diff --git a/CVE-2023/CVE-2023-340xx/CVE-2023-34058.json b/CVE-2023/CVE-2023-340xx/CVE-2023-34058.json index 336d805082b..609cf17eb72 100644 --- a/CVE-2023/CVE-2023-340xx/CVE-2023-34058.json +++ b/CVE-2023/CVE-2023-340xx/CVE-2023-34058.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34058", "sourceIdentifier": "security@vmware.com", "published": "2023-10-27T05:15:38.957", - "lastModified": "2023-11-01T07:15:08.690", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-06T00:15:08.227", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", @@ -43,6 +43,10 @@ "url": "http://www.openwall.com/lists/oss-security/2023/10/27/1", "source": "security@vmware.com" }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00002.html", + "source": "security@vmware.com" + }, { "url": "https://www.debian.org/security/2023/dsa-5543", "source": "security@vmware.com" diff --git a/CVE-2023/CVE-2023-340xx/CVE-2023-34059.json b/CVE-2023/CVE-2023-340xx/CVE-2023-34059.json index d6cad8b6261..caa2b4e1270 100644 --- a/CVE-2023/CVE-2023-340xx/CVE-2023-34059.json +++ b/CVE-2023/CVE-2023-340xx/CVE-2023-34059.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34059", "sourceIdentifier": "security@vmware.com", "published": "2023-10-27T05:15:39.013", - "lastModified": "2023-11-01T07:15:08.917", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-06T00:15:08.457", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", @@ -47,6 +47,10 @@ "url": "http://www.openwall.com/lists/oss-security/2023/10/27/3", "source": "security@vmware.com" }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00002.html", + "source": "security@vmware.com" + }, { "url": "https://www.debian.org/security/2023/dsa-5543", "source": "security@vmware.com" diff --git a/CVE-2023/CVE-2023-417xx/CVE-2023-41752.json b/CVE-2023/CVE-2023-417xx/CVE-2023-41752.json index 51279cceb7f..5977ed29466 100644 --- a/CVE-2023/CVE-2023-417xx/CVE-2023-41752.json +++ b/CVE-2023/CVE-2023-417xx/CVE-2023-41752.json @@ -2,7 +2,7 @@ "id": "CVE-2023-41752", "sourceIdentifier": "security@apache.org", "published": "2023-10-17T07:15:09.960", - "lastModified": "2023-11-03T21:15:16.037", + "lastModified": "2023-11-06T00:15:08.553", "vulnStatus": "Modified", "descriptions": [ { @@ -115,6 +115,10 @@ "Vendor Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html", + "source": "security@apache.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/", "source": "security@apache.org", diff --git a/CVE-2023/CVE-2023-444xx/CVE-2023-44487.json b/CVE-2023/CVE-2023-444xx/CVE-2023-44487.json index bcb5646e116..8f641b4faf8 100644 --- a/CVE-2023/CVE-2023-444xx/CVE-2023-44487.json +++ b/CVE-2023/CVE-2023-444xx/CVE-2023-44487.json @@ -2,7 +2,7 @@ "id": "CVE-2023-44487", "sourceIdentifier": "cve@mitre.org", "published": "2023-10-10T14:15:10.883", - "lastModified": "2023-11-03T22:15:10.953", + "lastModified": "2023-11-06T00:15:08.667", "vulnStatus": "Undergoing Analysis", "cisaExploitAdd": "2023-10-10", "cisaActionDue": "2023-10-31", @@ -2516,6 +2516,10 @@ "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html", "source": "cve@mitre.org" }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html", + "source": "cve@mitre.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/", "source": "cve@mitre.org" diff --git a/CVE-2023/CVE-2023-472xx/CVE-2023-47271.json b/CVE-2023/CVE-2023-472xx/CVE-2023-47271.json new file mode 100644 index 00000000000..4537b4d5761 --- /dev/null +++ b/CVE-2023/CVE-2023-472xx/CVE-2023-47271.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-47271", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-11-06T00:15:09.317", + "lastModified": "2023-11-06T00:15:09.317", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "PKP-WAL (aka PKP Web Application Library or pkp-lib) before 3.3.0-16, as used in Open Journal Systems (OJS) and other products, does not verify that the file named in an XML document (used for the native import/export plugin) is an image file, before trying to use it for an issue cover image." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/pkp/pkp-lib/issues/9464", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-472xx/CVE-2023-47272.json b/CVE-2023/CVE-2023-472xx/CVE-2023-47272.json new file mode 100644 index 00000000000..c03e07f4da8 --- /dev/null +++ b/CVE-2023/CVE-2023-472xx/CVE-2023-47272.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-47272", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-11-06T00:15:09.380", + "lastModified": "2023-11-06T00:15:09.380", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Roundcube 1.5.x before 1.5.6 and 1.6.x before 1.6.5 allows XSS via a Content-Type or Content-Disposition header (used for attachment preview or download)." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://github.com/roundcube/roundcubemail/commit/5ec496885e18ec6af956e8c0d627856c2257ba2d", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.5.6", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.6.5", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 106804eeeef..6c87cbee312 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-11-05T23:00:20.268296+00:00 +2023-11-06T00:55:19.150875+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-11-05T22:15:08.067000+00:00 +2023-11-06T00:15:09.380000+00:00 ``` ### Last Data Feed Release @@ -29,23 +29,25 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -229792 +229794 ``` ### CVEs added in the last Commit Recently added CVEs: `2` -* [CVE-2017-20187](CVE-2017/CVE-2017-201xx/CVE-2017-20187.json) (`2023-11-05T21:15:09.190`) -* [CVE-2018-25092](CVE-2018/CVE-2018-250xx/CVE-2018-25092.json) (`2023-11-05T21:15:09.357`) +* [CVE-2023-47271](CVE-2023/CVE-2023-472xx/CVE-2023-47271.json) (`2023-11-06T00:15:09.317`) +* [CVE-2023-47272](CVE-2023/CVE-2023-472xx/CVE-2023-47272.json) (`2023-11-06T00:15:09.380`) ### CVEs modified in the last Commit -Recently modified CVEs: `2` +Recently modified CVEs: `4` -* [CVE-2023-1073](CVE-2023/CVE-2023-10xx/CVE-2023-1073.json) (`2023-11-05T22:15:07.947`) -* [CVE-2023-1074](CVE-2023/CVE-2023-10xx/CVE-2023-1074.json) (`2023-11-05T22:15:08.067`) +* [CVE-2023-34058](CVE-2023/CVE-2023-340xx/CVE-2023-34058.json) (`2023-11-06T00:15:08.227`) +* [CVE-2023-34059](CVE-2023/CVE-2023-340xx/CVE-2023-34059.json) (`2023-11-06T00:15:08.457`) +* [CVE-2023-41752](CVE-2023/CVE-2023-417xx/CVE-2023-41752.json) (`2023-11-06T00:15:08.553`) +* [CVE-2023-44487](CVE-2023/CVE-2023-444xx/CVE-2023-44487.json) (`2023-11-06T00:15:08.667`) ## Download and Usage