Auto-Update: 2023-12-10T23:00:18.100648+00:00

2025-07-11 16:13:34 +00:00 · 2023-12-10 23:00:21 +00:00 · 2023-12-10 23:00:21 +00:00 · d2018b0710
commit d2018b0710
parent 14cb7113b4
3 changed files with 182 additions and 10 deletions
--- a/CVE-2023/CVE-2023-66xx/CVE-2023-6656.json
+++ b/CVE-2023/CVE-2023-66xx/CVE-2023-6656.json
@ -0,0 +1,88 @@
+{
+  "id": "CVE-2023-6656",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2023-12-10T21:15:07.093",
+  "lastModified": "2023-12-10T21:15:07.093",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in DeepFaceLab pretrained DF.wf.288res.384.92.72.22. It has been rated as critical. Affected by this issue is some unknown functionality of the file DFLIMG/DFLJPG.py. The manipulation leads to deserialization. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The identifier of this vulnerability is VDB-247364. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.0,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.6,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
+          "accessVector": "NETWORK",
+          "accessComplexity": "HIGH",
+          "authentication": "NONE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL",
+          "baseScore": 5.1
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 4.9,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-502"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/bayuncao/vul-cve-1",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.247364",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.247364",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-66xx/CVE-2023-6657.json
+++ b/CVE-2023/CVE-2023-66xx/CVE-2023-6657.json
@ -0,0 +1,88 @@
+{
+  "id": "CVE-2023-6657",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2023-12-10T21:15:07.343",
+  "lastModified": "2023-12-10T21:15:07.343",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability classified as critical has been found in SourceCodester Simple Student Attendance System 1.0. This affects an unknown part of the file /modals/student_form.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-247365 was assigned to this vulnerability."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "ADJACENT_NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
+          "accessVector": "ADJACENT_NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL",
+          "baseScore": 5.2
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 5.1,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/daydust/vuln/blob/main/Simple_Student_Attendance_System/student_form.php_SQL_injection.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.247365",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.247365",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-12-10T21:00:19.442034+00:00
+2023-12-10T23:00:18.100648+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-12-10T19:15:07.687000+00:00
+2023-12-10T21:15:07.343000+00:00
 ```

 ### Last Data Feed Release
@ -29,19 +29,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-232691
+232693
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `6`
+Recently added CVEs: `2`

-* [CVE-2022-48614](CVE-2022/CVE-2022-486xx/CVE-2022-48614.json) (`2023-12-10T19:15:07.410`)
-* [CVE-2023-50453](CVE-2023/CVE-2023-504xx/CVE-2023-50453.json) (`2023-12-10T19:15:07.480`)
-* [CVE-2023-50454](CVE-2023/CVE-2023-504xx/CVE-2023-50454.json) (`2023-12-10T19:15:07.530`)
-* [CVE-2023-50455](CVE-2023/CVE-2023-504xx/CVE-2023-50455.json) (`2023-12-10T19:15:07.580`)
-* [CVE-2023-50456](CVE-2023/CVE-2023-504xx/CVE-2023-50456.json) (`2023-12-10T19:15:07.637`)
-* [CVE-2023-50457](CVE-2023/CVE-2023-504xx/CVE-2023-50457.json) (`2023-12-10T19:15:07.687`)
+* [CVE-2023-6656](CVE-2023/CVE-2023-66xx/CVE-2023-6656.json) (`2023-12-10T21:15:07.093`)
+* [CVE-2023-6657](CVE-2023/CVE-2023-66xx/CVE-2023-6657.json) (`2023-12-10T21:15:07.343`)


 ### CVEs modified in the last Commit