Auto-Update: 2023-12-30T21:00:24.544760+00:00

2025-07-11 16:13:34 +00:00 · 2023-12-30 21:00:28 +00:00 · 2023-12-30 21:00:28 +00:00 · f02a6661c1
commit f02a6661c1
parent 2e41d06b23
4 changed files with 127 additions and 14 deletions
--- a/CVE-2023/CVE-2023-522xx/CVE-2023-52262.json
+++ b/CVE-2023/CVE-2023-522xx/CVE-2023-52262.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-52262",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-12-30T19:15:08.197",
+  "lastModified": "2023-12-30T19:15:08.197",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "outdoorbits little-backup-box (aka Little Backup Box) before f39f91c allows remote attackers to execute arbitrary code because the PHP extract function is used for untrusted input."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/outdoorbits/little-backup-box/commit/f39f91cd05544b3eb18b59897c765d6ba9313faa",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://www.php.net/manual/en/function.extract",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-522xx/CVE-2023-52263.json
+++ b/CVE-2023/CVE-2023-522xx/CVE-2023-52263.json
@ -0,0 +1,32 @@
+{
+  "id": "CVE-2023-52263",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-12-30T19:15:08.253",
+  "lastModified": "2023-12-30T19:15:08.253",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Brave Browser before 1.59.40 does not properly restrict the schema for WebUI factory and redirect. This is related to browser/brave_content_browser_client.cc and browser/ui/webui/brave_web_ui_controller_factory.cc."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/brave/brave-browser/issues/32449",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/brave/brave-browser/issues/32473",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/brave/brave-core/pull/19820",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/brave/brave-core/pull/19820/commits/9da202f7f4bc80b6975909b684bbc0764a31c4e9",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-69xx/CVE-2023-6998.json
+++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6998.json
@ -0,0 +1,63 @@
+{
+  "id": "CVE-2023-6998",
+  "sourceIdentifier": "cvd@cert.pl",
+  "published": "2023-12-30T19:15:08.303",
+  "lastModified": "2023-12-30T19:15:08.303",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper privilege management vulnerability in CoolKit Technology eWeLink on Android and iOS allows application lockscreen bypass.This issue affects eWeLink before 5.2.0.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cvd@cert.pl",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 7.7,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.5,
+        "impactScore": 5.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cvd@cert.pl",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-269"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://cert.pl/en/posts/2023/12/CVE-2023-6998/",
+      "source": "cvd@cert.pl"
+    },
+    {
+      "url": "https://cert.pl/posts/2023/12/CVE-2023-6998/",
+      "source": "cvd@cert.pl"
+    },
+    {
+      "url": "https://ewelink.cc/app/",
+      "source": "cvd@cert.pl"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-12-30T19:00:24.385356+00:00
+2023-12-30T21:00:24.544760+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-12-30T18:15:41.003000+00:00
+2023-12-30T19:15:08.303000+00:00
 ```

 ### Last Data Feed Release
@ -29,28 +29,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-234568
+234571
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `8`
+Recently added CVEs: `3`

-* [CVE-2023-49299](CVE-2023/CVE-2023-492xx/CVE-2023-49299.json) (`2023-12-30T17:15:07.870`)
-* [CVE-2023-50110](CVE-2023/CVE-2023-501xx/CVE-2023-50110.json) (`2023-12-30T17:15:07.987`)
-* [CVE-2023-50589](CVE-2023/CVE-2023-505xx/CVE-2023-50589.json) (`2023-12-30T17:15:08.037`)
-* [CVE-2023-50651](CVE-2023/CVE-2023-506xx/CVE-2023-50651.json) (`2023-12-30T17:15:08.080`)
-* [CVE-2023-7178](CVE-2023/CVE-2023-71xx/CVE-2023-7178.json) (`2023-12-30T17:15:08.130`)
-* [CVE-2023-7179](CVE-2023/CVE-2023-71xx/CVE-2023-7179.json) (`2023-12-30T17:15:08.353`)
-* [CVE-2023-7180](CVE-2023/CVE-2023-71xx/CVE-2023-7180.json) (`2023-12-30T18:15:40.777`)
-* [CVE-2023-7181](CVE-2023/CVE-2023-71xx/CVE-2023-7181.json) (`2023-12-30T18:15:41.003`)
+* [CVE-2023-52262](CVE-2023/CVE-2023-522xx/CVE-2023-52262.json) (`2023-12-30T19:15:08.197`)
+* [CVE-2023-52263](CVE-2023/CVE-2023-522xx/CVE-2023-52263.json) (`2023-12-30T19:15:08.253`)
+* [CVE-2023-6998](CVE-2023/CVE-2023-69xx/CVE-2023-6998.json) (`2023-12-30T19:15:08.303`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `1`
+Recently modified CVEs: `0`

-* [CVE-2023-51765](CVE-2023/CVE-2023-517xx/CVE-2023-51765.json) (`2023-12-30T18:15:40.700`)


 ## Download and Usage