From e87ee4af22d693a96b6fc1753e6a39bbf7119c9d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Helmke?= Date: Sat, 6 May 2023 02:00:26 +0200 Subject: [PATCH] Auto-Update: 2023-05-06T00:00:23.947673+00:00 --- CVE-2023/CVE-2023-293xx/CVE-2023-29350.json | 43 ++++++++++++++++ CVE-2023/CVE-2023-293xx/CVE-2023-29354.json | 43 ++++++++++++++++ CVE-2023/CVE-2023-299xx/CVE-2023-29963.json | 20 ++++++++ CVE-2023/CVE-2023-300xx/CVE-2023-30065.json | 20 ++++++++ README.md | 55 ++++----------------- 5 files changed, 135 insertions(+), 46 deletions(-) create mode 100644 CVE-2023/CVE-2023-293xx/CVE-2023-29350.json create mode 100644 CVE-2023/CVE-2023-293xx/CVE-2023-29354.json create mode 100644 CVE-2023/CVE-2023-299xx/CVE-2023-29963.json create mode 100644 CVE-2023/CVE-2023-300xx/CVE-2023-30065.json diff --git a/CVE-2023/CVE-2023-293xx/CVE-2023-29350.json b/CVE-2023/CVE-2023-293xx/CVE-2023-29350.json new file mode 100644 index 00000000000..4449aa266f9 --- /dev/null +++ b/CVE-2023/CVE-2023-293xx/CVE-2023-29350.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-29350", + "sourceIdentifier": "secure@microsoft.com", + "published": "2023-05-05T23:15:09.253", + "lastModified": "2023-05-05T23:15:09.253", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@microsoft.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29350", + "source": "secure@microsoft.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-293xx/CVE-2023-29354.json b/CVE-2023/CVE-2023-293xx/CVE-2023-29354.json new file mode 100644 index 00000000000..2d18acae5dd --- /dev/null +++ b/CVE-2023/CVE-2023-293xx/CVE-2023-29354.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-29354", + "sourceIdentifier": "secure@microsoft.com", + "published": "2023-05-05T23:15:09.333", + "lastModified": "2023-05-05T23:15:09.333", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secure@microsoft.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29354", + "source": "secure@microsoft.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-299xx/CVE-2023-29963.json b/CVE-2023/CVE-2023-299xx/CVE-2023-29963.json new file mode 100644 index 00000000000..7d36e34251f --- /dev/null +++ b/CVE-2023/CVE-2023-299xx/CVE-2023-29963.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-29963", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-05T23:15:09.397", + "lastModified": "2023-05-05T23:15:09.397", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "S-CMS v5.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the component /admin/ajax.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/superjock1988/debug/blob/main/s-cms_rce.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-300xx/CVE-2023-30065.json b/CVE-2023/CVE-2023-300xx/CVE-2023-30065.json new file mode 100644 index 00000000000..41027f7b4cc --- /dev/null +++ b/CVE-2023/CVE-2023-300xx/CVE-2023-30065.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-30065", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-05T22:15:09.183", + "lastModified": "2023-05-05T22:15:09.183", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "MitraStar GPT-2741GNAC-N2 with firmware BR_g5.9_1.11(WVK.0)b32 was discovered to contain a remote code execution (RCE) vulnerability in the ping function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Sigmw/mitrastar-code-execution/blob/main/README.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index bbd38896a11..8f492a7077b 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-05-05T21:55:24.917263+00:00 +2023-05-06T00:00:23.947673+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-05-05T21:15:09.837000+00:00 +2023-05-05T23:15:09.397000+00:00 ``` ### Last Data Feed Release @@ -29,60 +29,23 @@ Download and Changelog: [Click](releases/latest) ### Total Number of included CVEs ```plain -214170 +214174 ``` ### CVEs added in the last Commit -Recently added CVEs: `5` +Recently added CVEs: `4` -* [CVE-2023-2550](CVE-2023/CVE-2023-25xx/CVE-2023-2550.json) (`2023-05-05T20:15:10.557`) -* [CVE-2023-2551](CVE-2023/CVE-2023-25xx/CVE-2023-2551.json) (`2023-05-05T20:15:10.627`) -* [CVE-2023-2552](CVE-2023/CVE-2023-25xx/CVE-2023-2552.json) (`2023-05-05T20:15:10.713`) -* [CVE-2023-2553](CVE-2023/CVE-2023-25xx/CVE-2023-2553.json) (`2023-05-05T20:15:10.803`) -* [CVE-2023-2554](CVE-2023/CVE-2023-25xx/CVE-2023-2554.json) (`2023-05-05T20:15:10.877`) +* [CVE-2023-29350](CVE-2023/CVE-2023-293xx/CVE-2023-29350.json) (`2023-05-05T23:15:09.253`) +* [CVE-2023-29354](CVE-2023/CVE-2023-293xx/CVE-2023-29354.json) (`2023-05-05T23:15:09.333`) +* [CVE-2023-29963](CVE-2023/CVE-2023-299xx/CVE-2023-29963.json) (`2023-05-05T23:15:09.397`) +* [CVE-2023-30065](CVE-2023/CVE-2023-300xx/CVE-2023-30065.json) (`2023-05-05T22:15:09.183`) ### CVEs modified in the last Commit -Recently modified CVEs: `36` +Recently modified CVEs: `0` -* [CVE-2021-23166](CVE-2021/CVE-2021-231xx/CVE-2021-23166.json) (`2023-05-05T21:15:09.073`) -* [CVE-2021-23176](CVE-2021/CVE-2021-231xx/CVE-2021-23176.json) (`2023-05-05T21:15:09.163`) -* [CVE-2021-23178](CVE-2021/CVE-2021-231xx/CVE-2021-23178.json) (`2023-05-05T21:15:09.250`) -* [CVE-2021-23186](CVE-2021/CVE-2021-231xx/CVE-2021-23186.json) (`2023-05-05T21:15:09.327`) -* [CVE-2021-23203](CVE-2021/CVE-2021-232xx/CVE-2021-23203.json) (`2023-05-05T21:15:09.403`) -* [CVE-2021-26263](CVE-2021/CVE-2021-262xx/CVE-2021-26263.json) (`2023-05-05T21:15:09.480`) -* [CVE-2021-26947](CVE-2021/CVE-2021-269xx/CVE-2021-26947.json) (`2023-05-05T21:15:09.553`) -* [CVE-2021-44476](CVE-2021/CVE-2021-444xx/CVE-2021-44476.json) (`2023-05-05T21:15:09.640`) -* [CVE-2021-44775](CVE-2021/CVE-2021-447xx/CVE-2021-44775.json) (`2023-05-05T21:15:09.700`) -* [CVE-2021-45071](CVE-2021/CVE-2021-450xx/CVE-2021-45071.json) (`2023-05-05T21:15:09.773`) -* [CVE-2021-45111](CVE-2021/CVE-2021-451xx/CVE-2021-45111.json) (`2023-05-05T21:15:09.837`) -* [CVE-2022-3116](CVE-2022/CVE-2022-31xx/CVE-2022-3116.json) (`2023-05-05T20:15:09.373`) -* [CVE-2022-3294](CVE-2022/CVE-2022-32xx/CVE-2022-3294.json) (`2023-05-05T20:15:09.607`) -* [CVE-2022-43042](CVE-2022/CVE-2022-430xx/CVE-2022-43042.json) (`2023-05-05T20:04:36.790`) -* [CVE-2022-43043](CVE-2022/CVE-2022-430xx/CVE-2022-43043.json) (`2023-05-05T20:04:23.743`) -* [CVE-2022-43044](CVE-2022/CVE-2022-430xx/CVE-2022-43044.json) (`2023-05-05T20:03:46.190`) -* [CVE-2022-43045](CVE-2022/CVE-2022-430xx/CVE-2022-43045.json) (`2023-05-05T20:04:05.043`) -* [CVE-2022-43254](CVE-2022/CVE-2022-432xx/CVE-2022-43254.json) (`2023-05-05T20:03:18.970`) -* [CVE-2022-43255](CVE-2022/CVE-2022-432xx/CVE-2022-43255.json) (`2023-05-05T20:02:31.100`) -* [CVE-2022-45204](CVE-2022/CVE-2022-452xx/CVE-2022-45204.json) (`2023-05-05T20:00:30.043`) -* [CVE-2022-45876](CVE-2022/CVE-2022-458xx/CVE-2022-45876.json) (`2023-05-05T20:13:57.563`) -* [CVE-2022-48423](CVE-2022/CVE-2022-484xx/CVE-2022-48423.json) (`2023-05-05T20:15:09.720`) -* [CVE-2022-48424](CVE-2022/CVE-2022-484xx/CVE-2022-48424.json) (`2023-05-05T20:15:09.813`) -* [CVE-2023-1078](CVE-2023/CVE-2023-10xx/CVE-2023-1078.json) (`2023-05-05T20:15:09.880`) -* [CVE-2023-1252](CVE-2023/CVE-2023-12xx/CVE-2023-1252.json) (`2023-05-05T20:15:09.963`) -* [CVE-2023-20860](CVE-2023/CVE-2023-208xx/CVE-2023-20860.json) (`2023-05-05T20:15:10.053`) -* [CVE-2023-22901](CVE-2023/CVE-2023-229xx/CVE-2023-22901.json) (`2023-05-05T20:55:52.987`) -* [CVE-2023-24999](CVE-2023/CVE-2023-249xx/CVE-2023-24999.json) (`2023-05-05T20:15:10.137`) -* [CVE-2023-25292](CVE-2023/CVE-2023-252xx/CVE-2023-25292.json) (`2023-05-05T20:18:47.160`) -* [CVE-2023-26464](CVE-2023/CVE-2023-264xx/CVE-2023-26464.json) (`2023-05-05T20:15:10.253`) -* [CVE-2023-26604](CVE-2023/CVE-2023-266xx/CVE-2023-26604.json) (`2023-05-05T20:15:10.477`) -* [CVE-2023-28008](CVE-2023/CVE-2023-280xx/CVE-2023-28008.json) (`2023-05-05T20:28:08.970`) -* [CVE-2023-28009](CVE-2023/CVE-2023-280xx/CVE-2023-28009.json) (`2023-05-05T20:24:14.757`) -* [CVE-2023-28697](CVE-2023/CVE-2023-286xx/CVE-2023-28697.json) (`2023-05-05T20:47:35.427`) -* [CVE-2023-29596](CVE-2023/CVE-2023-295xx/CVE-2023-29596.json) (`2023-05-05T20:08:01.820`) -* [CVE-2023-30846](CVE-2023/CVE-2023-308xx/CVE-2023-30846.json) (`2023-05-05T20:36:25.807`) ## Download and Usage