diff --git a/CVE-2018/CVE-2018-146xx/CVE-2018-14628.json b/CVE-2018/CVE-2018-146xx/CVE-2018-14628.json index a81f5ed3d51..ab8161f0344 100644 --- a/CVE-2018/CVE-2018-146xx/CVE-2018-14628.json +++ b/CVE-2018/CVE-2018-146xx/CVE-2018-14628.json @@ -2,7 +2,7 @@ "id": "CVE-2018-14628", "sourceIdentifier": "secalert@redhat.com", "published": "2023-01-17T18:15:10.810", - "lastModified": "2023-12-02T02:15:07.067", + "lastModified": "2023-12-04T03:15:07.080", "vulnStatus": "Modified", "descriptions": [ { @@ -107,6 +107,10 @@ { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DK57HQRTCDOZDIIICYWQ4Z5IQXTWVVW/", "source": "secalert@redhat.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ACVMYEP5KJRL3FWSCZW2MQZ26IVPXY62/", + "source": "secalert@redhat.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32841.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32841.json new file mode 100644 index 00000000000..56aedb2644c --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32841.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32841", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:07.347", + "lastModified": "2023-12-04T04:15:07.347", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32842.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32842.json new file mode 100644 index 00000000000..73e64f13447 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32842.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32842", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:07.417", + "lastModified": "2023-12-04T04:15:07.417", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32843.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32843.json new file mode 100644 index 00000000000..cda4b1ea4be --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32843.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32843", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:07.463", + "lastModified": "2023-12-04T04:15:07.463", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32844.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32844.json new file mode 100644 index 00000000000..6425e3ff2df --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32844.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32844", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:07.510", + "lastModified": "2023-12-04T04:15:07.510", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32845.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32845.json new file mode 100644 index 00000000000..ef85f3b0158 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32845.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32845", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:07.567", + "lastModified": "2023-12-04T04:15:07.567", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32846.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32846.json new file mode 100644 index 00000000000..4c855a82874 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32846.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32846", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:07.613", + "lastModified": "2023-12-04T04:15:07.613", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32847.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32847.json new file mode 100644 index 00000000000..81c957cdf68 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32847.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32847", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:07.663", + "lastModified": "2023-12-04T04:15:07.663", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08241940; Issue ID: ALPS08241940." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32848.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32848.json new file mode 100644 index 00000000000..08a9788e38d --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32848.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32848", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:07.710", + "lastModified": "2023-12-04T04:15:07.710", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In vdec, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08163896; Issue ID: ALPS08163896." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32849.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32849.json new file mode 100644 index 00000000000..ac3bffe33cf --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32849.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32849", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:07.757", + "lastModified": "2023-12-04T04:15:07.757", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In cmdq, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08161758; Issue ID: ALPS08161758." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32850.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32850.json new file mode 100644 index 00000000000..aecb1cadc14 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32850.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32850", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:07.807", + "lastModified": "2023-12-04T04:15:07.807", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In decoder, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08016659; Issue ID: ALPS08016659." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32851.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32851.json new file mode 100644 index 00000000000..30a8d6ed930 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32851.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32851", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:07.857", + "lastModified": "2023-12-04T04:15:07.857", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08016652; Issue ID: ALPS08016652." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32852.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32852.json new file mode 100644 index 00000000000..f5eddeb0a6a --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32852.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32852", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:07.907", + "lastModified": "2023-12-04T04:15:07.907", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In cameraisp, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07670971; Issue ID: ALPS07670971." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32853.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32853.json new file mode 100644 index 00000000000..edb745a90a4 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32853.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32853", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:07.950", + "lastModified": "2023-12-04T04:15:07.950", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In rpmb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648764; Issue ID: ALPS07648764." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32854.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32854.json new file mode 100644 index 00000000000..9ab2ef41ab5 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32854.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32854", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:08.000", + "lastModified": "2023-12-04T04:15:08.000", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08240132; Issue ID: ALPS08240132." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32855.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32855.json new file mode 100644 index 00000000000..da08e739561 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32855.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32855", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:08.043", + "lastModified": "2023-12-04T04:15:08.043", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In aee, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07909204; Issue ID: ALPS07909204." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32856.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32856.json new file mode 100644 index 00000000000..1ee18d13404 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32856.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32856", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:08.093", + "lastModified": "2023-12-04T04:15:08.093", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In display, there is a possible out of bounds read due to an incorrect status check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993705; Issue ID: ALPS07993705." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32857.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32857.json new file mode 100644 index 00000000000..90cf596e029 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32857.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32857", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:08.140", + "lastModified": "2023-12-04T04:15:08.140", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In display, there is a possible out of bounds read due to an incorrect status check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993705; Issue ID: ALPS07993710." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32858.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32858.json new file mode 100644 index 00000000000..0a59e4df8b5 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32858.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32858", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:08.190", + "lastModified": "2023-12-04T04:15:08.190", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In GZ, there is a possible information disclosure due to a missing data erasing. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07806008; Issue ID: ALPS07806008." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32859.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32859.json new file mode 100644 index 00000000000..46cedef7f89 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32859.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32859", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:08.240", + "lastModified": "2023-12-04T04:15:08.240", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In meta, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08000473; Issue ID: ALPS08000473." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32860.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32860.json new file mode 100644 index 00000000000..54bfef15314 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32860.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32860", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:08.300", + "lastModified": "2023-12-04T04:15:08.300", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In display, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929788; Issue ID: ALPS07929788." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32861.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32861.json new file mode 100644 index 00000000000..56d9502e163 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32861.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32861", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:08.353", + "lastModified": "2023-12-04T04:15:08.353", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In display, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08059081; Issue ID: ALPS08059081." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32862.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32862.json new file mode 100644 index 00000000000..a48e4711b40 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32862.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32862", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:08.397", + "lastModified": "2023-12-04T04:15:08.397", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In display, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07388762; Issue ID: ALPS07388762." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32863.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32863.json new file mode 100644 index 00000000000..7606687d97a --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32863.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32863", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:08.440", + "lastModified": "2023-12-04T04:15:08.440", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In display drm, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326314; Issue ID: ALPS07326314." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32864.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32864.json new file mode 100644 index 00000000000..a1b58b33ad2 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32864.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32864", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:08.487", + "lastModified": "2023-12-04T04:15:08.487", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In display drm, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07292187; Issue ID: ALPS07292187." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32865.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32865.json new file mode 100644 index 00000000000..9bb6841091b --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32865.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32865", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:08.533", + "lastModified": "2023-12-04T04:15:08.533", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In display drm, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363456; Issue ID: ALPS07363456." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32866.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32866.json new file mode 100644 index 00000000000..a3a17c5eae5 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32866.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32866", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:08.577", + "lastModified": "2023-12-04T04:15:08.577", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In mmp, there is a possible memory corruption due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07342152; Issue ID: ALPS07342152." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32867.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32867.json new file mode 100644 index 00000000000..3846d8b0a87 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32867.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32867", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:08.623", + "lastModified": "2023-12-04T04:15:08.623", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560793; Issue ID: ALPS07560793." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32868.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32868.json new file mode 100644 index 00000000000..dfd8e00f1fe --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32868.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32868", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:08.673", + "lastModified": "2023-12-04T04:15:08.673", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363632; Issue ID: ALPS07363632." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32869.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32869.json new file mode 100644 index 00000000000..402c24cd146 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32869.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32869", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:08.717", + "lastModified": "2023-12-04T04:15:08.717", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363632; Issue ID: ALPS07363689." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-328xx/CVE-2023-32870.json b/CVE-2023/CVE-2023-328xx/CVE-2023-32870.json new file mode 100644 index 00000000000..fb670b10df2 --- /dev/null +++ b/CVE-2023/CVE-2023-328xx/CVE-2023-32870.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32870", + "sourceIdentifier": "security@mediatek.com", + "published": "2023-12-04T04:15:08.760", + "lastModified": "2023-12-04T04:15:08.760", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In display drm, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363740; Issue ID: ALPS07363740." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://corp.mediatek.com/product-security-bulletin/December-2023", + "source": "security@mediatek.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-61xx/CVE-2023-6111.json b/CVE-2023/CVE-2023-61xx/CVE-2023-6111.json index db34768710f..e5c25f687bf 100644 --- a/CVE-2023/CVE-2023-61xx/CVE-2023-6111.json +++ b/CVE-2023/CVE-2023-61xx/CVE-2023-6111.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6111", "sourceIdentifier": "cve-coordination@google.com", "published": "2023-11-14T14:15:29.063", - "lastModified": "2023-11-18T03:27:23.190", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-04T03:15:07.253", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -113,6 +113,14 @@ "tags": [ "Patch" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IG6IF3FUY7LVZJMFRPANAU4L4PSJ3ESQ/", + "source": "cve-coordination@google.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YQ7JVDEDZV5SNHG5EW7RHKK2ZN56HSGB/", + "source": "cve-coordination@google.com" } ] } \ No newline at end of file diff --git a/README.md b/README.md index ef2cf189a62..694df7e98aa 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-12-04T03:00:18.824550+00:00 +2023-12-04T05:00:20.093661+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-12-04T02:58:50.030000+00:00 +2023-12-04T04:15:08.760000+00:00 ``` ### Last Data Feed Release @@ -29,50 +29,46 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -232087 +232117 ``` ### CVEs added in the last Commit -Recently added CVEs: `89` +Recently added CVEs: `30` -* [CVE-2023-42731](CVE-2023/CVE-2023-427xx/CVE-2023-42731.json) (`2023-12-04T01:15:11.233`) -* [CVE-2023-42732](CVE-2023/CVE-2023-427xx/CVE-2023-42732.json) (`2023-12-04T01:15:11.277`) -* [CVE-2023-42733](CVE-2023/CVE-2023-427xx/CVE-2023-42733.json) (`2023-12-04T01:15:11.320`) -* [CVE-2023-42734](CVE-2023/CVE-2023-427xx/CVE-2023-42734.json) (`2023-12-04T01:15:11.370`) -* [CVE-2023-42735](CVE-2023/CVE-2023-427xx/CVE-2023-42735.json) (`2023-12-04T01:15:11.423`) -* [CVE-2023-42736](CVE-2023/CVE-2023-427xx/CVE-2023-42736.json) (`2023-12-04T01:15:11.470`) -* [CVE-2023-42737](CVE-2023/CVE-2023-427xx/CVE-2023-42737.json) (`2023-12-04T01:15:11.517`) -* [CVE-2023-42738](CVE-2023/CVE-2023-427xx/CVE-2023-42738.json) (`2023-12-04T01:15:11.560`) -* [CVE-2023-42739](CVE-2023/CVE-2023-427xx/CVE-2023-42739.json) (`2023-12-04T01:15:11.607`) -* [CVE-2023-42740](CVE-2023/CVE-2023-427xx/CVE-2023-42740.json) (`2023-12-04T01:15:11.650`) -* [CVE-2023-42741](CVE-2023/CVE-2023-427xx/CVE-2023-42741.json) (`2023-12-04T01:15:11.697`) -* [CVE-2023-42742](CVE-2023/CVE-2023-427xx/CVE-2023-42742.json) (`2023-12-04T01:15:11.740`) -* [CVE-2023-42743](CVE-2023/CVE-2023-427xx/CVE-2023-42743.json) (`2023-12-04T01:15:11.783`) -* [CVE-2023-42744](CVE-2023/CVE-2023-427xx/CVE-2023-42744.json) (`2023-12-04T01:15:11.830`) -* [CVE-2023-42745](CVE-2023/CVE-2023-427xx/CVE-2023-42745.json) (`2023-12-04T01:15:11.873`) -* [CVE-2023-42746](CVE-2023/CVE-2023-427xx/CVE-2023-42746.json) (`2023-12-04T01:15:11.920`) -* [CVE-2023-42747](CVE-2023/CVE-2023-427xx/CVE-2023-42747.json) (`2023-12-04T01:15:11.957`) -* [CVE-2023-42748](CVE-2023/CVE-2023-427xx/CVE-2023-42748.json) (`2023-12-04T01:15:12.000`) -* [CVE-2023-42749](CVE-2023/CVE-2023-427xx/CVE-2023-42749.json) (`2023-12-04T01:15:12.047`) -* [CVE-2023-42751](CVE-2023/CVE-2023-427xx/CVE-2023-42751.json) (`2023-12-04T01:15:12.097`) -* [CVE-2023-46167](CVE-2023/CVE-2023-461xx/CVE-2023-46167.json) (`2023-12-04T01:15:12.147`) -* [CVE-2023-47701](CVE-2023/CVE-2023-477xx/CVE-2023-47701.json) (`2023-12-04T01:15:12.340`) -* [CVE-2023-29258](CVE-2023/CVE-2023-292xx/CVE-2023-29258.json) (`2023-12-04T02:15:06.647`) -* [CVE-2023-38727](CVE-2023/CVE-2023-387xx/CVE-2023-38727.json) (`2023-12-04T02:15:06.867`) -* [CVE-2023-40687](CVE-2023/CVE-2023-406xx/CVE-2023-40687.json) (`2023-12-04T02:15:07.077`) +* [CVE-2023-32846](CVE-2023/CVE-2023-328xx/CVE-2023-32846.json) (`2023-12-04T04:15:07.613`) +* [CVE-2023-32847](CVE-2023/CVE-2023-328xx/CVE-2023-32847.json) (`2023-12-04T04:15:07.663`) +* [CVE-2023-32848](CVE-2023/CVE-2023-328xx/CVE-2023-32848.json) (`2023-12-04T04:15:07.710`) +* [CVE-2023-32849](CVE-2023/CVE-2023-328xx/CVE-2023-32849.json) (`2023-12-04T04:15:07.757`) +* [CVE-2023-32850](CVE-2023/CVE-2023-328xx/CVE-2023-32850.json) (`2023-12-04T04:15:07.807`) +* [CVE-2023-32851](CVE-2023/CVE-2023-328xx/CVE-2023-32851.json) (`2023-12-04T04:15:07.857`) +* [CVE-2023-32852](CVE-2023/CVE-2023-328xx/CVE-2023-32852.json) (`2023-12-04T04:15:07.907`) +* [CVE-2023-32853](CVE-2023/CVE-2023-328xx/CVE-2023-32853.json) (`2023-12-04T04:15:07.950`) +* [CVE-2023-32854](CVE-2023/CVE-2023-328xx/CVE-2023-32854.json) (`2023-12-04T04:15:08.000`) +* [CVE-2023-32855](CVE-2023/CVE-2023-328xx/CVE-2023-32855.json) (`2023-12-04T04:15:08.043`) +* [CVE-2023-32856](CVE-2023/CVE-2023-328xx/CVE-2023-32856.json) (`2023-12-04T04:15:08.093`) +* [CVE-2023-32857](CVE-2023/CVE-2023-328xx/CVE-2023-32857.json) (`2023-12-04T04:15:08.140`) +* [CVE-2023-32858](CVE-2023/CVE-2023-328xx/CVE-2023-32858.json) (`2023-12-04T04:15:08.190`) +* [CVE-2023-32859](CVE-2023/CVE-2023-328xx/CVE-2023-32859.json) (`2023-12-04T04:15:08.240`) +* [CVE-2023-32860](CVE-2023/CVE-2023-328xx/CVE-2023-32860.json) (`2023-12-04T04:15:08.300`) +* [CVE-2023-32861](CVE-2023/CVE-2023-328xx/CVE-2023-32861.json) (`2023-12-04T04:15:08.353`) +* [CVE-2023-32862](CVE-2023/CVE-2023-328xx/CVE-2023-32862.json) (`2023-12-04T04:15:08.397`) +* [CVE-2023-32863](CVE-2023/CVE-2023-328xx/CVE-2023-32863.json) (`2023-12-04T04:15:08.440`) +* [CVE-2023-32864](CVE-2023/CVE-2023-328xx/CVE-2023-32864.json) (`2023-12-04T04:15:08.487`) +* [CVE-2023-32865](CVE-2023/CVE-2023-328xx/CVE-2023-32865.json) (`2023-12-04T04:15:08.533`) +* [CVE-2023-32866](CVE-2023/CVE-2023-328xx/CVE-2023-32866.json) (`2023-12-04T04:15:08.577`) +* [CVE-2023-32867](CVE-2023/CVE-2023-328xx/CVE-2023-32867.json) (`2023-12-04T04:15:08.623`) +* [CVE-2023-32868](CVE-2023/CVE-2023-328xx/CVE-2023-32868.json) (`2023-12-04T04:15:08.673`) +* [CVE-2023-32869](CVE-2023/CVE-2023-328xx/CVE-2023-32869.json) (`2023-12-04T04:15:08.717`) +* [CVE-2023-32870](CVE-2023/CVE-2023-328xx/CVE-2023-32870.json) (`2023-12-04T04:15:08.760`) ### CVEs modified in the last Commit -Recently modified CVEs: `6` +Recently modified CVEs: `2` -* [CVE-2022-4957](CVE-2022/CVE-2022-49xx/CVE-2022-4957.json) (`2023-12-04T02:58:50.030`) -* [CVE-2023-45178](CVE-2023/CVE-2023-451xx/CVE-2023-45178.json) (`2023-12-04T02:58:50.030`) -* [CVE-2023-49946](CVE-2023/CVE-2023-499xx/CVE-2023-49946.json) (`2023-12-04T02:58:50.030`) -* [CVE-2023-49947](CVE-2023/CVE-2023-499xx/CVE-2023-49947.json) (`2023-12-04T02:58:50.030`) -* [CVE-2023-49948](CVE-2023/CVE-2023-499xx/CVE-2023-49948.json) (`2023-12-04T02:58:50.030`) -* [CVE-2023-40692](CVE-2023/CVE-2023-406xx/CVE-2023-40692.json) (`2023-12-04T02:58:50.030`) +* [CVE-2018-14628](CVE-2018/CVE-2018-146xx/CVE-2018-14628.json) (`2023-12-04T03:15:07.080`) +* [CVE-2023-6111](CVE-2023/CVE-2023-61xx/CVE-2023-6111.json) (`2023-12-04T03:15:07.253`) ## Download and Usage