Auto-Update: 2023-05-23T23:55:26.031701+00:00

2025-07-11 16:13:34 +00:00 · 2023-05-23 23:55:29 +00:00 · 2023-05-23 23:55:29 +00:00 · d9e451c32a
commit d9e451c32a
parent 9074962949
6 changed files with 169 additions and 34 deletions
--- a/CVE-2022/CVE-2022-457xx/CVE-2022-45770.json
+++ b/CVE-2022/CVE-2022-457xx/CVE-2022-45770.json
@ -2,7 +2,7 @@
  "id": "CVE-2022-45770",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-01-26T22:15:25.653",
-  "lastModified": "2023-05-18T14:15:09.467",
+  "lastModified": "2023-05-23T23:15:09.093",
  "vulnStatus": "Modified",
  "descriptions": [
    {
@ -81,6 +81,10 @@
        "Tool Signature"
      ]
    },
+    {
+      "url": "https://hackmag.com/security/aguard-cve/",
+      "source": "cve@mitre.org"
+    },
    {
      "url": "https://xakep.ru/2023/01/27/aguard-cve/",
      "source": "cve@mitre.org"
--- a/CVE-2023/CVE-2023-280xx/CVE-2023-28015.json
+++ b/CVE-2023/CVE-2023-280xx/CVE-2023-28015.json
@ -0,0 +1,43 @@
+{
+  "id": "CVE-2023-28015",
+  "sourceIdentifier": "psirt@hcl.com",
+  "published": "2023-05-23T22:15:09.120",
+  "lastModified": "2023-05-23T22:15:09.120",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The HCL Domino AppDev Pack IAM service is susceptible to a User Account Enumeration vulnerability. \u00a0 During a failed login attempt a difference in messages could allow an attacker to determine if the user is valid or not. \u00a0The attacker could use this information to focus a brute force attack on valid users.\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "psirt@hcl.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105093",
+      "source": "psirt@hcl.com"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-317xx/CVE-2023-31726.json
+++ b/CVE-2023/CVE-2023-317xx/CVE-2023-31726.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-31726",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-05-23T22:15:09.643",
+  "lastModified": "2023-05-23T22:15:09.643",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "AList 3.15.1 is vulnerable to Incorrect Access Control, which can be exploited by attackers to obtain sensitive information."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://alist.nn.ci/zh/",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/J6451/CVE-2023-31726",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-317xx/CVE-2023-31747.json
+++ b/CVE-2023/CVE-2023-317xx/CVE-2023-31747.json
@ -0,0 +1,28 @@
+{
+  "id": "CVE-2023-31747",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-05-23T23:15:09.270",
+  "lastModified": "2023-05-23T23:15:09.270",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Wondershare Filmora 12 (Build 12.2.1.2088) was discovered to contain an unquoted service path vulnerability via the component NativePushService. This vulnerability allows attackers to launch processes with elevated privileges."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "http://filmora.com",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "http://wondershare.com",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://packetstormsecurity.com/files/172464/Filmora-12-Build-1.0.0.7-Unquoted-Service-Path.html",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-326xx/CVE-2023-32697.json
+++ b/CVE-2023/CVE-2023-326xx/CVE-2023-32697.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-32697",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2023-05-23T23:15:09.337",
+  "lastModified": "2023-05-23T23:15:09.337",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "SQLite JDBC is a library for accessing and creating SQLite database files in Java. Sqlite-jdbc addresses a remote code execution vulnerability via JDBC URL. This issue impacting versions 3.6.14.1 through 3.41.2.1 and has been fixed in version 3.41.2.2.\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 8.8,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-94"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/xerial/sqlite-jdbc/releases/tag/3.41.2.2",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/xerial/sqlite-jdbc/security/advisories/GHSA-6phf-6h5g-97j2",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-05-23T22:00:36.038829+00:00
+2023-05-23T23:55:26.031701+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-05-23T21:15:09.073000+00:00
+2023-05-23T23:15:09.337000+00:00
 ```

 ### Last Data Feed Release
@ -29,47 +29,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-215877
+215881
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `17`
+Recently added CVEs: `4`

-* [CVE-2023-23298](CVE-2023/CVE-2023-232xx/CVE-2023-23298.json) (`2023-05-23T20:15:09.213`)
-* [CVE-2023-23299](CVE-2023/CVE-2023-232xx/CVE-2023-23299.json) (`2023-05-23T20:15:09.330`)
-* [CVE-2023-23300](CVE-2023/CVE-2023-233xx/CVE-2023-23300.json) (`2023-05-23T20:15:09.380`)
-* [CVE-2023-23301](CVE-2023/CVE-2023-233xx/CVE-2023-23301.json) (`2023-05-23T20:15:09.427`)
-* [CVE-2023-23302](CVE-2023/CVE-2023-233xx/CVE-2023-23302.json) (`2023-05-23T20:15:09.473`)
-* [CVE-2023-23303](CVE-2023/CVE-2023-233xx/CVE-2023-23303.json) (`2023-05-23T20:15:09.523`)
-* [CVE-2023-23304](CVE-2023/CVE-2023-233xx/CVE-2023-23304.json) (`2023-05-23T20:15:09.573`)
-* [CVE-2023-23305](CVE-2023/CVE-2023-233xx/CVE-2023-23305.json) (`2023-05-23T20:15:09.627`)
-* [CVE-2023-23306](CVE-2023/CVE-2023-233xx/CVE-2023-23306.json) (`2023-05-23T20:15:09.677`)
-* [CVE-2023-2702](CVE-2023/CVE-2023-27xx/CVE-2023-2702.json) (`2023-05-23T20:15:09.730`)
-* [CVE-2023-2703](CVE-2023/CVE-2023-27xx/CVE-2023-2703.json) (`2023-05-23T20:15:09.817`)
-* [CVE-2023-31517](CVE-2023/CVE-2023-315xx/CVE-2023-31517.json) (`2023-05-23T20:15:09.897`)
-* [CVE-2023-31518](CVE-2023/CVE-2023-315xx/CVE-2023-31518.json) (`2023-05-23T20:15:09.947`)
-* [CVE-2023-31752](CVE-2023/CVE-2023-317xx/CVE-2023-31752.json) (`2023-05-23T20:15:09.993`)
-* [CVE-2023-31860](CVE-2023/CVE-2023-318xx/CVE-2023-31860.json) (`2023-05-23T20:15:10.040`)
-* [CVE-2023-1508](CVE-2023/CVE-2023-15xx/CVE-2023-1508.json) (`2023-05-23T21:15:08.967`)
-* [CVE-2023-30382](CVE-2023/CVE-2023-303xx/CVE-2023-30382.json) (`2023-05-23T21:15:09.073`)
+* [CVE-2023-28015](CVE-2023/CVE-2023-280xx/CVE-2023-28015.json) (`2023-05-23T22:15:09.120`)
+* [CVE-2023-31726](CVE-2023/CVE-2023-317xx/CVE-2023-31726.json) (`2023-05-23T22:15:09.643`)
+* [CVE-2023-31747](CVE-2023/CVE-2023-317xx/CVE-2023-31747.json) (`2023-05-23T23:15:09.270`)
+* [CVE-2023-32697](CVE-2023/CVE-2023-326xx/CVE-2023-32697.json) (`2023-05-23T23:15:09.337`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `11`
+Recently modified CVEs: `1`

-* [CVE-2019-10692](CVE-2019/CVE-2019-106xx/CVE-2019-10692.json) (`2023-05-23T20:30:59.777`)
-* [CVE-2019-14792](CVE-2019/CVE-2019-147xx/CVE-2019-14792.json) (`2023-05-23T20:30:59.777`)
-* [CVE-2020-13377](CVE-2020/CVE-2020-133xx/CVE-2020-13377.json) (`2023-05-23T20:27:38.897`)
-* [CVE-2021-36871](CVE-2021/CVE-2021-368xx/CVE-2021-36871.json) (`2023-05-23T20:30:59.777`)
-* [CVE-2023-2676](CVE-2023/CVE-2023-26xx/CVE-2023-2676.json) (`2023-05-23T20:04:30.950`)
-* [CVE-2023-32243](CVE-2023/CVE-2023-322xx/CVE-2023-32243.json) (`2023-05-23T20:17:25.427`)
-* [CVE-2023-27237](CVE-2023/CVE-2023-272xx/CVE-2023-27237.json) (`2023-05-23T20:35:36.253`)
-* [CVE-2023-23867](CVE-2023/CVE-2023-238xx/CVE-2023-23867.json) (`2023-05-23T20:37:47.907`)
-* [CVE-2023-31985](CVE-2023/CVE-2023-319xx/CVE-2023-31985.json) (`2023-05-23T20:42:41.060`)
-* [CVE-2023-1837](CVE-2023/CVE-2023-18xx/CVE-2023-1837.json) (`2023-05-23T20:48:24.597`)
-* [CVE-2023-29820](CVE-2023/CVE-2023-298xx/CVE-2023-29820.json) (`2023-05-23T20:50:48.400`)
+* [CVE-2022-45770](CVE-2022/CVE-2022-457xx/CVE-2022-45770.json) (`2023-05-23T23:15:09.093`)


 ## Download and Usage