Auto-Update: 2023-08-21T10:00:30.422036+00:00

2025-07-09 16:05:11 +00:00 · 2023-08-21 10:00:33 +00:00 · 2023-08-21 10:00:33 +00:00 · b881cf71d5
commit b881cf71d5
parent 6b39943f26
4 changed files with 96 additions and 8 deletions
--- a/CVE-2023/CVE-2023-395xx/CVE-2023-39543.json
+++ b/CVE-2023/CVE-2023-395xx/CVE-2023-39543.json
@ -0,0 +1,28 @@
+{
+  "id": "CVE-2023-39543",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2023-08-21T09:15:09.433",
+  "lastModified": "2023-08-21T09:15:09.433",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.3M (MySQL version) and LuxCal Web Calendar prior to 5.2.3L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN04876736/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.luxsoft.eu/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.luxsoft.eu/?download",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-399xx/CVE-2023-39939.json
+++ b/CVE-2023/CVE-2023-399xx/CVE-2023-39939.json
@ -0,0 +1,28 @@
+{
+  "id": "CVE-2023-39939",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2023-08-21T09:15:10.280",
+  "lastModified": "2023-08-21T09:15:10.280",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.3M (MySQL version) and LuxCal Web Calendar prior to 5.2.3L (SQLite version) allows a remote unauthenticated attacker to execute arbitrary queries against the database and obtain or alter the information in it."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN04876736/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.luxsoft.eu/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.luxsoft.eu/?download",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-400xx/CVE-2023-40068.json
+++ b/CVE-2023/CVE-2023-400xx/CVE-2023-40068.json
@ -0,0 +1,32 @@
+{
+  "id": "CVE-2023-40068",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2023-08-21T09:15:10.430",
+  "lastModified": "2023-08-21T09:15:10.430",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross-site scripting vulnerability in Advanced Custom Fields versions 6.1.0 to 6.1.7 and Advanced Custom Fields Pro versions 6.1.0 to 6.1.7 allows a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product with the administrative privilege."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN98946408/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://wordpress.org/plugins/advanced-custom-fields/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.advancedcustomfields.com/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.advancedcustomfields.com/blog/acf-6-1-8/",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-08-21T08:00:25.490511+00:00
+2023-08-21T10:00:30.422036+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-08-21T07:15:34.127000+00:00
+2023-08-21T09:15:10.430000+00:00
 ```

 ### Last Data Feed Release
@ -29,22 +29,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-223047
+223050
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `1`
+Recently added CVEs: `3`

-* [CVE-2022-46751](CVE-2022/CVE-2022-467xx/CVE-2022-46751.json) (`2023-08-21T07:15:33.740`)
+* [CVE-2023-39543](CVE-2023/CVE-2023-395xx/CVE-2023-39543.json) (`2023-08-21T09:15:09.433`)
+* [CVE-2023-39939](CVE-2023/CVE-2023-399xx/CVE-2023-39939.json) (`2023-08-21T09:15:10.280`)
+* [CVE-2023-40068](CVE-2023/CVE-2023-400xx/CVE-2023-40068.json) (`2023-08-21T09:15:10.430`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `2`
+Recently modified CVEs: `0`

-* [CVE-2023-39851](CVE-2023/CVE-2023-398xx/CVE-2023-39851.json) (`2023-08-21T07:15:33.973`)
-* [CVE-2023-39852](CVE-2023/CVE-2023-398xx/CVE-2023-39852.json) (`2023-08-21T07:15:34.127`)


 ## Download and Usage