diff --git a/CVE-2022/CVE-2022-21xx/CVE-2022-2127.json b/CVE-2022/CVE-2022-21xx/CVE-2022-2127.json index 5f707cbd55d..61306794abe 100644 --- a/CVE-2022/CVE-2022-21xx/CVE-2022-2127.json +++ b/CVE-2022/CVE-2022-21xx/CVE-2022-2127.json @@ -2,7 +2,7 @@ "id": "CVE-2022-2127", "sourceIdentifier": "secalert@redhat.com", "published": "2023-07-20T15:15:11.183", - "lastModified": "2023-07-20T16:45:55.920", + "lastModified": "2023-07-22T03:15:09.700", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -43,6 +43,10 @@ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222791", "source": "secalert@redhat.com" }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/", + "source": "secalert@redhat.com" + }, { "url": "https://www.samba.org/samba/security/CVE-2022-2127.html", "source": "secalert@redhat.com" diff --git a/CVE-2023/CVE-2023-259xx/CVE-2023-25929.json b/CVE-2023/CVE-2023-259xx/CVE-2023-25929.json new file mode 100644 index 00000000000..51c91f56a37 --- /dev/null +++ b/CVE-2023/CVE-2023-259xx/CVE-2023-25929.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-25929", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2023-07-22T02:15:47.670", + "lastModified": "2023-07-22T02:15:47.670", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "IBM Cognos Analytics 11.1 and 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 247861." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.1, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/247861", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7012621", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-285xx/CVE-2023-28530.json b/CVE-2023/CVE-2023-285xx/CVE-2023-28530.json new file mode 100644 index 00000000000..e6d4fd048c8 --- /dev/null +++ b/CVE-2023/CVE-2023-285xx/CVE-2023-28530.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-28530", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2023-07-22T02:15:47.813", + "lastModified": "2023-07-22T02:15:47.813", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "IBM Cognos Analytics 11.1 and 11.2 is vulnerable to stored cross-site scripting, caused by improper validation of SVG Files in Custom Visualizations. A remote attacker could exploit this vulnerability to execute scripts in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. IBM X-Force ID: 251214." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/251214", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7012621", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-331xx/CVE-2023-33170.json b/CVE-2023/CVE-2023-331xx/CVE-2023-33170.json index 409af8f5976..b567ff1ee1f 100644 --- a/CVE-2023/CVE-2023-331xx/CVE-2023-33170.json +++ b/CVE-2023/CVE-2023-331xx/CVE-2023-33170.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33170", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:15.660", - "lastModified": "2023-07-19T17:25:39.773", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-22T03:15:09.810", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -101,6 +101,22 @@ } ], "references": [ + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVZVMMCCBBCSCPAW2CRQGOTKIHVFCMRO/", + "source": "secure@microsoft.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O5CFOR6ID2HP45E7ZOGQNX76FPIWP7XR/", + "source": "secure@microsoft.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TLWNIIA2I6YCYVCXYBPBRSZ3UH6KILTG/", + "source": "secure@microsoft.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3VJRGNYJXGPF5LXUG3NL45QPK2UU6PL/", + "source": "secure@microsoft.com" + }, { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33170", "source": "secure@microsoft.com", diff --git a/CVE-2023/CVE-2023-33xx/CVE-2023-3347.json b/CVE-2023/CVE-2023-33xx/CVE-2023-3347.json index 087f86c9496..9d3c9cf66c2 100644 --- a/CVE-2023/CVE-2023-33xx/CVE-2023-3347.json +++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3347.json @@ -2,7 +2,7 @@ "id": "CVE-2023-3347", "sourceIdentifier": "secalert@redhat.com", "published": "2023-07-20T15:15:11.940", - "lastModified": "2023-07-20T16:45:55.920", + "lastModified": "2023-07-22T03:15:10.167", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -43,6 +43,10 @@ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222792", "source": "secalert@redhat.com" }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/", + "source": "secalert@redhat.com" + }, { "url": "https://www.samba.org/samba/security/CVE-2023-3347.html", "source": "secalert@redhat.com" diff --git a/CVE-2023/CVE-2023-349xx/CVE-2023-34966.json b/CVE-2023/CVE-2023-349xx/CVE-2023-34966.json index 0badc9b637b..77e7c8f24fb 100644 --- a/CVE-2023/CVE-2023-349xx/CVE-2023-34966.json +++ b/CVE-2023/CVE-2023-349xx/CVE-2023-34966.json @@ -2,7 +2,7 @@ "id": "CVE-2023-34966", "sourceIdentifier": "secalert@redhat.com", "published": "2023-07-20T15:15:11.333", - "lastModified": "2023-07-20T16:45:55.920", + "lastModified": "2023-07-22T03:15:09.920", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -43,6 +43,10 @@ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222793", "source": "secalert@redhat.com" }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/", + "source": "secalert@redhat.com" + }, { "url": "https://www.samba.org/samba/security/CVE-2023-34966", "source": "secalert@redhat.com" diff --git a/CVE-2023/CVE-2023-349xx/CVE-2023-34967.json b/CVE-2023/CVE-2023-349xx/CVE-2023-34967.json index 8d30e5bdae3..bac20a0d2a6 100644 --- a/CVE-2023/CVE-2023-349xx/CVE-2023-34967.json +++ b/CVE-2023/CVE-2023-349xx/CVE-2023-34967.json @@ -2,7 +2,7 @@ "id": "CVE-2023-34967", "sourceIdentifier": "secalert@redhat.com", "published": "2023-07-20T15:15:11.410", - "lastModified": "2023-07-20T16:45:55.920", + "lastModified": "2023-07-22T03:15:10.003", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -43,6 +43,10 @@ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222794", "source": "secalert@redhat.com" }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/", + "source": "secalert@redhat.com" + }, { "url": "https://www.samba.org/samba/security/CVE-2023-34967.html", "source": "secalert@redhat.com" diff --git a/CVE-2023/CVE-2023-349xx/CVE-2023-34968.json b/CVE-2023/CVE-2023-349xx/CVE-2023-34968.json index 9d3363e8f5e..05a51c10b30 100644 --- a/CVE-2023/CVE-2023-349xx/CVE-2023-34968.json +++ b/CVE-2023/CVE-2023-349xx/CVE-2023-34968.json @@ -2,7 +2,7 @@ "id": "CVE-2023-34968", "sourceIdentifier": "secalert@redhat.com", "published": "2023-07-20T15:15:11.540", - "lastModified": "2023-07-20T16:45:55.920", + "lastModified": "2023-07-22T03:15:10.087", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -43,6 +43,10 @@ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222795", "source": "secalert@redhat.com" }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/", + "source": "secalert@redhat.com" + }, { "url": "https://www.samba.org/samba/security/CVE-2023-34968.html", "source": "secalert@redhat.com" diff --git a/README.md b/README.md index 3ec8cda8f1b..7bf907f7eab 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-07-21T23:55:25.728838+00:00 +2023-07-22T04:00:25.608121+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-07-21T22:15:13.167000+00:00 +2023-07-22T03:15:10.167000+00:00 ``` ### Last Data Feed Release @@ -23,47 +23,33 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2023-07-21T00:00:13.521586+00:00 +2023-07-22T00:00:13.553454+00:00 ``` ### Total Number of included CVEs ```plain -220844 +220846 ``` ### CVEs added in the last Commit -Recently added CVEs: `0` +Recently added CVEs: `2` +* [CVE-2023-25929](CVE-2023/CVE-2023-259xx/CVE-2023-25929.json) (`2023-07-22T02:15:47.670`) +* [CVE-2023-28530](CVE-2023/CVE-2023-285xx/CVE-2023-28530.json) (`2023-07-22T02:15:47.813`) ### CVEs modified in the last Commit -Recently modified CVEs: `22` +Recently modified CVEs: `6` -* [CVE-2022-37331](CVE-2022/CVE-2022-373xx/CVE-2022-37331.json) (`2023-07-21T22:15:10.087`) -* [CVE-2022-41793](CVE-2022/CVE-2022-417xx/CVE-2022-41793.json) (`2023-07-21T22:15:10.190`) -* [CVE-2022-42885](CVE-2022/CVE-2022-428xx/CVE-2022-42885.json) (`2023-07-21T22:15:10.277`) -* [CVE-2022-43467](CVE-2022/CVE-2022-434xx/CVE-2022-43467.json) (`2023-07-21T22:15:10.360`) -* [CVE-2022-43607](CVE-2022/CVE-2022-436xx/CVE-2022-43607.json) (`2023-07-21T22:15:10.440`) -* [CVE-2022-44451](CVE-2022/CVE-2022-444xx/CVE-2022-44451.json) (`2023-07-21T22:15:10.527`) -* [CVE-2022-46280](CVE-2022/CVE-2022-462xx/CVE-2022-46280.json) (`2023-07-21T22:15:10.610`) -* [CVE-2022-46289](CVE-2022/CVE-2022-462xx/CVE-2022-46289.json) (`2023-07-21T22:15:10.697`) -* [CVE-2022-46290](CVE-2022/CVE-2022-462xx/CVE-2022-46290.json) (`2023-07-21T22:15:10.780`) -* [CVE-2022-46291](CVE-2022/CVE-2022-462xx/CVE-2022-46291.json) (`2023-07-21T22:15:10.863`) -* [CVE-2022-46292](CVE-2022/CVE-2022-462xx/CVE-2022-46292.json) (`2023-07-21T22:15:10.947`) -* [CVE-2022-46293](CVE-2022/CVE-2022-462xx/CVE-2022-46293.json) (`2023-07-21T22:15:11.030`) -* [CVE-2022-46294](CVE-2022/CVE-2022-462xx/CVE-2022-46294.json) (`2023-07-21T22:15:11.113`) -* [CVE-2022-46295](CVE-2022/CVE-2022-462xx/CVE-2022-46295.json) (`2023-07-21T22:15:11.200`) -* [CVE-2023-26934](CVE-2023/CVE-2023-269xx/CVE-2023-26934.json) (`2023-07-21T22:15:11.477`) -* [CVE-2023-26935](CVE-2023/CVE-2023-269xx/CVE-2023-26935.json) (`2023-07-21T22:15:11.677`) -* [CVE-2023-26936](CVE-2023/CVE-2023-269xx/CVE-2023-26936.json) (`2023-07-21T22:15:12.027`) -* [CVE-2023-26937](CVE-2023/CVE-2023-269xx/CVE-2023-26937.json) (`2023-07-21T22:15:12.273`) -* [CVE-2023-26938](CVE-2023/CVE-2023-269xx/CVE-2023-26938.json) (`2023-07-21T22:15:12.477`) -* [CVE-2023-27655](CVE-2023/CVE-2023-276xx/CVE-2023-27655.json) (`2023-07-21T22:15:12.697`) -* [CVE-2023-31554](CVE-2023/CVE-2023-315xx/CVE-2023-31554.json) (`2023-07-21T22:15:12.933`) -* [CVE-2023-31557](CVE-2023/CVE-2023-315xx/CVE-2023-31557.json) (`2023-07-21T22:15:13.167`) +* [CVE-2022-2127](CVE-2022/CVE-2022-21xx/CVE-2022-2127.json) (`2023-07-22T03:15:09.700`) +* [CVE-2023-33170](CVE-2023/CVE-2023-331xx/CVE-2023-33170.json) (`2023-07-22T03:15:09.810`) +* [CVE-2023-34966](CVE-2023/CVE-2023-349xx/CVE-2023-34966.json) (`2023-07-22T03:15:09.920`) +* [CVE-2023-34967](CVE-2023/CVE-2023-349xx/CVE-2023-34967.json) (`2023-07-22T03:15:10.003`) +* [CVE-2023-34968](CVE-2023/CVE-2023-349xx/CVE-2023-34968.json) (`2023-07-22T03:15:10.087`) +* [CVE-2023-3347](CVE-2023/CVE-2023-33xx/CVE-2023-3347.json) (`2023-07-22T03:15:10.167`) ## Download and Usage