Auto-Update: 2023-08-24T04:00:37.333167+00:00

2025-05-08 11:37:26 +00:00 · 2023-08-24 04:00:40 +00:00 · 2023-08-24 04:00:40 +00:00 · c3426869d6
commit c3426869d6
parent 2b91db82af
34 changed files with 328 additions and 75 deletions
--- a/CVE-2022/CVE-2022-37xx/CVE-2022-3742.json
+++ b/CVE-2022/CVE-2022-37xx/CVE-2022-3742.json
@ -2,8 +2,8 @@
  "id": "CVE-2022-3742",
  "sourceIdentifier": "psirt@lenovo.com",
  "published": "2023-08-23T20:15:08.327",
-  "lastModified": "2023-08-23T20:15:08.327",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:17.167",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2022/CVE-2022-37xx/CVE-2022-3743.json
+++ b/CVE-2022/CVE-2022-37xx/CVE-2022-3743.json
@ -2,8 +2,8 @@
  "id": "CVE-2022-3743",
  "sourceIdentifier": "psirt@lenovo.com",
  "published": "2023-08-23T20:15:08.497",
-  "lastModified": "2023-08-23T20:15:08.497",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:17.167",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2022/CVE-2022-37xx/CVE-2022-3744.json
+++ b/CVE-2022/CVE-2022-37xx/CVE-2022-3744.json
@ -2,8 +2,8 @@
  "id": "CVE-2022-3744",
  "sourceIdentifier": "psirt@lenovo.com",
  "published": "2023-08-23T20:15:08.577",
-  "lastModified": "2023-08-23T20:15:08.577",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:17.167",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2022/CVE-2022-37xx/CVE-2022-3745.json
+++ b/CVE-2022/CVE-2022-37xx/CVE-2022-3745.json
@ -2,8 +2,8 @@
  "id": "CVE-2022-3745",
  "sourceIdentifier": "psirt@lenovo.com",
  "published": "2023-08-23T20:15:08.660",
-  "lastModified": "2023-08-23T20:15:08.660",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:17.167",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2022/CVE-2022-37xx/CVE-2022-3746.json
+++ b/CVE-2022/CVE-2022-37xx/CVE-2022-3746.json
@ -2,8 +2,8 @@
  "id": "CVE-2022-3746",
  "sourceIdentifier": "psirt@lenovo.com",
  "published": "2023-08-23T20:15:08.743",
-  "lastModified": "2023-08-23T20:15:08.743",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:17.167",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-201xx/CVE-2023-20115.json
+++ b/CVE-2023/CVE-2023-201xx/CVE-2023-20115.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-20115",
  "sourceIdentifier": "ykramarz@cisco.com",
  "published": "2023-08-23T19:15:07.587",
-  "lastModified": "2023-08-23T19:15:07.587",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:23.930",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-201xx/CVE-2023-20168.json
+++ b/CVE-2023/CVE-2023-201xx/CVE-2023-20168.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-20168",
  "sourceIdentifier": "ykramarz@cisco.com",
  "published": "2023-08-23T19:15:07.777",
-  "lastModified": "2023-08-23T19:15:07.777",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:23.930",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-201xx/CVE-2023-20169.json
+++ b/CVE-2023/CVE-2023-201xx/CVE-2023-20169.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-20169",
  "sourceIdentifier": "ykramarz@cisco.com",
  "published": "2023-08-23T19:15:07.893",
-  "lastModified": "2023-08-23T19:15:07.893",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:23.930",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-202xx/CVE-2023-20200.json
+++ b/CVE-2023/CVE-2023-202xx/CVE-2023-20200.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-20200",
  "sourceIdentifier": "ykramarz@cisco.com",
  "published": "2023-08-23T19:15:08.020",
-  "lastModified": "2023-08-23T19:15:08.020",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:17.167",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-202xx/CVE-2023-20230.json
+++ b/CVE-2023/CVE-2023-202xx/CVE-2023-20230.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-20230",
  "sourceIdentifier": "ykramarz@cisco.com",
  "published": "2023-08-23T19:15:08.133",
-  "lastModified": "2023-08-23T19:15:08.133",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:17.167",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-202xx/CVE-2023-20234.json
+++ b/CVE-2023/CVE-2023-202xx/CVE-2023-20234.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-20234",
  "sourceIdentifier": "ykramarz@cisco.com",
  "published": "2023-08-23T19:15:08.277",
-  "lastModified": "2023-08-23T19:15:08.277",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:17.167",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-21xx/CVE-2023-2157.json
+++ b/CVE-2023/CVE-2023-21xx/CVE-2023-2157.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-2157",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2023-06-06T20:15:12.120",
-  "lastModified": "2023-06-13T19:30:29.680",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-08-24T03:15:07.590",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -83,6 +83,10 @@
        "Patch",
        "Third Party Advisory"
      ]
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/",
+      "source": "secalert@redhat.com"
    }
  ]
 }
--- a/CVE-2023/CVE-2023-31xx/CVE-2023-3195.json
+++ b/CVE-2023/CVE-2023-31xx/CVE-2023-3195.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-3195",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2023-06-16T20:15:09.547",
-  "lastModified": "2023-06-27T02:28:55.780",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-08-24T03:15:08.287",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -137,6 +137,10 @@
        "Patch"
      ]
    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/",
+      "source": "secalert@redhat.com"
+    },
    {
      "url": "https://www.openwall.com/lists/oss-security/2023/05/29/1",
      "source": "secalert@redhat.com",
--- a/CVE-2023/CVE-2023-322xx/CVE-2023-32202.json
+++ b/CVE-2023/CVE-2023-322xx/CVE-2023-32202.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-32202",
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "published": "2023-08-23T22:15:07.873",
-  "lastModified": "2023-08-23T22:15:07.873",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:17.167",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-325xx/CVE-2023-32559.json
+++ b/CVE-2023/CVE-2023-325xx/CVE-2023-32559.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-32559",
+  "sourceIdentifier": "support@hackerone.com",
+  "published": "2023-08-24T02:15:09.210",
+  "lastModified": "2023-08-24T02:15:09.210",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding('spawn_sync')` run arbitrary code, outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://hackerone.com/reports/1946470",
+      "source": "support@hackerone.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-344xx/CVE-2023-34474.json
+++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34474.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-34474",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2023-06-16T20:15:09.370",
-  "lastModified": "2023-06-27T02:13:23.640",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-08-24T03:15:08.007",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -122,6 +122,10 @@
      "tags": [
        "Patch"
      ]
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/",
+      "source": "secalert@redhat.com"
    }
  ]
 }
--- a/CVE-2023/CVE-2023-344xx/CVE-2023-34475.json
+++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34475.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-34475",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2023-06-16T20:15:09.433",
-  "lastModified": "2023-06-27T02:25:54.433",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-08-24T03:15:08.107",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -122,6 +122,10 @@
      "tags": [
        "Patch"
      ]
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/",
+      "source": "secalert@redhat.com"
    }
  ]
 }
--- a/CVE-2023/CVE-2023-34xx/CVE-2023-3453.json
+++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3453.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-3453",
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "published": "2023-08-23T22:15:08.930",
-  "lastModified": "2023-08-23T22:15:08.930",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:17.167",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-363xx/CVE-2023-36317.json
+++ b/CVE-2023/CVE-2023-363xx/CVE-2023-36317.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-36317",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-08-23T22:15:08.550",
-  "lastModified": "2023-08-23T22:15:08.550",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:17.167",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-384xx/CVE-2023-38422.json
+++ b/CVE-2023/CVE-2023-384xx/CVE-2023-38422.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-38422",
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "published": "2023-08-23T22:15:08.693",
-  "lastModified": "2023-08-23T22:15:08.693",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:17.167",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-388xx/CVE-2023-38831.json
+++ b/CVE-2023/CVE-2023-388xx/CVE-2023-38831.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-38831",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-08-23T17:15:43.863",
-  "lastModified": "2023-08-23T18:15:08.537",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:23.930",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-399xx/CVE-2023-39976.json
+++ b/CVE-2023/CVE-2023-399xx/CVE-2023-39976.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-39976",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-08-08T06:15:46.590",
-  "lastModified": "2023-08-10T16:09:40.993",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-08-24T03:15:08.193",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -85,6 +85,10 @@
      "tags": [
        "Patch"
      ]
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KECNF7LFBPE57XSBT6EM7ACVMIBP63WH/",
+      "source": "cve@mitre.org"
    }
  ]
 }
--- a/CVE-2023/CVE-2023-400xx/CVE-2023-40025.json
+++ b/CVE-2023/CVE-2023-400xx/CVE-2023-40025.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-40025",
  "sourceIdentifier": "security-advisories@github.com",
  "published": "2023-08-23T20:15:08.840",
-  "lastModified": "2023-08-23T20:15:08.840",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:17.167",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-400xx/CVE-2023-40035.json
+++ b/CVE-2023/CVE-2023-400xx/CVE-2023-40035.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-40035",
  "sourceIdentifier": "security-advisories@github.com",
  "published": "2023-08-23T21:15:08.300",
-  "lastModified": "2023-08-23T21:15:08.300",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:17.167",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-401xx/CVE-2023-40176.json
+++ b/CVE-2023/CVE-2023-401xx/CVE-2023-40176.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-40176",
  "sourceIdentifier": "security-advisories@github.com",
  "published": "2023-08-23T20:15:08.927",
-  "lastModified": "2023-08-23T20:15:08.927",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:17.167",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-401xx/CVE-2023-40177.json
+++ b/CVE-2023/CVE-2023-401xx/CVE-2023-40177.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-40177",
  "sourceIdentifier": "security-advisories@github.com",
  "published": "2023-08-23T21:15:08.670",
-  "lastModified": "2023-08-23T21:15:08.670",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:17.167",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-401xx/CVE-2023-40178.json
+++ b/CVE-2023/CVE-2023-401xx/CVE-2023-40178.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-40178",
  "sourceIdentifier": "security-advisories@github.com",
  "published": "2023-08-23T21:15:08.877",
-  "lastModified": "2023-08-23T21:15:08.877",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:17.167",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-401xx/CVE-2023-40185.json
+++ b/CVE-2023/CVE-2023-401xx/CVE-2023-40185.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-40185",
  "sourceIdentifier": "security-advisories@github.com",
  "published": "2023-08-23T21:15:09.063",
-  "lastModified": "2023-08-23T21:15:09.063",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:17.167",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-403xx/CVE-2023-40360.json
+++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40360.json
@ -2,27 +2,91 @@
  "id": "CVE-2023-40360",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-08-14T18:15:11.510",
-  "lastModified": "2023-08-14T18:59:33.233",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2023-08-24T02:19:25.093",
+  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "QEMU through 8.0.4 accesses a NULL pointer in nvme_directive_receive in hw/nvme/ctrl.c because there is no check for whether an endurance group is configured before checking whether Flexible Data Placement is enabled."
    }
  ],
-  "metrics": {},
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 5.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "nvd@nist.gov",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-476"
+        }
+      ]
+    }
+  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
+              "versionEndIncluding": "8.0.4",
+              "matchCriteriaId": "F7B6B5FB-14AD-40AE-90C6-4D7F455900FF"
+            }
+          ]
+        }
+      ]
+    }
+  ],
  "references": [
    {
      "url": "https://gitlab.com/birkelund/qemu/-/commit/6c8f8456cb0b239812dee5211881426496da7b98",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Patch"
+      ]
    },
    {
      "url": "https://gitlab.com/qemu-project/qemu/-/issues/1815",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Exploit",
+        "Issue Tracking",
+        "Vendor Advisory"
+      ]
    },
    {
      "url": "https://www.qemu.org/docs/master/system/security.html",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Vendor Advisory"
+      ]
    }
  ]
 }
--- a/CVE-2023/CVE-2023-405xx/CVE-2023-40572.json
+++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40572.json
@ -0,0 +1,63 @@
+{
+  "id": "CVE-2023-40572",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2023-08-24T02:15:09.643",
+  "lastModified": "2023-08-24T02:15:09.643",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The create action is vulnerable to a CSRF attack, allowing script and thus remote code execution when targeting a user with script/programming right, thus compromising the confidentiality, integrity and availability of the whole XWiki installation. When a user with script right views this image and a log message `ERROR foo - Script executed!` appears in the log, the XWiki installation is vulnerable. This has been patched in XWiki 14.10.9 and 15.4RC1 by requiring a CSRF token for the actual page creation."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.0,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 2.3,
+        "impactScore": 6.0
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-352"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/xwiki/xwiki-platform/commit/4b20528808d0c311290b0d9ab2cfc44063380ef7",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-4f8m-7h83-9f6m",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://jira.xwiki.org/browse/XWIKI-20849",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-405xx/CVE-2023-40573.json
+++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40573.json
@ -0,0 +1,63 @@
+{
+  "id": "CVE-2023-40573",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2023-08-24T02:15:09.973",
+  "lastModified": "2023-08-24T02:15:09.973",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki supports scheduled jobs that contain Groovy scripts. Currently, the job checks the content author of the job for programming right. However, modifying or adding a job script to a document doesn't modify the content author. Together with a CSRF vulnerability in the job scheduler, this can be exploited for remote code execution by an attacker with edit right on the wiki. If the attack is successful, an error log entry with \"Job content executed\" will be produced. This vulnerability has been patched in XWiki 14.10.9 and 15.4RC1."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.0,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 2.3,
+        "impactScore": 6.0
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-284"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/xwiki/xwiki-platform/commit/fcdcfed3fe2e8a3cad66ae0610795a2d58ab9662",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-8xhr-x3v8-rghj",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://jira.xwiki.org/browse/XWIKI-20852",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-406xx/CVE-2023-40612.json
+++ b/CVE-2023/CVE-2023-406xx/CVE-2023-40612.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-40612",
  "sourceIdentifier": "security@opennms.com",
  "published": "2023-08-23T19:15:08.443",
-  "lastModified": "2023-08-23T19:15:08.443",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:17.167",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/CVE-2023/CVE-2023-410xx/CVE-2023-41028.json
+++ b/CVE-2023/CVE-2023-410xx/CVE-2023-41028.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-41028",
  "sourceIdentifier": "disclosures@exodusintel.com",
  "published": "2023-08-23T22:15:09.077",
-  "lastModified": "2023-08-23T22:15:09.077",
-  "vulnStatus": "Received",
+  "lastModified": "2023-08-24T02:02:17.167",
+  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-08-23T23:55:30.468203+00:00
+2023-08-24T04:00:37.333167+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-08-23T22:15:09.077000+00:00
+2023-08-24T03:15:08.287000+00:00
 ```

 ### Last Data Feed Release
@ -23,30 +23,53 @@ Repository synchronizes with the NVD every 2 hours.
 Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)

 ```plain
-2023-08-23T00:00:13.541366+00:00
+2023-08-24T00:00:13.569934+00:00
 ```

 ### Total Number of included CVEs

 ```plain
-223343
+223346
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `5`
+Recently added CVEs: `3`

-* [CVE-2023-32202](CVE-2023/CVE-2023-322xx/CVE-2023-32202.json) (`2023-08-23T22:15:07.873`)
-* [CVE-2023-36317](CVE-2023/CVE-2023-363xx/CVE-2023-36317.json) (`2023-08-23T22:15:08.550`)
-* [CVE-2023-38422](CVE-2023/CVE-2023-384xx/CVE-2023-38422.json) (`2023-08-23T22:15:08.693`)
-* [CVE-2023-3453](CVE-2023/CVE-2023-34xx/CVE-2023-3453.json) (`2023-08-23T22:15:08.930`)
-* [CVE-2023-41028](CVE-2023/CVE-2023-410xx/CVE-2023-41028.json) (`2023-08-23T22:15:09.077`)
+* [CVE-2023-32559](CVE-2023/CVE-2023-325xx/CVE-2023-32559.json) (`2023-08-24T02:15:09.210`)
+* [CVE-2023-40572](CVE-2023/CVE-2023-405xx/CVE-2023-40572.json) (`2023-08-24T02:15:09.643`)
+* [CVE-2023-40573](CVE-2023/CVE-2023-405xx/CVE-2023-40573.json) (`2023-08-24T02:15:09.973`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `0`
+Recently modified CVEs: `30`

+* [CVE-2023-20200](CVE-2023/CVE-2023-202xx/CVE-2023-20200.json) (`2023-08-24T02:02:17.167`)
+* [CVE-2023-20230](CVE-2023/CVE-2023-202xx/CVE-2023-20230.json) (`2023-08-24T02:02:17.167`)
+* [CVE-2023-20234](CVE-2023/CVE-2023-202xx/CVE-2023-20234.json) (`2023-08-24T02:02:17.167`)
+* [CVE-2023-40612](CVE-2023/CVE-2023-406xx/CVE-2023-40612.json) (`2023-08-24T02:02:17.167`)
+* [CVE-2023-40025](CVE-2023/CVE-2023-400xx/CVE-2023-40025.json) (`2023-08-24T02:02:17.167`)
+* [CVE-2023-40176](CVE-2023/CVE-2023-401xx/CVE-2023-40176.json) (`2023-08-24T02:02:17.167`)
+* [CVE-2023-40035](CVE-2023/CVE-2023-400xx/CVE-2023-40035.json) (`2023-08-24T02:02:17.167`)
+* [CVE-2023-40177](CVE-2023/CVE-2023-401xx/CVE-2023-40177.json) (`2023-08-24T02:02:17.167`)
+* [CVE-2023-40178](CVE-2023/CVE-2023-401xx/CVE-2023-40178.json) (`2023-08-24T02:02:17.167`)
+* [CVE-2023-40185](CVE-2023/CVE-2023-401xx/CVE-2023-40185.json) (`2023-08-24T02:02:17.167`)
+* [CVE-2023-32202](CVE-2023/CVE-2023-322xx/CVE-2023-32202.json) (`2023-08-24T02:02:17.167`)
+* [CVE-2023-36317](CVE-2023/CVE-2023-363xx/CVE-2023-36317.json) (`2023-08-24T02:02:17.167`)
+* [CVE-2023-38422](CVE-2023/CVE-2023-384xx/CVE-2023-38422.json) (`2023-08-24T02:02:17.167`)
+* [CVE-2023-3453](CVE-2023/CVE-2023-34xx/CVE-2023-3453.json) (`2023-08-24T02:02:17.167`)
+* [CVE-2023-41028](CVE-2023/CVE-2023-410xx/CVE-2023-41028.json) (`2023-08-24T02:02:17.167`)
+* [CVE-2023-38831](CVE-2023/CVE-2023-388xx/CVE-2023-38831.json) (`2023-08-24T02:02:23.930`)
+* [CVE-2023-20115](CVE-2023/CVE-2023-201xx/CVE-2023-20115.json) (`2023-08-24T02:02:23.930`)
+* [CVE-2023-20168](CVE-2023/CVE-2023-201xx/CVE-2023-20168.json) (`2023-08-24T02:02:23.930`)
+* [CVE-2023-20169](CVE-2023/CVE-2023-201xx/CVE-2023-20169.json) (`2023-08-24T02:02:23.930`)
+* [CVE-2023-40360](CVE-2023/CVE-2023-403xx/CVE-2023-40360.json) (`2023-08-24T02:19:25.093`)
+* [CVE-2023-2157](CVE-2023/CVE-2023-21xx/CVE-2023-2157.json) (`2023-08-24T03:15:07.590`)
+* [CVE-2023-34474](CVE-2023/CVE-2023-344xx/CVE-2023-34474.json) (`2023-08-24T03:15:08.007`)
+* [CVE-2023-34475](CVE-2023/CVE-2023-344xx/CVE-2023-34475.json) (`2023-08-24T03:15:08.107`)
+* [CVE-2023-39976](CVE-2023/CVE-2023-399xx/CVE-2023-39976.json) (`2023-08-24T03:15:08.193`)
+* [CVE-2023-3195](CVE-2023/CVE-2023-31xx/CVE-2023-3195.json) (`2023-08-24T03:15:08.287`)


 ## Download and Usage