From f02a6661c155abac91098e56b9037864c583bc6e Mon Sep 17 00:00:00 2001
From: cad-safe-bot <cad-safe-bot@protonmail.com>
Date: Sat, 30 Dec 2023 21:00:28 +0000
Subject: [PATCH] Auto-Update: 2023-12-30T21:00:24.544760+00:00

---
 CVE-2023/CVE-2023-522xx/CVE-2023-52262.json | 24 ++++++++
 CVE-2023/CVE-2023-522xx/CVE-2023-52263.json | 32 +++++++++++
 CVE-2023/CVE-2023-69xx/CVE-2023-6998.json   | 63 +++++++++++++++++++++
 README.md                                   | 22 +++----
 4 files changed, 127 insertions(+), 14 deletions(-)
 create mode 100644 CVE-2023/CVE-2023-522xx/CVE-2023-52262.json
 create mode 100644 CVE-2023/CVE-2023-522xx/CVE-2023-52263.json
 create mode 100644 CVE-2023/CVE-2023-69xx/CVE-2023-6998.json

diff --git a/CVE-2023/CVE-2023-522xx/CVE-2023-52262.json b/CVE-2023/CVE-2023-522xx/CVE-2023-52262.json
new file mode 100644
index 00000000000..5cc00b6f4d9
--- /dev/null
+++ b/CVE-2023/CVE-2023-522xx/CVE-2023-52262.json
@@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-52262",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-12-30T19:15:08.197",
+  "lastModified": "2023-12-30T19:15:08.197",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "outdoorbits little-backup-box (aka Little Backup Box) before f39f91c allows remote attackers to execute arbitrary code because the PHP extract function is used for untrusted input."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/outdoorbits/little-backup-box/commit/f39f91cd05544b3eb18b59897c765d6ba9313faa",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.php.net/manual/en/function.extract",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-522xx/CVE-2023-52263.json b/CVE-2023/CVE-2023-522xx/CVE-2023-52263.json
new file mode 100644
index 00000000000..e661248d867
--- /dev/null
+++ b/CVE-2023/CVE-2023-522xx/CVE-2023-52263.json
@@ -0,0 +1,32 @@
+{
+  "id": "CVE-2023-52263",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-12-30T19:15:08.253",
+  "lastModified": "2023-12-30T19:15:08.253",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Brave Browser before 1.59.40 does not properly restrict the schema for WebUI factory and redirect. This is related to browser/brave_content_browser_client.cc and browser/ui/webui/brave_web_ui_controller_factory.cc."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/brave/brave-browser/issues/32449",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/brave/brave-browser/issues/32473",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/brave/brave-core/pull/19820",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/brave/brave-core/pull/19820/commits/9da202f7f4bc80b6975909b684bbc0764a31c4e9",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6998.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6998.json
new file mode 100644
index 00000000000..78f66d9751c
--- /dev/null
+++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6998.json
@@ -0,0 +1,63 @@
+{
+  "id": "CVE-2023-6998",
+  "sourceIdentifier": "cvd@cert.pl",
+  "published": "2023-12-30T19:15:08.303",
+  "lastModified": "2023-12-30T19:15:08.303",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper privilege management vulnerability in CoolKit Technology eWeLink on Android and iOS allows application lockscreen bypass.This issue affects eWeLink before 5.2.0.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cvd@cert.pl",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 7.7,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.5,
+        "impactScore": 5.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cvd@cert.pl",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-269"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://cert.pl/en/posts/2023/12/CVE-2023-6998/",
+      "source": "cvd@cert.pl"
+    },
+    {
+      "url": "https://cert.pl/posts/2023/12/CVE-2023-6998/",
+      "source": "cvd@cert.pl"
+    },
+    {
+      "url": "https://ewelink.cc/app/",
+      "source": "cvd@cert.pl"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/README.md b/README.md
index 4e2fd7a39e2..db81f353b71 100644
--- a/README.md
+++ b/README.md
@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-12-30T19:00:24.385356+00:00
+2023-12-30T21:00:24.544760+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-12-30T18:15:41.003000+00:00
+2023-12-30T19:15:08.303000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,28 +29,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-234568
+234571
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `8`
+Recently added CVEs: `3`
 
-* [CVE-2023-49299](CVE-2023/CVE-2023-492xx/CVE-2023-49299.json) (`2023-12-30T17:15:07.870`)
-* [CVE-2023-50110](CVE-2023/CVE-2023-501xx/CVE-2023-50110.json) (`2023-12-30T17:15:07.987`)
-* [CVE-2023-50589](CVE-2023/CVE-2023-505xx/CVE-2023-50589.json) (`2023-12-30T17:15:08.037`)
-* [CVE-2023-50651](CVE-2023/CVE-2023-506xx/CVE-2023-50651.json) (`2023-12-30T17:15:08.080`)
-* [CVE-2023-7178](CVE-2023/CVE-2023-71xx/CVE-2023-7178.json) (`2023-12-30T17:15:08.130`)
-* [CVE-2023-7179](CVE-2023/CVE-2023-71xx/CVE-2023-7179.json) (`2023-12-30T17:15:08.353`)
-* [CVE-2023-7180](CVE-2023/CVE-2023-71xx/CVE-2023-7180.json) (`2023-12-30T18:15:40.777`)
-* [CVE-2023-7181](CVE-2023/CVE-2023-71xx/CVE-2023-7181.json) (`2023-12-30T18:15:41.003`)
+* [CVE-2023-52262](CVE-2023/CVE-2023-522xx/CVE-2023-52262.json) (`2023-12-30T19:15:08.197`)
+* [CVE-2023-52263](CVE-2023/CVE-2023-522xx/CVE-2023-52263.json) (`2023-12-30T19:15:08.253`)
+* [CVE-2023-6998](CVE-2023/CVE-2023-69xx/CVE-2023-6998.json) (`2023-12-30T19:15:08.303`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `1`
+Recently modified CVEs: `0`
 
-* [CVE-2023-51765](CVE-2023/CVE-2023-517xx/CVE-2023-51765.json) (`2023-12-30T18:15:40.700`)
 
 
 ## Download and Usage