From d658a8640e97ec49708373af160a39d6dca11415 Mon Sep 17 00:00:00 2001
From: cad-safe-bot <cad-safe-bot@protonmail.com>
Date: Fri, 26 Jan 2024 09:00:28 +0000
Subject: [PATCH] Auto-Update: 2024-01-26T09:00:24.760680+00:00

---
 CVE-2023/CVE-2023-481xx/CVE-2023-48126.json | 20 ++++++++
 CVE-2023/CVE-2023-481xx/CVE-2023-48127.json | 20 ++++++++
 CVE-2023/CVE-2023-481xx/CVE-2023-48128.json | 20 ++++++++
 CVE-2023/CVE-2023-481xx/CVE-2023-48129.json | 20 ++++++++
 CVE-2023/CVE-2023-481xx/CVE-2023-48130.json | 20 ++++++++
 CVE-2023/CVE-2023-481xx/CVE-2023-48131.json | 20 ++++++++
 CVE-2023/CVE-2023-481xx/CVE-2023-48132.json | 20 ++++++++
 CVE-2023/CVE-2023-481xx/CVE-2023-48133.json | 20 ++++++++
 CVE-2023/CVE-2023-481xx/CVE-2023-48135.json | 20 ++++++++
 CVE-2023/CVE-2023-69xx/CVE-2023-6919.json   | 55 +++++++++++++++++++++
 CVE-2024/CVE-2024-225xx/CVE-2024-22545.json | 20 ++++++++
 CVE-2024/CVE-2024-233xx/CVE-2024-23388.json | 20 ++++++++
 README.md                                   | 27 ++++++----
 13 files changed, 292 insertions(+), 10 deletions(-)
 create mode 100644 CVE-2023/CVE-2023-481xx/CVE-2023-48126.json
 create mode 100644 CVE-2023/CVE-2023-481xx/CVE-2023-48127.json
 create mode 100644 CVE-2023/CVE-2023-481xx/CVE-2023-48128.json
 create mode 100644 CVE-2023/CVE-2023-481xx/CVE-2023-48129.json
 create mode 100644 CVE-2023/CVE-2023-481xx/CVE-2023-48130.json
 create mode 100644 CVE-2023/CVE-2023-481xx/CVE-2023-48131.json
 create mode 100644 CVE-2023/CVE-2023-481xx/CVE-2023-48132.json
 create mode 100644 CVE-2023/CVE-2023-481xx/CVE-2023-48133.json
 create mode 100644 CVE-2023/CVE-2023-481xx/CVE-2023-48135.json
 create mode 100644 CVE-2023/CVE-2023-69xx/CVE-2023-6919.json
 create mode 100644 CVE-2024/CVE-2024-225xx/CVE-2024-22545.json
 create mode 100644 CVE-2024/CVE-2024-233xx/CVE-2024-23388.json

diff --git a/CVE-2023/CVE-2023-481xx/CVE-2023-48126.json b/CVE-2023/CVE-2023-481xx/CVE-2023-48126.json
new file mode 100644
index 00000000000..ff1185db88b
--- /dev/null
+++ b/CVE-2023/CVE-2023-481xx/CVE-2023-48126.json
@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-48126",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-26T07:15:56.110",
+  "lastModified": "2024-01-26T07:15:56.110",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in Luxe Beauty Clinic mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/syz913/CVE-reports/blob/main/Luxe%20Beauty%20Clinic.md",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-481xx/CVE-2023-48127.json b/CVE-2023/CVE-2023-481xx/CVE-2023-48127.json
new file mode 100644
index 00000000000..59f6a833ddb
--- /dev/null
+++ b/CVE-2023/CVE-2023-481xx/CVE-2023-48127.json
@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-48127",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-26T07:15:56.860",
+  "lastModified": "2024-01-26T07:15:56.860",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in myGAKUYA mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/syz913/CVE-reports/blob/main/myGAKUYA.md",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-481xx/CVE-2023-48128.json b/CVE-2023/CVE-2023-481xx/CVE-2023-48128.json
new file mode 100644
index 00000000000..89f3c23bbef
--- /dev/null
+++ b/CVE-2023/CVE-2023-481xx/CVE-2023-48128.json
@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-48128",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-26T07:15:57.120",
+  "lastModified": "2024-01-26T07:15:57.120",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in UNITED BOXING GYM mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/syz913/CVE-reports/blob/main/UNITED%20BOXING%20GYM.md",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-481xx/CVE-2023-48129.json b/CVE-2023/CVE-2023-481xx/CVE-2023-48129.json
new file mode 100644
index 00000000000..8d494e21a8c
--- /dev/null
+++ b/CVE-2023/CVE-2023-481xx/CVE-2023-48129.json
@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-48129",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-26T08:15:42.070",
+  "lastModified": "2024-01-26T08:15:42.070",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in kimono-oldnew mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/syz913/CVE-reports/blob/main/kimono-oldnew.md",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-481xx/CVE-2023-48130.json b/CVE-2023/CVE-2023-481xx/CVE-2023-48130.json
new file mode 100644
index 00000000000..f9b98073f52
--- /dev/null
+++ b/CVE-2023/CVE-2023-481xx/CVE-2023-48130.json
@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-48130",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-26T07:15:57.447",
+  "lastModified": "2024-01-26T07:15:57.447",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in GINZA CAFE mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/syz913/CVE-reports/blob/main/GINZA%20CAFE.md",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-481xx/CVE-2023-48131.json b/CVE-2023/CVE-2023-481xx/CVE-2023-48131.json
new file mode 100644
index 00000000000..9a55e3dbb44
--- /dev/null
+++ b/CVE-2023/CVE-2023-481xx/CVE-2023-48131.json
@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-48131",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-26T07:15:57.917",
+  "lastModified": "2024-01-26T07:15:57.917",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in CHIGASAKI BAKERY mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/syz913/CVE-reports/blob/main/CHIGASAKI%20BAKERY.md",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-481xx/CVE-2023-48132.json b/CVE-2023/CVE-2023-481xx/CVE-2023-48132.json
new file mode 100644
index 00000000000..8d54ff7a56c
--- /dev/null
+++ b/CVE-2023/CVE-2023-481xx/CVE-2023-48132.json
@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-48132",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-26T07:15:58.333",
+  "lastModified": "2024-01-26T07:15:58.333",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in kosei entertainment esportsstudioLegends mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/syz913/CVE-reports/blob/main/esportsstudioLegends.md",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-481xx/CVE-2023-48133.json b/CVE-2023/CVE-2023-481xx/CVE-2023-48133.json
new file mode 100644
index 00000000000..de19f0c2eef
--- /dev/null
+++ b/CVE-2023/CVE-2023-481xx/CVE-2023-48133.json
@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-48133",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-26T07:15:58.693",
+  "lastModified": "2024-01-26T07:15:58.693",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in angel coffee mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/syz913/CVE-reports/blob/main/angel%20coffee.md",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-481xx/CVE-2023-48135.json b/CVE-2023/CVE-2023-481xx/CVE-2023-48135.json
new file mode 100644
index 00000000000..8b43e2bb9ac
--- /dev/null
+++ b/CVE-2023/CVE-2023-481xx/CVE-2023-48135.json
@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-48135",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-26T07:15:58.987",
+  "lastModified": "2024-01-26T07:15:58.987",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in mimasaka_farm mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/syz913/CVE-reports/blob/main/mimasaka_farm.md",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6919.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6919.json
new file mode 100644
index 00000000000..43df9dc51bd
--- /dev/null
+++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6919.json
@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-6919",
+  "sourceIdentifier": "iletisim@usom.gov.tr",
+  "published": "2024-01-26T08:15:42.203",
+  "lastModified": "2024-01-26T08:15:42.203",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Path Traversal: '/../filedir' vulnerability in Biges Safe Life Technologies Electronics Inc. VGuard allows Absolute Path Traversal.This issue affects VGuard: before V500.0003.R008.4011.C0012.B351.C.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "iletisim@usom.gov.tr",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 7.5,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "iletisim@usom.gov.tr",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-25"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.usom.gov.tr/bildirim/tr-24-0054",
+      "source": "iletisim@usom.gov.tr"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2024/CVE-2024-225xx/CVE-2024-22545.json b/CVE-2024/CVE-2024-225xx/CVE-2024-22545.json
new file mode 100644
index 00000000000..ecf27cdc62d
--- /dev/null
+++ b/CVE-2024/CVE-2024-225xx/CVE-2024-22545.json
@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-22545",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-01-26T08:15:42.480",
+  "lastModified": "2024-01-26T08:15:42.480",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "TRENDnet TEW-824DRU version 1.04b01 is vulnerable to Command Injection via the system.ntp.server in the sub_420AE0() function."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://warp-desk-89d.notion.site/TEW-824DRU-e7228d462ce24fa1a9fecb0bee57caad",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2024/CVE-2024-233xx/CVE-2024-23388.json b/CVE-2024/CVE-2024-233xx/CVE-2024-23388.json
new file mode 100644
index 00000000000..96087bd9fd8
--- /dev/null
+++ b/CVE-2024/CVE-2024-233xx/CVE-2024-23388.json
@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-23388",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2024-01-26T07:15:59.320",
+  "lastModified": "2024-01-26T07:15:59.320",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper authorization in handler for custom URL scheme issue in \"Mercari\" App for Android prior to version 5.78.0 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App. As a result, the user may become a victim of a phishing attack."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN70818619/",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/README.md b/README.md
index 0c7b93ac866..dc541f7da78 100644
--- a/README.md
+++ b/README.md
@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-01-26T07:00:24.434679+00:00
+2024-01-26T09:00:24.760680+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-01-26T05:15:12.203000+00:00
+2024-01-26T08:15:42.480000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,24 +29,31 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-236857
+236869
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `4`
+Recently added CVEs: `12`
 
-* [CVE-2023-38317](CVE-2023/CVE-2023-383xx/CVE-2023-38317.json) (`2024-01-26T05:15:11.553`)
-* [CVE-2023-38318](CVE-2023/CVE-2023-383xx/CVE-2023-38318.json) (`2024-01-26T05:15:11.970`)
-* [CVE-2023-38319](CVE-2023/CVE-2023-383xx/CVE-2023-38319.json) (`2024-01-26T05:15:12.063`)
-* [CVE-2023-38323](CVE-2023/CVE-2023-383xx/CVE-2023-38323.json) (`2024-01-26T05:15:12.130`)
+* [CVE-2023-48126](CVE-2023/CVE-2023-481xx/CVE-2023-48126.json) (`2024-01-26T07:15:56.110`)
+* [CVE-2023-48127](CVE-2023/CVE-2023-481xx/CVE-2023-48127.json) (`2024-01-26T07:15:56.860`)
+* [CVE-2023-48128](CVE-2023/CVE-2023-481xx/CVE-2023-48128.json) (`2024-01-26T07:15:57.120`)
+* [CVE-2023-48130](CVE-2023/CVE-2023-481xx/CVE-2023-48130.json) (`2024-01-26T07:15:57.447`)
+* [CVE-2023-48131](CVE-2023/CVE-2023-481xx/CVE-2023-48131.json) (`2024-01-26T07:15:57.917`)
+* [CVE-2023-48132](CVE-2023/CVE-2023-481xx/CVE-2023-48132.json) (`2024-01-26T07:15:58.333`)
+* [CVE-2023-48133](CVE-2023/CVE-2023-481xx/CVE-2023-48133.json) (`2024-01-26T07:15:58.693`)
+* [CVE-2023-48135](CVE-2023/CVE-2023-481xx/CVE-2023-48135.json) (`2024-01-26T07:15:58.987`)
+* [CVE-2023-48129](CVE-2023/CVE-2023-481xx/CVE-2023-48129.json) (`2024-01-26T08:15:42.070`)
+* [CVE-2023-6919](CVE-2023/CVE-2023-69xx/CVE-2023-6919.json) (`2024-01-26T08:15:42.203`)
+* [CVE-2024-23388](CVE-2024/CVE-2024-233xx/CVE-2024-23388.json) (`2024-01-26T07:15:59.320`)
+* [CVE-2024-22545](CVE-2024/CVE-2024-225xx/CVE-2024-22545.json) (`2024-01-26T08:15:42.480`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `1`
+Recently modified CVEs: `0`
 
-* [CVE-2023-38324](CVE-2023/CVE-2023-383xx/CVE-2023-38324.json) (`2024-01-26T05:15:12.203`)
 
 
 ## Download and Usage