE-2021-40xx/CVE-2021-4038.json) (`2023-11-16T03:06:23.680`) -* [CVE-2021-31830](CVE-2021/CVE-2021-318xx/CVE-2021-31830.json) (`2023-11-16T03:12:03.267`) -* [CVE-2021-31848](CVE-2021/CVE-2021-318xx/CVE-2021-31848.json) (`2023-11-16T03:12:12.673`) -* [CVE-2022-3979](CVE-2022/CVE-2022-39xx/CVE-2022-3979.json) (`2023-11-16T03:10:24.327`) -* [CVE-2022-0280](CVE-2022/CVE-2022-02xx/CVE-2022-0280.json) (`2023-11-16T03:13:04.950`) -* [CVE-2022-0858](CVE-2022/CVE-2022-08xx/CVE-2022-0858.json) (`2023-11-16T03:13:42.247`) -* [CVE-2022-1254](CVE-2022/CVE-2022-12xx/CVE-2022-1254.json) (`2023-11-16T03:13:51.517`) -* [CVE-2022-1823](CVE-2022/CVE-2022-18xx/CVE-2022-1823.json) (`2023-11-16T03:14:05.957`) -* [CVE-2023-5152](CVE-2023/CVE-2023-51xx/CVE-2023-5152.json) (`2023-11-16T03:06:57.570`) -* [CVE-2023-41993](CVE-2023/CVE-2023-419xx/CVE-2023-41993.json) (`2023-11-16T03:15:07.190`) ## Download and Usage