Auto-Update: 2023-12-31T05:00:25.055151+00:00

CVE-2018/CVE-2018-13xx/CVE-2018-1311.json

@@ -2,7 +2,7 @@
   "id": "CVE-2018-1311",
   "sourceIdentifier": "security@apache.org",
   "published": "2019-12-18T20:15:15.493",
-  "lastModified": "2023-11-07T02:55:57.157",
+  "lastModified": "2023-12-31T04:15:07.217",
   "vulnStatus": "Modified",
   "descriptions": [
     {
@@ -224,6 +224,14 @@
         "Third Party Advisory"
       ]
     },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7A6WWL4SWKAVYK6VK5YN7KZP4MZWC7IY/",
+      "source": "security@apache.org"
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJYZUBGPVWJ7LEHRCMB5XVADQBNGURXD/",
+      "source": "security@apache.org"
+    },
     {
       "url": "https://marc.info/?l=xerces-c-users&m=157653840106914&w=2",
       "source": "security@apache.org",

CVE-2023/CVE-2023-365xx/CVE-2023-36546.json

@@ -2,74 +2,14 @@
   "id": "CVE-2023-36546",
   "sourceIdentifier": "cve@mitre.org",
   "published": "2023-08-08T13:15:10.807",
-  "lastModified": "2023-08-10T03:49:32.600",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-12-31T03:15:45.950",
+  "vulnStatus": "Rejected",
   "descriptions": [
     {
       "lang": "en",
-      "value": "An issue in PEStudio v.9.52 allows a remote attacker to execute arbitrary code via a crafted DLL file to the PESstudio exeutable."
+      "value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
     }
   ],
-  "metrics": {
-    "cvssMetricV31": [
-      {
-        "source": "nvd@nist.gov",
-        "type": "Primary",
-        "cvssData": {
-          "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
-          "attackVector": "LOCAL",
-          "attackComplexity": "LOW",
-          "privilegesRequired": "NONE",
-          "userInteraction": "REQUIRED",
-          "scope": "UNCHANGED",
-          "confidentialityImpact": "HIGH",
-          "integrityImpact": "HIGH",
-          "availabilityImpact": "HIGH",
-          "baseScore": 7.8,
-          "baseSeverity": "HIGH"
-        },
-        "exploitabilityScore": 1.8,
-        "impactScore": 5.9
-      }
-    ]
-  },
-  "weaknesses": [
-    {
-      "source": "nvd@nist.gov",
-      "type": "Primary",
-      "description": [
-        {
-          "lang": "en",
-          "value": "CWE-427"
-        }
-      ]
-    }
-  ],
-  "configurations": [
-    {
-      "nodes": [
-        {
-          "operator": "OR",
-          "negate": false,
-          "cpeMatch": [
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:a:winitor:pestudio:9.52:*:*:*:*:*:*:*",
-              "matchCriteriaId": "79A38D5C-78B0-4BA8-9206-29054404D620"
-            }
-          ]
-        }
-      ]
-    }
-  ],
-  "references": [
-    {
-      "url": "https://securitycafe.ro/2023/06/19/dll-hijacking-finding-vulnerabilities-in-pestudio-9-52/",
-      "source": "cve@mitre.org",
-      "tags": [
-        "Exploit"
-      ]
-    }
-  ]
+  "metrics": {},
+  "references": []
 }

CVE-2023/CVE-2023-375xx/CVE-2023-37536.json

@@ -2,8 +2,8 @@
   "id": "CVE-2023-37536",
   "sourceIdentifier": "psirt@hcl.com",
   "published": "2023-10-11T07:15:10.580",
-  "lastModified": "2023-11-16T01:50:48.467",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-12-31T04:15:07.373",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
@@ -117,6 +117,14 @@
     }
   ],
   "references": [
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A6WWL4SWKAVYK6VK5YN7KZP4MZWC7IY/",
+      "source": "psirt@hcl.com"
+    },
+    {
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AJYZUBGPVWJ7LEHRCMB5XVADQBNGURXD/",
+      "source": "psirt@hcl.com"
+    },
     {
       "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAOSSJ72CUJ535VRWTCVQKUYT2LYR3OM/",
       "source": "psirt@hcl.com",

CVE-2023/CVE-2023-522xx/CVE-2023-52275.json

@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-52275",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-12-31T03:15:46.437",
+  "lastModified": "2023-12-31T03:15:46.437",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Gallery3d on Tecno Camon X CA7 devices allows attackers to view hidden images by navigating to data/com.android.gallery3d/.privatealbum/.encryptfiles and guessing the correct image file extension."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/tahaafarooq/gallery3d-tecno-exploit/",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://hackmd.io/%40tahaafarooq/bypassing-gallery3d-in-tecno-camon-x",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-522xx/CVE-2023-52277.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-52277",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-12-31T03:15:46.540",
+  "lastModified": "2023-12-31T03:15:46.540",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Royal RoyalTSX before 6.0.2.1 allows attackers to cause a denial of service (Heap Memory Corruption and application crash) or possibly have unspecified other impact via a long hostname in an RTSZ file, if the victim clicks on Test Connection. This occurs during SecureGatewayHost object processing in RAPortCheck.createNWConnection."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5788.php",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-71xx/CVE-2023-7101.json

@@ -2,7 +2,7 @@
   "id": "CVE-2023-7101",
   "sourceIdentifier": "mandiant-cve@google.com",
   "published": "2023-12-24T22:15:07.983",
-  "lastModified": "2023-12-29T18:15:39.450",
+  "lastModified": "2023-12-31T03:15:46.600",
   "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
@@ -51,6 +51,10 @@
     {
       "url": "https://https://www.cve.org/CVERecord?id=CVE-2023-7101",
       "source": "mandiant-cve@google.com"
+    },
+    {
+      "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00025.html",
+      "source": "mandiant-cve@google.com"
     }
   ]
 }

README.md

@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-12-31T03:00:24.369063+00:00
+2023-12-31T05:00:25.055151+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-12-31T01:15:07.677000+00:00
+2023-12-31T04:15:07.373000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,20 +29,25 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-234576
+234578
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `1`
+Recently added CVEs: `2`
 
-* [CVE-2023-52269](CVE-2023/CVE-2023-522xx/CVE-2023-52269.json) (`2023-12-31T01:15:07.677`)
+* [CVE-2023-52275](CVE-2023/CVE-2023-522xx/CVE-2023-52275.json) (`2023-12-31T03:15:46.437`)
+* [CVE-2023-52277](CVE-2023/CVE-2023-522xx/CVE-2023-52277.json) (`2023-12-31T03:15:46.540`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `0`
+Recently modified CVEs: `4`
 
+* [CVE-2018-1311](CVE-2018/CVE-2018-13xx/CVE-2018-1311.json) (`2023-12-31T04:15:07.217`)
+* [CVE-2023-36546](CVE-2023/CVE-2023-365xx/CVE-2023-36546.json) (`2023-12-31T03:15:45.950`)
+* [CVE-2023-7101](CVE-2023/CVE-2023-71xx/CVE-2023-7101.json) (`2023-12-31T03:15:46.600`)
+* [CVE-2023-37536](CVE-2023/CVE-2023-375xx/CVE-2023-37536.json) (`2023-12-31T04:15:07.373`)
 
 
 ## Download and Usage