Auto-Update: 2023-07-20T06:00:27.553522+00:00

2025-05-30 18:21:17 +00:00 · 2023-07-20 06:00:31 +00:00 · 2023-07-20 06:00:31 +00:00 · d067d4f578
commit d067d4f578
parent cda650b5d5
4 changed files with 55 additions and 29 deletions
--- a/CVE-2023/CVE-2023-251xx/CVE-2023-25136.json
+++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25136.json
@ -2,12 +2,16 @@
  "id": "CVE-2023-25136",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-02-03T06:15:09.350",
-  "lastModified": "2023-04-19T04:15:31.223",
+  "lastModified": "2023-07-20T04:15:10.917",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states \"remote code execution is theoretically possible.\""
+    },
+    {
+      "lang": "es",
+      "value": "OpenSSH server (sshd) v9.1 introdujo una vulnerabilidad de doble liberaci\u00f3n durante el manejo de \"options.key_algorithms\". Esto se ha corregido en OpenSSH v9.2. La doble liberaci\u00f3n puede ser aprovechada por un atacante remoto no autenticado en la configuraci\u00f3n por defecto, para saltar a cualquier ubicaci\u00f3n en el espacio de direcciones de sshd. Un informe de terceros afirma que \"la ejecuci\u00f3n remota de c\u00f3digo es te\u00f3ricamente posible\"."
    }
  ],
  "metrics": {
@ -157,6 +161,10 @@
        "Third Party Advisory"
      ]
    },
+    {
+      "url": "https://security.gentoo.org/glsa/202307-01",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://security.netapp.com/advisory/ntap-20230309-0003/",
      "source": "cve@mitre.org"
--- a/CVE-2023/CVE-2023-285xx/CVE-2023-28531.json
+++ b/CVE-2023/CVE-2023-285xx/CVE-2023-28531.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-28531",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-03-17T04:15:14.553",
-  "lastModified": "2023-04-13T17:15:20.517",
+  "lastModified": "2023-07-20T04:15:11.060",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -63,13 +63,45 @@
          ]
        }
      ]
+    },
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:netapp:brocade_fabric_operating_system:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "A2119FFC-08F9-4C3F-881C-9C72916BC652"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:netapp:hci_bootstrap_os:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "1C767AA1-88B7-48F0-9F31-A89D16DCD52C"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:netapp:solidfire_element_os:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "6E379272-A79A-4A27-9861-71DCBD4B1FEF"
+            }
+          ]
+        }
+      ]
    }
  ],
  "references": [
    {
-      "url": "https://security.netapp.com/advisory/ntap-20230413-0008/",
+      "url": "https://security.gentoo.org/glsa/202307-01",
      "source": "cve@mitre.org"
    },
+    {
+      "url": "https://security.netapp.com/advisory/ntap-20230413-0008/",
+      "source": "cve@mitre.org",
+      "tags": [
+        "Third Party Advisory"
+      ]
+    },
    {
      "url": "https://www.openwall.com/lists/oss-security/2023/03/15/8",
      "source": "cve@mitre.org",
--- a/CVE-2023/CVE-2023-384xx/CVE-2023-38408.json
+++ b/CVE-2023/CVE-2023-384xx/CVE-2023-38408.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-38408",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-07-20T03:15:10.170",
-  "lastModified": "2023-07-20T03:15:10.170",
+  "lastModified": "2023-07-20T04:15:11.167",
  "vulnStatus": "Received",
  "descriptions": [
    {
@ -32,6 +32,10 @@
      "url": "https://news.ycombinator.com/item?id=36790196",
      "source": "cve@mitre.org"
    },
+    {
+      "url": "https://security.gentoo.org/glsa/202307-01",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://www.openssh.com/security.html",
      "source": "cve@mitre.org"
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-07-20T04:00:27.303338+00:00
+2023-07-20T06:00:27.553522+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-07-20T03:15:10.170000+00:00
+2023-07-20T04:15:11.167000+00:00
 ```

 ### Last Data Feed Release
@ -34,35 +34,17 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/

 ### CVEs added in the last Commit

-Recently added CVEs: `2`
+Recently added CVEs: `0`

-* [CVE-2023-37289](CVE-2023/CVE-2023-372xx/CVE-2023-37289.json) (`2023-07-20T03:15:10.047`)
-* [CVE-2023-38408](CVE-2023/CVE-2023-384xx/CVE-2023-38408.json) (`2023-07-20T03:15:10.170`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `19`
+Recently modified CVEs: `3`

-* [CVE-2021-44696](CVE-2021/CVE-2021-446xx/CVE-2021-44696.json) (`2023-07-20T02:11:45.490`)
-* [CVE-2023-3642](CVE-2023/CVE-2023-36xx/CVE-2023-3642.json) (`2023-07-20T02:02:56.427`)
-* [CVE-2023-1672](CVE-2023/CVE-2023-16xx/CVE-2023-1672.json) (`2023-07-20T02:04:18.157`)
-* [CVE-2023-31191](CVE-2023/CVE-2023-311xx/CVE-2023-31191.json) (`2023-07-20T02:04:36.067`)
-* [CVE-2023-3644](CVE-2023/CVE-2023-36xx/CVE-2023-3644.json) (`2023-07-20T02:04:50.907`)
-* [CVE-2023-31190](CVE-2023/CVE-2023-311xx/CVE-2023-31190.json) (`2023-07-20T02:04:56.910`)
-* [CVE-2023-37629](CVE-2023/CVE-2023-376xx/CVE-2023-37629.json) (`2023-07-20T02:06:08.907`)
-* [CVE-2023-37628](CVE-2023/CVE-2023-376xx/CVE-2023-37628.json) (`2023-07-20T02:07:39.827`)
-* [CVE-2023-37956](CVE-2023/CVE-2023-379xx/CVE-2023-37956.json) (`2023-07-20T02:09:20.513`)
-* [CVE-2023-37957](CVE-2023/CVE-2023-379xx/CVE-2023-37957.json) (`2023-07-20T02:10:10.550`)
-* [CVE-2023-37958](CVE-2023/CVE-2023-379xx/CVE-2023-37958.json) (`2023-07-20T02:11:09.283`)
-* [CVE-2023-29156](CVE-2023/CVE-2023-291xx/CVE-2023-29156.json) (`2023-07-20T02:11:22.203`)
-* [CVE-2023-37582](CVE-2023/CVE-2023-375xx/CVE-2023-37582.json) (`2023-07-20T02:11:34.330`)
-* [CVE-2023-33668](CVE-2023/CVE-2023-336xx/CVE-2023-33668.json) (`2023-07-20T02:11:57.637`)
-* [CVE-2023-38062](CVE-2023/CVE-2023-380xx/CVE-2023-38062.json) (`2023-07-20T02:13:48.837`)
-* [CVE-2023-37959](CVE-2023/CVE-2023-379xx/CVE-2023-37959.json) (`2023-07-20T02:15:07.977`)
-* [CVE-2023-37961](CVE-2023/CVE-2023-379xx/CVE-2023-37961.json) (`2023-07-20T02:15:58.907`)
-* [CVE-2023-37962](CVE-2023/CVE-2023-379xx/CVE-2023-37962.json) (`2023-07-20T02:19:19.640`)
-* [CVE-2023-37964](CVE-2023/CVE-2023-379xx/CVE-2023-37964.json) (`2023-07-20T02:21:44.327`)
+* [CVE-2023-25136](CVE-2023/CVE-2023-251xx/CVE-2023-25136.json) (`2023-07-20T04:15:10.917`)
+* [CVE-2023-28531](CVE-2023/CVE-2023-285xx/CVE-2023-28531.json) (`2023-07-20T04:15:11.060`)
+* [CVE-2023-38408](CVE-2023/CVE-2023-384xx/CVE-2023-38408.json) (`2023-07-20T04:15:11.167`)


 ## Download and Usage