Auto-Update: 2023-08-01T04:00:26.515792+00:00

2025-05-08 19:47:09 +00:00 · 2023-08-01 04:00:30 +00:00 · 2023-08-01 04:00:30 +00:00 · b543808d06
commit b543808d06
parent 75367a92a6
14 changed files with 160 additions and 42 deletions
--- a/CVE-2020/CVE-2020-109xx/CVE-2020-10962.json
+++ b/CVE-2020/CVE-2020-109xx/CVE-2020-10962.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2020-10962",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-08-01T02:15:09.687",
+  "lastModified": "2023-08-01T02:15:09.687",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In PowerShell App Deployment Toolkit (aka PSAppDeployToolkit) through 3.8.0, an incorrect access control vulnerability in the default configuration may allow an authenticated user to potentially enable escalation of privilege via local access."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://discourse.psappdeploytoolkit.com/t/psappdeploytoolkit-3-8-2/2555",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/PSAppDeployToolkit/PSAppDeployToolkit/releases",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2021/CVE-2021-373xx/CVE-2021-37384.json
+++ b/CVE-2021/CVE-2021-373xx/CVE-2021-37384.json
@ -2,12 +2,12 @@
  "id": "CVE-2021-37384",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-07-17T21:15:09.307",
-  "lastModified": "2023-07-28T13:16:36.683",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-08-01T02:15:09.783",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
-      "value": "A remote command execution (RCE) vulnerability in the web interface component of Furukawa 423-41W/AC before v1.1.4 and LD421-21W before v1.3.3 allows unauthenticated attackers to send arbitrary commands to the device via unspecified vectors."
+      "value": "A remote command execution (RCE) vulnerability in the web interface component of Furukawa Electric LatAM 423-41W/AC before v1.1.4 and LD421-21W before v1.3.3 allows unauthenticated attackers to send arbitrary commands to the device via unspecified vectors."
    }
  ],
  "metrics": {
--- a/CVE-2023/CVE-2023-254xx/CVE-2023-25433.json
+++ b/CVE-2023/CVE-2023-254xx/CVE-2023-25433.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-25433",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-06-29T20:15:09.830",
-  "lastModified": "2023-07-11T17:48:50.450",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-08-01T02:15:09.910",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -79,6 +79,10 @@
      "tags": [
        "Patch"
      ]
+    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html",
+      "source": "cve@mitre.org"
    }
  ]
 }
--- a/CVE-2023/CVE-2023-269xx/CVE-2023-26965.json
+++ b/CVE-2023/CVE-2023-269xx/CVE-2023-26965.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-26965",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-06-14T21:15:09.483",
-  "lastModified": "2023-07-06T19:15:09.980",
+  "lastModified": "2023-08-01T02:15:10.003",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -74,6 +74,10 @@
        "Patch"
      ]
    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://security.netapp.com/advisory/ntap-20230706-0009/",
      "source": "cve@mitre.org"
--- a/CVE-2023/CVE-2023-269xx/CVE-2023-26966.json
+++ b/CVE-2023/CVE-2023-269xx/CVE-2023-26966.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-26966",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-06-29T20:15:09.873",
-  "lastModified": "2023-07-11T17:48:18.733",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-08-01T02:15:10.080",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -79,6 +79,10 @@
      "tags": [
        "Patch"
      ]
+    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html",
+      "source": "cve@mitre.org"
    }
  ]
 }
--- a/CVE-2023/CVE-2023-29xx/CVE-2023-2908.json
+++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2908.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-2908",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2023-06-30T22:15:10.017",
-  "lastModified": "2023-07-31T19:15:16.123",
+  "lastModified": "2023-08-01T02:15:10.147",
  "vulnStatus": "Undergoing Analysis",
  "descriptions": [
    {
@ -116,6 +116,10 @@
        "Vendor Advisory"
      ]
    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html",
+      "source": "secalert@redhat.com"
+    },
    {
      "url": "https://security.netapp.com/advisory/ntap-20230731-0004/",
      "source": "secalert@redhat.com"
--- a/CVE-2023/CVE-2023-305xx/CVE-2023-30577.json
+++ b/CVE-2023/CVE-2023-305xx/CVE-2023-30577.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-30577",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-07-26T17:15:10.227",
-  "lastModified": "2023-07-26T19:28:23.967",
+  "lastModified": "2023-08-01T02:15:10.243",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
@ -15,6 +15,10 @@
    {
      "url": "https://github.com/zmanda/amanda/releases/tag/tag-community-3.5.4",
      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/zmanda/amanda/security/advisories/GHSA-crrw-v393-h5q3",
+      "source": "cve@mitre.org"
    }
  ]
 }
--- a/CVE-2023/CVE-2023-33xx/CVE-2023-3316.json
+++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3316.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-3316",
  "sourceIdentifier": "reefs@jfrog.com",
  "published": "2023-06-19T12:15:09.520",
-  "lastModified": "2023-07-03T16:43:32.603",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-08-01T02:15:10.577",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -56,7 +56,7 @@
  },
  "weaknesses": [
    {
-      "source": "nvd@nist.gov",
+      "source": "reefs@jfrog.com",
      "type": "Primary",
      "description": [
        {
@ -66,7 +66,7 @@
      ]
    },
    {
-      "source": "reefs@jfrog.com",
+      "source": "nvd@nist.gov",
      "type": "Secondary",
      "description": [
        {
@ -113,6 +113,10 @@
        "Third Party Advisory"
      ]
    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html",
+      "source": "reefs@jfrog.com"
+    },
    {
      "url": "https://research.jfrog.com/vulnerabilities/libtiff-nullderef-dos-xray-522144/",
      "source": "reefs@jfrog.com",
--- a/CVE-2023/CVE-2023-349xx/CVE-2023-34960.json
+++ b/CVE-2023/CVE-2023-349xx/CVE-2023-34960.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-34960",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-08-01T02:15:10.307",
+  "lastModified": "2023-08-01T02:15:10.307",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "http://chamilo.com",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-112-2023-04-20-Critical-impact-High-risk-Remote-Code-Execution",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-368xx/CVE-2023-36884.json
+++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36884.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-36884",
  "sourceIdentifier": "secure@microsoft.com",
  "published": "2023-07-11T19:15:09.623",
-  "lastModified": "2023-07-31T23:15:10.167",
+  "lastModified": "2023-08-01T02:15:10.363",
  "vulnStatus": "Modified",
  "cisaExploitAdd": "2023-07-17",
  "cisaActionDue": "2023-08-07",
@ -11,7 +11,7 @@
  "descriptions": [
    {
      "lang": "en",
-      "value": "Microsoft is investigating reports of a series of remote code execution vulnerabilities impacting Windows and Office products. Microsoft is aware of targeted attacks that attempt to exploit these vulnerabilities by using specially-crafted Microsoft Office documents.\n\nAn attacker could create a specially crafted Microsoft Office document that enables them to perform remote code execution in the context of the victim. However, an attacker would have to convince the victim to open the malicious file.\n\nUpon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This might include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.\n\nPlease see the Microsoft Threat Intelligence  Blog https://aka.ms/Storm-0978 \u00a0Entry for important information about steps you can take to protect your system from this vulnerability.\n\nThis CVE will be updated with new information and links to security updates when they become available.\n\n"
+      "value": "Microsoft is investigating reports of a series of remote code execution vulnerabilities impacting Windows and Office products. Microsoft is aware of targeted attacks that attempt to exploit these vulnerabilities by using specially-crafted Microsoft Office documents.\n\nAn attacker could create a specially crafted Microsoft Office document that enables them to perform remote code execution in the context of the victim. However, an attacker would have to convince the victim to open the malicious file.\n\nUpon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This might include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.\n\nPlease see the Microsoft Threat Intelligence  Blog Entry https://aka.ms/Storm-0978  for important information about steps you can take to protect your system from this vulnerability.\n\nThis CVE will be updated with new information and links to security updates when they become available. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this CVE. See  Microsoft Technical Security Notifications https://www.microsoft.com/en-us/msrc/technical-security-notifications .\n\n"
    }
  ],
  "metrics": {
--- a/CVE-2023/CVE-2023-369xx/CVE-2023-36983.json
+++ b/CVE-2023/CVE-2023-369xx/CVE-2023-36983.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-36983",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-08-01T02:15:10.450",
+  "lastModified": "2023-08-01T02:15:10.450",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "LavaLite CMS v 9.0.0 is vulnerable to Sensitive Data Exposure."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/LavaLite/cms",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/M19O/Security-Advisories/tree/main/CVE-2023-36983",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-369xx/CVE-2023-36984.json
+++ b/CVE-2023/CVE-2023-369xx/CVE-2023-36984.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-36984",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-08-01T02:15:10.510",
+  "lastModified": "2023-08-01T02:15:10.510",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "LavaLite CMS v 9.0.0 is vulnerable to Sensitive Data Exposure."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/LavaLite/cms",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/M19O/Security-Advisories/tree/main/CVE-2023-36984",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-36xx/CVE-2023-3618.json
+++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3618.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-3618",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2023-07-12T15:15:09.060",
-  "lastModified": "2023-07-20T17:16:44.123",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-08-01T02:15:10.677",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -118,6 +118,10 @@
        "Issue Tracking",
        "Third Party Advisory"
      ]
+    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html",
+      "source": "secalert@redhat.com"
    }
  ]
 }
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-08-01T02:00:28.809930+00:00
+2023-08-01T04:00:26.515792+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-08-01T01:51:31.417000+00:00
+2023-08-01T02:15:10.677000+00:00
 ```

 ### Last Data Feed Release
@ -29,38 +29,32 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-221350
+221354
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `3`
+Recently added CVEs: `4`

-* [CVE-2023-37496](CVE-2023/CVE-2023-374xx/CVE-2023-37496.json) (`2023-08-01T01:15:10.770`)
-* [CVE-2023-37772](CVE-2023/CVE-2023-377xx/CVE-2023-37772.json) (`2023-08-01T01:15:10.850`)
-* [CVE-2023-4033](CVE-2023/CVE-2023-40xx/CVE-2023-4033.json) (`2023-08-01T01:15:10.913`)
+* [CVE-2020-10962](CVE-2020/CVE-2020-109xx/CVE-2020-10962.json) (`2023-08-01T02:15:09.687`)
+* [CVE-2023-34960](CVE-2023/CVE-2023-349xx/CVE-2023-34960.json) (`2023-08-01T02:15:10.307`)
+* [CVE-2023-36983](CVE-2023/CVE-2023-369xx/CVE-2023-36983.json) (`2023-08-01T02:15:10.450`)
+* [CVE-2023-36984](CVE-2023/CVE-2023-369xx/CVE-2023-36984.json) (`2023-08-01T02:15:10.510`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `16`
+Recently modified CVEs: `9`

-* [CVE-2021-39421](CVE-2021/CVE-2021-394xx/CVE-2021-39421.json) (`2023-08-01T00:54:48.313`)
-* [CVE-2021-37386](CVE-2021/CVE-2021-373xx/CVE-2021-37386.json) (`2023-08-01T01:15:10.463`)
-* [CVE-2022-46898](CVE-2022/CVE-2022-468xx/CVE-2022-46898.json) (`2023-08-01T01:21:54.823`)
-* [CVE-2022-46899](CVE-2022/CVE-2022-468xx/CVE-2022-46899.json) (`2023-08-01T01:28:42.690`)
-* [CVE-2022-46900](CVE-2022/CVE-2022-469xx/CVE-2022-46900.json) (`2023-08-01T01:30:08.263`)
-* [CVE-2022-46901](CVE-2022/CVE-2022-469xx/CVE-2022-46901.json) (`2023-08-01T01:32:04.767`)
-* [CVE-2023-36385](CVE-2023/CVE-2023-363xx/CVE-2023-36385.json) (`2023-08-01T00:45:15.787`)
-* [CVE-2023-36502](CVE-2023/CVE-2023-365xx/CVE-2023-36502.json) (`2023-08-01T00:47:08.160`)
-* [CVE-2023-36503](CVE-2023/CVE-2023-365xx/CVE-2023-36503.json) (`2023-08-01T00:48:46.750`)
-* [CVE-2023-39173](CVE-2023/CVE-2023-391xx/CVE-2023-39173.json) (`2023-08-01T01:02:33.797`)
-* [CVE-2023-39175](CVE-2023/CVE-2023-391xx/CVE-2023-39175.json) (`2023-08-01T01:08:48.417`)
-* [CVE-2023-39174](CVE-2023/CVE-2023-391xx/CVE-2023-39174.json) (`2023-08-01T01:10:49.157`)
-* [CVE-2023-28023](CVE-2023/CVE-2023-280xx/CVE-2023-28023.json) (`2023-08-01T01:15:10.603`)
-* [CVE-2023-30151](CVE-2023/CVE-2023-301xx/CVE-2023-30151.json) (`2023-08-01T01:15:10.693`)
-* [CVE-2023-34798](CVE-2023/CVE-2023-347xx/CVE-2023-34798.json) (`2023-08-01T01:38:58.997`)
-* [CVE-2023-37903](CVE-2023/CVE-2023-379xx/CVE-2023-37903.json) (`2023-08-01T01:51:31.417`)
+* [CVE-2021-37384](CVE-2021/CVE-2021-373xx/CVE-2021-37384.json) (`2023-08-01T02:15:09.783`)
+* [CVE-2023-25433](CVE-2023/CVE-2023-254xx/CVE-2023-25433.json) (`2023-08-01T02:15:09.910`)
+* [CVE-2023-26965](CVE-2023/CVE-2023-269xx/CVE-2023-26965.json) (`2023-08-01T02:15:10.003`)
+* [CVE-2023-26966](CVE-2023/CVE-2023-269xx/CVE-2023-26966.json) (`2023-08-01T02:15:10.080`)
+* [CVE-2023-2908](CVE-2023/CVE-2023-29xx/CVE-2023-2908.json) (`2023-08-01T02:15:10.147`)
+* [CVE-2023-30577](CVE-2023/CVE-2023-305xx/CVE-2023-30577.json) (`2023-08-01T02:15:10.243`)
+* [CVE-2023-36884](CVE-2023/CVE-2023-368xx/CVE-2023-36884.json) (`2023-08-01T02:15:10.363`)
+* [CVE-2023-3316](CVE-2023/CVE-2023-33xx/CVE-2023-3316.json) (`2023-08-01T02:15:10.577`)
+* [CVE-2023-3618](CVE-2023/CVE-2023-36xx/CVE-2023-3618.json) (`2023-08-01T02:15:10.677`)


 ## Download and Usage