From baa870017e36b568abc78d7094d13b647a40225e Mon Sep 17 00:00:00 2001
From: cad-safe-bot <cad-safe-bot@protonmail.com>
Date: Tue, 13 Jun 2023 08:00:36 +0000
Subject: [PATCH] Auto-Update: 2023-06-13T08:00:33.400134+00:00

---
 CVE-2023/CVE-2023-01xx/CVE-2023-0142.json | 59 +++++++++++++++++++++++
 CVE-2023/CVE-2023-26xx/CVE-2023-2673.json | 55 +++++++++++++++++++++
 README.md                                 | 11 +++--
 3 files changed, 120 insertions(+), 5 deletions(-)
 create mode 100644 CVE-2023/CVE-2023-01xx/CVE-2023-0142.json
 create mode 100644 CVE-2023/CVE-2023-26xx/CVE-2023-2673.json

diff --git a/CVE-2023/CVE-2023-01xx/CVE-2023-0142.json b/CVE-2023/CVE-2023-01xx/CVE-2023-0142.json
new file mode 100644
index 00000000000..990fa4239b8
--- /dev/null
+++ b/CVE-2023/CVE-2023-01xx/CVE-2023-0142.json
@@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-0142",
+  "sourceIdentifier": "security@synology.com",
+  "published": "2023-06-13T07:15:46.203",
+  "lastModified": "2023-06-13T07:15:46.203",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Uncontrolled search path element vulnerability in Backup Management Functionality in Synology DiskStation Manager (DSM) before 7.1-42661 allows remote authenticated users to read or write arbitrary files via unspecified vectors."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@synology.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 6.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 5.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@synology.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-427"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_05",
+      "source": "security@synology.com"
+    },
+    {
+      "url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_06",
+      "source": "security@synology.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2673.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2673.json
new file mode 100644
index 00000000000..8d9e2db6c41
--- /dev/null
+++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2673.json
@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-2673",
+  "sourceIdentifier": "info@cert.vde.com",
+  "published": "2023-06-13T07:15:46.460",
+  "lastModified": "2023-06-13T07:15:46.460",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow\u00a0UDP packets to bypass the filter rules and access the solely connected device behind the MGUARD which can be used for flooding attacks."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "info@cert.vde.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.8,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "info@cert.vde.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-20"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://cert.vde.com/en/advisories/VDE-2023-010/",
+      "source": "info@cert.vde.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/README.md b/README.md
index 97d16df08ae..854e2365aa3 100644
--- a/README.md
+++ b/README.md
@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-06-13T06:00:28.569136+00:00
+2023-06-13T08:00:33.400134+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-06-13T04:15:10.307000+00:00
+2023-06-13T07:15:46.460000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,14 +29,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-217498
+217500
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `1`
+Recently added CVEs: `2`
 
-* [CVE-2023-2876](CVE-2023/CVE-2023-28xx/CVE-2023-2876.json) (`2023-06-13T04:15:10.307`)
+* [CVE-2023-0142](CVE-2023/CVE-2023-01xx/CVE-2023-0142.json) (`2023-06-13T07:15:46.203`)
+* [CVE-2023-2673](CVE-2023/CVE-2023-26xx/CVE-2023-2673.json) (`2023-06-13T07:15:46.460`)
 
 
 ### CVEs modified in the last Commit