Auto-Update: 2023-06-13T08:00:33.400134+00:00

2025-07-11 16:13:34 +00:00 · 2023-06-13 08:00:36 +00:00 · 2023-06-13 08:00:36 +00:00 · baa870017e
commit baa870017e
parent 2d095d0df7
3 changed files with 120 additions and 5 deletions
--- a/CVE-2023/CVE-2023-01xx/CVE-2023-0142.json
+++ b/CVE-2023/CVE-2023-01xx/CVE-2023-0142.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-0142",
+  "sourceIdentifier": "security@synology.com",
+  "published": "2023-06-13T07:15:46.203",
+  "lastModified": "2023-06-13T07:15:46.203",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Uncontrolled search path element vulnerability in Backup Management Functionality in Synology DiskStation Manager (DSM) before 7.1-42661 allows remote authenticated users to read or write arbitrary files via unspecified vectors."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@synology.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 6.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 5.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@synology.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-427"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_05",
+      "source": "security@synology.com"
+    },
+    {
+      "url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_06",
+      "source": "security@synology.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-26xx/CVE-2023-2673.json
+++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2673.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-2673",
+  "sourceIdentifier": "info@cert.vde.com",
+  "published": "2023-06-13T07:15:46.460",
+  "lastModified": "2023-06-13T07:15:46.460",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple versions may allow\u00a0UDP packets to bypass the filter rules and access the solely connected device behind the MGUARD which can be used for flooding attacks."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "info@cert.vde.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.8,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "info@cert.vde.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-20"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://cert.vde.com/en/advisories/VDE-2023-010/",
+      "source": "info@cert.vde.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-06-13T06:00:28.569136+00:00
+2023-06-13T08:00:33.400134+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-06-13T04:15:10.307000+00:00
+2023-06-13T07:15:46.460000+00:00
 ```

 ### Last Data Feed Release
@ -29,14 +29,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-217498
+217500
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `1`
+Recently added CVEs: `2`

-* [CVE-2023-2876](CVE-2023/CVE-2023-28xx/CVE-2023-2876.json) (`2023-06-13T04:15:10.307`)
+* [CVE-2023-0142](CVE-2023/CVE-2023-01xx/CVE-2023-0142.json) (`2023-06-13T07:15:46.203`)
+* [CVE-2023-2673](CVE-2023/CVE-2023-26xx/CVE-2023-2673.json) (`2023-06-13T07:15:46.460`)


 ### CVEs modified in the last Commit