From c95e7ad2658e00b786dcab924c8617d8ef6f3db7 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 14 Dec 2023 11:00:21 +0000 Subject: [PATCH] Auto-Update: 2023-12-14T11:00:18.298653+00:00 --- CVE-2023/CVE-2023-340xx/CVE-2023-34053.json | 8 ++- CVE-2023/CVE-2023-406xx/CVE-2023-40627.json | 32 ++++++++++++ CVE-2023/CVE-2023-406xx/CVE-2023-40628.json | 32 ++++++++++++ CVE-2023/CVE-2023-406xx/CVE-2023-40629.json | 32 ++++++++++++ CVE-2023/CVE-2023-406xx/CVE-2023-40630.json | 32 ++++++++++++ CVE-2023/CVE-2023-406xx/CVE-2023-40655.json | 32 ++++++++++++ CVE-2023/CVE-2023-406xx/CVE-2023-40656.json | 32 ++++++++++++ CVE-2023/CVE-2023-406xx/CVE-2023-40657.json | 32 ++++++++++++ CVE-2023/CVE-2023-406xx/CVE-2023-40658.json | 32 ++++++++++++ CVE-2023/CVE-2023-406xx/CVE-2023-40659.json | 32 ++++++++++++ CVE-2023/CVE-2023-411xx/CVE-2023-41164.json | 8 ++- CVE-2023/CVE-2023-412xx/CVE-2023-41268.json | 12 ++--- CVE-2023/CVE-2023-452xx/CVE-2023-45283.json | 6 ++- CVE-2023/CVE-2023-463xx/CVE-2023-46348.json | 20 +++++++ CVE-2023/CVE-2023-465xx/CVE-2023-46589.json | 8 ++- CVE-2023/CVE-2023-466xx/CVE-2023-46695.json | 8 ++- CVE-2023/CVE-2023-467xx/CVE-2023-46728.json | 8 ++- CVE-2023/CVE-2023-467xx/CVE-2023-46750.json | 32 ++++++++++++ CVE-2023/CVE-2023-468xx/CVE-2023-46848.json | 6 ++- CVE-2023/CVE-2023-489xx/CVE-2023-48925.json | 20 +++++++ CVE-2023/CVE-2023-497xx/CVE-2023-49707.json | 32 ++++++++++++ CVE-2023/CVE-2023-497xx/CVE-2023-49708.json | 32 ++++++++++++ CVE-2023/CVE-2023-501xx/CVE-2023-50164.json | 6 ++- CVE-2023/CVE-2023-59xx/CVE-2023-5941.json | 8 ++- CVE-2023/CVE-2023-59xx/CVE-2023-5978.json | 8 ++- README.md | 58 +++++++++++---------- 26 files changed, 517 insertions(+), 51 deletions(-) create mode 100644 CVE-2023/CVE-2023-406xx/CVE-2023-40627.json create mode 100644 CVE-2023/CVE-2023-406xx/CVE-2023-40628.json create mode 100644 CVE-2023/CVE-2023-406xx/CVE-2023-40629.json create mode 100644 CVE-2023/CVE-2023-406xx/CVE-2023-40630.json create mode 100644 CVE-2023/CVE-2023-406xx/CVE-2023-40655.json create mode 100644 CVE-2023/CVE-2023-406xx/CVE-2023-40656.json create mode 100644 CVE-2023/CVE-2023-406xx/CVE-2023-40657.json create mode 100644 CVE-2023/CVE-2023-406xx/CVE-2023-40658.json create mode 100644 CVE-2023/CVE-2023-406xx/CVE-2023-40659.json create mode 100644 CVE-2023/CVE-2023-463xx/CVE-2023-46348.json create mode 100644 CVE-2023/CVE-2023-467xx/CVE-2023-46750.json create mode 100644 CVE-2023/CVE-2023-489xx/CVE-2023-48925.json create mode 100644 CVE-2023/CVE-2023-497xx/CVE-2023-49707.json create mode 100644 CVE-2023/CVE-2023-497xx/CVE-2023-49708.json diff --git a/CVE-2023/CVE-2023-340xx/CVE-2023-34053.json b/CVE-2023/CVE-2023-340xx/CVE-2023-34053.json index d8fe4da61a3..f3562640820 100644 --- a/CVE-2023/CVE-2023-340xx/CVE-2023-34053.json +++ b/CVE-2023/CVE-2023-340xx/CVE-2023-34053.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34053", "sourceIdentifier": "security@vmware.com", "published": "2023-11-28T09:15:06.960", - "lastModified": "2023-12-04T19:59:51.297", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-14T10:15:07.520", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -90,6 +90,10 @@ } ], "references": [ + { + "url": "https://security.netapp.com/advisory/ntap-20231214-0007/", + "source": "security@vmware.com" + }, { "url": "https://spring.io/security/cve-2023-34053", "source": "security@vmware.com", diff --git a/CVE-2023/CVE-2023-406xx/CVE-2023-40627.json b/CVE-2023/CVE-2023-406xx/CVE-2023-40627.json new file mode 100644 index 00000000000..de121dd390a --- /dev/null +++ b/CVE-2023/CVE-2023-406xx/CVE-2023-40627.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-40627", + "sourceIdentifier": "security@joomla.org", + "published": "2023-12-14T09:15:41.397", + "lastModified": "2023-12-14T09:15:41.397", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A reflected XSS vulnerability was discovered in the LivingWord component for Joomla." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@joomla.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://extensions.joomla.org/extension/livingword/", + "source": "security@joomla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-406xx/CVE-2023-40628.json b/CVE-2023/CVE-2023-406xx/CVE-2023-40628.json new file mode 100644 index 00000000000..e291ad6c9b7 --- /dev/null +++ b/CVE-2023/CVE-2023-406xx/CVE-2023-40628.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-40628", + "sourceIdentifier": "security@joomla.org", + "published": "2023-12-14T09:15:41.480", + "lastModified": "2023-12-14T09:15:41.480", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A reflected XSS vulnerability was discovered in the Extplorer component for Joomla." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@joomla.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://extensions.joomla.org/extension/extplorer/", + "source": "security@joomla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-406xx/CVE-2023-40629.json b/CVE-2023/CVE-2023-406xx/CVE-2023-40629.json new file mode 100644 index 00000000000..781ec1aac81 --- /dev/null +++ b/CVE-2023/CVE-2023-406xx/CVE-2023-40629.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-40629", + "sourceIdentifier": "security@joomla.org", + "published": "2023-12-14T09:15:41.550", + "lastModified": "2023-12-14T09:15:41.550", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SQLi vulnerability in LMS Lite component for Joomla." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@joomla.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://extensions.joomla.org/extension/lms-lite/", + "source": "security@joomla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-406xx/CVE-2023-40630.json b/CVE-2023/CVE-2023-406xx/CVE-2023-40630.json new file mode 100644 index 00000000000..7386a901db5 --- /dev/null +++ b/CVE-2023/CVE-2023-406xx/CVE-2023-40630.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-40630", + "sourceIdentifier": "security@joomla.org", + "published": "2023-12-14T09:15:41.630", + "lastModified": "2023-12-14T09:15:41.630", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Unauthenticated LFI/SSRF in JCDashboards component for Joomla." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@joomla.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "references": [ + { + "url": "https://extensions.joomla.org/extension/jcdashboards/", + "source": "security@joomla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-406xx/CVE-2023-40655.json b/CVE-2023/CVE-2023-406xx/CVE-2023-40655.json new file mode 100644 index 00000000000..3af8e431e6c --- /dev/null +++ b/CVE-2023/CVE-2023-406xx/CVE-2023-40655.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-40655", + "sourceIdentifier": "security@joomla.org", + "published": "2023-12-14T09:15:41.707", + "lastModified": "2023-12-14T09:15:41.707", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A reflected XSS vulnerability was discovered in the Proforms Basic component for Joomla." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@joomla.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://extensions.joomla.org/extension/proforms-basic/", + "source": "security@joomla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-406xx/CVE-2023-40656.json b/CVE-2023/CVE-2023-406xx/CVE-2023-40656.json new file mode 100644 index 00000000000..43b29c44b93 --- /dev/null +++ b/CVE-2023/CVE-2023-406xx/CVE-2023-40656.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-40656", + "sourceIdentifier": "security@joomla.org", + "published": "2023-12-14T09:15:41.780", + "lastModified": "2023-12-14T09:15:41.780", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A reflected XSS vulnerability was discovered in the Quickform component for Joomla." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@joomla.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://extensions.joomla.org/extension/quickform/", + "source": "security@joomla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-406xx/CVE-2023-40657.json b/CVE-2023/CVE-2023-406xx/CVE-2023-40657.json new file mode 100644 index 00000000000..7d424d36eb3 --- /dev/null +++ b/CVE-2023/CVE-2023-406xx/CVE-2023-40657.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-40657", + "sourceIdentifier": "security@joomla.org", + "published": "2023-12-14T09:15:41.850", + "lastModified": "2023-12-14T09:15:41.850", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A reflected XSS vulnerability was discovered in the Joomdoc component for Joomla." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@joomla.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://extensions.joomla.org/extension/joomdoc/", + "source": "security@joomla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-406xx/CVE-2023-40658.json b/CVE-2023/CVE-2023-406xx/CVE-2023-40658.json new file mode 100644 index 00000000000..9019bc4ce21 --- /dev/null +++ b/CVE-2023/CVE-2023-406xx/CVE-2023-40658.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-40658", + "sourceIdentifier": "security@joomla.org", + "published": "2023-12-14T09:15:41.920", + "lastModified": "2023-12-14T09:15:41.920", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A reflected XSS vulnerability was discovered in the Clicky Analytics Dashboard module for Joomla." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@joomla.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://deconf.com/clicky-analytics-dashboard-joomla/", + "source": "security@joomla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-406xx/CVE-2023-40659.json b/CVE-2023/CVE-2023-406xx/CVE-2023-40659.json new file mode 100644 index 00000000000..0abb66ee460 --- /dev/null +++ b/CVE-2023/CVE-2023-406xx/CVE-2023-40659.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-40659", + "sourceIdentifier": "security@joomla.org", + "published": "2023-12-14T09:15:41.993", + "lastModified": "2023-12-14T09:15:41.993", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A reflected XSS vulnerability was discovered in the Easy Quick Contact module for Joomla." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@joomla.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://extensions.joomla.org/extension/contacts-and-feedback/contact-forms/easy-quick-contact/", + "source": "security@joomla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-411xx/CVE-2023-41164.json b/CVE-2023/CVE-2023-411xx/CVE-2023-41164.json index 28908600ec8..ab950ede134 100644 --- a/CVE-2023/CVE-2023-411xx/CVE-2023-41164.json +++ b/CVE-2023/CVE-2023-411xx/CVE-2023-41164.json @@ -2,8 +2,8 @@ "id": "CVE-2023-41164", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-03T05:15:29.447", - "lastModified": "2023-11-13T15:32:53.353", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-14T10:15:07.630", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -121,6 +121,10 @@ "Third Party Advisory" ] }, + { + "url": "https://security.netapp.com/advisory/ntap-20231214-0002/", + "source": "cve@mitre.org" + }, { "url": "https://www.djangoproject.com/weblog/2023/sep/04/security-releases/", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-412xx/CVE-2023-41268.json b/CVE-2023/CVE-2023-412xx/CVE-2023-41268.json index cd9ac25bde2..1d7924b3b2b 100644 --- a/CVE-2023/CVE-2023-412xx/CVE-2023-41268.json +++ b/CVE-2023/CVE-2023-412xx/CVE-2023-41268.json @@ -2,8 +2,8 @@ "id": "CVE-2023-41268", "sourceIdentifier": "PSIRT@samsung.com", "published": "2023-12-06T04:15:07.773", - "lastModified": "2023-12-11T18:39:45.353", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-14T10:15:07.723", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -41,8 +41,8 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "attackVector": "LOCAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", @@ -50,10 +50,10 @@ "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", - "baseScore": 4.0, + "baseScore": 5.3, "baseSeverity": "MEDIUM" }, - "exploitabilityScore": 2.5, + "exploitabilityScore": 3.9, "impactScore": 1.4 } ] diff --git a/CVE-2023/CVE-2023-452xx/CVE-2023-45283.json b/CVE-2023/CVE-2023-452xx/CVE-2023-45283.json index 09e22c559e8..4fc9309078b 100644 --- a/CVE-2023/CVE-2023-452xx/CVE-2023-45283.json +++ b/CVE-2023/CVE-2023-452xx/CVE-2023-45283.json @@ -2,7 +2,7 @@ "id": "CVE-2023-45283", "sourceIdentifier": "security@golang.org", "published": "2023-11-09T17:15:08.757", - "lastModified": "2023-12-06T17:15:07.233", + "lastModified": "2023-12-14T10:15:07.947", "vulnStatus": "Modified", "descriptions": [ { @@ -136,6 +136,10 @@ "Issue Tracking", "Vendor Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20231214-0008/", + "source": "security@golang.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-463xx/CVE-2023-46348.json b/CVE-2023/CVE-2023-463xx/CVE-2023-46348.json new file mode 100644 index 00000000000..1058e6d5ba0 --- /dev/null +++ b/CVE-2023/CVE-2023-463xx/CVE-2023-46348.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-46348", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-12-14T09:15:42.060", + "lastModified": "2023-12-14T09:15:42.060", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SQL njection vulnerability in SunnyToo sturls before version 1.1.13, allows attackers to escalate privileges and obtain sensitive information via StUrls::hookActionDispatcher and StUrls::getInstanceId methods." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://security.friendsofpresta.org/modules/2023/12/07/sturls.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-465xx/CVE-2023-46589.json b/CVE-2023/CVE-2023-465xx/CVE-2023-46589.json index 034e95dbe12..6a47fb8ca9a 100644 --- a/CVE-2023/CVE-2023-465xx/CVE-2023-46589.json +++ b/CVE-2023/CVE-2023-465xx/CVE-2023-46589.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46589", "sourceIdentifier": "security@apache.org", "published": "2023-11-28T16:15:06.943", - "lastModified": "2023-12-13T21:26:23.650", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-14T10:15:08.053", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -152,6 +152,10 @@ "Vendor Advisory" ] }, + { + "url": "https://security.netapp.com/advisory/ntap-20231214-0009/", + "source": "security@apache.org" + }, { "url": "https://www.openwall.com/lists/oss-security/2023/11/28/2", "source": "security@apache.org", diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46695.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46695.json index 1730bd49cd3..12affd3bd01 100644 --- a/CVE-2023/CVE-2023-466xx/CVE-2023-46695.json +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46695.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46695", "sourceIdentifier": "cve@mitre.org", "published": "2023-11-02T06:15:08.000", - "lastModified": "2023-11-09T17:58:25.887", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-14T10:15:08.170", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -98,6 +98,10 @@ "Permissions Required" ] }, + { + "url": "https://security.netapp.com/advisory/ntap-20231214-0001/", + "source": "cve@mitre.org" + }, { "url": "https://www.djangoproject.com/weblog/2023/nov/01/security-releases/", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-467xx/CVE-2023-46728.json b/CVE-2023/CVE-2023-467xx/CVE-2023-46728.json index 374457e0e2c..698682e1a40 100644 --- a/CVE-2023/CVE-2023-467xx/CVE-2023-46728.json +++ b/CVE-2023/CVE-2023-467xx/CVE-2023-46728.json @@ -2,8 +2,8 @@ "id": "CVE-2023-46728", "sourceIdentifier": "security-advisories@github.com", "published": "2023-11-06T18:15:08.637", - "lastModified": "2023-11-14T20:00:43.180", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-14T10:15:08.277", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -102,6 +102,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20231214-0006/", + "source": "security-advisories@github.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-467xx/CVE-2023-46750.json b/CVE-2023/CVE-2023-467xx/CVE-2023-46750.json new file mode 100644 index 00000000000..80f070f1931 --- /dev/null +++ b/CVE-2023/CVE-2023-467xx/CVE-2023-46750.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-46750", + "sourceIdentifier": "security@apache.org", + "published": "2023-12-14T09:15:42.107", + "lastModified": "2023-12-14T09:15:42.107", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "URL Redirection to Untrusted Site ('Open Redirect') vulnerability when \"form\" authentication is used in Apache Shiro.\nMitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+.\n" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-601" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/hoc9zdyzmmrfj1zhctsvvtx844tcq6w9", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-468xx/CVE-2023-46848.json b/CVE-2023/CVE-2023-468xx/CVE-2023-46848.json index 6c6d879c412..852552b4dcf 100644 --- a/CVE-2023/CVE-2023-468xx/CVE-2023-46848.json +++ b/CVE-2023/CVE-2023-468xx/CVE-2023-46848.json @@ -2,7 +2,7 @@ "id": "CVE-2023-46848", "sourceIdentifier": "secalert@redhat.com", "published": "2023-11-03T08:15:08.117", - "lastModified": "2023-12-13T08:15:50.683", + "lastModified": "2023-12-14T10:15:08.390", "vulnStatus": "Modified", "descriptions": [ { @@ -171,6 +171,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20231214-0005/", + "source": "secalert@redhat.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-489xx/CVE-2023-48925.json b/CVE-2023/CVE-2023-489xx/CVE-2023-48925.json new file mode 100644 index 00000000000..af91bfd7dea --- /dev/null +++ b/CVE-2023/CVE-2023-489xx/CVE-2023-48925.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-48925", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-12-14T09:15:42.193", + "lastModified": "2023-12-14T09:15:42.193", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SQL injection vulnerability in Buy Addons bavideotab before version 1.0.6, allows attackers to escalate privileges and obtain sensitive information via the component BaVideoTabSaveVideoModuleFrontController::run()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://security.friendsofpresta.org/modules/2023/12/07/bavideotab.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-497xx/CVE-2023-49707.json b/CVE-2023/CVE-2023-497xx/CVE-2023-49707.json new file mode 100644 index 00000000000..3d30f2e1938 --- /dev/null +++ b/CVE-2023/CVE-2023-497xx/CVE-2023-49707.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-49707", + "sourceIdentifier": "security@joomla.org", + "published": "2023-12-14T09:15:42.240", + "lastModified": "2023-12-14T09:15:42.240", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SQLi vulnerability in S5 Register module for Joomla." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@joomla.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://extensions.joomla.org/extension/s5-register/", + "source": "security@joomla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-497xx/CVE-2023-49708.json b/CVE-2023/CVE-2023-497xx/CVE-2023-49708.json new file mode 100644 index 00000000000..cb3c179d6f2 --- /dev/null +++ b/CVE-2023/CVE-2023-497xx/CVE-2023-49708.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-49708", + "sourceIdentifier": "security@joomla.org", + "published": "2023-12-14T09:15:42.310", + "lastModified": "2023-12-14T09:15:42.310", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SQLi vulnerability in Starshop component for Joomla." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@joomla.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://extensions.joomla.org/extension/starshop/", + "source": "security@joomla.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-501xx/CVE-2023-50164.json b/CVE-2023/CVE-2023-501xx/CVE-2023-50164.json index 116744e1f11..8fbfc07a30b 100644 --- a/CVE-2023/CVE-2023-501xx/CVE-2023-50164.json +++ b/CVE-2023/CVE-2023-501xx/CVE-2023-50164.json @@ -2,7 +2,7 @@ "id": "CVE-2023-50164", "sourceIdentifier": "security@apache.org", "published": "2023-12-07T09:15:07.060", - "lastModified": "2023-12-13T17:15:07.290", + "lastModified": "2023-12-14T10:15:08.530", "vulnStatus": "Modified", "descriptions": [ { @@ -89,6 +89,10 @@ "Patch" ] }, + { + "url": "https://security.netapp.com/advisory/ntap-20231214-0010/", + "source": "security@apache.org" + }, { "url": "https://www.openwall.com/lists/oss-security/2023/12/07/1", "source": "security@apache.org", diff --git a/CVE-2023/CVE-2023-59xx/CVE-2023-5941.json b/CVE-2023/CVE-2023-59xx/CVE-2023-5941.json index f735093e5e1..de13e000a3f 100644 --- a/CVE-2023/CVE-2023-59xx/CVE-2023-5941.json +++ b/CVE-2023/CVE-2023-59xx/CVE-2023-5941.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5941", "sourceIdentifier": "secteam@freebsd.org", "published": "2023-11-08T09:15:07.847", - "lastModified": "2023-11-16T15:37:21.363", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-14T10:15:08.630", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -170,6 +170,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20231214-0004/", + "source": "secteam@freebsd.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-59xx/CVE-2023-5978.json b/CVE-2023/CVE-2023-59xx/CVE-2023-5978.json index 652bfd1bbb9..ef763279878 100644 --- a/CVE-2023/CVE-2023-59xx/CVE-2023-5978.json +++ b/CVE-2023/CVE-2023-59xx/CVE-2023-5978.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5978", "sourceIdentifier": "secteam@freebsd.org", "published": "2023-11-08T09:15:07.933", - "lastModified": "2023-11-16T15:17:16.337", - "vulnStatus": "Analyzed", + "lastModified": "2023-12-14T10:15:08.727", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -111,6 +111,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20231214-0003/", + "source": "secteam@freebsd.org" } ] } \ No newline at end of file diff --git a/README.md b/README.md index 8ea856cd714..020e507f7e0 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-12-14T09:00:18.487937+00:00 +2023-12-14T11:00:18.298653+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-12-14T08:15:43.187000+00:00 +2023-12-14T10:15:08.727000+00:00 ``` ### Last Data Feed Release @@ -29,42 +29,44 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -233105 +233119 ``` ### CVEs added in the last Commit -Recently added CVEs: `9` +Recently added CVEs: `14` -* [CVE-2023-25648](CVE-2023/CVE-2023-256xx/CVE-2023-25648.json) (`2023-12-14T07:15:07.180`) -* [CVE-2023-25650](CVE-2023/CVE-2023-256xx/CVE-2023-25650.json) (`2023-12-14T07:15:07.783`) -* [CVE-2023-25651](CVE-2023/CVE-2023-256xx/CVE-2023-25651.json) (`2023-12-14T07:15:08.270`) -* [CVE-2023-48084](CVE-2023/CVE-2023-480xx/CVE-2023-48084.json) (`2023-12-14T07:15:08.890`) -* [CVE-2023-48085](CVE-2023/CVE-2023-480xx/CVE-2023-48085.json) (`2023-12-14T07:15:09.033`) -* [CVE-2023-1904](CVE-2023/CVE-2023-19xx/CVE-2023-1904.json) (`2023-12-14T08:15:36.550`) -* [CVE-2023-25642](CVE-2023/CVE-2023-256xx/CVE-2023-25642.json) (`2023-12-14T08:15:37.717`) -* [CVE-2023-25643](CVE-2023/CVE-2023-256xx/CVE-2023-25643.json) (`2023-12-14T08:15:38.357`) -* [CVE-2023-25644](CVE-2023/CVE-2023-256xx/CVE-2023-25644.json) (`2023-12-14T08:15:38.997`) +* [CVE-2023-40627](CVE-2023/CVE-2023-406xx/CVE-2023-40627.json) (`2023-12-14T09:15:41.397`) +* [CVE-2023-40628](CVE-2023/CVE-2023-406xx/CVE-2023-40628.json) (`2023-12-14T09:15:41.480`) +* [CVE-2023-40629](CVE-2023/CVE-2023-406xx/CVE-2023-40629.json) (`2023-12-14T09:15:41.550`) +* [CVE-2023-40630](CVE-2023/CVE-2023-406xx/CVE-2023-40630.json) (`2023-12-14T09:15:41.630`) +* [CVE-2023-40655](CVE-2023/CVE-2023-406xx/CVE-2023-40655.json) (`2023-12-14T09:15:41.707`) +* [CVE-2023-40656](CVE-2023/CVE-2023-406xx/CVE-2023-40656.json) (`2023-12-14T09:15:41.780`) +* [CVE-2023-40657](CVE-2023/CVE-2023-406xx/CVE-2023-40657.json) (`2023-12-14T09:15:41.850`) +* [CVE-2023-40658](CVE-2023/CVE-2023-406xx/CVE-2023-40658.json) (`2023-12-14T09:15:41.920`) +* [CVE-2023-40659](CVE-2023/CVE-2023-406xx/CVE-2023-40659.json) (`2023-12-14T09:15:41.993`) +* [CVE-2023-46348](CVE-2023/CVE-2023-463xx/CVE-2023-46348.json) (`2023-12-14T09:15:42.060`) +* [CVE-2023-46750](CVE-2023/CVE-2023-467xx/CVE-2023-46750.json) (`2023-12-14T09:15:42.107`) +* [CVE-2023-48925](CVE-2023/CVE-2023-489xx/CVE-2023-48925.json) (`2023-12-14T09:15:42.193`) +* [CVE-2023-49707](CVE-2023/CVE-2023-497xx/CVE-2023-49707.json) (`2023-12-14T09:15:42.240`) +* [CVE-2023-49708](CVE-2023/CVE-2023-497xx/CVE-2023-49708.json) (`2023-12-14T09:15:42.310`) ### CVEs modified in the last Commit -Recently modified CVEs: `14` +Recently modified CVEs: `11` -* [CVE-2023-2247](CVE-2023/CVE-2023-22xx/CVE-2023-2247.json) (`2023-12-14T07:15:08.650`) -* [CVE-2023-40997](CVE-2023/CVE-2023-409xx/CVE-2023-40997.json) (`2023-12-14T08:15:39.727`) -* [CVE-2023-40998](CVE-2023/CVE-2023-409xx/CVE-2023-40998.json) (`2023-12-14T08:15:40.460`) -* [CVE-2023-41627](CVE-2023/CVE-2023-416xx/CVE-2023-41627.json) (`2023-12-14T08:15:40.697`) -* [CVE-2023-46380](CVE-2023/CVE-2023-463xx/CVE-2023-46380.json) (`2023-12-14T08:15:41.037`) -* [CVE-2023-46381](CVE-2023/CVE-2023-463xx/CVE-2023-46381.json) (`2023-12-14T08:15:41.450`) -* [CVE-2023-46382](CVE-2023/CVE-2023-463xx/CVE-2023-46382.json) (`2023-12-14T08:15:41.690`) -* [CVE-2023-46383](CVE-2023/CVE-2023-463xx/CVE-2023-46383.json) (`2023-12-14T08:15:41.873`) -* [CVE-2023-46384](CVE-2023/CVE-2023-463xx/CVE-2023-46384.json) (`2023-12-14T08:15:42.140`) -* [CVE-2023-46385](CVE-2023/CVE-2023-463xx/CVE-2023-46385.json) (`2023-12-14T08:15:42.350`) -* [CVE-2023-46386](CVE-2023/CVE-2023-463xx/CVE-2023-46386.json) (`2023-12-14T08:15:42.550`) -* [CVE-2023-46387](CVE-2023/CVE-2023-463xx/CVE-2023-46387.json) (`2023-12-14T08:15:42.770`) -* [CVE-2023-46388](CVE-2023/CVE-2023-463xx/CVE-2023-46388.json) (`2023-12-14T08:15:42.987`) -* [CVE-2023-46389](CVE-2023/CVE-2023-463xx/CVE-2023-46389.json) (`2023-12-14T08:15:43.187`) +* [CVE-2023-34053](CVE-2023/CVE-2023-340xx/CVE-2023-34053.json) (`2023-12-14T10:15:07.520`) +* [CVE-2023-41164](CVE-2023/CVE-2023-411xx/CVE-2023-41164.json) (`2023-12-14T10:15:07.630`) +* [CVE-2023-41268](CVE-2023/CVE-2023-412xx/CVE-2023-41268.json) (`2023-12-14T10:15:07.723`) +* [CVE-2023-45283](CVE-2023/CVE-2023-452xx/CVE-2023-45283.json) (`2023-12-14T10:15:07.947`) +* [CVE-2023-46589](CVE-2023/CVE-2023-465xx/CVE-2023-46589.json) (`2023-12-14T10:15:08.053`) +* [CVE-2023-46695](CVE-2023/CVE-2023-466xx/CVE-2023-46695.json) (`2023-12-14T10:15:08.170`) +* [CVE-2023-46728](CVE-2023/CVE-2023-467xx/CVE-2023-46728.json) (`2023-12-14T10:15:08.277`) +* [CVE-2023-46848](CVE-2023/CVE-2023-468xx/CVE-2023-46848.json) (`2023-12-14T10:15:08.390`) +* [CVE-2023-50164](CVE-2023/CVE-2023-501xx/CVE-2023-50164.json) (`2023-12-14T10:15:08.530`) +* [CVE-2023-5941](CVE-2023/CVE-2023-59xx/CVE-2023-5941.json) (`2023-12-14T10:15:08.630`) +* [CVE-2023-5978](CVE-2023/CVE-2023-59xx/CVE-2023-5978.json) (`2023-12-14T10:15:08.727`) ## Download and Usage